last executing test programs:

14m9.837453724s ago: executing program 4 (id=321):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
arch_prctl$ARCH_SHSTK_DISABLE(0x5003, 0x1)
arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r1, &(0x7f0000000040))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, 0x0, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x400)
ioctl$EVIOCGSW(r3, 0x8040451b, &(0x7f0000000180)=""/32)
open(0x0, 0x6c143, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9febb489695f7d214e9ef84d0100000c0000000200000000235700bbfbee616bcc"], 0x0, 0x26}, 0x28)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r4, 0x84, 0x9, &(0x7f0000001d80)={0x0, @in6={{0xa, 0x6e23, 0x20006, @empty, 0x6}}, 0x4, 0x2, 0x0, 0x5, 0x392, 0x97}, 0x9c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x20048840}, 0x1004)

14m8.269760458s ago: executing program 4 (id=325):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x68, r3, 0x5eae78d9c54e9d3f, 0x0, 0x25dfdc01, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_SEC_KEY={0x4c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "dfeedc2634e7d49420f73e16e79faba0"}, @NL802154_KEY_ATTR_ID={0x2c, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_IMPLICIT={0x20, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_SHORT={0x6, 0x3, 0xffff}, @NL802154_DEV_ADDR_ATTR_EXTENDED={0xc, 0x4, {0xaaaaaaaaaaaa0102}}]}, @NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x9}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8010}, 0x48804)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r6=>0x0})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
creat(&(0x7f00000002c0)='./file0\x00', 0x51)
pipe2$9p(&(0x7f0000001900)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r8, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r9 = dup(r8)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
syz_usb_connect$hid(0x2, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r10 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
write$FUSE_BMAP(r9, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r9, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000440)={'trans=fd,', {'rfdno', 0x3d, r7}, 0x2c, {'wfdno', 0x3d, r9}, 0x2c, {[{@cache_readahead}], [{@euid_lt}], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
epoll_create(0x400)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000240)={0x28, 0x3, r6, 0x0, &(0x7f0000000380)="f3", 0x1, 0xfffffffffffffc01})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x3, r1, 0x0, &(0x7f0000000100)="ac", 0x1, 0x3})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x4, r1, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x13})

14m6.643348362s ago: executing program 4 (id=330):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x34, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x5c}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd", @ANYBLOB], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='maps\x00')
r0 = socket$inet_udp(0x2, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @multicast2}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0100000001000000e27f000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

14m6.412277761s ago: executing program 4 (id=333):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0x9, @loopback, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
r1 = dup(r0)
shutdown(r1, 0x1)

14m6.347448473s ago: executing program 4 (id=334):
syz_emit_ethernet(0x2a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaaaaaa06ac0100000008060001080006040001aaaaaaaaaa08ac1414bbaaaaaaaaaaaaac1421bd"], 0x0)
r0 = timerfd_create(0x1, 0x0) (async)
r1 = socket$packet(0x11, 0x0, 0x300) (async)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x92}}, 0x0) (async)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRESHEX=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) (async)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
write$dsp(r5, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) (async)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0) (async)
r6 = gettid() (async)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) (async)
r9 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r9, 0x3b81, &(0x7f0000000200)={0xc})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r9, 0x3b72, &(0x7f0000000c00)=ANY=[@ANYRES16=r9, @ANYRES16=r9]) (async)
write$tun(r7, &(0x7f0000000840)=ANY=[@ANYBLOB="0800080006000600000014000000450a0fc0006600000b89907864010102ffffffff3297e3ba0fa8a2e71bd9fe1a399b5110420b70460c0dad392d66248a43540df968e7fcaab34569c0e36170578c0d3c546a98b26295e2592f360905866eb4720fed03a977a3df4224895629fd6ccec64f13a999f18f518e3ee28798381975e862f1db9dccdb2f1c1fb60f5ffc7a339d40a8bd1f24cede8a32f186f142e194d4fb48224759faf813ea80e6a853e79b4fe27fe3e1aec5897b314a7f0d515b07b1835986b4885e9826d902c40f16cd77c58b6433ab039955ce9db11f36f459e7114ace6c9989eecea80a81fd39f339356c7c3391af83da2486503a7973f6db4806cf3e5ca94cf7e1f79fd00decd76100c18251a59d1474caabf4d3ca6a9a9885df710e68c5b0dc11832dbb5eecb5c88c2f8f02bdbd88569ad4a740359cbca8c378118220d73bdd1e661c3a74f77aa931b11cd38119b0f084bb96e84803fca6566c33ee1e4e34ab0253fbf24f9f5974af5e1fc2a43a4ec9dd9928a8f38a128ea27c429300ae5a6bd7740471f973d8224b2b07879f4fbe7dcbed776a72ebdc713bcf1d7aa45b01c32a1003e6670d58510bd79ba2fde5cb2b82cef2cc315648f4e9d96d848ba327949b8926253cbdef6888a8982108b6ac7a1108533dd3fe125002e2e286362d1055082a9d73ec5ac3080f2a501ff27250b62c8965f371cf92b32d6422d79f66261eb08a2f8fe50049e102c69ce703d116d0834208cc957d0f1376457a90245816d7642412897fdd2f982fdfbc3af65aa0446b00c767b79aec40e460887ea02188e3a0960eea39b144859467b881978378c9fd593259e0f63148179fe2c2f6d40987b63a6e384e63027f03d8039d707522942d5dc88fd842524d006290b6a65e9cc86cc5b401a60ec4aedfb3bf4d0447bb681810a16b9684b72c2f4593ef834a0203e78cd1d9dbc978e9ae8f3ab62c07f1e41d59470decee7b0cc41ac49e4b7589ab6da65849f62ec217bb39ed161e7d337822d96badbd74d66451ea9a74bed591dc9631bf639dcf7846ee428a9fa55bfceedf3b1c23642f3b58dd0a7273664c6c49c9160a4b9cc5b72d0210e305b94e2cb09ae1d4af9d365b5093851f229c8c30aef75d45ccdbab4b86d801a9ad3b27f26ba601d531c0743717aa7aae29d37f496fec7682c5a1abd321ad61941a2d23fcac6af1d1875e308c8d8c64a5152be47b59c09d293f46b857310a99f1885f0a49d432aa0d39a3e8fc885e75e66b63215133175a19267c8d0adf7d8f644e742ed5369d1405e99e63b78727f135e0243f24d9ce354a1562102ee8de4c191508343b86bf7e7519ddd770ce55e17e590561b2f437194c97ad46622a6ae3dd68d9993e6744954f4cd308bd6594fdccedc578e80aed274a65219697229059723ac37d535cca0e9c314e7941b4160bbd2ffba71f26ffe3228431bc81463078ad70583277ef18bce23ca2e5b9a00670956ea8e0e2c739c006106c8c9ee3f92ba728d8490742b74a9a18cbedfc4e69bb87e0da4c7dfb964374c28c837d4641fb99a19b233675f8526af395335e0185cf3934805442ac379980b687a7128e53284ba9e741b5fe9bc969bfbd55cbce76842915e076e2adf844338d16d3802c681bafdcc60465bd34dfc2d1c069ceee40060e0570fc1275ccabfe3f9be3e84ceedf72cd649c082232008e2b0c94594588c00e0fe911bbf1c12eb6c37ce05674a7597feecf27f5e051ffa824d9ff93638dfa9a84c77562aa2cf897f55a97b79c18544ad03480e1011b8f93e0ead9c2c6672448f585c5803ae99be777fbc662ef4450c1e936ed8b3c8047f00e72adc845610000f8e5e1dde4967005d96a64fc75d9f486b3ebdb5904a0a56ec48542f0efce939f66fd69259e7376ad37e844b4ea90f35b2d3bd63b5c36b267d8f2c7dc5a50b46e00ed086dff8b039e07b84c60611269d4f282ad04dc8e0b481eece2f8a614734be73617f0ad5be195446b09dca4cf1f32653dd3e188aece76f3014deb2ba61744835c0f735234b6a4637c948a7b4fd4203b286ca87d669e325d70277075b094f59eb1dff6c9c05c40d5e464c563df79486e1a32e6ed9bcf675aac7968b4e98dc4e210215b0d3b6a2525b2e3df11f3f1490eb39cabffbe32e23659121fde8e4e346e0f595aaf3666a5f6f118c1a1128039502ac04c40b85eb4c54e6c95b8d1c2aac74ae9e1c355ccde9d54d5d833293f5df09224482179e5bcd8e227c99172a6e14c2cd4e6462ceb0a905a1d64804840ce62e350c6efac10a7fcb029f84af64e2256d45afd3b3f59379895740e0cd2fd24c63264f785bb6e3f40ec72ed67d1a7d87dd264743d9c951cb5aa8bc6f1d1bc9b23303d5aa7f8f6f961326757456057000cb2bacf78cc229002777e932c2640b8dfa793846ca49fa93996db95104a8808a1906b19df17e754b90582b6c49efb3ddce067dd9292291cfd2bb0323ce8098f29e4fce0de31cf5c7e2e2da5d0d0996a8be776de8fecfd3ce68e80d21f1701f6b90ac51278abbd727d19415e0ebe001b990b177b8dfc048b918a4b5e4a6221902362e5b20e6e6f2131a5a5e03c1150b179ef40c933c2fef1b79de738652ec4c32565f5cf751a11db177099c4e2e5bd7616cd0dd501d5bfccf5691de3cca590365328648baf8a9487a3c212193c9bb837594460967e823067a9465eba7001eaf609a810488ef5c147aaa5e9e8c75b585ac3582b6915e20b5aa2f79b7a94857122988c56dbce1ea52de1a56652e839bb853be3ee16052b33fb83ca54d8e4e19440a5e81492107043a66286f63ca87a1f7b8a4e9547a7eb6005419cfd28cb37e9e374f4d0143973286e87070754025c1a6fccfdc6858eaca8c35ecb19584ce7141cc79a5bc813469161b87a19fc21f3373d1f25b3427916dd1be2a589b70ea3b39fcc7801e13beaf19b76164faf3dc4ab8faa5648d24eddd6caceaa0d5ac9cad633c19a4a4d059ee823a49b7cf82c5777d376c111f58ea8fd473429907852301a2c856f27bd0c687ab5be0e2bbef64ddee1601375a4440e3f59d60f57caebfe457f82432523ec4a61cdbb7f1e91e4b05fda892df131c274b19929d26f7a5a6d3ca487983f729601ed9bb4bf5c1cc3d453d406e9534688dec6a2dd0b9db149365c125a95e129565e62cc91f7d960abe1055b730ae0994e7eb08392d5745d0e4f529c4defc3d3e43d0815b0cc63effa88d20c13b14e780c2f6c89a1ee5e4db45a5c272186cc3e51b13dab3add5f467e8ca0f4c45a1fc76db2f0cbf794102946aafcd8cd8a3e935a606b9721645c4d550ae0907f345593736506efc626498c974753d474a73626041d3a54f8fb50de2a6335611a3779da3a02daceb2256d9b102d4d30dd3cd389a04b1a7a6076879f36534bb3379debb46ed1fa2c40096c752017dd024345c58313b43070ff7bef94dc3cafbe6ec20d59e5ea3c196ba3b783bfa87384407efc664cd350c80ac397516018e35371956e414755cde304d2a228c1540ba6fd6a7402d11c666964f024da4c016eb556ba2c5fab86c60c12efb1496295d80f0383526e8e0fc55a287bbd3cb966a916f57958d8b6ef97aa0c4b47f7746bab6b99698c1c96b25c4e2e084147866fe0970b109dd26984adc0758eb6442712cc46dcd8ed3038b0595252eed1b8a46525862662d1e67eba66ac341f8d27853eed54854f488f079bd48df6ce7a4be8b1b61fd23a2dc4d3ade0992011539cc63f80fcfc75008c20cb639348cb218f8f476a6d56917f4ca07e67fc20ea2e9642eaf2182b397e279f5f6c70438fb8aa39cba788588c181461ea7efe1a0dd5b95eb26f7158b91012f7ce0ee1b4e79ce4da377bea4551738a0f491a84f19b3be9827b4469c299527aa9c20b8bf12f919976a0356bba720fb91010763c79bcbb10d89280f0f97cdd19aa0d54828b308195fac170613cf4b515e340a9ef2c97f618a9f50b30ae34ebeed9a38b4c6969680accc740b154ecb014fb5d543a59ccb98a7de2823a2dec39f331cb503eb74fef61262c6d4050bc723caee834eb28c64ce007f6027375e936b62387cf1778970e88b0574a0106d4c855be7425767c551b2fa644d9d8a59f787e7610581b768057d229673344571c3d6e3f10975b2859f568398b1f38f89524d9ad0c1588617c3883a1227b714c81cdf28da54f33968c1c50f28da01c308eb31d319b3e77f96bec001c9300000000000000009cc0062283ac112868592619db14d629c47bfb793a723dcd2f7b07ae4ec14ca3ef4b955ea5b2b153a279b080f6236d418075b86850974c8850efb306d5c304e726bf2643b4403e6d46b0e0395b02e93308b4b2c3e957308d497dc51c753344a7878f1f0c91295fd76e3d1cc9ef813161c6b92b7ea6068ceb97d8f45a4ce57af7d7632d699951f7fe3c71c3a32b014c74425c67e5030546b10cf7edcec2eca5ba31dc62c08f83f35bc2e36b93f15f071bc2537ebe9ca19f86dce4e84272e10323d0ceaa2cc47fe4f6ad101d454c761f9863e94af91199ce5f12469bca7ba39314b84aa7efa4bdc18f7700c19511d48d6132450111d70401a8ac73565d5386ca12345e884d08b23f9c901000a95eb4167865e58c28b112f47c96beeaa6657c923e25e56529107c5c30e65bb485d5ed21b91332db4e09df7e59dcfa05c994570deb3f9b838e22ae4abbf9a9a8c319cc9112c8dba7c2278f78b9578b0254c46a4c04b8fa4fedad6bd275f70b1618971ef6503379bfb0a508c9944328af2c820091a89e3f75e68e7f980ddc9154d273f7f2ce7a6294aefe93136860786679b80e41f6636ff45efeacfb52e2ba2bd9bd9c9030079a46caca5c4b340c17d01ba8ecbc5c561b2038481a8321c009d12136a3ad5461881d998eeaac5236fdcd8f81fb5e53848bb096d9198fd0d38830d1809f2a632b31e2b67754140c907ed58aead048b2d8af9a1c407e48db815212cfdcca97222dabdfe01f311a73e1e82c3e189ec5add48d3f8190eb9e14b58e540f7f1388a7c687629eadb19fd8a133dc8177629270ecaabff79efb6c1f750d89b9e6c5f34c6238066f8e3e425e46a27b3c0d2e9e2ed3cffe2a6f39b8e0137ea5de689b94107fb4748a5feb3902f0feba64dae4c2e69bc8d86463575c6b0ef4a8a64fef41121e57a8c67eda07e9fc8f98299677de198ea0a649ef3c00591940b2c27ba1414aaa1633deb52e3a44cfa8d7a00d014317c026a7d7f42a34b97128e1bf9cda4d8315819ac73ed5061bf9b5631d07b09b85b78ff1b6eb86e9e8c4faa0f991cd6fa0b0eb71b39c20ca9bc7c156f3bd255a5b408df172396bafd7f0fb11c6eaf1eb0a06576d37bee00424bf699584b1dfed68f0d8d8a35f0427c783fe2d79b4373628971e87501a5e4bb05b5058d0b2132741f26e76065b6f4017d963c8ee5605c4c5b6eebb96fca0a41893cb6add3fb0d728abeb860f22cedbd36e464bdaf124a7041460f7af3d64b54e9ffd240b5afad9baf6e5dd8406bc1b205da5848f51fc9dd5197716e144e1b0386614bd3cfd5ddb80ada1e5ca74c8960093a553b1f6288aa7f53663cdd867f658e51b95772dc7a6fa45fa03e14988a33250e6c16fbf0351769080d64ddfbdbf77e1215563bf2e82ecc38a682846d7e2e2ac4e87d715f97f15e84c3df04affee49612a735907d3c4d310a54a6f609873ad56f29a138f4d5661f6865e030487"], 0xfce) (async)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r6}, &(0x7f0000bbdffc)) (async)
timer_settime(0x0, 0x0, &(0x7f0000000440)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r5, 0x5001, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000680)=@newqdisc={0x54, 0x24, 0xe0b, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xed74747acb94845c}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x24, 0x2, {{0x1ff, 0x6, 0xfffffffd, 0x0, 0xfffffffd, 0x32d}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}]}}}]}, 0x54}}, 0x0)
sendto$packet(r1, &(0x7f0000000700)="44c3946a6e1bdcc3106067a286dd69", 0xf, 0x0, &(0x7f0000000440)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380)={<r10=>0xffffffffffffffff, <r11=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r11, 0x1, 0x1a, &(0x7f0000000ac0)={0x3, &(0x7f0000000a80)=[{0x48, 0x40}, {0xb1, 0x1, 0x0, 0x3}, {0xc, 0x7, 0x2}]}, 0x10) (async)
sendmmsg(r10, &(0x7f00000007c0)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000540)="13ce", 0x2}], 0x1}}], 0x1, 0x20004888) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x1) (async)
openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)

14m6.257003716s ago: executing program 4 (id=335):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)
set_mempolicy(0x4003, &(0x7f0000000200)=0x7, 0x3)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)=<r1=>0x0)
waitid(0x0, r1, &(0x7f0000000700), 0x1, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x5, &(0x7f0000000140)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0xfffffffffffffffa, 0x141002)
syz_open_dev$usbmon(&(0x7f0000000c00), 0x2, 0x101000)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r4 = socket(0x1d, 0x2, 0x6)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000540)=ANY=[@ANYRES64=r3], 0x44}}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4048aecb, &(0x7f00000034c0)={{0x0, 0x0, 0x80, {0x1, 0x5, 0x2}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf9758b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bfe98e94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b91fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029e7a9e8b86a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf7b155ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f8edd941bff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b7fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22670812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa31819caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae399aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c04799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db63dec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880bffffffffffffff7fb5cb6967fb0ea8e14efce120947092c3b601002f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6af1d8183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c75f4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b769e44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd580800000000000000d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156fb4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d475bd5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95f3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03f090fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641f9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33201f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49d2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a34313315836bb7291764b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b89abae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33dff5ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e02000000be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c0851800c6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e400000f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r6, 0x1660}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r6, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x2, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00'}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))

13m50.396357643s ago: executing program 32 (id=335):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)
set_mempolicy(0x4003, &(0x7f0000000200)=0x7, 0x3)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='freezer.self_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000280)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000080)=<r1=>0x0)
waitid(0x0, r1, &(0x7f0000000700), 0x1, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x5, &(0x7f0000000140)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0xfffffffffffffffa, 0x141002)
syz_open_dev$usbmon(&(0x7f0000000c00), 0x2, 0x101000)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r4 = socket(0x1d, 0x2, 0x6)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000540)=ANY=[@ANYRES64=r3], 0x44}}, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4048aecb, &(0x7f00000034c0)={{0x0, 0x0, 0x80, {0x1, 0x5, 0x2}}, "cb31455c9ea4288a70a2a6bb8068fd95dd041cf5b177a3bffe992dfbbdf959487337b92336ce1de32e7695c411c0bf9f852d2d71192f33001fd51f5b396a55cb98699a09d21648c4cb30d9d7e3e397c7a3c041c76c72385a46c48c5302848c3696facce956952c2a85822ddf20434ccee5806294ed563ff3a972cddf6ef16ddace933d8a5adea40cd3ad40c9873c29368838e815ff59723519154856b2d5cd9cd79a97dc2fa08dada1175817886e5f9e7aa3dca783a44c667a4806826570ec6acb57d65efc313a384e11fb633dee17ee600145f2cb3103384606140021be766fcb7fa029f0513bbb466177ca1068192550bbf4e6f5694aec747a16e27688a988fa595bca1761b8e88a7dbcaeaf9758b1faf880dd6f1b6eb4c7beb0582b4007f1a67db1352407adbe1456bfe98e94fd825b9419d74f63cdeb6c6976de1890d773f0c8088d2bd48a838cf5b87f5ddf926352960fb978874b0f175acfa55ddfe84de3fc9f75b58bf7a35f33d3c43ed5e3224e92751fa1b43f94f64b681163ef1360a3f3bb7403afc67a188b2104b45c5814aaa9e218552498bf85f4b221d9acc32a331f5f8c109cc9f335ff4e418ab30b54b91fc8211fcbaf64716afdc4b6d0417e04d5723e4675d282b36bef3a3a19e855029e7a9e8b86a6df19332b63e9d8a0f22d96ac230c67657a4e7f7afab91dc0ce751b68980e5a4f6d9d6d9b98802ba9d8576640eea61b8c308a1745df61560e56108bececa3016d93246fdc8b768634e8319b1ffde103c07378f8f4927baba05e992a4b5af0958a7e495e7ce53f7917451d15a963ca14f5cdc4563775688b6533a4b97e0f84b0a33c30077b20805c1f42cc7815efada97ad59ac486bc9e0ee386b49cb97b47fbf8f919f06c75a49636795054b5ebee3e91602c90d7f4db49220affe56d56b96e4f662b2bf36dae482ffc7ba21cbc55e21b73309d6b7aa5509defcb77c236e43b579c61eae5c8d8f8fa71ad876b96069f2e4352c8aaf16e299d21edf5434c0cd9b25cdc9210fb0de759b1dd3fc7fe4c7118bbde72a5617dff21f7a5036448fba7fe41aaee0c289cd076d757e47b0713b236f6f141ba0112c9312b3ec853aabafdf1eb2cbb517d2d7352725f557214d27d9a340af0128fc960a4ea64c933b0d8dd226b6e024471aaac8a7074b2a8695ab990fabba5bf315d246fbfe4260f1fffe54814e33b6235c5b4095437298858909bcbd40a8a286d1bedb06b7b1775bce0a5bca19b0a5c2fa8dbf7b155ae0a43c5086422e5bacb94047e150451f5996420b0d4a697f59decb49900b2b9c13aade536933e14d672c21a35cb68572c3de02f8edd941bff4b8674b91f7aebf35f056a8d388f67f8ef7cfaf6b28fe745831ef41def1839791647016932c70685752851327f1837d2f1e9d8f93443eefed2317119c8152ca451a5d3aeb253fb484283f52e5db9f61f059ad3c217a860ee0571d254483501b00699208c7fa5571cf58b9715c954115bc2db0af28361938bb95ced7370c8cbb6141ef62fdbf369dfc4eccd98ab9886d79a52cbf91a27dd0f4b29940492e860fb94654dea54fad6290570760e3b59a0cf28053732472dc313b7fedfc583fc702a880971dc61286370aaf167810455cce7654dc4325a41d9d1944abcdc4d81378f1e96a8f94cd95b886a01f086e379601504219d57d531ba34e1ba0905785fb629c61f6b940a652cdee9dbef12b7fcde087b92816db3386a5769049ba00788e31de4ddbb8b56de1fbe3a5e671728effda7cfd0b650cf5df2faf22670812efbbb548e47cbf36c64e05a7877820f08948ceedb35e12a4a143ee0101a7bf0a00a4062b50c39020669700adf739a6f75352a45fd1373d3e85c3867170373f0c7a794d8590f4c22ae62d438ec365b0f6a15cb2ffe0fc6f57185e1760761bd4370027c01dfad0502f00b6898115df3c530d0b0b4a64e623fd580b528a733e4c881cf5843a975a97f92a7833527887c79fa8eec82b9526a15c6c5f2972083ce8aec735810580ffa4ea2cef4823aee044dd70927f7c07bba18b930006aa86ae7399ac6b4c24bc9d6a6ab0c5b428d7255d4d983eadf97e10c1b00867da29ac981acb453073a37236e7ae808e7759b2e0cffc3ec43afb1e95cd090a7d4b9225a0e3cbebfe49b93846ab603891e2da7d85a04bf42d12d16a97c965bc4911d3ba7a9ca505794d8744fef00a436089de67aa8b480070230dfb002eb91edaff428d4908a87afae418dff7ca59aefe1ad8f6935f309fe7985c2310881659c60a66a5e50242497ba1cd5d2bd79496ccd23f9fd901afc6622829cb3701caa50f96e09e3b23bfa31819caab43e49ae1d922a1a1eb3682de026323d9215fcec42c54401a1af81450830a4b784ed1c7922734bf3632409147680dd3fabcef296353705bb5c0e650e12905a05db1e7923923a96ddc783fc1ed46e2010416c37d9d149ad73e808bd6e4464f62893024a8501803b6c88fc55c8bbc1da7cbf580b5a81fb7c61455ae399aaec303fba12e0f2b51ed5e8bd31db40e8bdbd00e7b1ddd364766c974d813d86fc88a27bf82bba60c62e5f0f6af6bda3390f8e72a2811baf3d6325e70d9a3b59cab1abe95290ecb87985567e1243504c038de9d4d100ea64eec45208cd8d2474e646f7d81eed6d59b8b0859552b6fc088d874cde3e75ee30243dc9d88ed5b577851a5bd9e2a453287025777fcac19ac33e1c94b4ad272f1055b16b842a6bd6168fb45f1f74ed2467020df5431068a5f2cbeaa6ac1841308c7c9f752aa06927f91fdf18ef9d9e942367e5ecac0abf4d3b8fc7b80238c04799bde63168becc67c5531e843336fb16ab618d37f95a91937b824bf896b044146bc3a5e264a8f23ddd00729cd9aa56d9a9a24b7ab96ae021b193d8874d43ff4b723d86b7564e550378599c3e0c7a2b3d447ad76eb4cd699733d970a5ab218429a1af81df9c8013d6d16a6bcb019f6ace4461cdaa785d20ea027cfa53d521bb91ad2c04aaa6c0f268b14924803977633280c7b7beb14c88fae542b7a13e96253259e7296e37276da88891c14664340e84ae732edbd71e67047e476735b220ca231de31a380ece372db63dec3cb3ef5ac97ec41148febd2acb15cde1ee5e990ea0aaa95c2df39e2111dd1185d14a194e22d34fda8f54e99d3a73e5a231682c726d40816e048c1d059bf3bb9ee2b5f895365d95aa28f6adbf6e16469926b4d8ee7f04c7dbafaa444df5b88596c17874f0efe35e5ada1a69634f4b430f852d33b032f823c5deb54f47a7a4adb1adf56d5440b7a917580004c13e0b36c8e0a203a2be3f8fffd9efef3af19389a12c67859d4381ac0a02da18e25931b41216b731de25e1245482c84d45de1cddbce2109322a3428bff692012573fe9efd02109dbf35c5d3a287dec105cf3f1a2e5f0b1cc08c7b4759766d25d0f7b42c3ea8bf8101e61159a2ba7602e9c7947cf936ac39bf59b24084709fd61d704bbdba7d282aac778b7ec1dcaf984527c8112d56e75ab774d1598d9816abc77b0e693880bffffffffffffff7fb5cb6967fb0ea8e14efce120947092c3b601002f07cad22e971418092481fcad36ecf0cfd6bc3864115b8507c13554584f1f6fee5ee07eb6a091638d8e7781c1c006166e0f987f9f4de535e9f3df1db8c9328e9a19a73c76059ab4edfe9eda7f16cc6b869229bafb179d194e20ccc6af1d8183b673de8138ddab9a0907278f6eaacc55bf59a450ebc10e0b88c82d9f0deca86ff771f46509250fde94e0c94256b77616d099862ddc9b341838d634a9dc4b55a88fcc6248901135f6aa76365433e7e534e0e5ae8eec2a63df62c3e244a40481189ff54122698c7e2da2c829b2eec9efc9894ee05be04ae6dd48406eaace17827e38bf38b414059aded0343e0711a8d864ff41a8d9ed40fb2aa1a3f4014f691cd0e8af62445a021820ff03afa8a192ee255862f306851df1de96ce36cafb6a60b7069db7aa96fd1ffb2fb01e6247f770304dffe4b1c8d0eeb336dd6806d6ab5d418953b1cae7cbbf53766b61e4aad5cfce8255b78af26f9bd11283a9c7d12cd63b82cd2b506fd4061d1e16fc7c713d80763c3b0aa0faadcd9b7d676101aad80e1ca00369297e1f714003ab8d0b545c335014a522a25a767950963ef821425b79b521076166d0df3ef358c7d60d99cc85463c186e8faf16af79785680382e4cc93f6594f8c4461e0988c08717640df24a5f357db22432fcae21702dc792d201212fb3791e0164bb3d433a8268ec96df73766fdba42965e00e619246cba5d96eb853a7c22c34d2fe5e5d3f3ccf9c627d069517b743cd07f6f7b444074bb9a50269f2e03309c58930e56a9583eb00c37fbcdd391972261f41756c10c8899fcd036e2017e088ef9e6ec31f795d55b3bba214c53c98fc9318e4ade0e7e6fd259aa277fed54c27e5210787a5f6937f56fdbe1da5113f059061ca590ddf536a55cb91ac6ed41cb9c0418b115b29f5e823c1b0ee7c2b3982087763545b34e2c945d587ebce69bbe299a7f52b674f351977370fc700474bc15d7e6ef98c14258ecf401a4f3bba1a9aa76c5ab0b8819fe6efe3fba1899909e5e48554299150ee272451b56142d12ae2bb4942db430239701d494917f2c939a6fb9d98d4751a6f2c4537ec870342d223343a9bd7b8d8c99aff8cbfa298395551185f35dec120228073a1e496a58b59d9ac5986249a7c6db9398395cbf341c08ee910700e2daa042dba1846fef59c72ce872bba2046a14fcf9a47a5686d62bfba76309a9865c26e5fa41dd872fc749fdc57953105ace4978f9eb788c8d061c853ad0313e51e732c5d7bc05e752443c8e99b8e81c688befdb5b14c3cc2f96eb8ce8290303e483992fcbece1ff278d0dc036ad437b6cbc695c7741ba4556e242146d40843c73deaf8fceba40e4a4acd739b3031848b17a210a1ff0dc1908b77c4bb94543af52e1fe2a090c8f217428d02336303f7952c3ddefa7c81850676e7f4cc3d32c3937281fa5ab279c3fe39f92ba077dadb8c2c3df17cc511bd33c41cb161d24aea154f0f5902c94b56fe072d321a983668bd9f4838878e66ec44cb233d7d0ca908a794c844ff8b3ba4c57f6c5fc2f3a54db448b013f0c4998bbc6ed0409b3368391cb28c75f4a909fff90f308ff38c758ff7d8a2920bc221236d89b3b769e44e8ce649b32f5135a0217ba9036a8edddee97d7ba15f2c21fb7d3cae3eb6ef09dd03eed650489c83b5ba5dd9daf7a86cf0544fb8a58e46b860e3e42e10cd6f1c4f81179eb2c3ba611793a32abb4c0768db90e8bdd1694efaa9c2b45c89d203fdfb8b926b6a0d666d91b93065a83184fc2065961f2308056241b66f427c0f0aabc75852c90f0624cf036d537032ca8d73325d2ae2a79a7292c240c34584bb881fe5d468a051cbc0bde061f9eddfb758cd2dfba296eef549e5c4ede097111216a0ec60f90e8d6f5dd843c82e15f505f8c74e854ba9cd386249d552978eb8135a5f8c79c3ceb8dd580800000000000000d6cf3ff2f47c276c8169ab98336582a852c1535018fb2306aca6b8c9f9e38d64c66a722762b76c69d4ca6c14bd6992549e4eec17287fce194467f972d9200c3d1ac4fd4a8f2620e2e4281d28c099946ed90789ba122705326390d3e058ceed24044e542efb36416272eadf6304f30efa0b7bc1ae5be92fe50e591ee6f725726e917ec113506920beb2aa53b39f1d76b31500", "cfb220c7d481332f3f1f8079dfe27e23185fd67a407358db7892789f96b7fa9b14daa48617a10d8a91b820ecbaa470ec0bb1f3cbce7f70ec70b19a4cad082229c2788f8611d7dc306d9a45761a97828c36ed87ebde5d4a3e1609c1422a8ae2f7cca428ebdb0dd38b90b9598a353b18a600bf35a369e6e3e5abb0a1c5c0c0e48e014e7ef1b7d768b3c5657f1adfbb7ff2985082b16c99eb83ec3660990dcf1106efa6b7f8a4798fec811c2c85faec0235c83b7093b3d02367421abc40a554e0b0d7fc1bcaece4222c594f8d20e368fe625ca433c75486fe5c94103cd17291349ee12b877602936688666f82ecd8f4f83d50bb1650e08b96cd25ad147c4c956c98649806a3736d072c8d97c6e3a46a7c18535df8d828b86662400d8e9cc861fa1dd5dc193892d3168396c499e07b279fb76c7e289f2fd955691363bc1de74536dc571817615c88b0d594a136966c129e424ccb7ef1c7c7461eac7ca5f03d72ea4c9c3d1156fb4cb1bb70e097357588b5c49f6716bbae1bd118104b42786f09a3b9f7cb80f383cadfd0c462096ff2bb637b7cf79764b6a4b7ffc5d87c1f063fb48e7f08ad5af534c70079f12f28e8921abbd4280801cdf6101ea494768b1274afd0eea5939843d56022a83590920fe446d52dfe699c33977d5592dbf7e0e236b8175d7faae06e0c50f7402174023ce4b996564e945c416fa823f2f9c3213ac50b20bd1fd55bb8d9fe70ee31ea2f404ae0fcbf857bebcc9196c8c622059fea2e248e4058905b69fb98be312d3193ea1d8ff653173e8c4ad8c81d77a5bea45b3cd6fba19b6336f94ec04c8f86d24e9ca959874577d7ca0baf3c4ff30b554bc3ccc06df46d925373fbf7863e2cf684d3bc9603ab72b851ca4728294de87f2dec6f23ca9e43ed2e5cbba662d13137fc1ce0f6ae6aeb974f72f4b750825fafb67715e425f40c7da83b92d4249a0a4e96b789cceb7b07f38cb83f72dd093a345ab3cb8ae760fc14e40ea182a0d7fe1facc62a1ab0902349fd7e27bb0cd349fb5053f4734823abf020739b4b43bb11f5d69b61295068df31177959903c2ea1bb82d24eeaa93d0d475bd5d15b2a401e7ebe0d3cfbd45b2db2882cdb41408aaa718f8320fbb7f9da4f68d0eebeef175442e807e9908132731fe5e268582dcf6dffa4251ebb7121db8e412089fa9d8af9919799547a26b6b8eb44c28f1ce5f9a3021fe30841be204c1b4b3813dccae6baeef9b53fe413cbec46bb0cd95f3793cdc9bfe6cdd96ce0c4aa4a25e1cbbeeee6c9fa558b279048c7e31d07b125bac68d4e1f4253bd4dc7824cf3d722c94cf2b8f61bc8155731f072fd447082b181a13ffb8c08a1d568298c5de2d969fae2bea070a9e2688f294e76b8c200dfb993ec19778eb56ae3127c1116ccc85ef8806fdcb9ee0cb66ff03f090fa6c52b9b101b3830fc1650efa859163a264b4059092e5dc9a415ec09bfd1460f142fe5ef00beb6aa9032bd0de97aefc6f65e8cfeea761b3d8174caf528b6627682ff4d4450cb0f34251fc000ed01dd538ef13260984f44703b89dfb511bfb538d0b1c8aded964e1bcc5ca57437468b14a31ec0000a17e4d24369c40500449c37e7dccedba3eceb59d827dace246b5c48afb6a5988e64c560b3dc76c32d831f51cdbc5cfc4364ac8b25372b87c92bacfedc6bc8feb44098dbebc89cda03c59e4c58a31372bd574704b9e788834b9f83c6703f6709efad97c4ce499ea580dae1de282a019247cb3dce5c1906322e6d3ca5157ea6428bc42416936fac194efe136089c07faf7adf1e923003f1dc63fcbc634b389a4f351a6acee785e23c6bb04ca2f265be1e634362b87c6f9fd369bbe62a1db6b286c7ffde6370bb4d6e9e0cc3ec451e1a99d134726c9075e71319d3a683e91e4b900061c0e6d086481069cd32f4cde7816f8e3a0ac6428a7488f31f06ee0da10df3ed0c150d29085879d064f914407f60018bb588735663647bfeda930407d69abef3f72fd461c2b85b00988b412a180fd267fc646a86d297e7e40912607157b6fa873df6442579b1523d8117f0c06c87adf75843b8bff30a5bfb4fe1e9846b7fdd58774641f9cc9c4e38e53ed24a9d9e9dbc7657aa9b220a8545852b0409f5c0812e953823e841967bf55059acc7a4600818134359e72cfae0d04a0738ac8acca133d6395a455b22cdd6f901d4cdea1cf17415f7d7895a4b65f80d2f7c5c60a0dc04b40c9ae5ffc922e074a82afd704673e1766d19db9f60eab0238fb4a3169a08aded607847e5d752d4e24c4914b95bac3892bcfc2076f16a7f07583f0d418b9dec03afdb2e93335a392e1b1ef2910eb2a4b6a63fe61641f3c02bef73cd7e4a77a6f30ae821598c3160511603541bea89022b54f321c2a55cdeeb19335d78a821ab6ca0f36588a9a79a41e2123905a491d658c2a1caeee998c995bb0f816c92c5dc2b862183f80b9f9786c9c5524723c944d11f6894c7f008ab8194f577e22c03631d2a33201f508ea49653e7600639242dbaba704f700ac227f32dc575c559a0a1f4fe0cf6c22fbf7e1ca2ab4b1e4724e8379021e3c9a7c1509c6a413bd7d9c98938e440762eda2546d636597defa86c1ad31126a1182d365f858927d140fb0a97f80adcc5f4ed5efe11ac503453917a263f1d64692348d30f382e85e464ef7616067a42df5de1a1b622fabefe2ca4ceffa4801f7a02fdef40644cd1d079590d900727628d54b44db7ac700d8d664f7eea12837fcf347360d8e43a354fe51b4c49d2b800b5cc06e22c72af2a67ee7bc8ae894e841f2cf2b0a7e381caf944bf4e91ded63b6f82f7474e4f81e986fff7e5339b8e9f60103a1af81833e120f0c88893ecabac044a4a2867cda4fdcb084459a00507aa9e5a8e761a72df3322a1ae8cd918b4994c23bdb1e459b4f21651bd7fa067a00e2a2877bf6b29f289ed8018e0a78f6fb4ded9749640e0e37f6381b320ab72da404f3d70d60152f6fa6738932387b83250cb3148141edb52f109bfd4bda8054959db01f4c550609a63c08cf01ecd110cfc6f0055638c0dde039d2ac2daafe59e561f9f08a8830c3f661e4325de63e98f4a4216ec3b83fd200201ed3f647147611424286ffc6c4a8aca64a6874743242d4feeaa9153de06e51c512d9cab7ae712c6424069f3e5db4ddebe9b48b5f6caa741162edf97674d2368e03a387f798151a4b9b9fa9e3a5838a34313315836bb7291764b9a3c464c0c54a4c64ca774ad200925ac6bf59508c10a8574afde9b821741af43ec64cedc13aa220b39772195283506dfe899dd6a7b37eb21f154056a2df3564ef2bb918a928651de88c3613b84e7960bddd7b46b1304deb30f57b6fe5a3b4788629e91bcc245e748b3387f52da4bb094782326dcfde0827e2d674e41bb375247d349cade9c704e5431785009b0e53f1b45c70b237c9432e07e4c7a8464ed11608a3d2184338dd9e6f6ef4b3d751e979667b6a3953c89aff4eead7a978071a912b3de21a85a5849c57933cf53cd74a610f3e60f699766fbc7e0bb8a891a429c77bb6f3b6f9f8eb0b1bd9588ef2ce98fdf0a0838e4b0bed807d8b673093c717feec8d697e32542274887d039db7a2daed5d52c8e9767443229f8003c5d67e907376ea2f393484fa70deee159cb56f8d097b8fe2736e95f540137e20725f0940a8d049068ead4c46bb3771a671bb00de88931e03445a55868de0c220db05cbda9f996d5fe7c1070efe5e718fed4d4cb4ecacad3d6b643bc0ffe9a71b720ba7b5adbbdefe29106ef6a6ffe4547f5d02bec312147df0abe80efb2d5e598fc7c8b268e58b59e0d75728e9a18126f013c963ddc92d251405f857fe3a5cbacf443be7772975b7bf4f6d7ed6f80dfcc47a88c6d19120942adb5385be6ef3c0d7e396bcac5affc8f9276d6cd1a0b069aed72a98cde8ea7aabe6cc091b19efcfaf9368dfeb3087a05a42e3b89abae5ffeb72e6ac06e995a2a75ea0b5f7876247bb4c38cf3f0153f1f7473b522f1c440b632270e2b1d654d3a5ae16cb788482760d34ca79c8951b29c628e21029715683a3e6f8f77c5d89ecdae37e0190f79c4c1dbc9d0160e359cd6c94d6662ed53bb01a83374ff593c823acc59241b11f020902069fc0054a9b26cb320bef4fb1f8cc5bd8ae76eb029afab731b9876bc4e8708a8315512823cff1f9375d284ce66e53d4efad6c76d17bb532fc938b8f80c13ce86b5ba3e540164bc5a5d47cd321c241d8740f453ef95bd3878d578561ad6ce20877ffbd44062dce8df1d048d8d5e4045be647886108cbb1f0b26a8b74b66858afedb830a161bb02bde4c46a688a0ea3a7018ce24666aab0f422ede2f78ea29f77e28d87c744cba0285ce33dff5ac45774829699de6d725a9b6db6e7d03ad4ec9d075c386e68ca0bcd9e9911d741ed0168cbddb87a7918a964d206629da4e887277b0ef7d3f9c7082f3f15f29a0dfb39f3b0877a5ec3ac4343e0d808f5aee8f1869923aab6dfc1016821c013109f34aece6183994b853d0e9561375c02cdd26b1b55194757341929a8038864cedd6b5a3b8b51ade44637044c4ebddb190f173969a0ca4cf5d42153763a0b91da0110ae7a25204850927d81b00176d4568a3d444d8029bd010df784e3f673fe855601ec4f1b26b2df58841e6a65f0db66373f63cc14a8b07dfc52ac9957eb542d05ed687c79519609de96df18b63cb294b534ddf7d2e8f41bcc1e5a006191c4db057b6709f0a96f18e02000000be2a19c015b9c4b0b3f42e4de366b71f8da8888809473c3c7a02a1158e375f29997a43bc7118ca4d1abb8f8f21972fc589aaa3d73a4d40a1e1705e169ac6e56cff50d89fc45b6863c8fc67bb2b5939a7f33072539ba4c24077be5711ba368bf7efd4897931531d388eb5c2e56bef337777150dd59518652145c9594e110e41d2615196c6b197916c88cc2814e13a3a922b4ecb044bf31cc90e0bfe0ce07de29188bbcb0ec1a12b509f52582fbb948c3cbe0c6964f46991cec0704bfac08aec6ad8ddfc36dc68c7f547c5ee6af4a8d55c79e3dc1c49b045379811f81e9a185a92cd37ae4ee32c5d3c82d36d6202a6c84fd231fe467071d42072827fd77afa5d757e6f37247f783ef09bdfd7536b666e84bc4bb878005b7829293a04ba090272dec844f4ef0e934617c0851800c6b915ac6f3f03e4a6ab88e21c3f21f93b31d95ea3b9228e0031cb69795de5abd19c4cb4a0cf2984e53ca391cc66e33ee0d510151670331fa264753704fea5e400000f74890c49a74a47e0da13155c5470013d53dea0f05b5e088f1511c209f5be940232318af2757951d399e32eb862d915784713baa8ba93645caf04ba78fa3cf600ff92b9c5be58ad87438a340bac00a5ea9fb17e39478ba61fe36335e48d8c5a0b25f024cbd2ec7f217d0f260951da396dc13a2a74cd90df4b52db686e3b34d27cfa4cebd7bf59cbcfaf4007dc943a1da6e0bd1799a21ab449d7bb42935e50c839c5b567c59742436af15bc8d46095520dcd9273ae2b6f3c1cc2b4311ac9e5d297f0940b1552c5955adb302022022bb7457978998b56328629b7725dfbe3dedb37f37af0697a4471d1d6ff6bec633a38540adeba903f3eaaec5785fbb3c6a598f49dbd9ff93c67dea1ef39a614331b119fa8efccc8bac01595fb95a2a57eec9fc6c6fe82782aa89ea971866fd9a3bca4010182092ab6d1e2b49b964be9e3bb13bd6b77850e435f55a5d46e5bcb3330c7edefd31c33f61275e51600"})
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000180), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000000)=0x1000)
ppoll(&(0x7f0000000040)=[{r6, 0x1660}], 0x1, 0x0, 0x0, 0x0)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r6, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x2, 0x4, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00'}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40))

11.396077272s ago: executing program 3 (id=3819):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x13c, 0x10, 0x713, 0xfffffffe, 0x25dfdbfc, {{@in=@multicast1, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0x2, 0x0, 0x20, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0x400fe, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @remote}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x10000, 0x0, 0x543}, {0x4, 0x7fffffffffffffff, 0x2000000000}, {0x2}, 0x70bd2c, 0x3500, 0x2, 0x4, 0x0, 0x50}, [@algo_aead={0x4c, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0x0, 0x40}}]}, 0x13c}, 0x1, 0x0, 0x0, 0x880}, 0x0) (fail_nth: 2)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(0xffffffffffffffff, 0x84, 0x7, 0x0, 0x0)
r6 = open(0x0, 0x6c143, 0x0)
setsockopt$inet_tcp_TLS_TX(r6, 0x6, 0x1, &(0x7f0000000380)=@ccm_128={{0x304}, "cd0f9bcdc8292bb9", "a884b8acbab5d8416c9479d9ec75f9c5", "09011ee8", "4284ef20778207a0"}, 0x28)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26}, 0x20)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000000dc0)=@newtaction={0x280, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfd, {}, [{0x26c, 0x1, [@m_tunnel_key={0x6c, 0x1, 0x0, 0x0, {{0xf}, {0x3c, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x204, 0x7, 0x10000000, 0x200000, 0x6}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @empty}, @TCA_TUNNEL_KEY_NO_CSUM={0x1, 0xa, 0x1}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_skbedit={0x94, 0xc, 0x0, 0x0, {{0xc}, {0x5c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x3, 0xe4e, 0x3, 0x4, 0x3}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xff}, @TCA_SKBEDIT_PRIORITY={0x8, 0x3, {0xfff1, 0xc}}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x7}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x4}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x8}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x100}]}, {0xf, 0x6, "1abf842170b99b2d385cd0"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x168, 0x2, 0x0, 0x0, {{0x8}, {0xb0, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x6, 0x7b84, 0xffffffffffffffff, 0x0, 0x4000}, 0x1}}, @TCA_IFE_METALST={0x2c, 0x6, [@IFE_META_PRIO={0x8, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x696}, @IFE_META_PRIO={0x8, 0x3, @val=0x6}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xa}, @IFE_META_SKBMARK={0x4, 0x1, @void}]}, @TCA_IFE_DMAC={0xa, 0x3, @remote}, @TCA_IFE_TYPE={0x6, 0x5, 0xc9}, @TCA_IFE_DMAC={0xa, 0x3, @random="8e626b6bfbf7"}, @TCA_IFE_PARMS={0x1c, 0x1, {{0xe, 0x100000, 0x4, 0x6, 0x3}}}, @TCA_IFE_SMAC={0xa}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0xd, 0x2, 0x1, 0x4}, 0x1}}]}, {0x92, 0x6, "0745eda98a44af97ae46a19127d038c5123f3cb17331ff9148552ed3e66c1ec3da02b7f8bf5c416577450e40e13f05636db4c6ad1b3b41745844ead184f6931b6094c2079d7cfc0e3261b4596fbfbc0d19da37719c7dae4fc8e453fa633c7fd941086e3a72eaace8b91ccace63675f74944e81a9c807e2e4fbfbfd06a5fa8083ba3da79908908e58145dc1ca9b47"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3, 0x7}}}}]}]}, 0x280}, 0x1, 0x0, 0x0, 0x20048840}, 0x1004)

10.464041547s ago: executing program 3 (id=3824):
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000500)={{0x2000, 0x1000, 0xf, 0x33, 0x7, 0x96, 0x0, 0x4, 0x60, 0x4, 0x3, 0x2}, {0x8080000, 0x3000, 0xf, 0x3, 0x3, 0x3, 0x9, 0xfe, 0xd, 0xe8, 0xfe, 0xf7}, {0x80a0000, 0x2000, 0xe, 0x3, 0x10, 0x8, 0x9, 0x8, 0x3, 0x79, 0x6, 0x4}, {0x8000000, 0x11018001, 0xa, 0x5, 0x2, 0x4, 0x2, 0x3, 0x0, 0x4, 0x7b, 0xdc}, {0xeeef0000, 0xdddd1000, 0xb, 0x3, 0x8, 0x4c, 0x1, 0xa, 0x3d, 0x1, 0x6, 0x20}, {0xeeef0000, 0xeeee8000, 0x3, 0xa, 0x4, 0xfb, 0x9, 0x5, 0x2, 0x5, 0x6, 0x80}, {0x2000, 0xd000, 0x4, 0x0, 0x1, 0xc, 0xb, 0x40, 0x4, 0x7, 0x1, 0xf}, {0xdddd1000, 0x8003000, 0xe, 0xd, 0x7f, 0x4, 0x6, 0x8, 0x9, 0x8, 0x81, 0xf9}, {0xffff1000, 0x9}, {0xd000, 0x1}, 0x4, 0x0, 0x4, 0x82028, 0xe, 0x400, 0x2000, [0x9, 0xdad, 0x101, 0x3]})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x2)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='debugfs\x00', 0x0, 0x0)
umount2(&(0x7f00000001c0)='./file0\x00', 0x5)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@d, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1234}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1, r1}, &(0x7f0000000300), &(0x7f0000000340)='%-010d \x00'}, 0x1c)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={r1, r1}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x19, 0x10, &(0x7f0000000480)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}]}, &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000540)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r3, r3}, &(0x7f0000000600), &(0x7f0000000640)=r2}, 0x1c)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=@raw=[@alu={0x7, 0x0, 0xc, 0x8, 0x4, 0x100}, @exit, @jmp={0x5, 0x1, 0x0, 0x2, 0x8, 0x8, 0xfffffffffffffff0}], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x3, 0xf, &(0x7f0000000900)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x3, 0x7, &(0x7f0000000a80)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r4}}]}, &(0x7f0000000ac0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x3, 0xc, &(0x7f0000000bc0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1234}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xa0)
r5 = socket$unix(0x1, 0x2, 0x0)
shutdown(r5, 0xb403dc3ee651df83)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$rds(0xffffffffffffffff, 0x0, 0x0)

8.709284536s ago: executing program 3 (id=3828):
select(0x40, &(0x7f0000000080)={0x768, 0x0, 0x2, 0x2, 0x8001, 0x2c, 0x1, 0xff}, &(0x7f0000000480)={0xa, 0x7fffffff, 0x5122, 0x7fffffffffffffff, 0x0, 0x2, 0x2, 0xfffffffffffffffc}, &(0x7f00000006c0)={0x3, 0x5, 0x10000, 0x7, 0x88cc, 0x2, 0x8000000000000000, 0x2}, &(0x7f0000000700)={0x77359400})
syz_emit_ethernet(0x38, &(0x7f00000004c0)={@remote, @remote, @val={@void, {0x8100, 0x1, 0x1}}, {@generic={0x8906, "eb257441dd54e8ce244289a850ded7fb01877b28d292a5bc3cf801bc4214ed54a552bb2048f7"}}}, 0x0)
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x101403, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r0, 0x81044d03, &(0x7f0000000000))

8.444243771s ago: executing program 3 (id=3829):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = syz_io_uring_setup(0x111, &(0x7f0000000140)={0x0, 0x334e, 0x800, 0x0, 0x312}, &(0x7f00000029c0)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x3})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="14"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r6, &(0x7f0000003c40)=[{{0x0, 0x0, 0x0}, 0x80000000}], 0x1, 0x60010002, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_FILES_UPDATE={0x14, 0x10, 0x0, 0x0, 0xfff, 0x0})
io_uring_enter(r1, 0x7277, 0x0, 0x28, 0x0, 0x0) (fail_nth: 2)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
creat(&(0x7f00000016c0)='./file0\x00', 0x40)

7.004846316s ago: executing program 1 (id=3833):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000300), 0x0, 0x0)
mmap$snddsp_control(&(0x7f0000000000/0x3000)=nil, 0x1000, 0x1, 0x11, r0, 0x82000000)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r0, 0x40044103, &(0x7f0000000040)=0xad59)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000000)=ANY=[@ANYRESDEC=0x0], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x64, r2, 0x300, 0x70bd2c, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_DEST={0x50, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0xa}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@private=0xa010102}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e24}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x6}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x2}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
r3 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="0d01000009000008250592d20700006a3b010902241700fa0074980904e4ff11070103000905010200ffe0000009058202"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000200)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

6.376588544s ago: executing program 0 (id=3834):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0xff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_int(r1, 0x0, 0x13, &(0x7f0000000040), 0x4)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3)
setresuid(0xee01, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
fremovexattr(r4, &(0x7f0000000040)=@random={'security.', '/dev/cpu/#/msr\x00'})
bind$bt_l2cap(r2, 0x0, 0x0)
r5 = socket(0x1, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a4"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r5}, 0x20)
bind$unix(r5, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000000d40)=[{{0x0, 0x4f, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0)

6.19211851s ago: executing program 3 (id=3837):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000036000/0x2000)=nil, &(0x7f0000594000/0x4000)=nil, &(0x7f0000f36000/0x2000)=nil, &(0x7f0000918000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000c12000/0x2000)=nil, &(0x7f000003f000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x30}, 0x68)
io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b0000000000000200"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x37, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x2000885)
r2 = socket(0x10, 0x3, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f0000000040)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_STATUS32(r3, 0x80585414, &(0x7f0000000080))
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x9, 0x7}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x4080)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newtfilter={0x30, 0x28, 0xd27, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r4, {0xfff3, 0x9}, {0x0, 0x9}, {0xffff, 0xb}}, [@filter_kind_options=@f_bpf={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x810}, 0x40408c4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000001c40)={0xc, 0x13, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000000000008500000017000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0xa)
r9 = dup(r8)
r10 = open(&(0x7f0000000040)='./file1\x00', 0x1850c2, 0x14c)
ftruncate(r10, 0x200004)
sendfile(r9, r10, 0x0, 0x80001d00c0d1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b800000500000000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1d, 0x4, 0x1, 0xbf22, 0x0, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x200002, 0x1}, 0x50)

4.560626916s ago: executing program 0 (id=3839):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x2)
mount(0x0, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000100)={0x0, 0x102, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9b0902, 0x8004, '\x00', @p_u8=0x0}})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4c050)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000fc02000000000000"], 0xfc}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000700)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getgroups(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0), 0x800000, &(0x7f0000000800)=ANY=[@ANYBLOB="6769643da80e81bffe00da09566dbab3ba867526bd84fefecb57", @ANYBLOB=',gi', @ANYRESHEX, @ANYRESHEX, @ANYBLOB=',mode=00000000000000000000006,mask=MAY_W'])
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)

4.371892581s ago: executing program 5 (id=3840):
syz_open_procfs$pagemap(0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
connect$unix(r0, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
prlimit64(0x0, 0xe, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x3, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000080)={0x0, 0x8, 0x1, {0x2, @pix={0x204, 0x8, 0x71070474, 0x3, 0x20829, 0x4, 0x4, 0x6, 0x1, 0x0, 0x1, 0x3}}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x2000}, 0x2c004)
r2 = socket(0x10, 0x3, 0x2)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000140)={0x6}, 0x10)
openat$zero(0xffffffffffffff9c, &(0x7f00000001c0), 0xc100, 0x0)
write(r2, &(0x7f0000000000)="1c0000001a005f0214f9f407000904001f000000ff02000200000000", 0x1c)
r3 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0x80c42, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x74}, 0x1, 0x0, 0x0, 0x4008081}, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
read$dsp(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
io_setup(0x8, &(0x7f0000004200)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f00000005c0)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x100, r4, 0x0}])

4.343797347s ago: executing program 0 (id=3841):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0xb, 0x7, 0x2, {0x5, @pix={0xffa2, 0x4, 0x33524742, 0x2, 0x3, 0x1, 0x4, 0x2}}})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={0x0, 0xb0}}, 0x0)
ioctl$sock_SIOCETHTOOL(r3, 0x8946, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f000001aa40)=""/102400, 0x19000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000f40)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$sock(r7, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001380)=[{&(0x7f0000001000)='z', 0x101d0}], 0x1}, 0x0)
r9 = syz_open_dev$video(&(0x7f0000000040), 0x8, 0x0)
ioctl$VIDIOC_S_SELECTION(r9, 0xc040565f, &(0x7f0000000940)={0xa, 0x100, 0x1, {0x3, 0xffffffff, 0x403}})
close(0x3)
recvmsg(r8, &(0x7f0000000cc0)={0x0, 0x0, 0x0}, 0x0)
fsopen(&(0x7f00000000c0)='virtiofs\x00', 0x0)
ioctl$BLKRAGET(r1, 0x1263, &(0x7f0000000480))
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000ac0141070016dfd53bd9482e9c8b000000000000000a20000000000a010100000000000000000100fffe0900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000044000000060a010400000000000000000100000008000b40000000001800048014000180090001007866726d00000000040002"], 0xb8}, 0x1, 0x0, 0x0, 0x20040084}, 0x4000040)
recvmsg(r5, &(0x7f0000000440)={&(0x7f0000000200)=@nfc, 0x80, &(0x7f0000000180)=[{&(0x7f0000000840)=""/78, 0x4e}, {&(0x7f0000000340)=""/225, 0xe1}, {&(0x7f0000000580)=""/155, 0x9b}], 0x3, &(0x7f0000000680)=""/174, 0xae}, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f00000000c0))
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r10, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000940)={0x30, 0x3, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_TUPLE_ORIG={0x10, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x1}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_ORIG_FLAGS={0x8, 0x1, 0x8}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x8010}, 0x20008000)
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@userptr={0x8, 0x8, 0x4, 0x100, 0x1000, {}, {0x8, 0x0, 0x2, 0xd, 0x9, 0x1, "e046d2ef"}, 0xf, 0x2, {&(0x7f0000000800)}, 0x4})
socket$nl_netfilter(0x10, 0x3, 0xc)

4.089201399s ago: executing program 5 (id=3842):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002000)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x4000000)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x103, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x16}}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

3.82397598s ago: executing program 1 (id=3843):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000140)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)={0x44, r2, 0x1, 0x70bd28, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r3}, @val={0xc, 0x99, {0x7ff, 0x78}}}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'syzkaller0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x44}, 0x1, 0x0, 0x0, 0x91}, 0x24044884) (fail_nth: 1)

3.721861046s ago: executing program 5 (id=3844):
mkdir(&(0x7f0000000040)='./file0\x00', 0x5) (async)
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10) (async)
sendmsg$rds(r0, &(0x7f0000000000)={&(0x7f00000002c0)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@cswp={0x58, 0x114, 0x7, {{0x1, 0x3}, &(0x7f0000000140)=0x4, 0x0, 0x2, 0x3ff, 0x7, 0x8000000000000000, 0x8, 0x2}}, @mask_fadd={0x58, 0x114, 0x8, {{0xfffffff4, 0x5}, 0x0, 0x0, 0x1c4f, 0x5, 0x8, 0x8, 0x13}}], 0xb0}, 0x0) (async)
r1 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
syz_open_dev$rtc(&(0x7f0000000380), 0x0, 0x8400)
sendmsg$NL80211_CMD_DEAUTHENTICATE(r1, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000300)={&(0x7f0000000200)={0xa0, r2, 0x8, 0x70bd26, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x0, 0x2c}}}}, [@NL80211_ATTR_MAC={0xa, 0x6, @random="7c56cd43f3b9"}, @NL80211_ATTR_IE={0xc, 0x2a, [@gcr_ga={0xbd, 0x6}]}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x8}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}, @NL80211_ATTR_LOCAL_STATE_CHANGE={0x4}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac=@broadcast}, @NL80211_ATTR_SSID={0x23, 0x34, @random="0da80362a38556791c6e224d1ce1895417c92dc9703041149ca2a9837259d1"}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0x1}, @NL80211_ATTR_SSID={0xc, 0x34, @random="1a9b4e28cad1d687"}, @NL80211_ATTR_SSID={0xa, 0x34, @default_ibss_ssid}]}, 0xa0}, 0x1, 0x0, 0x0, 0x90}, 0x24000000)

3.676251391s ago: executing program 2 (id=3803):
setresuid(0x0, 0xee00, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x60000080)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x8b, 0x61, 0xfb, 0x10, 0xac8, 0xc301, 0xf37b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x9, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x30, 0x3, 0x0, 0xf5, 0xee, 0xdd, 0x2}}]}}]}}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r2, &(0x7f00000005c0)={0x14, 0x0, &(0x7f0000000580)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)

3.455238711s ago: executing program 5 (id=3845):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
setsockopt$RXRPC_SECURITY_KEY(r0, 0x110, 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0xff)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_int(r1, 0x0, 0x13, &(0x7f0000000040), 0x4)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x3)
setresuid(0xee01, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1}, 0x20, 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
fremovexattr(r4, &(0x7f0000000040)=@random={'security.', '/dev/cpu/#/msr\x00'})
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000080)={0x1f, 0x2, @none}, 0xe)
bind$bt_l2cap(r2, 0x0, 0x0)
r5 = socket(0x1, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f670600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1b172191d359645fae2d074ea5724ab77ea04fe507938b1213cdd4a92860e59808689382734d24b3123dd40c6d612c8a19948cd257748b1e7324adddbe61d51013f7d6b313c6df7b7b29678d70fc94dcc3e99e2472e78968ed94e7a54988656e8fff6b1d9b9993c71edd5cc10a2bea8d94d751b77fa7c48c712af35a9ffe670e8fa451942f48741119496bc30137e1202aed6bb5cd5c2d0256d049e4a335e2ea5545e5624be2391c37c0a2ae3bbb5b58778b85424bcdb84358359b2cb2782fc0e82f17b12d641ce6a72ab0ac794f878140897703bebe4420115d26675f27598841965fa9108"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)=ANY=[@ANYRES32=r6, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r6, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r5}, 0x20)
bind$unix(r5, &(0x7f00000001c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000001680)=[{{&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}], 0x1, 0x0)
recvmmsg(r5, &(0x7f0000000d40)=[{{0x0, 0x4f, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000500)=""/65, 0x41}], 0x1}}], 0x2, 0x0, 0x0)

3.191934584s ago: executing program 1 (id=3846):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001040)=[{{&(0x7f0000000540)=@pppoe={0x18, 0x0, {0x0, @link_local}}, 0x80, &(0x7f0000000740), 0x0, &(0x7f0000000780)=""/99, 0x63}, 0xc09}, {{&(0x7f0000000800)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000000f40), 0x0, &(0x7f0000001000)=""/58, 0x3a}, 0x8001}], 0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$dri(0x0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f0000000080)={0x98f, 0x2, 0x1, 0x7f}, &(0x7f00000000c0)=0x10)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000000c0)={0x2, 0x4e23, @private=0xa010100}, 0x10, &(0x7f0000000180)=[{&(0x7f00000002c0)="6a754ff09d24710d7af5843e0127d16c2613447622adf56725710ecb240ce0d51b53f17548a2afbae4fda4d8518010fab691ebe758dd957618b325d3a71ed21c8ee821b77b472408404951385a45672c9dbe01513244bb71f44e33a1f07056d0ecccaaf7c392f1dd5f9c8a7f2863d16fa22f8a059ffaa9fd63429d6f1af4a02d59f81228a4dad43e83a1982300db2ac4ce8c3cd058adf10056ebd728e6e56d6b9641c546caf766746e2eb3625b084116e0b44baa4f79f173c35fc0daf822052b0fb220db35d090e860133bf273bef52a814576272158", 0xd6}], 0x1, &(0x7f00000001c0)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x10001}}, @ip_ttl={{0x14, 0x0, 0x2, 0x2}}], 0x30}, 0x840)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x5)
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

3.104900538s ago: executing program 0 (id=3847):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000004c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

3.000968935s ago: executing program 3 (id=3848):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
bind$packet(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000280)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xfffffffffffffffe, 0x80}, 0x0)
syz_pidfd_open(0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x20)
preadv(r3, &(0x7f0000001b00), 0x0, 0x2, 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0xcc, 0xbe, 0xf2, 0x20, 0x4eb, 0xe004, 0x5871, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x90, 0x0, [{{0x9, 0x4, 0x31, 0x7, 0x0, 0xe0, 0xa9, 0x18, 0xfd}}]}}]}}, 0x0)
read$FUSE(r3, 0x0, 0x0)
ioctl$BTRFS_IOC_ADD_DEV(r0, 0xff08, 0x0)
r4 = gettid()
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000180), 0x40e02, 0x0)
write$rfkill(r5, &(0x7f0000000300)={0x0, 0x2, 0x3, 0x1, 0x1}, 0x8)
setsockopt$RXRPC_SECURITY_KEY(0xffffffffffffffff, 0x110, 0x1, &(0x7f0000000000)='\x00', 0x1)
write$rfkill(r5, &(0x7f0000000340)={0x53, 0x8, 0x0, 0x1, 0xcc}, 0x8)
timer_create(0x0, &(0x7f0000000040)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x10, 0x800, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYRESOCT], 0x1c}}, 0x0)
sendmmsg$alg(r7, 0x0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="200000001100010027bd7000fddbdf2500000000", @ANYRES32=r8, @ANYBLOB="4ed5c8e1"], 0x20}, 0x1, 0x0, 0x0, 0x40}, 0x80)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002b715f08e11d02c1894d0000000109021200010000006c0904"], 0x0)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r9, 0x84, 0x12, &(0x7f0000000180)=0x72f5, 0x4)

2.99045094s ago: executing program 0 (id=3849):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r1, 0x0, 0x3, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
timerfd_create(0x0, 0x0)
r6 = openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r7 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_QUERYCTRL(r7, 0xc0445624, &(0x7f0000000000)={0x8000004, 0x6, "e22e845e3ede57135adc514d00000000001af2bb6b1543835f00", 0x0, 0x4, 0x8000, 0x9, 0x10})
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f0000000040)={0x3, 0x5, 0x3})
ioctl$VIDIOC_QUERYCAP(r5, 0x80685600, &(0x7f0000000180))
ioctl$VIDIOC_ENUMAUDIO(r6, 0xc0345641, 0x0)
syz_open_dev$vbi(&(0x7f0000000280), 0x0, 0x2)

2.65254839s ago: executing program 2 (id=3850):
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x2)
mount(0x0, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x4, 0x80100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(0xffffffffffffffff, 0xc0205648, &(0x7f0000000100)={0x0, 0x102, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x9b0902, 0x8004, '\x00', @p_u8=0x0}})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4c050)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc00000019000100000000000000000020010000000000000000000000000000fc02000000000000"], 0xfc}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x3, 0x3, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x8}}, &(0x7f0000000700)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
getgroups(0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000280)='./file1\x00', &(0x7f00000002c0), 0x800000, &(0x7f0000000800)=ANY=[@ANYBLOB="6769643da80e81bffe00da09566dbab3ba867526bd84fefecb57", @ANYBLOB=',gi', @ANYRESHEX, @ANYRESHEX, @ANYBLOB=',mode=00000000000000000000006,mask=MAY_W'])
ioctl$NBD_CLEAR_SOCK(r0, 0xab04)

2.579551711s ago: executing program 5 (id=3851):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x5, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000b00)={0xff, "810a3e6466ebc96a44e1c6af948e8f1c87fe0c97a067f6ab17a49158d8754880045e66c4f1eb5dc084fce79d297bfa39c1123c09ab79b4c605693601d0dc438c6874e31639d475b5b6cff30a9dbb7a0205ac12dea5f21fbcba82f4defc30fc3e267078af3fbe9c63b5a56d8c27d0118691ad55c90713e73dd14136e0c8715fc5387e90f4428a8128662472568e1c89270c12c978bbb93840e5111d7bcd50ab0831ba7fa54fb21dabf3a0abd862532603cd0216f2451ca3c1265b2e1b98c1cc78e267cf433dfce69c376a6c145019978bc117cfbf9b3b038f361e9a040bbac372645fd9eebdfc498db8c96325415cb89e535a3f05a443c1090731d1a4334a220a8fc31c8af26d3ca63674f6a20cff739de05badf4c6bd984388a9e92aa20030a06efeea1f54adda95256359ab4dd8a838aadd49ef36e448f1b3e95da38e29c3d4925e0b2697d727f2c4a716bcbc77d97bc4406103b1122bbb911e7ad1596f093c05b96e7a255953dba05afe9cb6d159d99010ab0291414146cfdab4b0a9c02609969adb986b437b8591275b3c3f5330e53736a3b8d4cfcf2206f5b72c895da822dc249d1371da996540ba64e272fbdcde1652be8eba8885aeea6ff82b9420ac81f5c706342b86fecb1838bff2d8c0ec226ca3988919237f377e7f1b87f9d02c0099cfa5db0c9a32b9848de87d29d67394fea65a8cb5c0be66a19ea0448b585bdd"})

2.500810701s ago: executing program 2 (id=3852):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c000000100005ff04000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32=r2], 0x3c}}, 0x0) (fail_nth: 2)

1.975946265s ago: executing program 0 (id=3853):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x8000)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x1261, &(0x7f00000002c0)={r5, 0x4000, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x800)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000005200210900000000001cd2001c"], 0x14}}, 0x0)
syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @loopback, @mcast2}}}}}}, 0x0)

1.760371653s ago: executing program 2 (id=3854):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, 0x0, 0x8000)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x103}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r1, 0x1261, &(0x7f00000002c0)={r5, 0x4000, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCOUTQ(0xffffffffffffffff, 0x5411, &(0x7f0000000000))
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x800)
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000005200210900000000001cd2001c"], 0x14}}, 0x0)
syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x28, 0x3a, 0xff, @dev, @local, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @loopback, @mcast2}}}}}}, 0x0)

1.520902739s ago: executing program 1 (id=3855):
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)
add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d2", 0x1, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000180)=0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000034000)=""/102392, 0x18ff8)
socket(0x10, 0x803, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = socket$inet(0x2, 0x6, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r4 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r4, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)

442.384155ms ago: executing program 1 (id=3856):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000140)={0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100000000000000560000000000000066ba2000b0e2ee", @ANYRES8=r0], 0x6e})
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000300), 0x40100001, 0x189002)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r5], 0x1, 0x80000})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x4, 0x3, 0x0, 0x3, 0x58, 0x9e, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x8000000000000035, 0xfff, 0x0, 0x40180, 0x5, 0x14, 0xf2, 0x3, 0x7fffffffffffe, 0x5, 0x5, 0xc6bd, 0x566, 0x45, 0x5, 0xbdb], 0x1, 0x1c4213})
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

177.961784ms ago: executing program 2 (id=3857):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, 0x0, 0x8)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4, 0x6, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
write(r0, &(0x7f00000000c0)="8f2a0a65bd8c3a2b0304000e0580a7b6070d63e286a5cefe", 0x5ac)

124.332045ms ago: executing program 2 (id=3858):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = gettid()
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={0x48, 0x2, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x1}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x48}}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
splice(r4, 0x0, r1, 0x0, 0x3, 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
timerfd_create(0x0, 0x0)
r6 = openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r7 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_QUERYCTRL(r7, 0xc0445624, &(0x7f0000000000)={0x8000004, 0x6, "e22e845e3ede57135adc514d00000000001af2bb6b1543835f00", 0x0, 0x4, 0x8000, 0x9, 0x10})
ioctl$VIDIOC_S_FREQUENCY(r6, 0x402c5639, &(0x7f0000000040)={0x3, 0x5, 0x3})
ioctl$VIDIOC_QUERYCAP(r5, 0x80685600, &(0x7f0000000180))
ioctl$VIDIOC_ENUMAUDIO(r6, 0xc0345641, 0x0)
r8 = syz_open_dev$vbi(&(0x7f0000000280), 0x0, 0x2)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r8, 0xc0905664, &(0x7f00000002c0)={0x0, 0x0, '\x00', @raw_data=[0x24c32ef3, 0x0, 0x100, 0x186, 0x1, 0xc0b8, 0xda7, 0x3, 0x6, 0x1, 0x0, 0x9, 0x5, 0xfffffffe, 0x5, 0x0, 0xc, 0x2, 0x7, 0x8000, 0x1000, 0xfffffff9, 0x3, 0x800009, 0x96d, 0x2, 0x9, 0x3, 0x2, 0x8, 0x5, 0x4]})

88.34581ms ago: executing program 5 (id=3859):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=@base={0x1, 0x100005, 0x5, 0x7, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000340), &(0x7f0000000240), 0x20000402, r0}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000000c0)={r0, &(0x7f0000000340), &(0x7f0000000000)=""/27}, 0x20)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
r5 = dup(r4)
sendmsg$inet6(r4, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
sendmsg$nl_route_sched(r5, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000140)=@newtaction={0x14, 0x30, 0x1, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x2000c800}, 0x2400c800)
bind$inet(r3, 0x0, 0x0)
sendto$inet(r3, 0x0, 0x0, 0xb, 0x0, 0x3b)
fanotify_init(0x200, 0x0)
ioctl$sock_inet_SIOCGIFDSTADDR(r3, 0x8917, &(0x7f0000000000)={'erspan0\x00', {0x2, 0x0, @initdev}})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x1fffffffffe, 0xfffffffffffffffd, 0x80000001, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0xf4e0, 0x2}, 0x0, 0x0)

0s ago: executing program 1 (id=3860):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
r1 = mq_open(&(0x7f0000000180)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x1, 0x4})
mq_getsetattr(r1, &(0x7f0000000700)={0x800, 0x10, 0x9}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$int_in(r2, 0x5452, &(0x7f00000000c0)=0xfffffffffffffff8)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r4)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r6)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

kernel console output (not intermixed with test programs):

w USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  915.826455][  T978] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  915.997619][  T978] usb 3-1: config 0 descriptor??
[  916.012537][T17777] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  916.641251][  T978] usbhid 3-1:0.0: can't add hid device: -71
[  916.647931][  T978] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  916.698790][  T978] usb 3-1: USB disconnect, device number 127
[  917.402638][T17813] netlink: 'syz.3.3526': attribute type 1 has an invalid length.
[  917.452700][T17813] netlink: 224 bytes leftover after parsing attributes in process `syz.3.3526'.
[  917.479808][ T5922] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  917.642571][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  917.682002][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  917.773575][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  917.800792][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  917.894027][ T5922] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  917.914806][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.927084][ T5922] usb 3-1: config 0 descriptor??
[  917.935216][T17810] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  918.460602][ T5922] plantronics 0003:047F:FFFF.0026: reserved main item tag 0xd
[  918.578825][ T5922] plantronics 0003:047F:FFFF.0026: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  918.703904][ T5922] usb 3-1: USB disconnect, device number 2
[  919.981285][T17850] random: crng reseeded on system resumption
[  919.989514][   T30] audit: type=1400 audit(1756253194.946:1544): avc:  denied  { append } for  pid=17846 comm="syz.5.3535" name="snapshot" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[  920.045046][   T30] audit: type=1400 audit(1756253195.006:1545): avc:  denied  { firmware_load } for  pid=10203 comm="kworker/u8:25" path="/lib/firmware/regulatory.db.p7s" dev="sda1" ino=449 scontext=system_u:system_r:kernel_t tcontext=system_u:object_r:lib_t tclass=system permissive=1
[  920.387505][T17858] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3537'.
[  920.406562][T17858] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3537'.
[  920.427518][   T30] audit: type=1400 audit(1756253195.386:1546): avc:  denied  { read } for  pid=17860 comm="syz.5.3540" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  920.626045][T17866] pim6reg: entered allmulticast mode
[  920.633945][T17866] pim6reg: left allmulticast mode
[  920.731803][   T30] audit: type=1400 audit(1756253195.386:1547): avc:  denied  { ioctl } for  pid=17860 comm="syz.5.3540" path="socket:[52253]" dev="sockfs" ino=52253 ioctlcmd=0x89e1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  921.099863][   T30] audit: type=1400 audit(1756253195.446:1548): avc:  denied  { ioctl } for  pid=17860 comm="syz.5.3540" path="/dev/nullb0" dev="devtmpfs" ino=696 ioctlcmd=0x1269 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  921.149150][   T30] audit: type=1400 audit(1756253196.106:1549): avc:  denied  { getopt } for  pid=17874 comm="syz.1.3543" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  921.300812][ T5908] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[  921.532036][ T5908] usb 6-1: Using ep0 maxpacket: 16
[  921.840020][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  921.853281][ T5908] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  921.862573][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  921.897353][ T5908] usb 6-1: config 0 descriptor??
[  922.406600][ T5908] mcp2221 0003:04D8:00DD.0027: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  922.474917][   T30] audit: type=1326 audit(1756253197.276:1550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17886 comm="syz.2.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  923.024674][T17869] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  923.140146][T17869] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  923.176180][ T5908] usb 6-1: USB disconnect, device number 87
[  923.218135][   T30] audit: type=1326 audit(1756253197.276:1551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17886 comm="syz.2.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  923.241604][    C1] vkms_vblank_simulate: vblank timer overrun
[  923.335298][   T30] audit: type=1326 audit(1756253197.276:1552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17886 comm="syz.2.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  923.358774][    C1] vkms_vblank_simulate: vblank timer overrun
[  923.426012][T17901] FAULT_INJECTION: forcing a failure.
[  923.426012][T17901] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  923.452098][T17901] CPU: 0 UID: 0 PID: 17901 Comm: syz.2.3549 Not tainted syzkaller #0 PREEMPT(full) 
[  923.452120][T17901] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  923.452130][T17901] Call Trace:
[  923.452136][T17901]  <TASK>
[  923.452146][   T30] audit: type=1326 audit(1756253197.286:1553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17886 comm="syz.2.3546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  923.452143][T17901]  dump_stack_lvl+0x16c/0x1f0
[  923.452166][T17901]  should_fail_ex+0x512/0x640
[  923.452189][T17901]  _copy_from_user+0x2e/0xd0
[  923.452210][T17901]  __sys_bpf+0x21d/0x4de0
[  923.452234][T17901]  ? __pfx___sys_bpf+0x10/0x10
[  923.452255][T17901]  ? ksys_write+0x190/0x250
[  923.452276][T17901]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  923.452307][T17901]  ? fput+0x9b/0xd0
[  923.452327][T17901]  ? ksys_write+0x1ac/0x250
[  923.452343][T17901]  ? __pfx_ksys_write+0x10/0x10
[  923.452363][T17901]  __x64_sys_bpf+0x78/0xc0
[  923.452383][T17901]  ? lockdep_hardirqs_on+0x7c/0x110
[  923.452404][T17901]  do_syscall_64+0xcd/0x4c0
[  923.452423][T17901]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  923.452439][T17901] RIP: 0033:0x7f53cd18ebe9
[  923.452452][T17901] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  923.452466][T17901] RSP: 002b:00007f53cdf8d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  923.452481][T17901] RAX: ffffffffffffffda RBX: 00007f53cd3b6090 RCX: 00007f53cd18ebe9
[  923.452492][T17901] RDX: 0000000000000038 RSI: 00002000000001c0 RDI: 000000000000001a
[  923.452502][T17901] RBP: 00007f53cdf8d090 R08: 0000000000000000 R09: 0000000000000000
[  923.452511][T17901] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  923.452521][T17901] R13: 00007f53cd3b6128 R14: 00007f53cd3b6090 R15: 00007fffa192f638
[  923.452542][T17901]  </TASK>
[  923.591373][    C1] vkms_vblank_simulate: vblank timer overrun
[  924.070785][T17915] FAULT_INJECTION: forcing a failure.
[  924.070785][T17915] name failslab, interval 1, probability 0, space 0, times 0
[  924.083457][T17915] CPU: 0 UID: 0 PID: 17915 Comm: syz.0.3548 Not tainted syzkaller #0 PREEMPT(full) 
[  924.083472][T17915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  924.083479][T17915] Call Trace:
[  924.083483][T17915]  <TASK>
[  924.083487][T17915]  dump_stack_lvl+0x16c/0x1f0
[  924.083503][T17915]  should_fail_ex+0x512/0x640
[  924.083517][T17915]  ? fs_reclaim_acquire+0xae/0x150
[  924.083534][T17915]  should_failslab+0xc2/0x120
[  924.083547][T17915]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  924.083560][T17915]  ? security_inode_alloc+0x3b/0x2b0
[  924.083577][T17915]  security_inode_alloc+0x3b/0x2b0
[  924.083592][T17915]  inode_init_always_gfp+0xce4/0x1030
[  924.083607][T17915]  alloc_inode+0x86/0x240
[  924.083624][T17915]  sock_alloc+0x40/0x280
[  924.083639][T17915]  do_accept+0xf7/0x530
[  924.083656][T17915]  ? do_raw_spin_lock+0x12c/0x2b0
[  924.083669][T17915]  ? __pfx_do_accept+0x10/0x10
[  924.083695][T17915]  __sys_accept4+0x100/0x1c0
[  924.083712][T17915]  ? __pfx___sys_accept4+0x10/0x10
[  924.083730][T17915]  ? __pfx_ksys_write+0x10/0x10
[  924.083745][T17915]  __x64_sys_accept4+0x96/0x100
[  924.083762][T17915]  ? lockdep_hardirqs_on+0x7c/0x110
[  924.083774][T17915]  do_syscall_64+0xcd/0x4c0
[  924.083788][T17915]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  924.083800][T17915] RIP: 0033:0x7ffa01d8ebe9
[  924.083810][T17915] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  924.083821][T17915] RSP: 002b:00007ffa02c99038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  924.083832][T17915] RAX: ffffffffffffffda RBX: 00007ffa01fb6180 RCX: 00007ffa01d8ebe9
[  924.083839][T17915] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000007
[  924.083846][T17915] RBP: 00007ffa02c99090 R08: 0000000000000000 R09: 0000000000000000
[  924.083853][T17915] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000001
[  924.083859][T17915] R13: 00007ffa01fb6218 R14: 00007ffa01fb6180 R15: 00007ffcd07dad88
[  924.083873][T17915]  </TASK>
[  925.943298][T17938] FAULT_INJECTION: forcing a failure.
[  925.943298][T17938] name failslab, interval 1, probability 0, space 0, times 0
[  926.180584][T17938] CPU: 0 UID: 0 PID: 17938 Comm: syz.1.3560 Not tainted syzkaller #0 PREEMPT(full) 
[  926.180609][T17938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  926.180619][T17938] Call Trace:
[  926.180625][T17938]  <TASK>
[  926.180632][T17938]  dump_stack_lvl+0x16c/0x1f0
[  926.180657][T17938]  should_fail_ex+0x512/0x640
[  926.180677][T17938]  ? kmem_cache_alloc_noprof+0x5a/0x3b0
[  926.180700][T17938]  should_failslab+0xc2/0x120
[  926.180719][T17938]  kmem_cache_alloc_noprof+0x6d/0x3b0
[  926.180731][T17938]  ? getname_flags.part.0+0x4c/0x550
[  926.180750][T17938]  getname_flags.part.0+0x4c/0x550
[  926.180769][T17938]  getname_flags+0x93/0xf0
[  926.180781][T17938]  do_sys_openat2+0xb8/0x1d0
[  926.180796][T17938]  ? __pfx_do_sys_openat2+0x10/0x10
[  926.180814][T17938]  ? __fget_files+0x20e/0x3c0
[  926.180829][T17938]  __x64_sys_openat+0x174/0x210
[  926.180845][T17938]  ? __pfx___x64_sys_openat+0x10/0x10
[  926.180860][T17938]  ? ksys_write+0x1ac/0x250
[  926.180876][T17938]  do_syscall_64+0xcd/0x4c0
[  926.180890][T17938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.180902][T17938] RIP: 0033:0x7f6fcad8d550
[  926.180911][T17938] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[  926.180922][T17938] RSP: 002b:00007f6fcbcccb70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  926.180933][T17938] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6fcad8d550
[  926.180941][T17938] RDX: 0000000000000000 RSI: 00007f6fcbcccc10 RDI: 00000000ffffff9c
[  926.180947][T17938] RBP: 00007f6fcbcccc10 R08: 0000000000000000 R09: 0000000000000000
[  926.180954][T17938] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[  926.180964][T17938] R13: 00007f6fcafb6038 R14: 00007f6fcafb5fa0 R15: 00007fff7a3d3158
[  926.180978][T17938]  </TASK>
[  926.999291][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  926.999307][   T30] audit: type=1326 audit(1756253201.956:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008300][   T30] audit: type=1326 audit(1756253201.956:1572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008346][   T30] audit: type=1326 audit(1756253201.956:1573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008390][   T30] audit: type=1326 audit(1756253201.956:1574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008428][   T30] audit: type=1326 audit(1756253201.956:1575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008465][   T30] audit: type=1326 audit(1756253201.956:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008504][   T30] audit: type=1326 audit(1756253201.956:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008542][   T30] audit: type=1326 audit(1756253201.956:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f640e58d550 code=0x7ffc0000
[  927.008579][   T30] audit: type=1326 audit(1756253201.956:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.008617][   T30] audit: type=1326 audit(1756253201.956:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=17916 comm="syz.5.3557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f640e58ebe9 code=0x7ffc0000
[  927.025901][T17948] syz_tun: entered allmulticast mode
[  927.042170][T17948] syz_tun: left allmulticast mode
[  927.529364][   T77] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[  927.741298][   T77] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  927.741324][   T77] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  927.741347][   T77] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  927.741362][   T77] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  927.741384][   T77] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  927.741396][   T77] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  927.743394][   T77] usb 1-1: config 0 descriptor??
[  927.743852][T17952] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  928.395168][   T77] usbhid 1-1:0.0: can't add hid device: -71
[  928.401146][   T77] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  928.420513][   T77] usb 1-1: USB disconnect, device number 100
[  928.774793][T17975] mac80211_hwsim hwsim22 wlan0: entered promiscuous mode
[  928.785482][T17975] macvtap1: entered allmulticast mode
[  928.797770][T17979] FAULT_INJECTION: forcing a failure.
[  928.797770][T17979] name failslab, interval 1, probability 0, space 0, times 0
[  928.831173][T17979] CPU: 1 UID: 0 PID: 17979 Comm: syz.1.3572 Not tainted syzkaller #0 PREEMPT(full) 
[  928.831195][T17979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  928.831206][T17979] Call Trace:
[  928.831213][T17979]  <TASK>
[  928.831220][T17979]  dump_stack_lvl+0x16c/0x1f0
[  928.831247][T17979]  should_fail_ex+0x512/0x640
[  928.831267][T17979]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  928.831290][T17979]  should_failslab+0xc2/0x120
[  928.831311][T17979]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  928.831329][T17979]  ? __alloc_skb+0x2b2/0x380
[  928.831350][T17979]  __alloc_skb+0x2b2/0x380
[  928.831369][T17979]  ? __pfx___alloc_skb+0x10/0x10
[  928.831389][T17979]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  928.831414][T17979]  netlink_alloc_large_skb+0x69/0x130
[  928.831437][T17979]  netlink_sendmsg+0x6a1/0xdd0
[  928.831462][T17979]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.831493][T17979]  ____sys_sendmsg+0xa98/0xc70
[  928.831518][T17979]  ? copy_msghdr_from_user+0x10a/0x160
[  928.831538][T17979]  ? __pfx_____sys_sendmsg+0x10/0x10
[  928.831573][T17979]  ___sys_sendmsg+0x134/0x1d0
[  928.831594][T17979]  ? __pfx____sys_sendmsg+0x10/0x10
[  928.831645][T17979]  __sys_sendmsg+0x16d/0x220
[  928.831664][T17979]  ? __pfx___sys_sendmsg+0x10/0x10
[  928.831699][T17979]  do_syscall_64+0xcd/0x4c0
[  928.831721][T17979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.831740][T17979] RIP: 0033:0x7f6fcad8ebe9
[  928.831755][T17979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.831772][T17979] RSP: 002b:00007f6fcbccd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  928.831789][T17979] RAX: ffffffffffffffda RBX: 00007f6fcafb5fa0 RCX: 00007f6fcad8ebe9
[  928.831802][T17979] RDX: 0000000004008040 RSI: 00002000000002c0 RDI: 0000000000000003
[  928.831812][T17979] RBP: 00007f6fcbccd090 R08: 0000000000000000 R09: 0000000000000000
[  928.831822][T17979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  928.831831][T17979] R13: 00007f6fcafb6038 R14: 00007f6fcafb5fa0 R15: 00007fff7a3d3158
[  928.831856][T17979]  </TASK>
[  928.910224][T17975] mac80211_hwsim hwsim22 wlan0: entered allmulticast mode
[  928.910655][    C1] vkms_vblank_simulate: vblank timer overrun
[  929.059274][    C1] vkms_vblank_simulate: vblank timer overrun
[  929.319704][T17975] mac80211_hwsim hwsim22 wlan0: left allmulticast mode
[  929.319815][T17975] mac80211_hwsim hwsim22 wlan0: left promiscuous mode
[  929.679621][T17990] mac80211_hwsim hwsim20 wlan0: entered promiscuous mode
[  929.692367][T17990] macvtap1: entered allmulticast mode
[  929.697821][T17990] mac80211_hwsim hwsim20 wlan0: entered allmulticast mode
[  929.788103][T17990] mac80211_hwsim hwsim20 wlan0: left allmulticast mode
[  929.959839][T17990] mac80211_hwsim hwsim20 wlan0: left promiscuous mode
[  930.363660][T18000] kvm: user requested TSC rate below hardware speed
[  930.389576][T17995] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3519115396 (14076461584 ns) > initial count (10188694344 ns). Using initial count to start timer.
[  930.493940][T17999] FAULT_INJECTION: forcing a failure.
[  930.493940][T17999] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  930.507169][T17999] CPU: 1 UID: 0 PID: 17999 Comm: syz.3.3576 Not tainted syzkaller #0 PREEMPT(full) 
[  930.507191][T17999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  930.507202][T17999] Call Trace:
[  930.507209][T17999]  <TASK>
[  930.507216][T17999]  dump_stack_lvl+0x16c/0x1f0
[  930.507241][T17999]  should_fail_ex+0x512/0x640
[  930.507267][T17999]  _copy_to_user+0x32/0xd0
[  930.507292][T17999]  simple_read_from_buffer+0xcb/0x170
[  930.507318][T17999]  proc_fail_nth_read+0x197/0x240
[  930.507341][T17999]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  930.507365][T17999]  ? rw_verify_area+0xcf/0x6c0
[  930.507392][T17999]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  930.507415][T17999]  vfs_read+0x1e4/0xcf0
[  930.507436][T17999]  ? __pfx___mutex_lock+0x10/0x10
[  930.507458][T17999]  ? __pfx_vfs_read+0x10/0x10
[  930.507485][T17999]  ? __fget_files+0x20e/0x3c0
[  930.507516][T17999]  ksys_read+0x12a/0x250
[  930.507535][T17999]  ? __pfx_ksys_read+0x10/0x10
[  930.507562][T17999]  do_syscall_64+0xcd/0x4c0
[  930.507585][T17999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  930.507604][T17999] RIP: 0033:0x7f3f5538d5fc
[  930.507619][T17999] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  930.507636][T17999] RSP: 002b:00007f3f5620f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  930.507653][T17999] RAX: ffffffffffffffda RBX: 00007f3f555b6090 RCX: 00007f3f5538d5fc
[  930.507665][T17999] RDX: 000000000000000f RSI: 00007f3f5620f0a0 RDI: 0000000000000007
[  930.507676][T17999] RBP: 00007f3f5620f090 R08: 0000000000000000 R09: 0000000000000000
[  930.507687][T17999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  930.507697][T17999] R13: 00007f3f555b6128 R14: 00007f3f555b6090 R15: 00007fff532f08a8
[  930.507723][T17999]  </TASK>
[  930.687761][    C1] vkms_vblank_simulate: vblank timer overrun
[  930.698953][T17995] fuse: root generation should be zero
[  930.705502][T17995] [U] ³•¯1WT`8ºÁÍÇÚH$Ô0©·ÑÃÝ9\
[  930.710706][T17995] [U] ;2}U‚˜GVÏÄ¥ËÚ#ÈO9ÏÔÕ¥>-ƒÊß´ÜS…Ý¢šÕP
[  930.718210][T17995] [U] 4°×XZ^Yˆ±„™)�ÛÀ´´ÈMÕC°¼.ŒOÅÈžÛPšO¼­W
[  930.724487][T17995] [U] ‚ä%�Z
[  930.727828][T17995] [U] ¾8`Ñ}—[TÃÚJ#ZÏ~»Ž3µݥI~ÇD‚%8@7J÷ÝÍ|{9Dœ¤C¤ÏÜE+ÇOÆK?%§6
[  930.933270][T17993] [U] ®ÛP>BÐ�Ì–ÖZ%
[  931.034456][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  932.049893][   T77] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[  932.069769][    C1] raw-gadget.0 gadget.0: ignoring, device is not running
[  932.228186][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  932.228201][   T30] audit: type=1326 audit(1756253207.186:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  932.483064][   T77] usb 1-1: device descriptor read/64, error -32
[  933.199930][   T77] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[  933.200415][   T30] audit: type=1326 audit(1756253207.216:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  933.231082][    C0] vkms_vblank_simulate: vblank timer overrun
[  933.239859][   T30] audit: type=1326 audit(1756253207.216:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  933.263350][    C0] vkms_vblank_simulate: vblank timer overrun
[  933.318209][   T30] audit: type=1326 audit(1756253207.216:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  933.542460][T18053] lo: entered allmulticast mode
[  933.561654][   T30] audit: type=1326 audit(1756253207.216:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  933.729843][   T77] usb 1-1: Using ep0 maxpacket: 8
[  934.137591][   T77] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  934.173979][   T77] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  934.193013][   T30] audit: type=1326 audit(1756253207.216:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  934.227841][T18062] FAULT_INJECTION: forcing a failure.
[  934.227841][T18062] name failslab, interval 1, probability 0, space 0, times 0
[  934.243004][T18062] CPU: 0 UID: 0 PID: 18062 Comm: syz.1.3587 Not tainted syzkaller #0 PREEMPT(full) 
[  934.243028][T18062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  934.243035][T18062] Call Trace:
[  934.243040][T18062]  <TASK>
[  934.243045][T18062]  dump_stack_lvl+0x16c/0x1f0
[  934.243062][T18062]  should_fail_ex+0x512/0x640
[  934.243075][T18062]  ? fs_reclaim_acquire+0xae/0x150
[  934.243092][T18062]  ? tomoyo_encode2+0x100/0x3e0
[  934.243108][T18062]  should_failslab+0xc2/0x120
[  934.243122][T18062]  __kmalloc_noprof+0xd2/0x510
[  934.243133][T18062]  ? d_absolute_path+0x136/0x1a0
[  934.243152][T18062]  tomoyo_encode2+0x100/0x3e0
[  934.243170][T18062]  tomoyo_encode+0x29/0x50
[  934.243186][T18062]  tomoyo_realpath_from_path+0x18f/0x6e0
[  934.243207][T18062]  tomoyo_path_number_perm+0x245/0x580
[  934.243221][T18062]  ? tomoyo_path_number_perm+0x237/0x580
[  934.243236][T18062]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  934.243253][T18062]  ? find_held_lock+0x2b/0x80
[  934.243280][T18062]  ? find_held_lock+0x2b/0x80
[  934.243294][T18062]  ? hook_file_ioctl_common+0x145/0x410
[  934.243309][T18062]  ? __fget_files+0x20e/0x3c0
[  934.243325][T18062]  security_file_ioctl+0x9b/0x240
[  934.243341][T18062]  __x64_sys_ioctl+0xb7/0x210
[  934.243360][T18062]  do_syscall_64+0xcd/0x4c0
[  934.243373][T18062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  934.243385][T18062] RIP: 0033:0x7f6fcad8ebe9
[  934.243395][T18062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  934.243406][T18062] RSP: 002b:00007f6fcbcac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  934.243417][T18062] RAX: ffffffffffffffda RBX: 00007f6fcafb6090 RCX: 00007f6fcad8ebe9
[  934.243424][T18062] RDX: 0000200000000400 RSI: 000000004008af03 RDI: 0000000000000005
[  934.243431][T18062] RBP: 00007f6fcbcac090 R08: 0000000000000000 R09: 0000000000000000
[  934.243438][T18062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  934.243444][T18062] R13: 00007f6fcafb6128 R14: 00007f6fcafb6090 R15: 00007fff7a3d3158
[  934.243459][T18062]  </TASK>
[  934.243488][T18062] ERROR: Out of memory at tomoyo_realpath_from_path.
[  934.463608][T18052] lo: left allmulticast mode
[  934.597345][   T77] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  934.675059][   T77] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  934.711353][   T30] audit: type=1326 audit(1756253207.216:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  934.848058][   T77] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  934.865717][   T77] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  934.900936][   T30] audit: type=1326 audit(1756253207.216:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f53cd18d550 code=0x7ffc0000
[  934.949689][   T30] audit: type=1326 audit(1756253207.226:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  935.068100][   T30] audit: type=1326 audit(1756253207.226:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18015 comm="syz.2.3581" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  936.603026][   T77] usb 1-1: can't set config #16, error -71
[  936.627008][   T77] usb 1-1: USB disconnect, device number 102
[  937.759799][ T5922] usb 4-1: new full-speed USB device number 73 using dummy_hcd
[  937.830184][ T5908] usb 2-1: new high-speed USB device number 126 using dummy_hcd
[  937.912178][ T5922] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  937.926192][ T5922] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  937.948967][ T5922] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  937.962529][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  937.989982][ T5908] usb 2-1: Using ep0 maxpacket: 32
[  938.013338][ T5922] usb 4-1: config 0 descriptor??
[  938.103088][ T5908] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  938.113600][ T5908] usb 2-1: config 0 has no interface number 0
[  938.128075][ T5908] usb 2-1: config 0 interface 184 has no altsetting 0
[  938.139176][ T5908] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  938.152513][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  938.161821][ T5908] usb 2-1: Product: syz
[  938.170217][ T5908] usb 2-1: Manufacturer: syz
[  938.465451][ T5908] usb 2-1: SerialNumber: syz
[  938.484489][ T5908] usb 2-1: config 0 descriptor??
[  938.498510][ T5908] smsc75xx v1.0.0
[  939.219836][  T975] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  939.251490][ T5908] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  939.269665][ T5908] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  939.314227][ T5908] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  939.352607][ T5908] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  939.388559][ T5908] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  939.520171][ T5908] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32
[  939.660454][  T975] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  939.672247][ T5908] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -32
[  939.702410][  T975] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  939.729409][  T975] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  939.754622][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  939.807164][  T975] usb 3-1: config 0 descriptor??
[  939.830000][  T975] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  939.923574][T18125] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed
[  939.942802][T18125] netlink: 64 bytes leftover after parsing attributes in process `syz.0.3604'.
[  940.007184][T18129] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3606'.
[  940.701244][  T975] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[  940.759811][ T6014] usb 4-1: USB disconnect, device number 73
[  940.782195][T18142] netlink: 72 bytes leftover after parsing attributes in process `syz.3.3609'.
[  940.849790][  T975] usb 1-1: device descriptor read/64, error -71
[  940.885099][ T5908] usb 2-1: USB disconnect, device number 126
[  941.183184][  T975] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[  941.197003][T18146] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3610'.
[  941.229679][T18146] bpf: Bad value for 'gid'
[  941.539797][  T975] usb 1-1: device descriptor read/64, error -71
[  941.650051][  T975] usb usb1-port1: attempt power cycle
[  942.054907][  T975] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[  942.190511][  T975] usb 1-1: device descriptor read/8, error -71
[  942.204565][ T6014] usb 3-1: USB disconnect, device number 3
[  942.490142][  T975] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[  942.508557][T18166] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3615'.
[  942.789199][  T975] usb 1-1: device descriptor read/8, error -71
[  942.894351][T18173] libceph: resolve '½@½Ée2²âOAq§¨­cz' (ret=-3): failed
[  942.905247][T18173] netlink: 64 bytes leftover after parsing attributes in process `syz.3.3617'.
[  942.934070][  T975] usb usb1-port1: unable to enumerate USB device
[  943.444718][T18149] Bluetooth: hci0: command 0x0406 tx timeout
[  943.568606][T18178] netlink: 'syz.3.3619': attribute type 1 has an invalid length.
[  943.576509][T18178] netlink: 228 bytes leftover after parsing attributes in process `syz.3.3619'.
[  943.585820][T18178] NCSI netlink: No device for ifindex 0
[  943.909919][  T975] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  944.049788][    T9] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[  944.059801][  T975] usb 3-1: Using ep0 maxpacket: 32
[  944.069261][  T975] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  944.079375][  T975] usb 3-1: config 0 has no interface number 0
[  944.088081][  T975] usb 3-1: config 0 interface 184 has no altsetting 0
[  944.097847][  T975] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  944.109318][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  944.117357][  T975] usb 3-1: Product: syz
[  944.121690][  T975] usb 3-1: Manufacturer: syz
[  944.126303][  T975] usb 3-1: SerialNumber: syz
[  944.134896][  T975] usb 3-1: config 0 descriptor??
[  944.143318][  T975] smsc75xx v1.0.0
[  944.219866][    T9] usb 2-1: Using ep0 maxpacket: 32
[  944.226166][    T9] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  944.234394][    T9] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  944.245439][    T9] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  944.256566][    T9] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  944.270928][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  944.279333][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  944.288462][    T9] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  944.296933][    T9] usb 2-1: Product: syz
[  944.301143][    T9] usb 2-1: Manufacturer: syz
[  944.305757][    T9] usb 2-1: SerialNumber: syz
[  944.312971][    T9] usb 2-1: config 0 descriptor??
[  944.321299][    T9] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  944.331218][ T6014] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[  944.333700][    T9] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  944.499778][ T6014] usb 6-1: Using ep0 maxpacket: 32
[  944.506626][ T6014] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  944.514968][ T6014] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  944.528894][ T6014] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  944.540904][ T6014] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  944.566469][   T77] usb 2-1: USB disconnect, device number 127
[  944.572512][    C1] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  944.598794][ T6014] usb 6-1: config 0 interface 0 has no altsetting 0
[  944.610351][   T77] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  944.644134][ T6014] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  944.654949][ T6014] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  944.663526][ T6014] usb 6-1: Product: syz
[  944.669627][ T6014] usb 6-1: Manufacturer: syz
[  944.684469][ T6014] usb 6-1: SerialNumber: syz
[  944.721721][ T6014] usb 6-1: config 0 descriptor??
[  944.748465][ T6014] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  944.760177][  T975] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -61
[  944.780384][ T6014] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  944.781822][  T975] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  944.949486][T18189] FAULT_INJECTION: forcing a failure.
[  944.949486][T18189] name failslab, interval 1, probability 0, space 0, times 0
[  944.962255][T18189] CPU: 1 UID: 0 PID: 18189 Comm: syz.5.3622 Not tainted syzkaller #0 PREEMPT(full) 
[  944.962276][T18189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  944.962287][T18189] Call Trace:
[  944.962294][T18189]  <TASK>
[  944.962300][T18189]  dump_stack_lvl+0x116/0x1f0
[  944.962319][T18189]  should_fail_ex+0x512/0x640
[  944.962334][T18189]  ? raw_event_queue_add+0x84/0x220
[  944.962347][T18189]  should_failslab+0xc2/0x120
[  944.962361][T18189]  __kmalloc_noprof+0xd2/0x510
[  944.962384][T18189]  raw_event_queue_add+0x84/0x220
[  944.962407][T18189]  gadget_disconnect+0x5a/0x130
[  944.962429][T18189]  usb_gadget_disconnect_locked+0x20d/0x4e0
[  944.962450][T18189]  gadget_unbind_driver+0xd7/0x4e0
[  944.962467][T18189]  ? kernfs_remove_by_name_ns+0xbe/0x110
[  944.962484][T18189]  ? __pfx_gadget_unbind_driver+0x10/0x10
[  944.962500][T18189]  device_remove+0xc8/0x170
[  944.962512][T18189]  device_release_driver_internal+0x44b/0x620
[  944.962529][T18189]  driver_detach+0xd8/0x1b0
[  944.962543][T18189]  ? __pfx_raw_release+0x10/0x10
[  944.962560][T18189]  bus_remove_driver+0x13b/0x2c0
[  944.962580][T18189]  driver_unregister+0x76/0xb0
[  944.962603][T18189]  usb_gadget_unregister_driver+0x49/0x70
[  944.962629][T18189]  raw_release+0x1ae/0x2b0
[  944.962648][T18189]  __fput+0x402/0xb70
[  944.962674][T18189]  fput_close_sync+0x118/0x210
[  944.962690][T18189]  ? __pfx_fput_close_sync+0x10/0x10
[  944.962705][T18189]  ? dnotify_flush+0x79/0x4c0
[  944.962724][T18189]  __x64_sys_close+0x8b/0x120
[  944.962749][T18189]  do_syscall_64+0xcd/0x4c0
[  944.962773][T18189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.962790][T18189] RIP: 0033:0x7f640e58d84a
[  944.962804][T18189] Code: 48 3d 00 f0 ff ff 77 48 c3 0f 1f 80 00 00 00 00 48 83 ec 18 89 7c 24 0c e8 43 91 02 00 8b 7c 24 0c 89 c2 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 36 89 d7 89 44 24 0c e8 a3 91 02 00 8b 44 24
[  944.962820][T18189] RSP: 002b:00007f640f388ff0 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  944.962837][T18189] RAX: ffffffffffffffda RBX: 00007f640e7b5fa0 RCX: 00007f640e58d84a
[  944.962848][T18189] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  944.962854][T18189] RBP: 00007f640f389090 R08: 0000000000000000 R09: 0000000000000000
[  944.962866][T18189] R10: 0000000000000003 R11: 0000000000000293 R12: 0000000000000001
[  944.962873][T18189] R13: 00007f640e7b6038 R14: 00007f640e7b5fa0 R15: 00007ffcdfcf7508
[  944.962888][T18189]  </TASK>
[  945.202031][T18189] raw-gadget.2 gadget.5: failed to queue disconnect event
[  945.210149][ T6031] usb 6-1: USB disconnect, device number 88
[  945.210177][    C0] ldusb 6-1:0.0: usb_submit_urb failed (-19)
[  945.229715][  T975] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  945.241992][ T6031] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  945.271857][  T975] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  945.285424][  T975] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  945.297868][  T975] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32
[  945.313157][  T975] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -32
[  946.818138][  T975] usb 3-1: USB disconnect, device number 4
[  946.869407][T18220] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3630'.
[  947.391189][  T975] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  947.830939][  T975] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  947.856232][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  947.886175][  T975] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  947.897489][  T975] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  947.912260][  T975] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  947.979413][  T975] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  948.068400][  T975] usb 3-1: config 0 descriptor??
[  948.076166][T18221] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  948.301615][T18239] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3634'.
[  948.522551][T18240] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3635'.
[  948.561830][T18240] bond_slave_0: entered promiscuous mode
[  948.567773][T18240] bond_slave_1: entered promiscuous mode
[  948.602716][T18240] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  948.768328][  T975] plantronics 0003:047F:FFFF.0028: reserved main item tag 0xd
[  948.800431][  T975] plantronics 0003:047F:FFFF.0028: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  948.929343][T18250] netlink: 68 bytes leftover after parsing attributes in process `syz.3.3636'.
[  948.947612][T18250] bpf: Bad value for 'gid'
[  949.009486][T18249] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3637'.
[  949.135016][T18249] bpf: Bad value for 'gid'
[  949.158447][   T77] usb 3-1: USB disconnect, device number 5
[  949.334580][  T975] usb 6-1: new full-speed USB device number 89 using dummy_hcd
[  949.385114][T18260] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3641'.
[  949.400702][T18260] bpf: Bad value for 'gid'
[  949.631214][  T975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  949.643893][  T975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  949.718081][  T975] usb 6-1: New USB device found, idVendor=22d4, idProduct=1503, bcdDevice= 0.00
[  949.736211][  T975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  949.750026][  T975] usb 6-1: config 0 descriptor??
[  949.760821][T18255] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  950.109760][T18271] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3644'.
[  950.344504][  T975] glorious 0003:22D4:1503.0029: hidraw0: USB HID v0.00 Device [Glorious Model I] on usb-dummy_hcd.5-1/input0
[  950.417252][T18255] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  950.540196][T18255] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  950.630214][T18283] FAULT_INJECTION: forcing a failure.
[  950.630214][T18283] name failslab, interval 1, probability 0, space 0, times 0
[  950.654696][T18283] CPU: 0 UID: 0 PID: 18283 Comm: syz.0.3647 Not tainted syzkaller #0 PREEMPT(full) 
[  950.654720][T18283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  950.654730][T18283] Call Trace:
[  950.654737][T18283]  <TASK>
[  950.654745][T18283]  dump_stack_lvl+0x16c/0x1f0
[  950.654769][T18283]  should_fail_ex+0x512/0x640
[  950.654790][T18283]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  950.654810][T18283]  should_failslab+0xc2/0x120
[  950.654831][T18283]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  950.654848][T18283]  ? __alloc_skb+0x2b2/0x380
[  950.654869][T18283]  __alloc_skb+0x2b2/0x380
[  950.654885][T18283]  ? __pfx___alloc_skb+0x10/0x10
[  950.654900][T18283]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  950.654936][T18283]  pfkey_sendmsg+0x16e/0x850
[  950.654967][T18283]  ____sys_sendmsg+0xa98/0xc70
[  950.654991][T18283]  ? copy_msghdr_from_user+0x10a/0x160
[  950.655010][T18283]  ? __pfx_____sys_sendmsg+0x10/0x10
[  950.655077][T18283]  ? __pfx__kstrtoull+0x10/0x10
[  950.655109][T18283]  ___sys_sendmsg+0x134/0x1d0
[  950.655130][T18283]  ? __pfx____sys_sendmsg+0x10/0x10
[  950.655162][T18283]  ? find_held_lock+0x2b/0x80
[  950.655201][T18283]  __sys_sendmmsg+0x200/0x420
[  950.655230][T18283]  ? __pfx___sys_sendmmsg+0x10/0x10
[  950.655258][T18283]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  950.655290][T18283]  ? fput+0x9b/0xd0
[  950.655313][T18283]  ? ksys_write+0x1ac/0x250
[  950.655332][T18283]  ? __pfx_ksys_write+0x10/0x10
[  950.655355][T18283]  __x64_sys_sendmmsg+0x9c/0x100
[  950.655373][T18283]  ? lockdep_hardirqs_on+0x7c/0x110
[  950.655392][T18283]  do_syscall_64+0xcd/0x4c0
[  950.655414][T18283]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.655433][T18283] RIP: 0033:0x7ffa01d8ebe9
[  950.655448][T18283] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  950.655464][T18283] RSP: 002b:00007ffa02cdb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  950.655480][T18283] RAX: ffffffffffffffda RBX: 00007ffa01fb5fa0 RCX: 00007ffa01d8ebe9
[  950.655492][T18283] RDX: 000000000400008a RSI: 0000200000000180 RDI: 0000000000000009
[  950.655503][T18283] RBP: 00007ffa02cdb090 R08: 0000000000000000 R09: 0000000000000000
[  950.655513][T18283] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  950.655523][T18283] R13: 00007ffa01fb6038 R14: 00007ffa01fb5fa0 R15: 00007ffcd07dad88
[  950.655546][T18283]  </TASK>
[  950.894678][    C0] vkms_vblank_simulate: vblank timer overrun
[  950.958324][  T975] usb 6-1: USB disconnect, device number 89
[  951.013918][T18289] netlink: 'syz.3.3650': attribute type 1 has an invalid length.
[  951.061422][T18289] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3650'.
[  951.100443][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  951.100456][   T30] audit: type=1400 audit(1756253226.036:1604): avc:  denied  { getopt } for  pid=18291 comm="syz.1.3651" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  951.128447][   T30] audit: type=1400 audit(1756253226.036:1605): avc:  denied  { ioctl } for  pid=18291 comm="syz.1.3651" path="socket:[53045]" dev="sockfs" ino=53045 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  951.153244][    C0] vkms_vblank_simulate: vblank timer overrun
[  951.465056][T18299] FAULT_INJECTION: forcing a failure.
[  951.465056][T18299] name failslab, interval 1, probability 0, space 0, times 0
[  951.478870][T18299] CPU: 0 UID: 0 PID: 18299 Comm: syz.0.3654 Not tainted syzkaller #0 PREEMPT(full) 
[  951.478894][T18299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  951.478904][T18299] Call Trace:
[  951.478910][T18299]  <TASK>
[  951.478917][T18299]  dump_stack_lvl+0x16c/0x1f0
[  951.478946][T18299]  should_fail_ex+0x512/0x640
[  951.478966][T18299]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  951.478989][T18299]  should_failslab+0xc2/0x120
[  951.479010][T18299]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  951.479028][T18299]  ? __alloc_skb+0x2b2/0x380
[  951.479050][T18299]  __alloc_skb+0x2b2/0x380
[  951.479068][T18299]  ? __pfx___alloc_skb+0x10/0x10
[  951.479084][T18299]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  951.479121][T18299]  pfkey_sendmsg+0x16e/0x850
[  951.479147][T18299]  ____sys_sendmsg+0xa98/0xc70
[  951.479171][T18299]  ? copy_msghdr_from_user+0x10a/0x160
[  951.479191][T18299]  ? __pfx_____sys_sendmsg+0x10/0x10
[  951.479219][T18299]  ? __pfx__kstrtoull+0x10/0x10
[  951.479242][T18299]  ___sys_sendmsg+0x134/0x1d0
[  951.479263][T18299]  ? __pfx____sys_sendmsg+0x10/0x10
[  951.479295][T18299]  ? find_held_lock+0x2b/0x80
[  951.479335][T18299]  __sys_sendmmsg+0x200/0x420
[  951.479358][T18299]  ? __pfx___sys_sendmmsg+0x10/0x10
[  951.479386][T18299]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  951.479418][T18299]  ? fput+0x9b/0xd0
[  951.479442][T18299]  ? ksys_write+0x1ac/0x250
[  951.479460][T18299]  ? __pfx_ksys_write+0x10/0x10
[  951.479483][T18299]  __x64_sys_sendmmsg+0x9c/0x100
[  951.479502][T18299]  ? lockdep_hardirqs_on+0x7c/0x110
[  951.479521][T18299]  do_syscall_64+0xcd/0x4c0
[  951.479543][T18299]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.479560][T18299] RIP: 0033:0x7ffa01d8ebe9
[  951.479575][T18299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  951.479593][T18299] RSP: 002b:00007ffa02cdb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  951.479610][T18299] RAX: ffffffffffffffda RBX: 00007ffa01fb5fa0 RCX: 00007ffa01d8ebe9
[  951.479622][T18299] RDX: 000000000400008a RSI: 0000200000000180 RDI: 0000000000000003
[  951.479633][T18299] RBP: 00007ffa02cdb090 R08: 0000000000000000 R09: 0000000000000000
[  951.479643][T18299] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  951.479654][T18299] R13: 00007ffa01fb6038 R14: 00007ffa01fb5fa0 R15: 00007ffcd07dad88
[  951.479671][T18299]  </TASK>
[  951.714890][    C0] vkms_vblank_simulate: vblank timer overrun
[  951.721972][    C0] hrtimer: interrupt took 242246262 ns
[  951.822051][    C0] vkms_vblank_simulate: vblank timer overrun
[  952.543602][T18319] ubi: mtd0 is already attached to ubi31
[  954.419241][T18329] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3660'.
[  956.912333][T18358] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  956.923340][T18358] exFAT-fs (loop1): unable to read boot sector
[  956.930141][T18358] exFAT-fs (loop1): failed to read boot sector
[  956.936424][T18358] exFAT-fs (loop1): failed to recognize exfat type
[  956.961700][T18360] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3669'.
[  956.972843][T18360] bpf: Bad value for 'gid'
[  958.121168][T18383] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3674'.
[  958.516708][T18387] netlink: 'syz.5.3677': attribute type 11 has an invalid length.
[  958.536147][T18387] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3677'.
[  958.605290][T18387] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3677'.
[  959.311003][T18398] FAULT_INJECTION: forcing a failure.
[  959.311003][T18398] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  959.324794][T18398] CPU: 0 UID: 0 PID: 18398 Comm: syz.0.3680 Not tainted syzkaller #0 PREEMPT(full) 
[  959.324817][T18398] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  959.324828][T18398] Call Trace:
[  959.324835][T18398]  <TASK>
[  959.324843][T18398]  dump_stack_lvl+0x16c/0x1f0
[  959.324868][T18398]  should_fail_ex+0x512/0x640
[  959.324893][T18398]  _copy_from_user+0x2e/0xd0
[  959.324918][T18398]  core_sys_select+0x35b/0xc10
[  959.324948][T18398]  ? __pfx_core_sys_select+0x10/0x10
[  959.324994][T18398]  ? set_user_sigmask+0x21b/0x2b0
[  959.325017][T18398]  ? __pfx_set_user_sigmask+0x10/0x10
[  959.325045][T18398]  do_pselect.constprop.0+0x19f/0x1e0
[  959.325067][T18398]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  959.325098][T18398]  __x64_sys_pselect6+0x182/0x240
[  959.325120][T18398]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  959.325148][T18398]  do_syscall_64+0xcd/0x4c0
[  959.325171][T18398]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  959.325191][T18398] RIP: 0033:0x7ffa01d8ebe9
[  959.325206][T18398] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  959.325224][T18398] RSP: 002b:00007ffa02cba038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  959.325241][T18398] RAX: ffffffffffffffda RBX: 00007ffa01fb6090 RCX: 00007ffa01d8ebe9
[  959.325253][T18398] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  959.325265][T18398] RBP: 00007ffa02cba090 R08: 0000000000000000 R09: 0000000000000000
[  959.325276][T18398] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  959.325287][T18398] R13: 00007ffa01fb6128 R14: 00007ffa01fb6090 R15: 00007ffcd07dad88
[  959.325312][T18398]  </TASK>
[  959.496552][    C0] vkms_vblank_simulate: vblank timer overrun
[  959.581879][ T5860] Bluetooth: hci3: unexpected event 0x09 length: 6 > 3
[  960.899799][  T975] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[  961.200563][   T30] audit: type=1326 audit(1756253236.016:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  961.516070][   T30] audit: type=1326 audit(1756253236.016:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  961.561756][  T975] usb 6-1: device descriptor read/64, error -71
[  962.070484][T18412] Illegal XDP return value 1218183168 on prog  (id 441) dev N/A, expect packet loss!
[  962.100518][   T30] audit: type=1326 audit(1756253236.016:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  962.229779][  T975] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[  962.943812][   T30] audit: type=1326 audit(1756253236.016:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  962.967754][   T30] audit: type=1326 audit(1756253236.016:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  962.991643][   T30] audit: type=1326 audit(1756253236.016:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  963.017222][   T30] audit: type=1326 audit(1756253236.016:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  963.068357][   T30] audit: type=1326 audit(1756253236.016:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  963.093168][  T975] usb 6-1: device descriptor read/64, error -71
[  963.282896][  T975] usb usb6-port1: attempt power cycle
[  963.379255][T18440] FAULT_INJECTION: forcing a failure.
[  963.379255][T18440] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  963.392496][T18440] CPU: 1 UID: 0 PID: 18440 Comm: syz.2.3687 Not tainted syzkaller #0 PREEMPT(full) 
[  963.392519][T18440] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  963.392530][T18440] Call Trace:
[  963.392537][T18440]  <TASK>
[  963.392544][T18440]  dump_stack_lvl+0x16c/0x1f0
[  963.392570][T18440]  should_fail_ex+0x512/0x640
[  963.392596][T18440]  _copy_from_user+0x2e/0xd0
[  963.392620][T18440]  core_sys_select+0x35b/0xc10
[  963.392648][T18440]  ? __pfx_core_sys_select+0x10/0x10
[  963.392666][T18440]  ? rcu_preempt_deferred_qs_irqrestore+0x500/0xbc0
[  963.392723][T18440]  ? set_user_sigmask+0x21b/0x2b0
[  963.392745][T18440]  ? __pfx_set_user_sigmask+0x10/0x10
[  963.392773][T18440]  do_pselect.constprop.0+0x19f/0x1e0
[  963.392795][T18440]  ? __pfx_do_pselect.constprop.0+0x10/0x10
[  963.392827][T18440]  __x64_sys_pselect6+0x182/0x240
[  963.392849][T18440]  ? __pfx___x64_sys_pselect6+0x10/0x10
[  963.392883][T18440]  do_syscall_64+0xcd/0x4c0
[  963.392906][T18440]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  963.392924][T18440] RIP: 0033:0x7f53cd18ebe9
[  963.392939][T18440] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  963.392955][T18440] RSP: 002b:00007f53cdf8d038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  963.392973][T18440] RAX: ffffffffffffffda RBX: 00007f53cd3b6090 RCX: 00007f53cd18ebe9
[  963.392985][T18440] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[  963.392997][T18440] RBP: 00007f53cdf8d090 R08: 0000000000000000 R09: 0000000000000000
[  963.393008][T18440] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  963.393020][T18440] R13: 00007f53cd3b6128 R14: 00007f53cd3b6090 R15: 00007fffa192f638
[  963.393046][T18440]  </TASK>
[  963.573113][    C1] vkms_vblank_simulate: vblank timer overrun
[  963.579706][ T6031] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[  963.739773][ T6031] usb 1-1: Using ep0 maxpacket: 8
[  963.748561][ T6031] usb 1-1: config 6 has an invalid interface number: 213 but max is 1
[  963.756812][ T6031] usb 1-1: config 6 has an invalid interface number: 211 but max is 1
[  963.766425][ T6031] usb 1-1: config 6 has no interface number 0
[  963.824287][ T6031] usb 1-1: config 6 has no interface number 1
[  964.148918][   T30] audit: type=1326 audit(1756253236.016:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  964.173101][   T30] audit: type=1326 audit(1756253236.016:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18402 comm="syz.0.3683" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffa01d8ebe9 code=0x7ffc0000
[  964.271481][ T6031] usb 1-1: config 6 interface 213 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  964.469904][ T6031] usb 1-1: config 6 interface 213 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  964.513306][ T6031] usb 1-1: config 6 interface 213 altsetting 0 endpoint 0x83 has an invalid bInterval 63, changing to 7
[  964.574483][ T6031] usb 1-1: config 6 interface 213 altsetting 0 endpoint 0x83 has invalid maxpacket 57448, setting to 1024
[  964.592288][ T6031] usb 1-1: config 6 interface 213 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  964.621067][ T6031] usb 1-1: config 6 interface 211 has no altsetting 0
[  964.633412][ T6031] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e357, bcdDevice=85.86
[  964.665559][ T6031] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  964.726059][T18464] usb usb8: usbfs: process 18464 (syz.3.3692) did not claim interface 0 before use
[  964.778877][ T6031] usb 1-1: Product: syz
[  964.783376][ T6031] usb 1-1: Manufacturer: syz
[  964.788074][ T6031] usb 1-1: SerialNumber: syz
[  965.080374][ T6031] em28xx 1-1:6.213: New device syz syz @ 480 Mbps (eb1a:e357, interface 213, class 213)
[  965.090147][ T6031] em28xx 1-1:6.213: Audio interface 213 found (Vendor Class)
[  965.622654][ T6031] em28xx 1-1:6.213: unknown em28xx chip ID (0)
[  965.629209][ T6031] em28xx 1-1:6.213: Config register raw data: 0xfffffffb
[  965.650585][ T6031] em28xx 1-1:6.213: AC97 chip type couldn't be determined
[  965.657677][ T6031] em28xx 1-1:6.213: No AC97 audio processor
[  965.702639][ T6031] usb 1-1: USB disconnect, device number 107
[  965.709593][ T6031] em28xx 1-1:6.213: Disconnecting em28xx
[  965.812259][ T6031] em28xx 1-1:6.213: Freeing device
[  966.309887][ T5860] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  966.373332][T18445] sp0: Synchronizing with TNC
[  966.560386][T18483] syzkaller1: entered promiscuous mode
[  966.578350][T18483] syzkaller1: entered allmulticast mode
[  966.644894][ T6031] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  966.899808][ T6031] usb 4-1: Using ep0 maxpacket: 8
[  966.926626][ T6031] usb 4-1: config 0 interface 0 has no altsetting 0
[  966.935506][ T6031] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=bc.76
[  966.962872][ T6031] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  967.079763][ T6031] usb 4-1: Product: syz
[  967.083962][ T6031] usb 4-1: Manufacturer: syz
[  967.088572][ T6031] usb 4-1: SerialNumber: syz
[  967.287569][ T6031] usb 4-1: config 0 descriptor??
[  967.299137][ T5860] Bluetooth: hci0: ACL packet for unknown connection handle 91
[  967.404445][ T6031] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found
[  967.673778][ T6031] snd_usb_toneport 4-1:0.0: cannot get proper max packet size
[  967.685108][ T6031] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected
[  967.700729][ T6031] snd_usb_toneport 4-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  967.966559][T18498] ubi: mtd0 is already attached to ubi31
[  968.063314][T18479] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  968.074218][T18479] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  968.100755][T18479] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3696'.
[  968.152487][ T6031] usb 4-1: USB disconnect, device number 74
[  968.438486][   T30] kauditd_printk_skb: 14 callbacks suppressed
[  968.438505][   T30] audit: type=1400 audit(1756253243.396:1630): avc:  denied  { mount } for  pid=18505 comm="syz.2.3703" name="/" dev="hugetlbfs" ino=53386 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  968.505603][   T30] audit: type=1400 audit(1756253243.436:1631): avc:  denied  { remount } for  pid=18505 comm="syz.2.3703" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  968.576171][   T30] audit: type=1400 audit(1756253243.466:1632): avc:  denied  { unmount } for  pid=8146 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:hugetlbfs_t tclass=filesystem permissive=1
[  968.954422][ T5860] Bluetooth: hci3: command 0x0406 tx timeout
[  968.999842][T15525] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  969.350374][ T5860] Bluetooth: hci0: command 0x0406 tx timeout
[  969.719483][T18508] delete_channel: no stack
[  970.447650][   T30] audit: type=1326 audit(1756253244.976:1633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.472450][   T30] audit: type=1326 audit(1756253244.976:1634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.499495][   T30] audit: type=1326 audit(1756253244.976:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.547485][   T30] audit: type=1326 audit(1756253244.976:1636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.773092][T18543] pim6reg: entered allmulticast mode
[  970.783609][   T30] audit: type=1326 audit(1756253244.976:1637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.812044][   T30] audit: type=1326 audit(1756253244.986:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.836547][   T30] audit: type=1326 audit(1756253244.986:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18533 comm="syz.2.3710" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f53cd18ebe9 code=0x7ffc0000
[  970.890709][  T975] usb 4-1: new full-speed USB device number 75 using dummy_hcd
[  971.042385][  T975] usb 4-1: config 0 has an invalid interface number: 52 but max is 0
[  971.050724][  T975] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  971.077463][  T975] usb 4-1: config 0 has no interface number 0
[  971.103148][  T975] usb 4-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  971.194624][T18561] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3714'.
[  971.227969][T18561] bpf: Bad value for 'gid'
[  971.389003][  T975] usb 4-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  971.403338][  T975] usb 4-1: config 0 interface 52 has no altsetting 0
[  971.411536][  T975] usb 4-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice= 0.00
[  971.420881][  T975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=35
[  971.428993][  T975] usb 4-1: SerialNumber: syz
[  971.437007][T18562] netlink: 5872 bytes leftover after parsing attributes in process `syz.5.3712'.
[  971.449736][  T975] usb 4-1: config 0 descriptor??
[  971.683193][  T975] input: USB Synaptics Device 06cb:0003 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.52/input/input40
[  972.399984][    T9] usb 6-1: new high-speed USB device number 93 using dummy_hcd
[  972.549912][    T9] usb 6-1: device descriptor read/64, error -71
[  972.819838][    T9] usb 6-1: new high-speed USB device number 94 using dummy_hcd
[  972.960301][    T9] usb 6-1: device descriptor read/64, error -71
[  973.125984][    T9] usb usb6-port1: attempt power cycle
[  973.203535][  T975] usb 4-1: USB disconnect, device number 75
[  973.203564][    C0] synaptics_usb 4-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[  973.297949][T18591] syzkaller1: entered promiscuous mode
[  973.303482][T18591] syzkaller1: entered allmulticast mode
[  974.041165][    T9] usb 6-1: new high-speed USB device number 95 using dummy_hcd
[  974.080483][    T9] usb 6-1: device descriptor read/8, error -71
[  974.330445][    T9] usb 6-1: new high-speed USB device number 96 using dummy_hcd
[  974.380044][ T5922] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  975.739811][  T975] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  975.808918][    T9] usb 6-1: device descriptor read/8, error -71
[  975.907122][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  975.921027][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  975.941516][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  975.956409][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  976.050058][    T9] usb usb6-port1: unable to enumerate USB device
[  976.066300][ T5922] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  976.095962][  T975] usb 4-1: Using ep0 maxpacket: 32
[  976.101356][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.128498][  T975] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  976.137152][  T975] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  976.179852][ T5922] usb 3-1: config 0 descriptor??
[  976.197721][T18595] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  976.210611][  T975] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  976.534019][  T975] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  976.547604][  T975] usb 4-1: config 0 interface 0 has no altsetting 0
[  976.740181][  T975] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  976.751058][ T5922] plantronics 0003:047F:FFFF.002A: reserved main item tag 0xd
[  976.772889][  T975] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  976.781613][ T5922] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  976.808563][  T975] usb 4-1: Product: syz
[  976.815291][  T975] usb 4-1: Manufacturer: syz
[  976.823425][  T975] usb 4-1: SerialNumber: syz
[  976.839294][  T975] usb 4-1: config 0 descriptor??
[  976.849849][  T975] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  976.878649][  T975] ldusb 4-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[  976.951120][T18616] netlink: 'syz.0.3727': attribute type 11 has an invalid length.
[  976.976412][  T975] usb 3-1: USB disconnect, device number 7
[  977.083016][T18614] fido_id[18614]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  977.108221][T15525] usb 4-1: USB disconnect, device number 76
[  977.139851][T18616] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3727'.
[  977.155663][T15525] ldusb 4-1:0.0: LD USB Device #1 now disconnected
[  977.432201][T18620] tipc: Started in network mode
[  977.449479][T18620] tipc: Node identity 96aa5913dfad, cluster identity 4711
[  978.333401][T18620] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  978.362196][T18625] syzkaller0: entered promiscuous mode
[  978.398961][T18625] syzkaller0: entered allmulticast mode
[  978.425180][T18620] tipc: Resetting bearer <eth:syzkaller0>
[  978.461005][T18629] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3732'.
[  978.494623][T18630] FAULT_INJECTION: forcing a failure.
[  978.494623][T18630] name failslab, interval 1, probability 0, space 0, times 0
[  978.507421][T18630] CPU: 1 UID: 0 PID: 18630 Comm: syz.0.3731 Not tainted syzkaller #0 PREEMPT(full) 
[  978.507444][T18630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  978.507455][T18630] Call Trace:
[  978.507461][T18630]  <TASK>
[  978.507469][T18630]  dump_stack_lvl+0x16c/0x1f0
[  978.507493][T18630]  should_fail_ex+0x512/0x640
[  978.507513][T18630]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  978.507536][T18630]  should_failslab+0xc2/0x120
[  978.507557][T18630]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  978.507576][T18630]  ? __alloc_skb+0x2b2/0x380
[  978.507600][T18630]  __alloc_skb+0x2b2/0x380
[  978.507618][T18630]  ? __pfx___alloc_skb+0x10/0x10
[  978.507639][T18630]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  978.507665][T18630]  netlink_alloc_large_skb+0x69/0x130
[  978.507688][T18630]  netlink_sendmsg+0x6a1/0xdd0
[  978.507719][T18630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  978.507751][T18630]  ____sys_sendmsg+0xa98/0xc70
[  978.507776][T18630]  ? copy_msghdr_from_user+0x10a/0x160
[  978.507796][T18630]  ? __pfx_____sys_sendmsg+0x10/0x10
[  978.507833][T18630]  ___sys_sendmsg+0x134/0x1d0
[  978.507854][T18630]  ? __pfx____sys_sendmsg+0x10/0x10
[  978.507906][T18630]  __sys_sendmsg+0x16d/0x220
[  978.507926][T18630]  ? __pfx___sys_sendmsg+0x10/0x10
[  978.507962][T18630]  do_syscall_64+0xcd/0x4c0
[  978.507986][T18630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.508005][T18630] RIP: 0033:0x7ffa01d8ebe9
[  978.508019][T18630] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  978.508036][T18630] RSP: 002b:00007ffa02c99038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  978.508054][T18630] RAX: ffffffffffffffda RBX: 00007ffa01fb6180 RCX: 00007ffa01d8ebe9
[  978.508066][T18630] RDX: 0000000000000002 RSI: 0000200000000240 RDI: 000000000000000b
[  978.508077][T18630] RBP: 00007ffa02c99090 R08: 0000000000000000 R09: 0000000000000000
[  978.508089][T18630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  978.508099][T18630] R13: 00007ffa01fb6218 R14: 00007ffa01fb6180 R15: 00007ffcd07dad88
[  978.508124][T18630]  </TASK>
[  978.716400][T15525] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  978.740398][T18619] tipc: Resetting bearer <eth:syzkaller0>
[  978.772974][T18619] tipc: Disabling bearer <eth:syzkaller0>
[  978.916746][T18636] netlink: 'syz.1.3733': attribute type 10 has an invalid length.
[  978.942819][T18636] 8021q: adding VLAN 0 to HW filter on device team0
[  978.964007][T15525] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  979.019195][T18636] bond0: (slave team0): Enslaving as an active interface with an up link
[  979.106810][T15525] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  979.277332][T15525] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  979.286837][T15525] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  979.414857][T15525] usb 4-1: config 0 descriptor??
[  979.840113][   T77] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  979.969830][ T5922] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  980.029776][   T77] usb 2-1: Using ep0 maxpacket: 32
[  980.040878][   T77] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  980.051346][   T77] usb 2-1: config 0 has no interface number 0
[  980.064294][   T77] usb 2-1: config 0 interface 184 has no altsetting 0
[  980.103007][   T77] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  980.119820][   T77] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  980.152314][   T77] usb 2-1: Product: syz
[  980.154686][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  980.170609][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  980.201582][   T77] usb 2-1: Manufacturer: syz
[  980.206326][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  980.217503][   T77] usb 2-1: SerialNumber: syz
[  980.223572][   T77] usb 2-1: config 0 descriptor??
[  980.251246][   T77] smsc75xx v1.0.0
[  980.254749][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  980.282168][ T5922] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  980.308334][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  980.369526][ T5922] usb 3-1: config 0 descriptor??
[  980.403722][T18649] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  980.822648][ T5922] plantronics 0003:047F:FFFF.002B: reserved main item tag 0xd
[  980.838026][   T77] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -61
[  980.863858][   T77] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  980.895052][ T5922] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  980.906649][ T5922] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[  981.421017][   T77] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  981.436966][   T77] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  981.446835][   T77] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  981.457483][   T77] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32
[  981.467745][   T77] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -32
[  981.552524][T15525] usb 4-1: string descriptor 0 read error: -71
[  981.569062][ T5922] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  981.571351][T15525] usb 4-1: USB disconnect, device number 77
[  981.783204][ T5922] usb 3-1: USB disconnect, device number 8
[  982.669925][ T6031] usb 2-1: USB disconnect, device number 2
[  982.971449][T18683] FAULT_INJECTION: forcing a failure.
[  982.971449][T18683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  982.984680][T18683] CPU: 0 UID: 0 PID: 18683 Comm: syz.1.3744 Not tainted syzkaller #0 PREEMPT(full) 
[  982.984703][T18683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  982.984714][T18683] Call Trace:
[  982.984720][T18683]  <TASK>
[  982.984728][T18683]  dump_stack_lvl+0x16c/0x1f0
[  982.984753][T18683]  should_fail_ex+0x512/0x640
[  982.984777][T18683]  _copy_from_user+0x2e/0xd0
[  982.984802][T18683]  copy_msghdr_from_user+0x98/0x160
[  982.984823][T18683]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  982.984848][T18683]  ? __lock_acquire+0x62e/0x1ce0
[  982.984880][T18683]  ___sys_recvmsg+0xdb/0x1a0
[  982.984900][T18683]  ? __pfx____sys_recvmsg+0x10/0x10
[  982.984951][T18683]  __sys_recvmsg+0x16a/0x220
[  982.984971][T18683]  ? __pfx___sys_recvmsg+0x10/0x10
[  982.985013][T18683]  do_syscall_64+0xcd/0x4c0
[  982.985036][T18683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  982.985055][T18683] RIP: 0033:0x7f6fcad8ebe9
[  982.985069][T18683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  982.985087][T18683] RSP: 002b:00007f6fcbc8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  982.985106][T18683] RAX: ffffffffffffffda RBX: 00007f6fcafb6180 RCX: 00007f6fcad8ebe9
[  982.985118][T18683] RDX: 0000000000000000 RSI: 000020000000b680 RDI: 0000000000000006
[  982.985129][T18683] RBP: 00007f6fcbc8b090 R08: 0000000000000000 R09: 0000000000000000
[  982.985140][T18683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  982.985150][T18683] R13: 00007f6fcafb6218 R14: 00007f6fcafb6180 R15: 00007fff7a3d3158
[  982.985175][T18683]  </TASK>
[  983.589891][T15525] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  983.999817][ T5922] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[  984.289010][T15525] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  984.383122][T15525] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  984.396868][ T5922] usb 1-1: Using ep0 maxpacket: 8
[  984.412134][T15525] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  984.573109][ T5922] usb 1-1: config 6 has an invalid interface number: 213 but max is 1
[  984.634970][ T5922] usb 1-1: config 6 has an invalid interface number: 211 but max is 1
[  985.119444][T15525] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  985.572046][ T5922] usb 1-1: config 6 has no interface number 0
[  985.639785][T15525] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  985.648898][T15525] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  985.656905][ T5922] usb 1-1: config 6 has no interface number 1
[  985.658652][T15525] usb 3-1: config 0 descriptor??
[  985.670743][T18685] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  985.699363][ T5922] usb 1-1: config 6 interface 213 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  985.813237][ T5922] usb 1-1: config 6 interface 213 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  985.845548][ T5922] usb 1-1: config 6 interface 213 altsetting 0 endpoint 0x83 has an invalid bInterval 63, changing to 7
[  985.877447][ T5922] usb 1-1: config 6 interface 213 altsetting 0 endpoint 0x83 has invalid maxpacket 57448, setting to 1024
[  985.892959][ T5922] usb 1-1: config 6 interface 213 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  985.907545][ T5922] usb 1-1: config 6 interface 211 has no altsetting 0
[  985.916836][T18709] FAULT_INJECTION: forcing a failure.
[  985.916836][T18709] name failslab, interval 1, probability 0, space 0, times 0
[  985.918124][ T5922] usb 1-1: New USB device found, idVendor=eb1a, idProduct=e357, bcdDevice=85.86
[  985.975386][ T5922] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  985.979752][T18709] CPU: 1 UID: 0 PID: 18709 Comm: syz.3.3753 Not tainted syzkaller #0 PREEMPT(full) 
[  985.979773][T18709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  985.979783][T18709] Call Trace:
[  985.979788][T18709]  <TASK>
[  985.979795][T18709]  dump_stack_lvl+0x16c/0x1f0
[  985.979820][T18709]  should_fail_ex+0x512/0x640
[  985.979838][T18709]  ? __kmalloc_noprof+0xbf/0x510
[  985.979856][T18709]  ? sock_kmalloc+0x111/0x170
[  985.979874][T18709]  should_failslab+0xc2/0x120
[  985.979892][T18709]  __kmalloc_noprof+0xd2/0x510
[  985.979907][T18709]  ? do_raw_spin_lock+0x12c/0x2b0
[  985.979929][T18709]  sock_kmalloc+0x111/0x170
[  985.979950][T18709]  af_alg_alloc_areq+0xbc/0x2e0
[  985.979969][T18709]  skcipher_recvmsg+0x32b/0x1030
[  985.979996][T18709]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  985.980022][T18709]  sock_recvmsg+0x1f9/0x250
[  985.980044][T18709]  ____sys_recvmsg+0x218/0x6b0
[  985.980068][T18709]  ? __pfx_____sys_recvmsg+0x10/0x10
[  985.980098][T18709]  ? __lock_acquire+0x62e/0x1ce0
[  985.980126][T18709]  ___sys_recvmsg+0x114/0x1a0
[  985.980143][T18709]  ? __pfx____sys_recvmsg+0x10/0x10
[  985.980163][T18709]  ? find_held_lock+0x2b/0x80
[  985.980196][T18709]  do_recvmmsg+0x2fe/0x750
[  985.980217][T18709]  ? __pfx_do_recvmmsg+0x10/0x10
[  985.980239][T18709]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  985.980265][T18709]  ? __fget_files+0x20e/0x3c0
[  985.980288][T18709]  __x64_sys_recvmmsg+0x22a/0x280
[  985.980307][T18709]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  985.980332][T18709]  do_syscall_64+0xcd/0x4c0
[  985.980352][T18709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  985.980368][T18709] RIP: 0033:0x7f3f5538ebe9
[  985.980381][T18709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  985.980396][T18709] RSP: 002b:00007f3f56230038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  985.980411][T18709] RAX: ffffffffffffffda RBX: 00007f3f555b5fa0 RCX: 00007f3f5538ebe9
[  985.980421][T18709] RDX: 0000000000000001 RSI: 00002000000008c0 RDI: 0000000000000004
[  985.980431][T18709] RBP: 00007f3f56230090 R08: 0000000000000000 R09: 0000000000000000
[  985.980440][T18709] R10: 00000000000000cb R11: 0000000000000246 R12: 0000000000000001
[  985.980449][T18709] R13: 00007f3f555b6038 R14: 00007f3f555b5fa0 R15: 00007fff532f08a8
[  985.980471][T18709]  </TASK>
[  986.091020][T15525] plantronics 0003:047F:FFFF.002C: reserved main item tag 0xd
[  986.092937][  T975] usb 6-1: new high-speed USB device number 97 using dummy_hcd
[  986.114439][T15525] plantronics 0003:047F:FFFF.002C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  986.189741][ T5922] usb 1-1: Product: syz
[  986.256028][ T5922] usb 1-1: Manufacturer: syz
[  986.276646][ T5922] usb 1-1: SerialNumber: syz
[  986.393458][    T9] usb 3-1: USB disconnect, device number 9
[  986.413012][  T975] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  986.424578][  T975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  986.439890][  T975] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  986.462767][  T975] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  986.478379][  T975] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  986.491741][  T975] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  986.509599][  T975] usb 6-1: config 0 descriptor??
[  986.514660][T18190] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  986.552230][T18706] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  986.572848][ T5922] em28xx 1-1:6.213: New device syz syz @ 480 Mbps (eb1a:e357, interface 213, class 213)
[  986.584789][ T5922] em28xx 1-1:6.213: Audio interface 213 found (Vendor Class)
[  986.661386][ T5922] em28xx 1-1:6.213: unknown em28xx chip ID (0)
[  986.675416][ T5922] em28xx 1-1:6.213: Config register raw data: 0xfffffffb
[  986.682517][T18190] usb 4-1: Using ep0 maxpacket: 32
[  986.703585][ T5922] em28xx 1-1:6.213: AC97 chip type couldn't be determined
[  986.712289][T18190] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  986.742974][T18190] usb 4-1: config 0 has no interface number 0
[  986.749148][T18190] usb 4-1: config 0 interface 184 has no altsetting 0
[  986.756943][ T5922] em28xx 1-1:6.213: No AC97 audio processor
[  986.773596][T18190] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  986.786502][T18190] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  986.806577][ T5922] usb 1-1: USB disconnect, device number 108
[  986.831756][T18190] usb 4-1: Product: syz
[  986.848021][T18722] netlink: 60 bytes leftover after parsing attributes in process `syz.1.3757'.
[  986.848721][ T5922] em28xx 1-1:6.213: Disconnecting em28xx
[  986.866453][T18190] usb 4-1: Manufacturer: syz
[  986.871461][T18190] usb 4-1: SerialNumber: syz
[  986.899311][T18190] usb 4-1: config 0 descriptor??
[  986.899822][ T5922] em28xx 1-1:6.213: Freeing device
[  986.913234][T18190] smsc75xx v1.0.0
[  986.977127][  T975] plantronics 0003:047F:FFFF.002D: reserved main item tag 0xd
[  986.988129][  T975] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0
[  986.995665][  T975] plantronics 0003:047F:FFFF.002D: unknown main item tag 0x0
[  987.027483][  T975] plantronics 0003:047F:FFFF.002D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  987.218935][T18729] FAULT_INJECTION: forcing a failure.
[  987.218935][T18729] name failslab, interval 1, probability 0, space 0, times 0
[  987.234555][T18729] CPU: 1 UID: 0 PID: 18729 Comm: syz.1.3759 Not tainted syzkaller #0 PREEMPT(full) 
[  987.234578][T18729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  987.234588][T18729] Call Trace:
[  987.234594][T18729]  <TASK>
[  987.234601][T18729]  dump_stack_lvl+0x16c/0x1f0
[  987.234624][T18729]  should_fail_ex+0x512/0x640
[  987.234644][T18729]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[  987.234665][T18729]  should_failslab+0xc2/0x120
[  987.234684][T18729]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[  987.234701][T18729]  ? __alloc_skb+0x2b2/0x380
[  987.234717][T18729]  __alloc_skb+0x2b2/0x380
[  987.234728][T18729]  ? __pfx___alloc_skb+0x10/0x10
[  987.234741][T18729]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[  987.234758][T18729]  netlink_alloc_large_skb+0x69/0x130
[  987.234776][T18729]  netlink_sendmsg+0x6a1/0xdd0
[  987.234800][T18729]  ? __pfx_netlink_sendmsg+0x10/0x10
[  987.234829][T18729]  ____sys_sendmsg+0xa98/0xc70
[  987.234851][T18729]  ? copy_msghdr_from_user+0x10a/0x160
[  987.234864][T18729]  ? __pfx_____sys_sendmsg+0x10/0x10
[  987.234886][T18729]  ___sys_sendmsg+0x134/0x1d0
[  987.234898][T18729]  ? __pfx____sys_sendmsg+0x10/0x10
[  987.234940][T18729]  __sys_sendmsg+0x16d/0x220
[  987.234959][T18729]  ? __pfx___sys_sendmsg+0x10/0x10
[  987.234993][T18729]  do_syscall_64+0xcd/0x4c0
[  987.235009][T18729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.235021][T18729] RIP: 0033:0x7f6fcad8ebe9
[  987.235031][T18729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  987.235042][T18729] RSP: 002b:00007f6fcbc8b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  987.235054][T18729] RAX: ffffffffffffffda RBX: 00007f6fcafb6180 RCX: 00007f6fcad8ebe9
[  987.235061][T18729] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 000000000000000b
[  987.235071][T18729] RBP: 00007f6fcbc8b090 R08: 0000000000000000 R09: 0000000000000000
[  987.235081][T18729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  987.235090][T18729] R13: 00007f6fcafb6218 R14: 00007f6fcafb6180 R15: 00007fff7a3d3158
[  987.235114][T18729]  </TASK>
[  987.452320][ T6014] usb 6-1: USB disconnect, device number 97
[  987.516676][T18190] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -61
[  987.527685][T18190] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  987.754430][T15525] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  987.754622][T18190] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  987.792473][T18190] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  987.829906][T18190] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  987.840281][T18190] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32
[  987.850152][T18190] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -32
[  987.924669][T15525] usb 3-1: config 0 has no interfaces?
[  987.933548][T15525] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  987.943146][T15525] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  988.034912][T15525] usb 3-1: Product: syz
[  988.039069][T15525] usb 3-1: Manufacturer: syz
[  988.073364][T15525] usb 3-1: SerialNumber: syz
[  988.095127][T15525] usb 3-1: config 0 descriptor??
[  988.329976][   T30] kauditd_printk_skb: 61 callbacks suppressed
[  988.329987][   T30] audit: type=1400 audit(1756253263.286:1701): avc:  denied  { mount } for  pid=18730 comm="syz.2.3760" name="/" dev="pstore" ino=4122 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1
[  988.385640][   T30] audit: type=1400 audit(1756253263.326:1702): avc:  denied  { execute } for  pid=18730 comm="syz.2.3760" path=2F616E6F6E5F6875676570616765202864656C6574656429 dev="hugetlbfs" ino=53812 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=file permissive=1
[  989.363519][T18190] usb 4-1: USB disconnect, device number 78
[  989.397881][T18750] fuse: Unknown parameter 'PL®h'
[  989.759762][T18190] usb 4-1: new full-speed USB device number 79 using dummy_hcd
[  989.933670][T18190] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  989.946715][T18190] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  989.960879][T18190] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  989.989075][T18190] usb 4-1: config 0 descriptor??
[  990.004147][T18190] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  990.554734][T15525] usb 3-1: USB disconnect, device number 10
[  990.645690][T18775] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  990.662950][T18775] kvm: pic: non byte read
[  990.668951][T18775] kvm: pic: level sensitive irq not supported
[  990.668996][T18775] kvm: pic: non byte read
[  990.680533][T18775] kvm: pic: level sensitive irq not supported
[  990.680588][T18775] kvm: pic: non byte read
[  990.819845][T18190] usb 6-1: new high-speed USB device number 98 using dummy_hcd
[  991.011040][T18190] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  991.045318][T18190] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  991.097110][T18190] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  991.108744][T18190] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  991.123839][T18190] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  991.135899][T18190] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  991.197872][T18190] usb 6-1: config 0 descriptor??
[  991.205781][T18772] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  991.356828][T18791] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3776'.
[  991.582051][T18791] bpf: Bad value for 'gid'
[  991.675308][T18190] plantronics 0003:047F:FFFF.002E: reserved main item tag 0xd
[  991.685383][T18190] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0
[  991.694576][T18190] plantronics 0003:047F:FFFF.002E: unknown main item tag 0x0
[  991.733587][T18190] plantronics 0003:047F:FFFF.002E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  991.934600][T15525] usb 6-1: USB disconnect, device number 98
[  992.473582][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  992.484192][  T975] usb 4-1: USB disconnect, device number 79
[  992.600172][T18803] netlink: 'syz.3.3780': attribute type 5 has an invalid length.
[  992.907512][   T30] audit: type=1400 audit(1756253267.866:1703): avc:  denied  { create } for  pid=18801 comm="syz.3.3780" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  992.917120][T18812] FAULT_INJECTION: forcing a failure.
[  992.917120][T18812] name failslab, interval 1, probability 0, space 0, times 0
[  992.928644][T18803] netlink: 'syz.3.3780': attribute type 1 has an invalid length.
[  992.946610][T18812] CPU: 1 UID: 0 PID: 18812 Comm: syz.1.3783 Not tainted syzkaller #0 PREEMPT(full) 
[  992.946631][T18812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  992.946640][T18812] Call Trace:
[  992.946646][T18812]  <TASK>
[  992.946653][T18812]  dump_stack_lvl+0x16c/0x1f0
[  992.946675][T18812]  should_fail_ex+0x512/0x640
[  992.946693][T18812]  ? fs_reclaim_acquire+0xae/0x150
[  992.946716][T18812]  ? tomoyo_encode2+0x100/0x3e0
[  992.946737][T18812]  should_failslab+0xc2/0x120
[  992.946755][T18812]  __kmalloc_noprof+0xd2/0x510
[  992.946772][T18812]  ? d_absolute_path+0x136/0x1a0
[  992.946798][T18812]  tomoyo_encode2+0x100/0x3e0
[  992.946823][T18812]  tomoyo_encode+0x29/0x50
[  992.946844][T18812]  tomoyo_realpath_from_path+0x18f/0x6e0
[  992.946874][T18812]  tomoyo_path_number_perm+0x245/0x580
[  992.946893][T18812]  ? tomoyo_path_number_perm+0x237/0x580
[  992.946914][T18812]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  992.946935][T18812]  ? find_held_lock+0x2b/0x80
[  992.946975][T18812]  ? find_held_lock+0x2b/0x80
[  992.946994][T18812]  ? hook_file_ioctl_common+0x145/0x410
[  992.947015][T18812]  ? __fget_files+0x20e/0x3c0
[  992.947037][T18812]  security_file_ioctl+0x9b/0x240
[  992.947061][T18812]  __x64_sys_ioctl+0xb7/0x210
[  992.947086][T18812]  do_syscall_64+0xcd/0x4c0
[  992.947105][T18812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.947121][T18812] RIP: 0033:0x7f6fcad8ebe9
[  992.947134][T18812] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  992.947149][T18812] RSP: 002b:00007f6fcbccd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  992.947164][T18812] RAX: ffffffffffffffda RBX: 00007f6fcafb5fa0 RCX: 00007f6fcad8ebe9
[  992.947174][T18812] RDX: 00002000001859c0 RSI: 000000008010640b RDI: 0000000000000003
[  992.947184][T18812] RBP: 00007f6fcbccd090 R08: 0000000000000000 R09: 0000000000000000
[  992.947194][T18812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  992.947203][T18812] R13: 00007f6fcafb6038 R14: 00007f6fcafb5fa0 R15: 00007fff7a3d3158
[  992.947226][T18812]  </TASK>
[  992.947239][T18812] ERROR: Out of memory at tomoyo_realpath_from_path.
[  992.974660][   T30] audit: type=1400 audit(1756253267.866:1704): avc:  denied  { ioctl } for  pid=18801 comm="syz.3.3780" path="socket:[53966]" dev="sockfs" ino=53966 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  993.220867][T18819] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=18819 comm=syz.3.3780
[  994.323777][   T77] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  994.701335][   T77] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  994.730658][   T77] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  994.801471][   T77] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  994.813851][   T77] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  994.833117][   T77] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  994.849748][   T77] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  995.314485][T18190] usb 4-1: new full-speed USB device number 80 using dummy_hcd
[  995.320654][   T77] usb 3-1: config 0 descriptor??
[  995.358206][T18833] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  995.503492][T18190] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  995.547152][T18190] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  995.562477][T18190] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  995.581879][T18190] usb 4-1: config 0 descriptor??
[  995.590875][T18190] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  995.741235][T18854] FAULT_INJECTION: forcing a failure.
[  995.741235][T18854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  995.754500][T18854] CPU: 0 UID: 0 PID: 18854 Comm: syz.1.3794 Not tainted syzkaller #0 PREEMPT(full) 
[  995.754523][T18854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  995.754533][T18854] Call Trace:
[  995.754539][T18854]  <TASK>
[  995.754547][T18854]  dump_stack_lvl+0x16c/0x1f0
[  995.754572][T18854]  should_fail_ex+0x512/0x640
[  995.754596][T18854]  _copy_from_iter+0x29f/0x1720
[  995.754624][T18854]  ? __pfx__copy_from_iter+0x10/0x10
[  995.754647][T18854]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  995.754678][T18854]  copy_page_from_iter+0xde/0x180
[  995.754704][T18854]  tun_build_skb.constprop.0+0x2e8/0x1500
[  995.754738][T18854]  ? __pfx_tun_build_skb.constprop.0+0x10/0x10
[  995.754760][T18854]  ? unwind_get_return_address+0x59/0xa0
[  995.754781][T18854]  ? arch_stack_walk+0xa6/0x100
[  995.754818][T18854]  ? _kstrtoull+0x145/0x200
[  995.754834][T18854]  ? __pfx__kstrtoull+0x10/0x10
[  995.754853][T18854]  tun_get_user+0x14ae/0x3ce0
[  995.754887][T18854]  ? __pfx_tun_get_user+0x10/0x10
[  995.754916][T18854]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  995.754946][T18854]  ? find_held_lock+0x2b/0x80
[  995.754971][T18854]  ? tun_get+0x191/0x370
[  995.754999][T18854]  tun_chr_write_iter+0xdc/0x210
[  995.755025][T18854]  vfs_write+0x7d0/0x11d0
[  995.755045][T18854]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  995.755072][T18854]  ? __pfx_vfs_write+0x10/0x10
[  995.755089][T18854]  ? find_held_lock+0x2b/0x80
[  995.755127][T18854]  ksys_write+0x12a/0x250
[  995.755144][T18854]  ? __pfx_ksys_write+0x10/0x10
[  995.755169][T18854]  do_syscall_64+0xcd/0x4c0
[  995.755191][T18854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  995.755215][T18854] RIP: 0033:0x7f6fcad8d69f
[  995.755230][T18854] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  995.755246][T18854] RSP: 002b:00007f6fcbccd000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  995.755263][T18854] RAX: ffffffffffffffda RBX: 00007f6fcafb5fa0 RCX: 00007f6fcad8d69f
[  995.755275][T18854] RDX: 000000000000004a RSI: 00002000000004c0 RDI: 00000000000000c8
[  995.755286][T18854] RBP: 00007f6fcbccd090 R08: 0000000000000000 R09: 0000000000000000
[  995.755296][T18854] R10: 000000000000004a R11: 0000000000000293 R12: 0000000000000001
[  995.755306][T18854] R13: 00007f6fcafb6038 R14: 00007f6fcafb5fa0 R15: 00007fff7a3d3158
[  995.755331][T18854]  </TASK>
[  996.010841][   T77] plantronics 0003:047F:FFFF.002F: reserved main item tag 0xd
[  996.021907][   T77] plantronics 0003:047F:FFFF.002F: unknown main item tag 0x0
[  996.065107][   T77] plantronics 0003:047F:FFFF.002F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  996.323563][T18190] usb 3-1: USB disconnect, device number 11
[  996.361055][T18862] fido_id[18862]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  996.809806][   T77] usb 6-1: new full-speed USB device number 99 using dummy_hcd
[  996.909880][T18190] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[  997.321768][   T77] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  997.334876][   T77] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  997.345290][   T77] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  997.361680][   T77] usb 6-1: config 0 descriptor??
[  997.370590][T18190] usb 1-1: Using ep0 maxpacket: 16
[  997.371708][   T77] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  997.384629][T18190] usb 1-1: config 0 has an invalid interface number: 145 but max is 0
[  997.395716][T18190] usb 1-1: config 0 has no interface number 0
[  997.416989][T18190] usb 1-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  997.426541][T18190] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  997.435048][T18190] usb 1-1: Product: syz
[  997.440007][T18190] usb 1-1: Manufacturer: syz
[  997.445006][T18190] usb 1-1: SerialNumber: syz
[  997.451677][T18190] usb 1-1: config 0 descriptor??
[  997.458546][T18190] hub 1-1:0.145: bad descriptor, ignoring hub
[  997.465244][T18190] hub 1-1:0.145: probe with driver hub failed with error -5
[  997.475841][T18190] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.145/input/input43
[  997.651154][  T975] usb 4-1: USB disconnect, device number 80
[  997.739589][T18886] netlink: 'syz.3.3802': attribute type 11 has an invalid length.
[  997.827695][   T30] audit: type=1400 audit(1756253272.786:1705): avc:  denied  { write } for  pid=18858 comm="syz.0.3796" name="mice" dev="devtmpfs" ino=916 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:mouse_device_t tclass=chr_file permissive=1
[  998.601253][ T5860] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  998.611350][ T5860] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  998.618983][ T5860] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  998.628864][ T5860] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  998.637649][ T5860] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  998.868583][ T1090] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  998.908483][T18900] tipc: Started in network mode
[  998.913531][T18900] tipc: Node identity 120f0daec1d3, cluster identity 4711
[  998.921088][T18900] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  998.932174][T18900] syzkaller0: entered promiscuous mode
[  998.957953][T18900] syzkaller0: entered allmulticast mode
[  999.014809][ T1090] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.043805][T18900] tipc: Resetting bearer <eth:syzkaller0>
[  999.056276][T18899] tipc: Resetting bearer <eth:syzkaller0>
[  999.097511][T18899] tipc: Disabling bearer <eth:syzkaller0>
[  999.171727][ T1090] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.199925][ T6014] usb 1-1: USB disconnect, device number 109
[  999.261137][T18896] chnl_net:caif_netlink_parms(): no params data found
[  999.338631][T15525] usb 6-1: USB disconnect, device number 99
[  999.412776][ T1090] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  999.474320][T18918] syz_tun: entered allmulticast mode
[  999.555814][T18914] syz_tun: left allmulticast mode
[  999.960584][T18190] usb 6-1: new high-speed USB device number 100 using dummy_hcd
[  999.991031][T18935] netlink: 188 bytes leftover after parsing attributes in process `syz.3.3812'.
[ 1000.149963][T18896] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1000.163466][T18896] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1000.194491][T18896] bridge_slave_0: entered allmulticast mode
[ 1000.204563][T18896] bridge_slave_0: entered promiscuous mode
[ 1000.245737][T18896] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1000.254926][T18896] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1000.262354][T18190] usb 6-1: device descriptor read/64, error -71
[ 1000.274943][T18896] bridge_slave_1: entered allmulticast mode
[ 1000.284999][T18896] bridge_slave_1: entered promiscuous mode
[ 1000.765266][T18149] Bluetooth: hci5: command tx timeout
[ 1000.786869][T18896] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1000.830401][T18190] usb 6-1: new high-speed USB device number 101 using dummy_hcd
[ 1000.847772][T18896] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1000.864658][ T1090] bridge_slave_1: left allmulticast mode
[ 1000.877191][ T1090] bridge_slave_1: left promiscuous mode
[ 1000.888259][ T1090] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1000.924427][ T1090] bridge_slave_0: left allmulticast mode
[ 1000.940003][ T1090] bridge_slave_0: left promiscuous mode
[ 1000.947757][ T1090] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1000.969965][T18190] usb 6-1: device descriptor read/64, error -71
[ 1001.101056][T18190] usb usb6-port1: attempt power cycle
[ 1001.559728][T18190] usb 6-1: new high-speed USB device number 102 using dummy_hcd
[ 1001.630438][T18190] usb 6-1: device descriptor read/8, error -71
[ 1001.712591][ T1090] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1001.979798][T18190] usb 6-1: new high-speed USB device number 103 using dummy_hcd
[ 1002.000271][T18190] usb 6-1: device descriptor read/8, error -71
[ 1002.120206][T18190] usb usb6-port1: unable to enumerate USB device
[ 1002.264514][ T1090] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1002.374343][ T1090] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1002.388029][ T1090] bond0 (unregistering): Released all slaves
[ 1002.573622][T18896] team0: Port device team_slave_0 added
[ 1002.589301][ T1090] tipc: Left network mode
[ 1002.872599][T18149] Bluetooth: hci5: command tx timeout
[ 1002.873197][T18896] team0: Port device team_slave_1 added
[ 1003.004716][T18896] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1003.020503][ T5908] usb 6-1: new high-speed USB device number 104 using dummy_hcd
[ 1003.038974][T18896] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1003.064972][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1003.145529][T18896] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1003.159885][ T5908] usb 6-1: device descriptor read/64, error -71
[ 1003.181256][T18896] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1003.188181][T18896] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1003.214042][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1003.267781][T18896] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1003.439115][T18979] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3818'.
[ 1003.477799][T18979] bpf: Bad value for 'gid'
[ 1003.569459][ T5908] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[ 1003.843541][T18985] FAULT_INJECTION: forcing a failure.
[ 1003.843541][T18985] name failslab, interval 1, probability 0, space 0, times 0
[ 1003.856336][T18985] CPU: 1 UID: 0 PID: 18985 Comm: syz.3.3819 Not tainted syzkaller #0 PREEMPT(full) 
[ 1003.856359][T18985] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1003.856369][T18985] Call Trace:
[ 1003.856377][T18985]  <TASK>
[ 1003.856385][T18985]  dump_stack_lvl+0x16c/0x1f0
[ 1003.856410][T18985]  should_fail_ex+0x512/0x640
[ 1003.856430][T18985]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1003.856453][T18985]  should_failslab+0xc2/0x120
[ 1003.856473][T18985]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1003.856493][T18985]  ? __alloc_skb+0x2b2/0x380
[ 1003.856516][T18985]  __alloc_skb+0x2b2/0x380
[ 1003.856533][T18985]  ? __pfx___alloc_skb+0x10/0x10
[ 1003.856555][T18985]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1003.856581][T18985]  netlink_alloc_large_skb+0x69/0x130
[ 1003.856603][T18985]  netlink_sendmsg+0x6a1/0xdd0
[ 1003.856628][T18985]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1003.856659][T18985]  ____sys_sendmsg+0xa98/0xc70
[ 1003.856684][T18985]  ? copy_msghdr_from_user+0x10a/0x160
[ 1003.856704][T18985]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1003.856732][T18985]  ? finish_task_switch.isra.0+0x221/0xc10
[ 1003.856756][T18985]  ? rcu_is_watching+0x12/0xc0
[ 1003.856782][T18985]  ___sys_sendmsg+0x134/0x1d0
[ 1003.856803][T18985]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1003.856854][T18985]  __sys_sendmsg+0x16d/0x220
[ 1003.856875][T18985]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1003.856893][T18985]  ? ksys_write+0x1a2/0x250
[ 1003.856928][T18985]  do_syscall_64+0xcd/0x4c0
[ 1003.856950][T18985]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.856969][T18985] RIP: 0033:0x7f3f5538ebe9
[ 1003.856984][T18985] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1003.857001][T18985] RSP: 002b:00007f3f561ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1003.857019][T18985] RAX: ffffffffffffffda RBX: 00007f3f555b6180 RCX: 00007f3f5538ebe9
[ 1003.857031][T18985] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 000000000000000a
[ 1003.857041][T18985] RBP: 00007f3f561ee090 R08: 0000000000000000 R09: 0000000000000000
[ 1003.857052][T18985] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1003.857062][T18985] R13: 00007f3f555b6218 R14: 00007f3f555b6180 R15: 00007fff532f08a8
[ 1003.857087][T18985]  </TASK>
[ 1004.081251][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1004.130525][T18982] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3819'.
[ 1004.139594][T18982] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3819'.
[ 1004.149015][T18982] netlink: 172 bytes leftover after parsing attributes in process `syz.3.3819'.
[ 1004.158068][T18982] netlink: 100 bytes leftover after parsing attributes in process `syz.3.3819'.
[ 1004.168332][T18982] netlink: 32 bytes leftover after parsing attributes in process `syz.3.3819'.
[ 1004.188012][ T5908] usb 6-1: device descriptor read/64, error -71
[ 1004.217345][T18896] hsr_slave_0: entered promiscuous mode
[ 1004.228854][T18896] hsr_slave_1: entered promiscuous mode
[ 1004.235104][T18896] debugfs: 'hsr0' already exists in 'hsr'
[ 1004.241013][T18896] Cannot create hsr debugfs directory
[ 1004.250781][T18190] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[ 1004.263981][ T1090] hsr_slave_0: left promiscuous mode
[ 1004.274991][ T1090] hsr_slave_1: left promiscuous mode
[ 1004.290797][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1004.298172][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1004.314955][ T5908] usb usb6-port1: attempt power cycle
[ 1004.323887][ T1090] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1004.336900][ T1090] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1004.387319][ T1090] veth1_macvtap: left promiscuous mode
[ 1004.399219][ T1090] veth0_macvtap: left promiscuous mode
[ 1004.416381][T18190] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1004.442418][T18190] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1004.471839][T18190] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1004.500611][T18190] usb 2-1: config 0 descriptor??
[ 1004.535807][T18190] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1004.666058][ T5908] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[ 1004.697343][   T30] audit: type=1400 audit(1756253279.656:1706): avc:  denied  { mount } for  pid=19007 comm="syz.3.3824" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1004.738883][ T5908] usb 6-1: device descriptor read/8, error -71
[ 1004.835165][   T30] audit: type=1400 audit(1756253279.716:1707): avc:  denied  { unmount } for  pid=19007 comm="syz.3.3824" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[ 1004.949829][T18149] Bluetooth: hci5: command tx timeout
[ 1005.239752][ T5908] usb 6-1: new high-speed USB device number 107 using dummy_hcd
[ 1005.262410][ T5908] usb 6-1: device descriptor read/8, error -71
[ 1005.379951][ T5908] usb usb6-port1: unable to enumerate USB device
[ 1005.440644][ T1090] team0 (unregistering): Port device team_slave_1 removed
[ 1005.488077][ T1090] team0 (unregistering): Port device team_slave_0 removed
[ 1005.643268][T19017] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3825'.
[ 1006.799354][   T30] audit: type=1400 audit(1756253281.746:1708): avc:  denied  { read } for  pid=19037 comm="syz.3.3829" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[ 1006.925643][ T6014] usb 2-1: USB disconnect, device number 3
[ 1006.979899][T19042] FAULT_INJECTION: forcing a failure.
[ 1006.979899][T19042] name failslab, interval 1, probability 0, space 0, times 0
[ 1006.992699][T19042] CPU: 0 UID: 0 PID: 19042 Comm: syz.3.3829 Not tainted syzkaller #0 PREEMPT(full) 
[ 1006.992722][T19042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1006.992731][T19042] Call Trace:
[ 1006.992736][T19042]  <TASK>
[ 1006.992740][T19042]  dump_stack_lvl+0x16c/0x1f0
[ 1006.992756][T19042]  should_fail_ex+0x512/0x640
[ 1006.992770][T19042]  ? __kmalloc_cache_noprof+0x57/0x3e0
[ 1006.992789][T19042]  should_failslab+0xc2/0x120
[ 1006.992802][T19042]  __kmalloc_cache_noprof+0x6a/0x3e0
[ 1006.992820][T19042]  ? io_wq_create+0x6a/0x9a0
[ 1006.992838][T19042]  io_wq_create+0x6a/0x9a0
[ 1006.992856][T19042]  io_uring_alloc_task_context+0x1e1/0x650
[ 1006.992873][T19042]  ? __pfx_io_uring_alloc_task_context+0x10/0x10
[ 1006.992893][T19042]  __io_uring_add_tctx_node+0x2dd/0x500
[ 1006.992909][T19042]  ? __pfx___io_uring_add_tctx_node+0x10/0x10
[ 1006.992926][T19042]  ? __fget_files+0x20e/0x3c0
[ 1006.992940][T19042]  __io_uring_add_tctx_node_from_submit+0x89/0x130
[ 1006.992957][T19042]  __do_sys_io_uring_enter+0x123a/0x1630
[ 1006.992971][T19042]  ? __fget_files+0x20e/0x3c0
[ 1006.992983][T19042]  ? __pfx___do_sys_io_uring_enter+0x10/0x10
[ 1006.992995][T19042]  ? fput+0x9b/0xd0
[ 1006.993010][T19042]  ? ksys_write+0x1ac/0x250
[ 1006.993021][T19042]  ? __pfx_ksys_write+0x10/0x10
[ 1006.993036][T19042]  do_syscall_64+0xcd/0x4c0
[ 1006.993050][T19042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1006.993063][T19042] RIP: 0033:0x7f3f5538ebe9
[ 1006.993072][T19042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1006.993088][T19042] RSP: 002b:00007f3f561e1038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1006.993099][T19042] RAX: ffffffffffffffda RBX: 00007f3f555b6180 RCX: 00007f3f5538ebe9
[ 1006.993106][T19042] RDX: 0000000000000000 RSI: 0000000000007277 RDI: 0000000000000004
[ 1006.993112][T19042] RBP: 00007f3f561e1090 R08: 0000000000000000 R09: 0000000000000000
[ 1006.993119][T19042] R10: 0000000000000028 R11: 0000000000000246 R12: 0000000000000001
[ 1006.993125][T19042] R13: 00007f3f555b6218 R14: 00007f3f555b6180 R15: 00007fff532f08a8
[ 1006.993139][T19042]  </TASK>
[ 1007.259797][T18149] Bluetooth: hci5: command tx timeout
[ 1007.603727][   T30] audit: type=1400 audit(1756253282.536:1709): avc:  denied  { view } for  pid=19046 comm="syz.0.3830" scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:kernel_t tclass=key permissive=1
[ 1008.246224][T18896] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1008.398937][ T5922] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1008.411756][T18896] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1008.421821][T18896] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1008.450551][T18896] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1008.531006][ T5922] usb 2-1: device descriptor read/64, error -71
[ 1008.770011][ T5922] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1008.835896][T18896] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1008.911224][ T5922] usb 2-1: device descriptor read/64, error -71
[ 1008.923778][T18896] 8021q: adding VLAN 0 to HW filter on device team0
[ 1008.975160][ T1090] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1008.982228][ T1090] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1009.021713][ T5922] usb usb2-port1: attempt power cycle
[ 1009.055985][ T1090] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1009.063105][ T1090] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1009.420010][ T5922] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1009.461732][ T5922] usb 2-1: device descriptor read/8, error -71
[ 1009.652210][T18896] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1009.731907][ T5922] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1009.767699][T18896] veth0_vlan: entered promiscuous mode
[ 1009.780315][ T5922] usb 2-1: device descriptor read/8, error -71
[ 1009.789072][   T30] audit: type=1400 audit(1756253284.746:1710): avc:  denied  { append } for  pid=19108 comm="syz.5.3838" name="usbmon5" dev="devtmpfs" ino=731 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1009.813943][T19109] 9pnet_fd: Insufficient options for proto=fd
[ 1009.826540][T18896] veth1_vlan: entered promiscuous mode
[ 1009.963659][T18896] veth0_macvtap: entered promiscuous mode
[ 1009.983502][T18896] veth1_macvtap: entered promiscuous mode
[ 1010.061316][ T5922] usb usb2-port1: unable to enumerate USB device
[ 1010.483718][T18896] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1010.512557][T18896] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1010.538463][T19116] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3839'.
[ 1010.550190][T19116] bpf: Bad value for 'gid'
[ 1010.587475][ T1090] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.718740][ T1090] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.766529][ T1090] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.807924][ T1090] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1010.888330][T17201] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1010.928516][T17201] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.063722][ T1166] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1011.088237][ T1166] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1011.109118][T19132] netlink: 'syz.5.3842': attribute type 1 has an invalid length.
[ 1011.119551][T19132] netlink: 224 bytes leftover after parsing attributes in process `syz.5.3842'.
[ 1011.137830][   T30] audit: type=1400 audit(1756253286.076:1711): avc:  denied  { mounton } for  pid=18896 comm="syz-executor" path="/root/syzkaller.m8QNAV/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=56765 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[ 1011.286074][   T30] audit: type=1400 audit(1756253286.246:1712): avc:  denied  { mount } for  pid=18896 comm="syz-executor" name="/" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[ 1011.400565][T19142] FAULT_INJECTION: forcing a failure.
[ 1011.400565][T19142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1011.428422][T19142] CPU: 0 UID: 0 PID: 19142 Comm: syz.1.3843 Not tainted syzkaller #0 PREEMPT(full) 
[ 1011.428448][T19142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1011.428458][T19142] Call Trace:
[ 1011.428464][T19142]  <TASK>
[ 1011.428471][T19142]  dump_stack_lvl+0x16c/0x1f0
[ 1011.428496][T19142]  should_fail_ex+0x512/0x640
[ 1011.428520][T19142]  _copy_from_user+0x2e/0xd0
[ 1011.428545][T19142]  copy_msghdr_from_user+0x98/0x160
[ 1011.428566][T19142]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1011.428597][T19142]  ___sys_sendmsg+0xfe/0x1d0
[ 1011.428618][T19142]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1011.428666][T19142]  __sys_sendmsg+0x16d/0x220
[ 1011.428685][T19142]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1011.428717][T19142]  do_syscall_64+0xcd/0x4c0
[ 1011.428739][T19142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.428758][T19142] RIP: 0033:0x7f6fcad8ebe9
[ 1011.428773][T19142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1011.428789][T19142] RSP: 002b:00007f6fcbccd038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1011.428807][T19142] RAX: ffffffffffffffda RBX: 00007f6fcafb5fa0 RCX: 00007f6fcad8ebe9
[ 1011.428818][T19142] RDX: 0000000024044884 RSI: 0000200000000300 RDI: 0000000000000003
[ 1011.428829][T19142] RBP: 00007f6fcbccd090 R08: 0000000000000000 R09: 0000000000000000
[ 1011.428840][T19142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1011.428850][T19142] R13: 00007f6fcafb6038 R14: 00007f6fcafb5fa0 R15: 00007fff7a3d3158
[ 1011.428873][T19142]  </TASK>
[ 1012.374814][T19165] netlink: 68 bytes leftover after parsing attributes in process `syz.2.3850'.
[ 1012.385941][T19165] bpf: Bad value for 'gid'
[ 1012.781286][T19174] FAULT_INJECTION: forcing a failure.
[ 1012.781286][T19174] name failslab, interval 1, probability 0, space 0, times 0
[ 1012.795774][T19174] CPU: 0 UID: 0 PID: 19174 Comm: syz.2.3852 Not tainted syzkaller #0 PREEMPT(full) 
[ 1012.795797][T19174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1012.795807][T19174] Call Trace:
[ 1012.795813][T19174]  <TASK>
[ 1012.795820][T19174]  dump_stack_lvl+0x16c/0x1f0
[ 1012.795842][T19174]  should_fail_ex+0x512/0x640
[ 1012.795862][T19174]  ? kmem_cache_alloc_node_noprof+0x5e/0x3b0
[ 1012.795883][T19174]  should_failslab+0xc2/0x120
[ 1012.795903][T19174]  kmem_cache_alloc_node_noprof+0x71/0x3b0
[ 1012.795921][T19174]  ? __alloc_skb+0x2b2/0x380
[ 1012.795942][T19174]  __alloc_skb+0x2b2/0x380
[ 1012.795959][T19174]  ? __pfx___alloc_skb+0x10/0x10
[ 1012.795979][T19174]  ? __pfx_netlink_autobind.isra.0+0x10/0x10
[ 1012.796005][T19174]  netlink_alloc_large_skb+0x69/0x130
[ 1012.796026][T19174]  netlink_sendmsg+0x6a1/0xdd0
[ 1012.796050][T19174]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1012.796079][T19174]  ____sys_sendmsg+0xa98/0xc70
[ 1012.796104][T19174]  ? copy_msghdr_from_user+0x10a/0x160
[ 1012.796122][T19174]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1012.796157][T19174]  ___sys_sendmsg+0x134/0x1d0
[ 1012.796177][T19174]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1012.796223][T19174]  __sys_sendmsg+0x16d/0x220
[ 1012.796242][T19174]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1012.796276][T19174]  do_syscall_64+0xcd/0x4c0
[ 1012.796298][T19174]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1012.796316][T19174] RIP: 0033:0x7f7afb38ebe9
[ 1012.796335][T19174] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1012.796347][T19174] RSP: 002b:00007f7afc225038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1012.796358][T19174] RAX: ffffffffffffffda RBX: 00007f7afb5b5fa0 RCX: 00007f7afb38ebe9
[ 1012.796365][T19174] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[ 1012.796372][T19174] RBP: 00007f7afc225090 R08: 0000000000000000 R09: 0000000000000000
[ 1012.796379][T19174] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1012.796385][T19174] R13: 00007f7afb5b6038 R14: 00007f7afb5b5fa0 R15: 00007ffde158d838
[ 1012.796399][T19174]  </TASK>
[ 1013.029726][  T975] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1013.299906][  T975] usb 4-1: Using ep0 maxpacket: 32
[ 1013.308065][  T975] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[ 1013.317012][  T975] usb 4-1: config 0 has no interface number 0
[ 1013.329746][  T975] usb 4-1: config 0 interface 49 has no altsetting 0
[ 1013.357280][  T975] usb 4-1: New USB device found, idVendor=04eb, idProduct=e004, bcdDevice=58.71
[ 1013.376883][  T975] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.395559][  T975] usb 4-1: Product: syz
[ 1013.405642][  T975] usb 4-1: Manufacturer: syz
[ 1013.410426][  T975] usb 4-1: SerialNumber: syz
[ 1013.428900][  T975] usb 4-1: config 0 descriptor??
[ 1014.563843][T19190] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1014.571577][T19190] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1014.578722][T19169] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1014.615034][T19169] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1014.660725][T19190] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1014.699783][T19190] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1014.703609][T19191] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1014.772523][T19191] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1015.452487][T19206] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1015.759779][    C1] ------------[ cut here ]------------
[ 1015.765517][    C1] workqueue: cannot queue hci_cmd_timeout on wq hci1
[ 1015.772249][    C1] WARNING: CPU: 1 PID: 0 at kernel/workqueue.c:2255 __queue_work+0xd03/0x1160
[ 1015.781096][    C1] Modules linked in:
[ 1015.785138][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1015.794066][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1015.804110][    C1] RIP: 0010:__queue_work+0xd03/0x1160
[ 1015.809476][    C1] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 a0 00 ac 8b e8 be 1e f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 ef 78 38 00 90 0f 0b 90 e9 b4 f5 ff
[ 1015.829079][    C1] RSP: 0018:ffffc90000a08be8 EFLAGS: 00010082
[ 1015.835138][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3358
[ 1015.843101][    C1] RDX: ffff88801e69a440 RSI: ffffffff817a3365 RDI: 0000000000000001
[ 1015.851062][    C1] RBP: ffff888025d7c970 R08: 0000000000000001 R09: 0000000000000000
[ 1015.859023][    C1] R10: 0000000000000000 R11: fffffffffffffcc0 R12: 1ffff9200014118f
[ 1015.866984][    C1] R13: 0000000000000101 R14: ffffffff81832460 R15: ffff88805e299978
[ 1015.874945][    C1] FS:  0000000000000000(0000) GS:ffff8881247b9000(0000) knlGS:0000000000000000
[ 1015.883865][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1015.890442][    C1] CR2: 0000001b2dffeff8 CR3: 000000003174b000 CR4: 00000000003526f0
[ 1015.898405][    C1] Call Trace:
[ 1015.901672][    C1]  <IRQ>
[ 1015.904516][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1015.910318][    C1]  call_timer_fn+0x197/0x620
[ 1015.914913][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1015.920030][    C1]  ? __run_timers+0x559/0x960
[ 1015.924706][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1015.930507][    C1]  __run_timers+0x569/0x960
[ 1015.935020][    C1]  ? __pfx___run_timers+0x10/0x10
[ 1015.940058][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1015.945685][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1015.950885][    C1]  run_timer_base+0x114/0x190
[ 1015.955567][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 1015.960772][    C1]  run_timer_softirq+0x1a/0x40
[ 1015.965539][    C1]  handle_softirqs+0x216/0x8e0
[ 1015.970305][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1015.975589][    C1]  __irq_exit_rcu+0x109/0x170
[ 1015.980264][    C1]  irq_exit_rcu+0x9/0x30
[ 1015.984502][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1015.990142][    C1]  </IRQ>
[ 1015.993055][    C1]  <TASK>
[ 1015.995966][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1016.001931][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1016.007546][    C1] Code: 4c 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 52 16 00 fb f4 <e9> 4c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1016.027132][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[ 1016.033176][    C1] RAX: 0000000004ee9435 RBX: 0000000000000001 RCX: ffffffff8b93bc29
[ 1016.041136][    C1] RDX: 0000000000000000 RSI: ffffffff8de50220 RDI: ffffffff8c162900
[ 1016.049090][    C1] RBP: ffffed1003cd3488 R08: 0000000000000001 R09: ffffed10170a6655
[ 1016.057044][    C1] R10: ffff8880b85332ab R11: 0000000000000000 R12: 0000000000000001
[ 1016.064992][    C1] R13: ffff88801e69a440 R14: ffffffff90ab4c90 R15: 0000000000000000
[ 1016.072946][    C1]  ? ct_kernel_exit+0x139/0x190
[ 1016.077784][    C1]  default_idle+0x13/0x20
[ 1016.082096][    C1]  default_idle_call+0x6d/0xb0
[ 1016.086839][    C1]  do_idle+0x391/0x510
[ 1016.090894][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1016.095468][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[ 1016.100651][    C1]  cpu_startup_entry+0x4f/0x60
[ 1016.105398][    C1]  start_secondary+0x21d/0x2b0
[ 1016.110147][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 1016.115421][    C1]  common_startup_64+0x13e/0x148
[ 1016.120355][    C1]  </TASK>
[ 1016.123356][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1016.130614][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[ 1016.139524][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1016.149555][    C1] Call Trace:
[ 1016.152812][    C1]  <IRQ>
[ 1016.155638][    C1]  dump_stack_lvl+0x3d/0x1f0
[ 1016.160217][    C1]  vpanic+0x6e8/0x7a0
[ 1016.164186][    C1]  ? __pfx_vpanic+0x10/0x10
[ 1016.168684][    C1]  ? __queue_work+0xd03/0x1160
[ 1016.173429][    C1]  panic+0xca/0xd0
[ 1016.177135][    C1]  ? __pfx_panic+0x10/0x10
[ 1016.181541][    C1]  ? check_panic_on_warn+0x1f/0xb0
[ 1016.186631][    C1]  check_panic_on_warn+0xab/0xb0
[ 1016.191548][    C1]  __warn+0xf6/0x3c0
[ 1016.195439][    C1]  ? __queue_work+0xd03/0x1160
[ 1016.200185][    C1]  report_bug+0x3c3/0x580
[ 1016.204494][    C1]  ? __queue_work+0xd03/0x1160
[ 1016.209241][    C1]  handle_bug+0x184/0x210
[ 1016.213552][    C1]  exc_invalid_op+0x17/0x50
[ 1016.218040][    C1]  asm_exc_invalid_op+0x1a/0x20
[ 1016.222870][    C1] RIP: 0010:__queue_work+0xd03/0x1160
[ 1016.228220][    C1] Code: 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 4b 04 00 00 48 8b 75 18 4c 89 fa 48 c7 c7 a0 00 ac 8b e8 be 1e f7 ff 90 <0f> 0b 90 90 e9 2f f7 ff ff e8 ef 78 38 00 90 0f 0b 90 e9 b4 f5 ff
[ 1016.247808][    C1] RSP: 0018:ffffc90000a08be8 EFLAGS: 00010082
[ 1016.253856][    C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817a3358
[ 1016.261807][    C1] RDX: ffff88801e69a440 RSI: ffffffff817a3365 RDI: 0000000000000001
[ 1016.269756][    C1] RBP: ffff888025d7c970 R08: 0000000000000001 R09: 0000000000000000
[ 1016.277709][    C1] R10: 0000000000000000 R11: fffffffffffffcc0 R12: 1ffff9200014118f
[ 1016.285658][    C1] R13: 0000000000000101 R14: ffffffff81832460 R15: ffff88805e299978
[ 1016.293607][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1016.299398][    C1]  ? __warn_printk+0x198/0x350
[ 1016.304144][    C1]  ? __warn_printk+0x1a5/0x350
[ 1016.308894][    C1]  ? __queue_work+0xd02/0x1160
[ 1016.313640][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1016.319430][    C1]  call_timer_fn+0x197/0x620
[ 1016.324008][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1016.329108][    C1]  ? __run_timers+0x559/0x960
[ 1016.333772][    C1]  ? __pfx_delayed_work_timer_fn+0x10/0x10
[ 1016.339561][    C1]  __run_timers+0x569/0x960
[ 1016.344054][    C1]  ? __pfx___run_timers+0x10/0x10
[ 1016.349162][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1016.354774][    C1]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1016.359961][    C1]  run_timer_base+0x114/0x190
[ 1016.364621][    C1]  ? __pfx_run_timer_base+0x10/0x10
[ 1016.369809][    C1]  run_timer_softirq+0x1a/0x40
[ 1016.374559][    C1]  handle_softirqs+0x216/0x8e0
[ 1016.379307][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1016.384577][    C1]  __irq_exit_rcu+0x109/0x170
[ 1016.389235][    C1]  irq_exit_rcu+0x9/0x30
[ 1016.393457][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[ 1016.399067][    C1]  </IRQ>
[ 1016.401980][    C1]  <TASK>
[ 1016.404891][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1016.410849][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1016.416460][    C1] Code: 4c 62 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d d3 52 16 00 fb f4 <e9> 4c 09 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1016.436045][    C1] RSP: 0018:ffffc90000197df8 EFLAGS: 000002c2
[ 1016.442091][    C1] RAX: 0000000004ee9435 RBX: 0000000000000001 RCX: ffffffff8b93bc29
[ 1016.450046][    C1] RDX: 0000000000000000 RSI: ffffffff8de50220 RDI: ffffffff8c162900
[ 1016.458005][    C1] RBP: ffffed1003cd3488 R08: 0000000000000001 R09: ffffed10170a6655
[ 1016.465956][    C1] R10: ffff8880b85332ab R11: 0000000000000000 R12: 0000000000000001
[ 1016.473908][    C1] R13: ffff88801e69a440 R14: ffffffff90ab4c90 R15: 0000000000000000
[ 1016.481863][    C1]  ? ct_kernel_exit+0x139/0x190
[ 1016.486699][    C1]  default_idle+0x13/0x20
[ 1016.491011][    C1]  default_idle_call+0x6d/0xb0
[ 1016.495759][    C1]  do_idle+0x391/0x510
[ 1016.499818][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1016.504394][    C1]  ? trace_sched_exit_tp+0x2f/0x120
[ 1016.509578][    C1]  cpu_startup_entry+0x4f/0x60
[ 1016.514325][    C1]  start_secondary+0x21d/0x2b0
[ 1016.519075][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 1016.524352][    C1]  common_startup_64+0x13e/0x148
[ 1016.529280][    C1]  </TASK>
[ 1016.532461][    C1] Kernel Offset: disabled
[ 1016.536761][    C1] Rebooting in 86400 seconds..