last executing test programs:

13.20513597s ago: executing program 1 (id=2123):
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2, 0xa8d4}}, './file0\x00'})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="0500", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffff"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r1 = add_key$user(&(0x7f00000002c0), &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELSETELEM={0x660, 0xe, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x64c, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}, {0x10c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x80, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x15, 0x1, "3daec1a55c0b2285e18fe92a7dc813ad99"}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}]}, @NFTA_SET_ELEM_KEY={0x88, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xe5f1f0bec8532adc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x2}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}]}, {0xe8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x85, 0x6, 0x1, 0x0, "a58c298eeee729823e41f05798f37b2b7186a7ca20ef737f4a46957a1dbb194046b77a09f7493e790b3cf4bd04f1762226149af6ace57aeeb96c5d216bc929b9e96d4027ab296010271db32d51b6d49aa334e616df2442d65f0119ebad22fd8bb84d3bda6348aee4a045d1b95939a3c19aa488f1418662286e15fa1e68a91075c1"}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_EXPR={0x14, 0x7, 0x0, 0x1, @notrack={{0xc}, @val={0x4}}}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @hash={{0x9}, @void}}, @NFTA_SET_ELEM_EXPRESSIONS={0x2c, 0xb, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_SNAPLEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_LOG_QTHRESHOLD={0x6, 0x4, 0x1, 0x0, 0x401}]}}}]}]}, {0x238, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_DATA={0x9c, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x95, 0x1, "45628131e548af323eb407a2332ca768cd61bdb70b5b81e2316bcc7dfdeec386d6098e72b1ad56495b264751b0eab02565bd12d4adcf52b9dab2a5b47b81f0c16f92df32a3d7fbf2f8b32ca0bf78e19b20b96e547210d66b55db1cc754ef91c3eec538f24a33f737d59c939c218e121eb98f0950e82d080cc67ee9bc32e9878efab09f5a415b26ee2841e21ff9a37004ad"}]}, @NFTA_SET_ELEM_EXPR={0x24, 0x7, 0x0, 0x1, @tunnel={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_MODE={0x8}, @NFTA_TUNNEL_MODE={0x8}]}}}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x2e}, @NFTA_SET_ELEM_KEY_END={0x150, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x51, 0x1, "46edbaa59f88d43284466deea29b87e4266fa37c3834c96b11119dedbaeb287b4d73cb83245308db4a54edc9986fbb5da33a88f0fbae2c3b1de0409db4c1797e862d249740e6b93cd96edae74b"}, @NFTA_DATA_VALUE={0x91, 0x1, "6eeeedffb65051319f6f7188b5c8abc7dd193fb5a489a1a491720291f11cd61b66d93b73e4508cfb32d21103f4fa0736b2610da07c93aeef6678144ed36fb75162785297bd26f950e09350686a6776c0b1874126126719ffef310826e1b3af3af044b545c5c55f81a7261884a3874b66f0336c3c2e073bb80f2e329299d489c6b422638d01dd7754027651d39b"}]}]}, {0x210, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x25, 0x6, 0x1, 0x0, "11474104fb3cf51b1f03616fd6bebbbba17e8868b2247047bbebc8ca3be2668dba"}, @NFTA_SET_ELEM_KEY_END={0x90, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_KEY_END={0x130, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc9, 0x1, "7a9ac981bace9710c6b249485ac5c8d0588e36733c96e4c638200bd415ab5e02cdd782aec0d447fe03680732ef31c65b7b7c79c12f780ce8aa8c4b341b1c81ea53de1e0c14e9f69982cd428cc7b112fc5b51d5252aea2eb9778bda1b520dba82e5ee8e2441d8a5adaaf37591985e7b4ab8f694557b4212c29fd3a23b6041cae6e7247bb4d6cdba5982cca43d993b963a8fcd72d13e7a2cc1d31c8dbdb1192367890d96d9e9d824f6c899b1515ab1c19bd4eefabf7af962c812ad25b5066e61feea3fcc15e1"}, @NFTA_DATA_VALUE={0x5d, 0x1, "f71e947dbba301fd92c2365833a081cf002ad4f33ff1f180ce2c18950f1f6c0816db72e4a91da1d6eb6be96cbd4bebd6d27654637108a35a6f5833b840494cc46a27fe397c2bba9e90eafdea01262d98e7c1fba26a922b6e43"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x6a8}, 0x1, 0x0, 0x0, 0x40000}, 0x40040c0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0, 0x3a}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.938694307s ago: executing program 0 (id=2176):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000000)={"6d1aaa2e2d4bfdbb784e474a691b5107", 0x0, 0x0, {0x3, 0xe926}, {0x4, 0x1}, 0x5, [0x0, 0x10, 0x8, 0x9, 0x8000000000000001, 0x8000000000000001, 0x5, 0x1, 0x5, 0x801, 0x400, 0x10000000000, 0x0, 0x6995, 0x1, 0x4]})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000001000001"], 0xfdef)

3.591720726s ago: executing program 0 (id=2180):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000400000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a01040000000000000000010000001400048010000180090001006d6173710000000008000b40000000000900010073797a30000000001400"], 0xcc}, 0x1, 0x0, 0x0, 0x880}, 0x0)

3.459987331s ago: executing program 1 (id=2124):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x0, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x10b}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000000700)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000440)={@flat=@weak_handle, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x2, 0x1}}, &(0x7f00000003c0)={0x0, 0xfffffffffffffff8, 0x30}}}], 0x700, 0x0, 0x0})

3.459742857s ago: executing program 0 (id=2183):
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000a40), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000040)={&(0x7f0000000a80)="61f245cafab21e55697298a0ae35e18d14dd4b6592fa14c0489b858840d12654fb8ddbd1563e581b6a29f56e6127a48c40b95af04e135572e6084e5706e88f02b4440c32e93c31603beb0bc2616de2e7f2a3936b7862df4bc4178710a61eb2e0e7b4ac16cde4477d10653b0d6afde80c950848626b7296ec902f7dc875cbb34a73638a2a48eec75667340826ad84022664c0039de213dc5054b5ecc2ea3c385fe8cdeb814e4eb6262fb39fb637c13a6c1b401f1eafc7a09d49980e60e5caca3520ffeeaf9b20a67d680c7ade66ff7398725ab5bfeed67b48888284c03f6c5331b33f5bd12b10f2c9f8a82549939fbf23caba0dfe1cd962f5e97d9a7dbfed7b25dfcd025cafb3c3b34bde13e2cf3684db786b56929bd381fa5e178b268005224cf7d79103524ec32d22509292501062fd2a907f9eb1a564bcb58da00933f9fb49af10ce55617b9edfad6ca5f9060623e0d6fb73aa68c9b5190dc671968ecbf752962f6e3f0ef6b3ff918603cd511ec00dc67ba004c6469380f5c5390226ccd5ebb934a63c103e4fb6b69c42a6e8e8aa434fd0c787de018fc1e25189ba81be91c80d5e3c9d021baa3cb3abaf755b79e41a8604392c68a018e1750ab6d54608969f3c9273b1a08c3b8d7d9b6f03f4bd3a6c64790617d72a891556cba509f21f992c59db9f78853421fb9ec4ddb2fe782f5da26c038626f26d1e4fda289cea520d44630b041e18ea2ecf56852c25f1ddf3bbaed2c17ba898575431134ee7c27fbf8548dfd63364b8beae267085bfa964786745134ae2b64c4a263f885c198952e795c17e04f0d9e4360de13ae3f2481e6d234bb5c54e03d5e0cb27e5b610ea2c0d85d21bc66e5c861f1e8ba66620cb6f590b2fe294013923b7fc9b170f449e7873bb9aa14cf7421e61feaaeb349a2acb5816a51325f45065b035be05f4498e77eb5e875c03b0c41061caadee14eb2764a5846ba0cab400e1676f533abc56930e5acccf331b0611af1e2947b11820d32e142ca885f4df233678ccbcfa63e5cfa708adcfefa34f059f81f14a5ef2538ef446feec5c78828c618576b18b86c7ee37d8182a8dee51d5dd199cd2ee915f5e25be2885822ab3e5b988786764e611f0bb1214bb9d825c9c4e15c061acf2b4e7361831e0fe9fc409e0004631ab31c42bfd962ba7a0e475f3a91643ce65d2efb94976b14fcf7d21c93bd9208b7bb7a3dfc4444cf14d127401c6892ba93ac786476e0885f028ae6141de817d3517cce625eebb50e2c1e5e64ffc50da4d2eaa605501769e4c1a40fd9da7da178b4bf468942514082773698770ef455ea263fefa4fb258c15afb076c7979296f901e84a2b71eb63cb3d9dfd9abb3e1f8f657070d75541c20476f37e14ca43014ef80b33eeca91ace604ec2051d73ec2f69ffa14bcd79ea577e9676825094606343d31874111fbc535d28fa7a9e379d38226001e241d3515e1d63ba56f1eebe8ea788c4d768f4c4fbbaf834ca3f21460613d768dacf2a27778dc2b4598726646b8c06b6e4d38162720c807724f92bdc9f0b0f5d303d5a5a3998aa270a6760c7651df601bc42c78dd9bd53ee960cf80a30a6b7a1a880d37ff31fb2c9bb0c591bba3ef8228a0506f45065c65b131aff8da8eebbd6754b9e5601632da39c329a229062a94833b23c97371d510a19e2d3b5bc516e3d3c8601495fbeecc16c5c50ba6c435974e8275d372add206964f29997b515f63f50121029e61f47db19fc63b07d0f059ca686e80fb6c294667affaea2daff241bdd0945bfbfe28643136bcea9aa345d482fc3b9d872b482463b92b25f0e5157be3fd8b7a328f327ddfa5c05a6f172deb795f19b9f2091386acb060f170540bfa898057c206d81afd85701b8ee030076bc3782d7d8f6673111baf80818aeca7e5944d91a7f4fce840303867ea18d2b92d74c67157284c787fcfde780fc9a53ae5560e101ef125ce707d34f957072958dc9916492e73a90a10f660a221a7c6730ac0ac01e37d54f058b64f41a46be5320800172e2c9fda248a2964548ddf1f53599027c29ede6079a72d454bcf4403808111d00cb4e3aadd060c333e57c64a70bdfbb572fe228538c82ab427416cdcce1dd643ece610ca7042e2a164d3dfdabb966f1a8fc875cd002920321dac62e25f38cb0031e4de6324b0db402b12c4b0e335898e21b7b326ebbeec0b4bc21ef2dd6f9755e8ff35602d30189ae3efe9c487aec2ce90dbbe790c919b77036240786f3fe9441204b81bc43b5f5cbede75702a1c28ab16d2f578dddb3624f596b5b82e2f26b63966ddc78c8ffa13a23b6c4ee2c741820b9738fe881ddeeeba60fa4221885be55a6fdaa0b90b246f5959b844afd6898bc8c0a75fc45fb968d6e8ea6831d15808b23904355c62a8590d1ba51cdb051bd5ccc1b62a8ca520af60daefae7f7f1dcc90a02ab3af5307fcd5fed9af7d9b192f080be6ded768c6d1d4ea0ba5cc996e5c24b8048eeaea09cabcf1c0488a357280395cfc5394ba160c439dda0a7f4ed182d3f33a4addb1c74d7d797179c633013b24c7e0cd2f4b86904bd1d70a4821c7ff619455953d820e1594c7136e66c260c868776129eddedfdec5ebb0da2e5207215f9c47d7bf74319661311232ca1d108da00df2d07ff5720c474981cb54bd185448ae0e3d9d3194614ae67bdb24122cb2207be610456c35ba6e11429a3a6c266b4bfd905c7534de4fe03ac5063cbb08b3a75137e59e3e8b3fee3989bfb0735ea6f948371a60efff49ea51d5825dd61ef9a0b735fc859c9b003325fe6e3a5fdb8d2cf51e2e9a4c73a8af3a702a83d57d3ddb81d5e9342c97f143ed28228c16a1625d8ba4f0ffddc968f37cb07ea09d35703f920cf4e7a1394b7f18e6f2508a4c90acc92710ddce1e7a9a22ad2d540f669411b263b3e20b07131cc17cf20ae8030de00862bdc33b7eb4f8122c47c833e73aed84199e5d584625570193e18c3d165dae7941d17cc07034a2a5c67c708d6c96f9c5595800dfb65f42c413716b952d42727e7117915b359d1f1c0a64f0ee4b4a0bfbc4e9fc794cd02369e9594acb7805a155ec03505df719aa47e5da38fd3ab736fa76acee10abd1b220b32436260f2ab86f7d0c20fd9b3a1e63b9b3dbd91e7579fec104f5a714f4d0a00a03a1848c58508e8ec27c7fa04d3baf64e1258bd1d72465f3a64c793b3e09a97ca1a2efbac7adb6228ef4588be15afc21c80905a26a22f4db7940b9369051dde4e24008a5f7b943d769578ffa46572435c2076c60096252f3b3b5fe6d8f4579d11c9c71cbf7444c661306fa07dd01e670fa8d24071b09d6e74a268a0d43aef3b7f8e126900bf2e21304785712f327275a2e16febd4faaaacce68b92dcc3c27ca035bb4210408a34103719c82d33c8b43dd9a46cc0420a533b906317fb817ef6164286b8ddacee6191027bfa9ed19746c8401bab93d08d028fd9e2203cccf56b22042c402e8a438ed226112fa71d02c4537d4156a3af28ab4ffcf19309d283902f1e70f42d6713782c5e468a086fdb5c8b3e15de36acc4469ec42ea23a1e5e8e399f4d4be71dd4b4c268db2ab91b68ceafb95cbba36228e59bc0cd7f987a2ad4bbd23b67acabb26a0f4c694ff320f2275042c85ef256aeef306cf5e2803d6c55827011e2f98d0e80819e0039a71cc9c59464f209afa7891a359a3f9efb4bba2a18fd013e8664a6bec7e717ffe2f0c06f7268862696cfae0fe6fab5b1a2921c0e29aaa8638f6a18d1cbaaa4aa0d76f66fa9f44511e631f2fde8024210eb39f545a648c1b77ab04a7d110edbd1dce3939b4dee867df3cb3107fffe5ab22fe5e32b38447d32094259cee40c9a5254df72cbd7a29188d7285facd6e2f5c78ee9d11645cf026e99162da9c2d148373018fe8e052ffccc4e3952e86228d7835a3bc9b4a5c6099dd3e802b059ef2225cbe4664458729c78032e184b61a089870c6b3c2bf2e5df6bd65bc195e1ccbe58b9a6dde49897ab59dd269a737f04e37e34d3d10c3b01c744a742d52da1bceca63fcbecc136a80bf3ca1df2f226de073b67a0b646674744acd14d5dab9929f2cb804637ebf211f2b3a8b959723808904e9044deb551b2613c1e501385693e7abff809b641c02107187cf1bd1c9571a9023942f0c78c467611193a7e6900eefc49fded206630336cd8d2849731b73798d9258be75b843f051679e6bd541c78457db5470d3d494f333a81b3ed26b57f9f7726275c12f192f4b1d9615c7fe3e0bb22fb47ae1effea3bd2a0a379593a25f933c8af1f14d08bd8ca692c9af3eaee136664e1829204c171ad6e50fa928a3c1f5ee2c14f984884c2cb0256acfa6172d030940f3f9f99443c730b0f070192d36fb83b3d470cf3098bd8b0f09eb6d1b58efbde00305c3a50e00df17b9963f1c06f26b48e4a166073f3f3119ed2b56af1f8c056c07f65ffc3f2e81efa22f97c66998b35bb2af3ce2d89af5f5b1368ce9148937f826c3ef81a116382bd3f53e26f210aed545f38c1e21400957b824eaa95bb401ef308852c7e5015b89244a403308de785a81739634161e33d79435f18cf378bd9f5eb59b40a55abe627f6944ec239f80fc15526e7f1b2c2949a85b8c15a299cee1c86f61746a4eae3dc5f347225f1965cf09d4457b1a1b692fb108a681607d6276c4a6cf35709dc95aa249ae245a0435c481cbae672037aefc82fee9f249e643e658d173aea1d99e361f383dd674a5f2a6525755eaba2d59928a8d9e2eb1aafd129cb4c2cefd5da0213d900efa938e937a7c4e62243eeb3f5f43be35323f63b0b1ac2a298fcfbf71129da3465e488f52b82ec725bdf2fd943e09004c62abf5332139fb38b797756c5e9de926da21f8d77408ea740cf5ec8a657eae110df0550c6ca2585e0cdd5de1e986da91ca1d112f0d5397fdc612b2163164dedddf60c1e3dcd94195b65f50a9c86fb7b67b91dc7c0b8ab3d1c254663fc09ad5fd2c97221f1c6032557ff0a2fc441b71b3a6a6c52efded4133c8d57ce15523550237e7fef838d66cd77c48a743b2a2cc7c1f0ef3d520eb7ce9c086d73c352fe311337b3558a6985660a19ac852edceed56e3e9bb49b8a788eaa3f9be70b3fd1e764888a35a6c874256f9a8e53790281e30fdc1ed35ef03e9bd805ba3ef6ad07c3eef31fadcaba39c9b793e15d04f096c62f6282e8fc4aa31b275bc7fe5dce144ba736151d046b1285b698422ae84ae222e835e2ea80791082cd1742385764a0b047fcadfd8da7acc8f820dd50444fbbecb18ff5c9df10e08609d4b0f76ce14dc8ab056227e3604b3933df593a1b961fba44678131c958b15246e5054465bfffba1cb05c8d4a3ce7a3473d88c9213b5d8fcef3c46f8650fec5077bffaf9b469051b0e5aa7b55f863f0919ca310505a063890b1560597aac6ca1ed9a7c7ed8e894597098cc9333d687bd8e1b4539bb9f74d034d2fc316ef806d67bcec412fb485a03f87cb89d122809fc55f1a7fb35a74440d661ee736340cdbe70141214e899cf9f907a2463f995d21e2d1d25fe92b47ea198f467bf5e775104bbb0ed11534ef25eabdd6b14e8961ee0534f5ab504151f1b2f1853f7229e07131696deb538114d51df2d5c4145bb53d7292e1544c3075806980d5d595528dcf1ce6d4d35470331f00a7bb00e4a1b38982f5dbd2114715a3bd23fa9dbadfe2970853a89d1abb9ae5d4f3bab355691c3ccbbe4bcb2e44425d6c2c3dc3ddd8d43872a6063f111c1c7e6ed4449b39bbd6df92ed4a0e4808ffad0391f89b509f683061bcbe06369e47d43e9", 0x1000, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r3, 0xc01064ac, &(0x7f0000000000)={r4, 0x1000, &(0x7f0000002a80)=""/4096})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.276058704s ago: executing program 1 (id=2185):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x40, 0x22d4, 0x1503, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xff, 0x50, 0x9, "", [{{0x9, 0x4, 0x0, 0xd, 0x1, 0x3, 0x1, 0x2, 0x0, {0x9, 0x21, 0xff7f, 0x79, 0x1, {0x22, 0xfb1}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x9, 0xf9}}}}}]}}]}}, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x3b, 0x0}]})
syz_usb_connect(0x5, 0x35, &(0x7f0000000500)=ANY=[@ANYBLOB="120100004aaf36207205a5580a27010203010902230001000000000904010901a37d7e03090500004000020401080b"], 0x0) (async, rerun: 64)
move_pages(0x0, 0x1efe, &(0x7f0000000080), 0x0, &(0x7f0000000040), 0x0) (async, rerun: 64)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_VERSION(r1, 0xc0106407, &(0x7f0000000000)={0xffffffff, 0x0, 0x1, 0xfdfdffff}) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$hid(r0, &(0x7f0000004600)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x1, {[@main=@item_012={0x0, 0x0, 0xc}]}}, 0x0}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

2.506193223s ago: executing program 2 (id=2187):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000000)={"6d1aaa2e2d4bfdbb784e474a691b5107", 0x0, 0x0, {0x3, 0xe926}, {0x4, 0x1}, 0x5, [0x0, 0x10, 0x8, 0x9, 0x8000000000000001, 0x8000000000000001, 0x5, 0x1, 0x5, 0x801, 0x400, 0x10000000000, 0x0, 0x6995, 0x1, 0x4]})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000002000001"], 0xfdef)

2.431038389s ago: executing program 0 (id=2188):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$int_in(r0, 0x5452, &(0x7f0000000080)=0x4)
close(0x3)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x1c1842, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r2, 0x4)
copy_file_range(r2, 0x0, r1, 0x0, 0xffffffffa003e459, 0x700000000000000)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r4 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r3, &(0x7f0000000240)=ANY=[@ANYBLOB="080008000700000000031400000045f0801600000058532f907800000000ffffffffa20022eb", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="1000000090780000"], 0xfdef)

2.327487152s ago: executing program 2 (id=2189):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x44084)
ioctl$KVM_RUN(r2, 0xae80, 0xfd7f000000000000)

2.135199132s ago: executing program 0 (id=2191):
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0) (async)
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc) (async)
r1 = socket$netlink(0x10, 0x3, 0x0) (async)
r2 = getpgid(0xffffffffffffffff)
syz_open_procfs$namespace(r2, &(0x7f0000000080)='ns/net\x00')
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) (async)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x200000000000000)

2.047841846s ago: executing program 2 (id=2193):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x0, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}, @flat=@binder={0x73622a85, 0x10b}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r0, 0x10000000000)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000000700)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000440)={@flat=@weak_handle, @fd={0x66642a85, 0x0, r1}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x2, 0x1}}, &(0x7f00000003c0)={0x0, 0xfffffffffffffff8, 0x30}}}], 0x4000, 0x0, 0x0})

2.006949188s ago: executing program 0 (id=2194):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
io_submit(r1, 0x0, &(0x7f0000000340))
io_cancel(r1, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x5, 0x203, 0xffffffffffffffff, 0x0, 0x0, 0x2000203}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'dvmrp0\x00', <r2=>0x0})
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f00000000c0)={@dev={0xfe, 0x80, '\x00', 0x28}, r2}, 0x14)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000800), 0x0, &(0x7f0000000100)=[@cred={{0x1c}}, @cred={{0x1c}}], 0x40}, 0x0)
write(0xffffffffffffffff, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe0000000000000008000f00fd000000", 0x85)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000140)={<r3=>0x0, 0x740}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000300)={<r4=>r3, 0x400, 0x30}, &(0x7f0000000380)=0xc)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000200)={r4, @in6={{0xa, 0x4e22, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x6}}, 0x6, 0x8001}, &(0x7f00000002c0)=0x90)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000080)={'sit0\x00'})
r5 = syz_open_dev$dvb_frontend(&(0x7f0000000040), 0x1, 0x400080)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000340)={'wg0\x00', <r6=>0x0})
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x15, &(0x7f00000003c0)={@private2, r6}, 0x14)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000048000000030a010200000000000000000100000009000300735a7a320000000014000480080002400000000408000140000000000900010073797a300000000008000a400000000228000000060a010400000000000000000100000008000b40000000000900010073797a30", @ANYRESOCT=r7, @ANYRES16=r6, @ANYRES16=r5], 0xb8}}, 0x0)
r8 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000001018610f4205ae06d6c011703010902240001010000000904690202ff5aa30009050402100000fa000905820240"], 0x0)
syz_usb_control_io$printer(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
r9 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200), 0x1, 0x0)
write$vga_arbiter(r9, &(0x7f0000005440)=ANY=[@ANYBLOB='k none\x00'], 0xd)
r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r10, &(0x7f0000000180)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write(r10, &(0x7f0000000000)="38000000010001", 0x7)
r11 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$CEC_DQEVENT(r11, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r11, 0xc0506107, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2062, 0x0, 0x0)

1.950430307s ago: executing program 3 (id=2195):
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x2, 0xa8d4}}, './file0\x00'})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="0500", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffff"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r1 = add_key$user(&(0x7f00000002c0), &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000880)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x801, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELSETELEM={0x6a8, 0xe, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x694, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x7}]}, {0x10c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY_END={0x80, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x18, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VALUE={0x15, 0x1, "3daec1a55c0b2285e18fe92a7dc813ad99"}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}]}, @NFTA_SET_ELEM_KEY={0x88, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xe5f1f0bec8532adc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VERDICT={0x30, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0x2}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}]}, {0xe8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x85, 0x6, 0x1, 0x0, "a58c298eeee729823e41f05798f37b2b7186a7ca20ef737f4a46957a1dbb194046b77a09f7493e790b3cf4bd04f1762226149af6ace57aeeb96c5d216bc929b9e96d4027ab296010271db32d51b6d49aa334e616df2442d65f0119ebad22fd8bb84d3bda6348aee4a045d1b95939a3c19aa488f1418662286e15fa1e68a91075c1"}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_EXPR={0x14, 0x7, 0x0, 0x1, @notrack={{0xc}, @val={0x4}}}, @NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @hash={{0x9}, @void}}, @NFTA_SET_ELEM_EXPRESSIONS={0x2c, 0xb, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @log={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_LOG_QTHRESHOLD={0x6}, @NFTA_LOG_SNAPLEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_LOG_QTHRESHOLD={0x6, 0x4, 0x1, 0x0, 0x401}]}}}]}]}, {0x280, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_DATA={0xe4, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x47, 0x1, "f21197156e4592ae7bc9eabe9cccf12f035da1c9504b74ad60c9c6e0853f78e5d955b9f8856ab7d2096ca07c02d28c789cd4f2c5e87642a80cf75c73ba34a873bc4a9a"}, @NFTA_DATA_VALUE={0x95, 0x1, "45628131e548af323eb407a2332ca768cd61bdb70b5b81e2316bcc7dfdeec386d6098e72b1ad56495b264751b0eab02565bd12d4adcf52b9dab2a5b47b81f0c16f92df32a3d7fbf2f8b32ca0bf78e19b20b96e547210d66b55db1cc754ef91c3eec538f24a33f737d59c939c218e121eb98f0950e82d080cc67ee9bc32e9878efab09f5a415b26ee2841e21ff9a37004ad"}]}, @NFTA_SET_ELEM_EXPR={0x24, 0x7, 0x0, 0x1, @tunnel={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_MODE={0x8}, @NFTA_TUNNEL_MODE={0x8}]}}}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz1\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x2e}, @NFTA_SET_ELEM_KEY_END={0x150, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x40, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}]}, @NFTA_DATA_VERDICT={0x24, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}, @NFTA_DATA_VALUE={0x51, 0x1, "46edbaa59f88d43284466deea29b87e4266fa37c3834c96b11119dedbaeb287b4d73cb83245308db4a54edc9986fbb5da33a88f0fbae2c3b1de0409db4c1797e862d249740e6b93cd96edae74b"}, @NFTA_DATA_VALUE={0x91, 0x1, "6eeeedffb65051319f6f7188b5c8abc7dd193fb5a489a1a491720291f11cd61b66d93b73e4508cfb32d21103f4fa0736b2610da07c93aeef6678144ed36fb75162785297bd26f950e09350686a6776c0b1874126126719ffef310826e1b3af3af044b545c5c55f81a7261884a3874b66f0336c3c2e073bb80f2e329299d489c6b422638d01dd7754027651d39b"}]}]}, {0x210, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x25, 0x6, 0x1, 0x0, "11474104fb3cf51b1f03616fd6bebbbba17e8868b2247047bbebc8ca3be2668dba"}, @NFTA_SET_ELEM_KEY_END={0x90, 0xa, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x58, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}]}, @NFTA_DATA_VERDICT={0x34, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}]}]}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_KEY_END={0x130, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xc9, 0x1, "7a9ac981bace9710c6b249485ac5c8d0588e36733c96e4c638200bd415ab5e02cdd782aec0d447fe03680732ef31c65b7b7c79c12f780ce8aa8c4b341b1c81ea53de1e0c14e9f69982cd428cc7b112fc5b51d5252aea2eb9778bda1b520dba82e5ee8e2441d8a5adaaf37591985e7b4ab8f694557b4212c29fd3a23b6041cae6e7247bb4d6cdba5982cca43d993b963a8fcd72d13e7a2cc1d31c8dbdb1192367890d96d9e9d824f6c899b1515ab1c19bd4eefabf7af962c812ad25b5066e61feea3fcc15e1"}, @NFTA_DATA_VALUE={0x5d, 0x1, "f71e947dbba301fd92c2365833a081cf002ad4f33ff1f180ce2c18950f1f6c0816db72e4a91da1d6eb6be96cbd4bebd6d27654637108a35a6f5833b840494cc46a27fe397c2bba9e90eafdea01262d98e7c1fba26a922b6e43"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x6f0}, 0x1, 0x0, 0x0, 0x40000}, 0x40040c0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0, 0x3a}], 0x1, 0x8, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.863625513s ago: executing program 2 (id=2196):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x80000000, 0x0, 'queue0\x00', 0x32a})
write$sndseq(r1, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x1000000]}}], 0x1001a)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x6, 0x20000006, 0x0, 0x0, 0xd})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)

1.863171432s ago: executing program 1 (id=2197):
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x0, 0x2})
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x87, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24660f38816810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f21f835030009000f23f8450f2244c4417c50cc"}}], 0x87})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e04790620"], 0x7)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x400000, 0xbf2, &(0x7f0000000240), 0x0})
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000002040)=0x4)
r1 = syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105511, &(0x7f00000000c0)={{0xc, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x7, 0x100, 0x7ffc, 0x0, 0x9, 0x100000000, 0x0, 0x4, 0x8, 0x0, 0xc3, 0x7f, 0x1, 0x0, 0x8000000, 0x0, 0x8, 0x0, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0x0, 0x3, 0x100000000, 0xffffffffffffffff, 0x0, 0x5, 0x4, 0x4, 0x10000002, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0xfffffffe, 0x12, 0x6, 0xfffffdfffffffffe, 0x4, 0x800000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xb4e, 0xffffffff, 0x0, 0xfffffffc, 0x1, 0x0, 0x0, 0xd87, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0xdf9cd8e, 0x8000200, 0x6, 0x5, 0x0, 0x3ec, 0x0, 0xbb, 0x200000, 0x0, 0x0, 0xfffffffe, 0x7, 0x7ffffffd, 0x3, 0x0, 0xffffffffffff2328, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8, 0x4, 0x7, 0x0, 0xb, 0x1, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x9, 0x0, 0x2004cb, 0xffffffffffffffff, 0xa1d, 0x68ff, 0x4, 0x0, 0x3, 0xa], 0x10000, 0x202})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @empty}}}})
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x0, 0x2}) (async)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)=[@code={0x1, 0x87, {"0f22e5c744240060420000c744240233d8cecbc7442406000000000f011c24660f38816810c4027958b20000000064449966baf80cb83284af80ef66bafc0c66ed66baf80cb8cc07ff8aef66bafc0cb8d4000000ef48b8f8000000000000000f23c00f21f835030009000f23f8450f2244c4417c50cc"}}], 0x87}) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="2d5a8bfaec0503d4ee82255ccc79459d336c02f6846ffa083727a27fef8e41f33ff61428dc81376619b5746876cab40bea6b76e7a18d9f0f45c5f33c3f3e548879927a89cca1b9829ff887d45cae3a0012b8eec038b982c41410eb0cffe4204a0387ae9ad2d2eb6f904feaea4325a355611cfdb7ac6c3495a4bcfa6a2c3285bf50ca4a25c77f383bdb14c2f038ba311fefcbe3d334550fb18a5f462cec0e41bf00e3ef37c78bb0086cbdc72b561eb2e285a15002dbb8b7a858d33bdfef916ce90eca18739db369eb9aa302efdba714da8bbd0baaeb55eb585585542cdfe62755b7dd303c01c44de59f83de2b9edf1e60279b16bc7ee4c277e23701b7d58fdad36e8d91c111be46581f230b4cbbe8b9ad764cd3e067d7b7c5e1082a55c86f7cbc77e049085b2749b2ead86b176e4c8d2498a331f1118c5ed72ab0fc4228c8214e0e48fd1f265ccfd3311eff1f9548d1217c02de43ebc6c896afbf6065592ce3bafbc138524c4ffa429c33265cc8ebfc69e1adf360f97ec2edbab35cdc965dfadfa522a591734e25f91a44023ceeaac091534ec097d7a6f9a8efe84829719e41c101ee103c7b8c6d7fb630da2ffdd692d13e9212539b8484ea7fbccc74ecd6b44e08852505badf79984da7ffd06e78b05b453e89bbeb44fb0e72d527ee63aee52eebf2e4049705c41ead90017d7a512146287226941b20b4a603d1f5d9e6c559d55c5f6de7e9159e121dbbabdcdae8f359f66c218fb24d20c3b56ca3b4a2639b4b54e0775f29c731a3fd33331a76c280df2bea7fb0778648bc55257c42cb1a4ae173a21e33a782943d733e570595aea49f391ced7df117548032f44d611d1fcafe7c08fcca48ef9bb719d41c2cde9eca1727feb7bcc14757316a3fb315eb0adf3b60f5d6cfe231e4dca32f1cd2a74a68e44b1c09471f135d6abf0d7d417a42323923ced88d39902998a177bda4d7ac9e5479f0ae49f5fe51818fa13dd9131d219658ed2de42587f415396aa610998f2b166a053cd272ef751e5447122c03f33800268f63503a237fd62235c65fa995ced4facfc61959a7b64f7ef4bced8cbc10222a18aaee1fcc282163cafc4bf899a7de76ac61499fa1bdf6e6599a9b6e46d202230ee0be421b38ba66b85c7e5cb73e26085f8b62b4141f8728515f12019e1738bc5b278074c56be74033511b21e97a727c8a5f9c186af9777574f52d957082122dcadefe3c376f73a33e41094ad7cd404b50e963a200b57cbf4329e59c5b5a42f8700613e30af94109d5562262792e77df91e7e75c40080f8ca071449bc999762d483c30a4eee68e89be2d138a4b64af3c0211c3540227d85801dc16d1bb669a16b243fa98ef40edb5b5fe05c50f8702434c4d2663e874aec996463c6d946fd1391096b02198e88f5e568300d6c4848b4fe7273af633cc6fbf6a5e37feea56cfc20a0b42a5c6266c805823bac41f8d4eb43c6c4673a4b6a8dd303fe922ade7af649cb21c2919390a9ee62a08131ea21840adc9cc023e2aab908ea6bf2d41e52918ed6423677933cd1729cfda6423e540aae3f043a1296b6eb9350d38e07abed7d1ea7249b1b67d17322050d01589c9787f4e5a904c5cfb25e047f3e46de5222121c2af122bd3a3b2b0f35ea0a81d3a862d77217e992cc74f678617223cad5ba21afdc58e6af17e7b4ee3a506f34069d2931ac62d47f86f1983d7204a32544ae0b738cd5ab3efb940ad752ebbb59cd28d98cd6e0441f020ab2d68cbe90fa44be7f7191c2f5748c418dde668ee87d579baed4358b5c47e03a89ddb98fd4209fda85a277460ca20cc6de67c0f35e39d3fcfc070530140f648b50dbd3236d8e5b5e63be12191cd67b9ef128440d8794dc452b5a16f250c9e378d52b1132efc4b1ec8a7a3fd04ef82154de056ee5054fb15dff8df06bdca1dc8b1c1d4175c967445105954d10f0fc94acf39b68105d188593584333312eb6fad6371cdbbbf16e88bed86600d9dac851661dd3cc64f9bac0b2b81ad2564274b5bcc040f065f3fc055f7e254f8954304140782b9a2390bb61fd82d7a99ddf96468f3ef43113b767552969d71190265b76c1358c4e16a21ff959631a19c6f5a686b7884d75aca2810decbfd9fe0520f3b322a80838a2e633e1c2a79df01786f605750b84e2b04b7204ca6022973fca4ab0c8c67caee2349a6b839aa6bebc862f2f8246fc293e0f14a375581036becf081e4fd6b0cc2f7465fe7f932890884794215838558c0ae6de81efd624c5290bdf52e95e4d5b1eaf280d76eb0ceddf438bcf1d4b83e8eec3aaacbd7ea0421ac84f08a480ae48edb7c23c3f94dc59a44b3c5712800789fa3b2b938bed137505d2b247a4c4a9bd5ceddb900cb9a502d10dbd620a7ef84fbf49081d52419e5d08ddd5a1873f6d3ea6a822400ffdad29899bfaf73ce3d8ff182b3ca8ef1c39fc34b93767b9a13401427c440edd2e5f801655e60dc4c5b4ba84e504421b758e0b4c743fd1a1b6be27702e751960b431f1d7a7fd68a9ab198a5c6dbbee137283e6d6c69eedba5345e551e4421f3dfc1c957bbf413c48f64871521789487707278c69eb71c33a6999d7e497dc3d7d022f008addc112c116637f6d29c9247de134eb860cd3e5af369ee474883e7a20c40ba02160ec19dcb717cd3f4f3f0293195242fa814042ad751c774728a797a8c483e0562a2cca698053c1b66c0310affdb6e5767ab6db583ac415119f1760bed5f405c5cfb63b2ccfd5dc9d119fc82a86f98551d92f02410fdddd450f0a661ce041fa39aaba50cda470d3080dec7345a54abe2a7630a7fac84bf95c30a0dff1225f7b1aebb41daec68ceff2b0f502e7433f395aeea75c1ba88229b44fa5c6fa2647e44db139eca1f2b7142b6c23d4879603bb5617e94de0d5353d1b17dfb960eb1c11c67d0d1e1cae94699cc9397b79150dacbbc7361261d5445f237210d2ab8120fe721072394b77df46894595b8fd56f034318e90e3cad94f1655911b9bcc0bd15c628c0248e134295f3ff69cf8ea536b4b7a6c11b4e04955f9f1d9bac2ad39d81ec929b0d29999ae5a865bcc2cffc8fb42af6e486ca12a4c83461c6a72b3c88e4f3d1a9c1f13adc6defbf0110746e39b1d01a5129f996a2af48bc52f06a32764d8d8dd984c5dc4e8bca0ffbbc7e4cd226cc278b35ed16bed6e8aca4a1c18120eef0966dd5327f252462477d43cbd1497654ddd3358d24883d9ddde40f1bc8c5610370841b1cb13e84162cc6d0818987350c22362b12c0f315dbc5dbc33c224bf8d57410f2621b9c45d6857b0bed5aae750db0dd4c6cf50bfd6d5e0c816a9d8951402a1c50ad8169fd94427b42c58399c6d72b1f213e009af4f650e5ef67d2f48c7dc3ef74a8ee453ab84118f2f0e4ff2b8130169ccac37198b337205cae506e8d70acba86aab28caa8117b1231d9c4b631fa3aeceb3c236182e25299392f1ed986106071097314a9b9bd0f30d853e8b4044c00f04b45b2923b572a6a41cb5293cc8dfdbeff56a1375a33bac7b220056a6f6a292035b17a3c3fd55897548c68ad7886ef432cef353da3da8deaea09df078569c042258dfc0763d54be89302b11a6d24f4086028b82520fb6d967b78b611a7e9661a92b1a8f12d407d2289e85a82bd0b7c742055acd2396ba8d101e91ce2e9f387e909fe6da3109e1937b1e12515f23c8f1b739d4c40a287cae3bf59e901fff2ba0de0a36a304428e9febe42a01dea2eacae9416a72ddabb98d2e69c70ea9edfc57cd81fc4217ec353caf01a1a61b925102f866b4090b6447cfd8eeff2a3a49e30fe0a4fff77fe1a225dbdb2fac338526c7438631b69ead8781b86801f530b04b1544be2c22aff4ac89b0ce4353526905e59e18f7f01c221e42354a5269e0e28afa29f38bcab3923fe8d64fbf81433991b0bb9df6fc4c28ba175871d87bb5ce6cf5bf4572bb873c044f0aeb2981e34a005df55d354db0353f6433f76adde2c124793a1da43aca0e62a744992ed8efa8571a26857aa65a21cfc3507471ab75525cedb559c430b5d03a5c4e923f7fbec50d0eb10fc40b3d7986245f4c6888a53df7fe7fdcc11261e70d8cca04baff938f8446bd9048baba31085f20746c5f0e00d816dca934804ea2877cca51b5c0e31dfeefb9e91e41189d67412a09af16b4cb709e6fee71b2766a71c8397578516b656633bb620dfc8bc15de4ea5f75f6845ea44805442125adef9377e98b5d8e73f3a0bfbd330467daf10d9f7a95cd6fd4827fa1b062898fa454437bf185b9e0d98c9d10a5db80364bca446205739b23a1e7e860647ed30e2b72524da94a5f70dcbcd67d8df08f0d57583011d5487669c5a45905125186590322dbe481e820a6a6c29c136fa4301ade06baddca45f0d5ce913b5b763d293da4afaa450b17ff4933e4478fbba9ad9e6e5eafe9fdeb82b7d65bc92f6690d03a49923810558b5e0f5bf47e7d000a5e132217c174445565d57d29f02e71d7205b8ec10330fea51d972fc5c81b1b36775816082f979b5b1fe3601c9c8e8fa0c3504bfa30e3603d5a0f3a7cbd27d744b27cdbf318acbed70697519605453df106123e1a6148c9146154986e288d8a70b6fed1667cc1e0b199067c704a6d41ba751b53102ebca01b3ce90226847808646c95f3eb231b6af0b0f329bd997db5a4d3ff18edf0203e351fcfa8c8ae2be6953472bbb3f40bb6ab3f8f2128d11a3bba133f0204e2e0df189cc8d2cb8af81d0941a37c2165112ed452008930bcc607fa6fe3ad1def902d89c7330e6042f6f86c3a75665ec603b6e392b417a0d907d42e6534db72adbad4266c6601d7b8bf8d9cde807088f76b07c06840d0806eb89aa545292284bf050e732e547ed54417b3ec7e7a7c5e8454a56f5092ea8cb27e74e0672c2951647e29dadbdea86d2a4d9e53ab01c9d21e902fc9c6ff4c317b3c0398561364e880e2b079d79a27d6dcc3d586abc043477981bd36746f5570840536bef104a158e2461296717d247b6004565ffb8eb9bb5258c65032f0b472c4f3667a17e3ff65b45c91e2411b5990f054e0c2a05fc175d2db7fb32ca32e4c11b46f08bae1614e2add96133ab383c1e78f4e3f21ed3010a35c76ad88714b526d3a5ba799e6f7bf9d5696e7b42c8c264162a28831baaef180f40489ad681af6c0a674cc7b65e8b8ab704d15546f70ed1e67f7643bbc8d0b8482024b8f320b5bdccb1014f5e1a34c6c795428660f026d93dd5dcabf2330dc62894bfe48fde6b931ba55dc2a222a27a3906ba5b98476321b6d27217fd58ad93b616aac91b139729d91de6f8ef49402e2741b8dd821f4cbaf7c4662ac782b255dc438164e54c417044e9bf5e13a8247777726dacea4341d8ba03bad17070dd0f07da13179d29ac00aefa41aaf4688e99eb395205f6d6d71999b3718f7f2d618117334977a92b15ed52e45e7d5df7a22be9cf0e008c41257d99b2426068c48de100b8e3019b624ce2f2849c35b74fe5ecc4478b2968a97cfcb759fc73c8cd21bda084646dadee926a4f606768749a89e11be2a23985631c922a73ba93f3619dcc4621c8da57697420859210aa43ec06feb649b9f1362fe9553f9d552b77203085d9a4da629f03fbf339bd8ccae6c411f6d8f131232575d28af2a2690529080f02a5a74fe59d1255039f09b8d565a4838930f88d6129389f2312a2ebcf0fe7d8b6dea3484cea9a1628349218b8ccefdea2b6c37676acc2a082fb73b19705e98079c1de7776cb830e79c0081a2da4059714f19587d10223fc50ea8434f1c7919a77acd7c5b20ac9fe8ad9d348e2c5bdb57fac1ec0c31a1688e22aab4f1a81826f3a47bd364505d35975c105a152aa8e42b2422a100ad3d3184d286884552143051b79294aba34bfc5cc332f0b6aa3bf186776ceb8861336ed97b85b9a7d548bf7b7a907256c7c6a2427d92aff68ba18544b95a75564029387fd2569943f8d54e64cc621123105eb56bcfaea06e38af31a05ef38302d2b6178121d52309865c5ec1147159c07b4d4e1ece24f6a1f63a492c617870c96dcabf43b73055d749e465cdbb965b18091eee65bd423f249d934ae904c2129b93d116353fe014e1afbcab5f74766a806451855bc28494653b9a863b9707c2a0fce3eb4b55c4220078651a94d3b9c6e92f4995dd56ec17d144b07bfb1b955b557d14774e64f400e0075781381b33d73a60f6b96cddbda0962b2a609e6bca56a109847bc13798be711d3779d5a8c6541bd247fe3b7477a1378cdafece044db3f31810bc95f8fb4ae7a8815303faac03651a13924308c06c8e86506b7d186a717a1bda1d7cdea2b8b682d37f954f488a8e0d65f868a81b1af4b8f7331ba84414a7ada82e81e06e76ddfa0aca0ca9a53a5de0bcdcbb77284bab522ffb6f803e95f116ac1670c50acd36d80f170e8e7e05163f050dc89dd93bf9160a545174472376e1fcbb945e9294f796a09ca78452683b8bd39049d118acc24ef0dc18ef88899dd7c27a3585e914e6f6bc8bb1950c061c722134243cf151785bc19dada45b90d97cb83bc60885a908d0c13be9e54f1929fe1f76fb9886808caf0442aca4539a42078bfee82418d611f4c432fcbc5242c35a396c17c1b93b98b277a9c8ef0143643e120c0de4b7c6beb0a582789b81a9d3a0b8f96a332c89764283d84ec5e6b8350683a2b4eebcb214a7ad430ff9ebcfc1d850717a8d38b8e35e67fea4b8f14938cc3eeacbee30616c09e848ebae3cefb8f2a904f2b3d1252019ec914278942d9b914f95574031cf21f412aa7500f3955db7b9ef9403750058d75e53d16803d4463f7884df1e361d34ce646e20b3427a45cd307283f1ff00cca6c841fb9b06543bf1a254b21ff421331facb2f08a484904ea25e049597c8b0a2140e8ed2906d574e73165ec5591c89b5dc08e5943ff7399f76b1df90947a9479b1aab40abf8ebadfa1455b6dcac672f495a64b6230fd3fe948ce6c16cb87e11ac7affc9047ef33fa64585c1dce3bab4fecc0c7d81b5ea73aed3ef63fafc880b6e2ba09d0df6d626e817075d5f330d91cec4bcf4829c20192bc0ef7f728f52dd3e074bafda4f8cd8465311a9124baad61bd73ca76a0d0d1b80cb7a5e429067ed4707b64d38613008c8af3ffcedfeb8cda26def8bef7cf947af23939d18adbf56715f90c2df716eb037d536cd36bc2b832c57f4a319f392e1ab37e02dfb392bd52b02801665c8ea28edfcb153f267dcfbd671d4eaa0d56335f7ce5eccda6b9f74621a1b322f1f3a60b00196a65327b36419394e776b2e1c1479f5f902c5918adfa5b112bfaf786eeea1abae7c8c9d3e3fe737c23092143376808b5e26cf896fb5202572533facacaac10ec26cab819f74cd372c95d50a9b6560da69c1b22d5c15759b7ab1d8118e672bea9af7e8a30458ccaa1586ed2720d5465e139fe3dfc0bc95107061471cdf28a42aa8149848a147a1710407021d13e611b36ad3624de35c4dc5a02ba8ae724b2d8cd85f15094e1893c98052cee135d0c1c11a73297775fb517abbb471a8b100cb51d8815acac16703b56f8aadae334601a84fc306efa08aeb2afbad94632b5f209603cf5e5ca634bd74ed2e525580ddd2f2ee65241788f5e867b44d7ecd71f5858d269ffda98d93860d8f1c26c47df1199f95991b54808bc26c0ab67b40745b8dfed41838e2c5594413d2c6022abe3c1f132e9f7c8c69e50729325d37e7502519d53d7e1bf0bc8f62d216fc9c88b197cfa1571ce8368cc1b4b625559cab7e8397c6c7bf537bc8b9d604f4bdb04cab86d349e4a33f92eaa07378eac07ed8d51aea9c15ef4c4b0e0a16f9c794701a1b74b58beb15cc165a4dc1a13a0886f55cba2b977447b61c01e1295a4221e19321201f1df0d25c9e14bc4433678e48a5081de7c81f79a6370843bf0d6e3e5192c1ddc0bad14a11ada8006e4f6549da3a877a991351610eb0c5bb6228d266baa27eab2b9bf4455fc54aed3c74c12590835e498c11efdc63dde52a62d8f3a3c978152018182b3e4cbd00fff317d06f8e9475b4c7506dcc5547d8ace2b71024aa0e2220936d2bd05163b8f15bc429378fec52ac39d167200758884056dc14d3329b1d47f477a217eabb651fa97e05451cd6e861996648ab439c9aa6fa032e9083b8c0f87890c88c50dd5a6e6be8c4a4361f3b4c3181c570407dd1d2d835a87dd4b24f55a649c3e478bc002f30894d06411dc4dd8277f796976b8b2884ed371013225bbd95955827741331777da30b1b3370fb4d0bb914d97660f7e06759ba54b5697a4f7cfb67035867f39e53306eb55b31ba660769ce6993b2f44a7173576766ed20992d04e6b4aff20c138102537a142ceeac3804fb0a4eaddeddb6bcc69007c5531f0ba6851854d8d836a51e8d644c7b79e071f19986090d2404b562a17e1ec1da775c171373bcf5d2c3d7dd64a587d66e42b6963d892df898766648f37c8d10ca249e28368c388f4e70a80b2992a0a390a2d51a17a0c1774fec2d399a2b0a99c802012fff6300c4275d1305b9a9d0f8144df64da9016f16369e813dafc7cff55c5a60602141fcaa62d9fc0b93df6524d8692be3c7ded5354b63014686e98ef2b5947eda93e0cd232d3fdea943d3bc92a6f2835c55aca33dcd087b7260bc68def6ce96ef5d536b61006a595219382d8b8365eb92eab44e677109971bc4dfd077a56ff1f27e9b80edffb5ecac7bde5dc2a74c30a24b9cd1b0d4356ec424350e364d0dc929d657a8626a22111d4a0f360fe33be72a1f2c4f5c1b9843145ddff70d583a9b433cab33b10d93531aab7bb8a53c738aae79222481b135eca9441f47068299deabdc9c4f77e5d4ea286e8300eb5956368d0499691dbab1499baef30bb6c4a9bb0159635dc1774203fda828bf804e8f526ffb55abd8700915232964b7f219a7bb221efa6428089263ab753eb421a1952bc780289a85ebb9b510dec67a826ccce1cdfbb29a3a55f4e1068ca2c077544efac686d77c67c927430c3ac78c7c8b1f834be9a689fdab38f1401797dba32a284f5c5f9ed13d34d8a001cfeeeb7de12aaeae7706004f96a293e52106fd945428e7e98915070b1584a323bd8f00b9803ce189c9c0af032752d979df57a5098458c7de034db79f43d27bcb720078b05e5f364f2d789343fb6fc8b2cab810b1745fa36aaccf5d27fc7f06ab821268d83e697870632814319533373f24584b35b2ba9dd9b52a4a2e559c90b1b87549530a64fdbba5587242535fd0d600fa6e8497369a5587627182c62da4a47bc6ea99f7aaa765e3b74b7d9c48e779c8b13a2535d03ef8ac4bf3fc9e6eda5628034e7e453fbd6153b8b8e9f693c5dfa37f6a0a2542e6f86ebd2ae926822d7b31963c8879557dfa2a869ba3c5dc2dfcb60bc0a0c9816c2c4c58bdc09c2d76a007e68c38fd8b88709e5c49341630e333e13413c3e60c0d768d4c98bcb297e819ceb0f8b229d3037ac95639344bf42ee7f77922a6ac039837356dfd7c0ba3c5393548369bd71b4824326eaeb80a9c249504a08bfc164af220047cdf054d928a8d929a2fb621665122062dbd5cdde82b8289e0d510246e0bc30d34d8e96703f75c75328f99437be474315d8cb55066badbc0ee852c8ef28e1de7f5b58dda97742db5f708c6be3279d700ba147f1519485020336c260d825920870739fdb288f22b980fb7bcbf147b1a95fcc3d8d1899749d928eea8d47cccc1fbbdd5729a3f2f73d2ae352eb3e043405bcb7fa12b2a80d6a3f0178a18cbc5794fd65f0caddaff57616dfed94884a48b27b181c55200d9ecdfbb082dcd2952089938e134eecb40c2f95cb7808fc7da09282787edb1939e75bc8e284c01239a895246be025c8e0168ae83f5adc62f4f81ddbf6ba9b5fce3ddd111eb61c42777a8c303abe291aa9ef383ef1d6c26c4f8698375cc76a7e078ac948f2e84de084fdb380d38d2e1810ce8118999554c06f8d583bd37003b407dd7b41a3b14f10a5ae7c2e8fdd087cc322ddc399fe38cc542bc957b38b0fda34a3ee5c6a97d25629d26a75de211fe1cc4ca63880caa8f85f3bd489c39cf30eac81784e4456a775dee3045df2a1875623a4fbf227cf90cd237721a6dff29d26a16306e4033cc644e35cba3cc4e45cfd0cefc9c8d8a0f35bf31a8319b54fb549554c7089b9334a9867d51d71aae1f342d5602ef2d394e6c8a8aa6c15121d8c8b3abe3416367dcc276c048c65311ad70df0ecf0cf817a1a27e1dc50fedea83de8a8bb7746e23be2f335c9cda9a7f08d72b9debc35d49e9ec4c9815040c38c11375dd7f2897b20479343b86b51c317e0e90f9465d8c425857e1831931714284c60f68036134304558e53d2d42813a42a3017ab21feab6132f3a2f8c5670a1076dab6136cd6836b52d7ee54639758085438831dcd8157ccae47784a35364babff9299e4eaa389931199b4901f12185a0d228473d4a147d88e55bd11f8ed2957b7f2f3efb3e444f0aec9bef1f68cffbdac04698cc277706f2ffdd263586b84c645f1721ee3008b398918fdfb9b06b98078447c0edd7c058524825a1124e9af37fa9cb77302aded60eca394c866397c3bc18f8277d9277921abd06b61b1445f43cd7f0b5b2c023832f6d67f86d9b6ff9985edee1ec2572486b43d3be834d5b60d208b1187ca7cc8b17133f55314ee640268d5337d7dcdf1742cb543d63ae3c09e312ac05b5d585d9437bf16bd560ef739f12c878178757e1f675a8671becae2bf03f87de4bc40b4b7a3aa6e2f28f015332b10b9fe426ebd45d7a26e769bb05eb2866bb34c56b079a5bd23352bcb08c379b400512b0d8438ee5371171ccbf2921c1e150fffb5885286f933f4393088ba21c47b15d1a35de27dbd02e58859aa080f87d0a857e92d0f52c549c04cd9368c94a8024e184773cb3431d854c2855e93ac9f24d5e45d11c2acfb03755e7f279b368e2e31b3653a7d7e2e102ac67f363c195272e2896bec544f669f2d25ae8638ac30da6ed52404b32b8ee9f0f2909ef6b4e2db3a6ea88b8a6f2f2c025959efb7b94005eb307aae01af8a19ee6178270be09d93837793b43bcdab98b9c04b6bfea7ac2217c11aeec277bc199b67ac24b7352299e7fec85aa151029d14441b56bb6031cdc72a1a90ef537c6d2bce7ffc7c366a88f8bc87cd8ef4e91b5ad9d85ed84f9b85f029252ad5ff13d564d842ef310feaba90974e40889e7cb753eb44ef96bc4c25b021fe50e9957a9c3cc9904aa920fc8a8e82a826b945559b57591fa1a26c380afe65d930f9bd9a3d93f57324d28c2741e728cbd106dccdf66863e49db8a0df1398ba8594fa5102b8157e4b987f4339820df5a7aa2b1c47ed0211437ee3d81dcbffa500dc4b743d49028581234c7e9db2e951d5bf3e3c448ce58bf94a2f7ef95eda07daae00bef1794d27330927b2460778fdee580efe431ee244aae452cd60100b6c9f0cd5e79e170a7b149abfcc26b77d33c35311c95e3ba0752eabce3d1310a8aa45ecd1659e4e855919d153ebeb434581a6d352508771b030acd3fee51badf6767a7931bbba2cf195bd98fd096a6be14d7172cf1dbe3a82bae73a29223c623c090cbc5fffe8f3291", 0x2000, 0x0) (async)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e04790620"], 0x7) (async)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000100)={0x400000, 0xbf2, &(0x7f0000000240), 0x0}) (async)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0) (async)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000002040)=0x4) (async)
syz_open_dev$sndctrl(&(0x7f0000000e00), 0x0, 0x0) (async)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105511, &(0x7f00000000c0)={{0xc, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x7, 0x100, 0x7ffc, 0x0, 0x9, 0x100000000, 0x0, 0x4, 0x8, 0x0, 0xc3, 0x7f, 0x1, 0x0, 0x8000000, 0x0, 0x8, 0x0, 0xfffffffffffffffe, 0x1, 0x0, 0x0, 0x0, 0x3, 0x100000000, 0xffffffffffffffff, 0x0, 0x5, 0x4, 0x4, 0x10000002, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x3, 0xfffffffe, 0x12, 0x6, 0xfffffdfffffffffe, 0x4, 0x800000, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0xb4e, 0xffffffff, 0x0, 0xfffffffc, 0x1, 0x0, 0x0, 0xd87, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0xdf9cd8e, 0x8000200, 0x6, 0x5, 0x0, 0x3ec, 0x0, 0xbb, 0x200000, 0x0, 0x0, 0xfffffffe, 0x7, 0x7ffffffd, 0x3, 0x0, 0xffffffffffff2328, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8, 0x4, 0x7, 0x0, 0xb, 0x1, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff]}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x9, 0x0, 0x2004cb, 0xffffffffffffffff, 0xa1d, 0x68ff, 0x4, 0x0, 0x3, 0xa], 0x10000, 0x202}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)
socket$inet_udp(0x2, 0x2, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000200)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x8000, 0x700, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x67, 0x0, 0x0, 0x29, 0x0, @multicast1, @empty}}}}) (async)

1.68632254s ago: executing program 2 (id=2198):
r0 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f00000000c0)={'\x00@\x00', 0x0, 0x6, 0x3, 0x0, 0x0, "f759ca34000400", '\x00', "03000100", '\x00', ["8bada2f095afc7ad77cebc00", "c2fed6cb0200004000", '\x00', "00000000000000000100"]})

1.675795923s ago: executing program 1 (id=2199):
socket$kcm(0xa, 0x3, 0x87)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000000)={"6d1aaa2e2d4bfdbb784e474a691b5107", 0x0, 0x0, {0x3, 0xe926}, {0x4, 0x1}, 0x5, [0x0, 0x10, 0x8, 0x9, 0x8000000000000001, 0x8000000000000001, 0x5, 0x1, 0x5, 0x801, 0x400, 0x10000000000, 0x0, 0x6995, 0x1, 0x4]})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003088700fe88a43de1a400000000000000007d01ff020000000000000000000005000001"], 0xfdef)

1.565605199s ago: executing program 2 (id=2200):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket(0xf, 0x5, 0x3)
getsockopt(r1, 0x200000000114, 0x8, &(0x7f0000001e00)=""/102400, &(0x7f0000000040)=0x19000)
sendmsg$kcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000180081064e81f782db44b904021d080006067c09e8fe55a10a0015400400142603600e120800060000001001a8001600a400014003000000036004fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)={0x20, 0x11, 0x1, 0x3, 0x0, "", [@nested={0x10, 0x0, 0x0, 0x0, [@typed={0xa, 0x0, 0x0, 0x0, @str='/D00#\x00'}]}]}, 0x20}], 0x1}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f00000005c0), r3)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000600)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_GET_VLAN(r3, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)={0x1c, r4, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x48001}, 0x8004)
sendmsg$BATADV_CMD_SET_MESH(r2, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r4, 0x1, 0x70bd2a, 0x25dfdbfb, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0xcd}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x800)
syz_usb_connect(0x1, 0x6d, &(0x7f0000000240)={{0x12, 0x1, 0x250, 0xe1, 0xde, 0xe9, 0x20, 0x10c4, 0x8411, 0x6ad7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5b, 0x1, 0x4, 0xfa, 0x20, 0xc, "", [{{0x9, 0x4, 0xa5, 0xe6, 0x5, 0xe4, 0x22, 0xaf, 0xcc, [], [{{0x9, 0x5, 0x2, 0x10, 0x20, 0x7, 0x1, 0x3}}, {{0x9, 0x5, 0x3, 0xc, 0x200, 0x86, 0x5, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0xc, 0xc, 0x8}, @uac_iso={0x7, 0x25, 0x1, 0xc, 0x1, 0x4}]}}, {{0x9, 0x5, 0x4, 0x1, 0x10, 0xbe, 0x7, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x8, 0x1a, 0x3}]}}, {{0x9, 0x5, 0xc, 0x3, 0x400, 0x0, 0x3}}, {{0x9, 0x5, 0x0, 0x10, 0x400, 0x5, 0x9, 0x3, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x8, 0x2}]}}]}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000340)={0xa, 0x6, 0x200, 0x0, 0x76, 0xf, 0xff, 0x8}, 0x1a, &(0x7f0000000380)={0x5, 0xf, 0x1a, 0x2, [@wireless={0xb, 0x10, 0x1, 0xc, 0x40, 0x7, 0xd, 0x401, 0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x8, 0x2f, 0x3}]}, 0x1, [{0x4, &(0x7f00000003c0)=@lang_id={0x4, 0x3, 0x809}}]})

1.516309906s ago: executing program 3 (id=2201):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000140)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925001900fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000040)={{0x1, 0x1, 0x18, r0, {<r1=>0xee01}}, './file0\x00'})
statx(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x400, 0x371, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setreuid(r1, r2)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000))

1.48432203s ago: executing program 1 (id=2202):
socket$inet_udp(0x2, 0x2, 0x0)
stat(&(0x7f0000000140)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r0=>0x0})
connect$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1}, 0x6e)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000040), 0x6)
ioctl$sock_bt_hci(r1, 0x400448e6, 0x0)
ioctl$sock_bt_hci(r1, 0x400448e7, &(0x7f0000000080))
r2 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000201c1b100c00000000000109022d00010000600009040080020300000009210604000122050009058103"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
setresuid(r0, 0x0, r0)
syz_clone(0x80, 0x0, 0x0, 0x0, 0x0, 0x0)

1.477573382s ago: executing program 3 (id=2203):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x58, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x6}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}]}, 0x58}, 0x1, 0x0, 0x0, 0x810}, 0x20004090)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000a00)=[{0x0}, {&(0x7f0000000500)}, {&(0x7f0000000540)="69789b3e68b6bb468a00301326eab0eda05e1be62b5f5a509f60c33bf2b169e796c15793c71a66f06e415678d4", 0x2d}, {&(0x7f0000000680)="c60978ea1f7353652d7d7af312204f1e4701a9446e1e305f9db167e1dc5b6d0065641add82dcfb44bbd1bf442617fe5120399a68217d236df5328d80026c6fb0c31a9631b2886ff395811916849b48b48b46b9f75c7a93c7c1647d0c2e7776210db3e8877ce7a800", 0x68}, {&(0x7f0000000940)="fb83fe63ca93cec41f552d76065d983e7cda6bb2f21aaa05a9ee7d75ed14a140f329d12d530ea154d7d21d0aa5517808ef38b13d6189f619adbf33ba19eb2180096e9fb245e9d154ff05cb5e3eb3a2ba2653aa8c75de5988bc816fe3f9", 0x5d}], 0x5, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fdffffff00000000180000000000000029000000040000000400000000000000d80000000000000029000000360000005e17000000000000000100000100010800000000000000000728000000030800ff0f66090000000000000700000000000000010000000000000001000000000000000864c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff700710000000030203070004ffffffffffffff01082bdb86d1ce6a20c20000000018"], 0x188}}], 0x1, 0x810)
bind$alg(0xffffffffffffffff, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-aes-neonbs\x00'}, 0x58)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0xcf6, 0x20493859, 0x0, 0x0, 0xffffffff, 0x0, 0x80000000, 0x0, 0x1}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x400, 0xa0, 0x3e000000, 0x300, 0xbbba, 0x2, 0x18, 0x0, {0x0, 0x2007}, {0x9, 0x3, 0xfff7fffe}, {0x0, 0xffff0004, 0x4000}, {0x1000000, 0x0, 0x20001}, 0x0, 0x0, 0xa, 0x4d612, 0x0, 0x0, 0x0, 0x4000008, 0xfffffffd, 0x0, 0x0, 0x0, 0x39, 0x100, 0x1, 0x1})
removexattr(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)=@known='user.incfs.size\x00')
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80)=[{&(0x7f0000000780)="42ebe7f5d8dde5f3e9c5c7e7bc09d8d80f373ae4dc85e6cb597bd322663b986ff272399bec41d811a763bcd2cdc221d2ac6cdeeca815ce250ce959444e7f296cb11433530cfccd0c6f450147b46eb5bbe281810c76577aaf554801815d1ee516cc0752832233d7610ce165a593e43cbaa4f52db28e5aead94767ad0d0ccf1cd422fcfd87e848c94a2be6e254d827012967db0758c0fa31", 0x97}, {0x0}, {&(0x7f0000000a80)}, {&(0x7f0000000d00)="7cedc13b1cbf2308b2000d3d62b333c7c3b9f321", 0x14}, {&(0x7f0000000ac0)}], 0x5, 0x4d9e, 0x8)
pwritev(r3, &(0x7f0000000300)=[{&(0x7f0000000e00)="545456aaca66a06ed89e676f97244e73fdef2c4e0e9908a9ae18d3edaee292b26418c7951dad9d46f36db1eebad39c223195e88141843cbc65ffe078fcde20453c60f3f6f733e2ce489c5d6b594a687d47fc433e62511888fabf8a13d8f97d253ff2f10bfcabe5e3dc26f6d8fb594e53de1031ab32a900c951328857024807455b2421f9b87776b96fbfe85280da7237391eb0810d01c419707f1d76dc7e292874440eebd46a4f272092bef765c697968613a5858fe0544603bbf9c65cd8a21985755fc20def7e6e6c949242709cadfc9b8cb77179735797c656acff93bf772782823cc71939f295d4b5317e832933a90be05b9157392470dab1d30424555f", 0xff}, {&(0x7f0000000880)="ff83bffdd1f4828b21f97bfb9940a94f3600d85f12df214732c443800a73983dfaf6de4c374f0430f40f8c9f23cea42a1929bb54c905bfd614893fe2bbfe9a38d0524352a1ac9251e7569869bf3baee47afb50cb4030870b0065d0eb2dcec756e8c33e660f62a5dd4df32d499f758f93808e65071d1c9a4336effbaa73d2ebd7375c0c0a41d106174888647715ff2d162210a4a9c2", 0x95}], 0x2, 0x46, 0x3)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000200)={0x15, 0x0, <r6=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r5, 0x3b88, &(0x7f00000002c0)={0xc, r6})
ioctl$IOMMU_VFIO_SET_IOMMU(r5, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r5, 0x3b72, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000ff2f00000000000001"])
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000bdf7130870270c936a8d010203010902120001000000000904"], 0x0)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r7 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000a80)="0f01d7b805000000b9cd25c4d00f01d90f01cfc4e37d083d00900000f4ea0070000076000f291fc4e1f92bbb6dcc0000c744240000000000c744240200580000c7442406000000000f01142466ba6100b810360000ef0fc7bf3b000000", 0x5d}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

595.661631ms ago: executing program 3 (id=2204):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x292085)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x2a}, {&(0x7f0000000440)="aa1d48", 0x3}], 0x2)

581.619977ms ago: executing program 3 (id=2205):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000040)={0x0, 0x12000, 0x1})
syz_genetlink_get_family_id$fou(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, 0x0, 0x44084)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 32)

0s ago: executing program 3 (id=2206):
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000000)=0x1, 0x4)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x80000000, 0x0, 'queue0\x00', 0x32a})
write$sndseq(r1, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x0, 0x2000000]}}], 0x1001a)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000100)={{0x1, 0x0, 0x0, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000440)={0x6, 0x20000006, 0x0, 0x0, 0xd})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
close_range(r0, 0xffffffffffffffff, 0x400000000000000)

kernel console output (not intermixed with test programs):

]  ? trace_contention_end+0x3d/0x150
[  363.565891][T11220]  ? __mutex_lock+0x319/0x1300
[  363.565928][T11220]  ? kasan_quarantine_put+0xbb/0x1f0
[  363.565956][T11220]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  363.565981][T11220]  ? __pfx___mutex_lock+0x10/0x10
[  363.566011][T11220]  ? tomoyo_path_number_perm+0x219/0x630
[  363.566040][T11220]  ? do_vfs_ioctl+0x1166/0x1530
[  363.566072][T11220]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  363.566104][T11220]  kvm_vcpu_ioctl+0xa62/0xfd0
[  363.566133][T11220]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  363.566152][T11220]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  363.566203][T11220]  ? __fget_files+0x2a/0x420
[  363.566229][T11220]  ? __fget_files+0x2a/0x420
[  363.566250][T11220]  ? __fget_files+0x3a0/0x420
[  363.566271][T11220]  ? __fget_files+0x2a/0x420
[  363.566296][T11220]  ? bpf_lsm_file_ioctl+0x9/0x20
[  363.566325][T11220]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  363.566347][T11220]  __se_sys_ioctl+0xfc/0x170
[  363.566378][T11220]  do_syscall_64+0x14d/0xf80
[  363.566406][T11220]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.566428][T11220]  ? clear_bhb_loop+0x40/0x90
[  363.566454][T11220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  363.566474][T11220] RIP: 0033:0x7fc8c639c799
[  363.566495][T11220] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  363.566513][T11220] RSP: 002b:00007fc8c71e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  363.566536][T11220] RAX: ffffffffffffffda RBX: 00007fc8c6615fa0 RCX: 00007fc8c639c799
[  363.566551][T11220] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  363.566564][T11220] RBP: 00007fc8c71e2090 R08: 0000000000000000 R09: 0000000000000000
[  363.566577][T11220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  363.566588][T11220] R13: 00007fc8c6616038 R14: 00007fc8c6615fa0 R15: 00007ffcc5a5b858
[  363.566620][T11220]  </TASK>
[  364.179443][T11229] syzkaller1: left promiscuous mode
[  364.204903][T11229] syzkaller1: left allmulticast mode
[  364.919555][T11245] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1778'.
[  365.515028][T11256] FAULT_INJECTION: forcing a failure.
[  365.515028][T11256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  365.529240][T11256] CPU: 0 UID: 0 PID: 11256 Comm: syz.2.1783 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  365.529276][T11256] Tainted: [L]=SOFTLOCKUP
[  365.529285][T11256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  365.529302][T11256] Call Trace:
[  365.529315][T11256]  <TASK>
[  365.529326][T11256]  dump_stack_lvl+0xe8/0x150
[  365.529373][T11256]  should_fail_ex+0x412/0x560
[  365.529432][T11256]  __kvm_read_guest_page+0x18d/0x240
[  365.529474][T11256]  kvm_fetch_guest_virt+0x12b/0x170
[  365.529518][T11256]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  365.529561][T11256]  __do_insn_fetch_bytes+0x31c/0x700
[  365.529607][T11256]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  365.529650][T11256]  ? x86_decode_insn+0x1719/0x5df0
[  365.529689][T11256]  x86_decode_insn+0x38e/0x5df0
[  365.529762][T11256]  ? __pfx_x86_decode_insn+0x10/0x10
[  365.529799][T11256]  ? kvm_tdp_mmu_map+0x3bf/0x1ed0
[  365.529841][T11256]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  365.529877][T11256]  ? __asan_memset+0x22/0x50
[  365.529911][T11256]  ? init_decode_cache+0xea/0x160
[  365.529948][T11256]  ? init_emulate_ctxt+0x4e7/0x680
[  365.529981][T11256]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  365.530024][T11256]  x86_emulate_instruction+0x64a/0x2100
[  365.530073][T11256]  ? do_raw_read_unlock+0x3d/0x80
[  365.530105][T11256]  ? _raw_read_unlock+0x28/0x50
[  365.530134][T11256]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  365.530162][T11256]  ? vmx_handle_exit_irqoff+0x100/0xa00
[  365.530193][T11256]  ? rcu_qs+0x5e/0xe0
[  365.530230][T11256]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  365.530279][T11256]  handle_ud+0x189/0x590
[  365.530326][T11256]  ? __pfx_handle_ud+0x10/0x10
[  365.530387][T11256]  ? __pfx_handle_exception_nmi+0x10/0x10
[  365.530441][T11256]  vmx_handle_exit+0xfd1/0x16c0
[  365.530501][T11256]  vcpu_run+0x5fa2/0x7b90
[  365.530571][T11256]  ? vcpu_run+0x4ca8/0x7b90
[  365.530660][T11256]  ? __pfx_vcpu_run+0x10/0x10
[  365.530692][T11256]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  365.530739][T11256]  ? rcu_is_watching+0x15/0xb0
[  365.530785][T11256]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  365.530839][T11256]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  365.530875][T11256]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  365.530907][T11256]  ? rcu_is_watching+0x15/0xb0
[  365.530945][T11256]  ? trace_contention_end+0x3d/0x150
[  365.530976][T11256]  ? __mutex_lock+0x319/0x1300
[  365.531027][T11256]  ? kasan_quarantine_put+0xbb/0x1f0
[  365.531064][T11256]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  365.531101][T11256]  ? __pfx___mutex_lock+0x10/0x10
[  365.531143][T11256]  ? tomoyo_path_number_perm+0x219/0x630
[  365.531184][T11256]  ? do_vfs_ioctl+0x1166/0x1530
[  365.531224][T11256]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  365.531264][T11256]  kvm_vcpu_ioctl+0xa62/0xfd0
[  365.531303][T11256]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  365.531332][T11256]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  365.531399][T11256]  ? __fget_files+0x2a/0x420
[  365.531443][T11256]  ? __fget_files+0x2a/0x420
[  365.531475][T11256]  ? __fget_files+0x3a0/0x420
[  365.531506][T11256]  ? __fget_files+0x2a/0x420
[  365.531542][T11256]  ? bpf_lsm_file_ioctl+0x9/0x20
[  365.531581][T11256]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  365.531615][T11256]  __se_sys_ioctl+0xfc/0x170
[  365.531657][T11256]  do_syscall_64+0x14d/0xf80
[  365.531693][T11256]  ? trace_irq_disable+0x3b/0x150
[  365.531722][T11256]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.531752][T11256]  ? clear_bhb_loop+0x40/0x90
[  365.531786][T11256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.531821][T11256] RIP: 0033:0x7fc8c639c799
[  365.531841][T11256] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  365.531859][T11256] RSP: 002b:00007fc8c71e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  365.531886][T11256] RAX: ffffffffffffffda RBX: 00007fc8c6615fa0 RCX: 00007fc8c639c799
[  365.531904][T11256] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  365.531923][T11256] RBP: 00007fc8c71e2090 R08: 0000000000000000 R09: 0000000000000000
[  365.531943][T11256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  365.531959][T11256] R13: 00007fc8c6616038 R14: 00007fc8c6615fa0 R15: 00007ffcc5a5b858
[  365.532020][T11256]  </TASK>
[  366.162677][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  366.317530][T11270] erofs (device loop1): cannot find valid erofs superblock
[  367.141921][T11285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  367.165499][T11285] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  367.285027][T11291] FAULT_INJECTION: forcing a failure.
[  367.285027][T11291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  367.285082][T11291] CPU: 1 UID: 0 PID: 11291 Comm: syz.2.1795 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  367.285121][T11291] Tainted: [L]=SOFTLOCKUP
[  367.285134][T11291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  367.285152][T11291] Call Trace:
[  367.285165][T11291]  <TASK>
[  367.285178][T11291]  dump_stack_lvl+0xe8/0x150
[  367.285223][T11291]  should_fail_ex+0x412/0x560
[  367.285277][T11291]  __kvm_read_guest_page+0x18d/0x240
[  367.285317][T11291]  kvm_fetch_guest_virt+0x12b/0x170
[  367.285364][T11291]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  367.285406][T11291]  __do_insn_fetch_bytes+0x31c/0x700
[  367.285460][T11291]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  367.285503][T11291]  ? x86_decode_insn+0x1719/0x5df0
[  367.285545][T11291]  x86_decode_insn+0x38e/0x5df0
[  367.285618][T11291]  ? __pfx_x86_decode_insn+0x10/0x10
[  367.285659][T11291]  ? kvm_tdp_mmu_map+0x3bf/0x1ed0
[  367.285700][T11291]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  367.285738][T11291]  ? __asan_memset+0x22/0x50
[  367.285773][T11291]  ? init_decode_cache+0xea/0x160
[  367.285810][T11291]  ? init_emulate_ctxt+0x4e7/0x680
[  367.285845][T11291]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  367.285890][T11291]  x86_emulate_instruction+0x64a/0x2100
[  367.285943][T11291]  ? do_raw_read_unlock+0x3d/0x80
[  367.285977][T11291]  ? _raw_read_unlock+0x28/0x50
[  367.286013][T11291]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  367.286049][T11291]  ? vmx_handle_exit_irqoff+0x100/0xa00
[  367.286081][T11291]  ? rcu_qs+0x5e/0xe0
[  367.286110][T11291]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  367.286160][T11291]  handle_ud+0x189/0x590
[  367.286207][T11291]  ? __pfx_handle_ud+0x10/0x10
[  367.286270][T11291]  ? __pfx_handle_exception_nmi+0x10/0x10
[  367.286313][T11291]  vmx_handle_exit+0xfd1/0x16c0
[  367.286375][T11291]  vcpu_run+0x5fa2/0x7b90
[  367.286449][T11291]  ? vcpu_run+0x4ca8/0x7b90
[  367.286539][T11291]  ? __pfx_vcpu_run+0x10/0x10
[  367.286572][T11291]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  367.286620][T11291]  ? rcu_is_watching+0x15/0xb0
[  367.286669][T11291]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  367.286721][T11291]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  367.286760][T11291]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  367.286796][T11291]  ? rcu_is_watching+0x15/0xb0
[  367.286839][T11291]  ? trace_contention_end+0x3d/0x150
[  367.286872][T11291]  ? __mutex_lock+0x319/0x1300
[  367.286922][T11291]  ? kasan_quarantine_put+0xbb/0x1f0
[  367.286960][T11291]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  367.286997][T11291]  ? __pfx___mutex_lock+0x10/0x10
[  367.287039][T11291]  ? tomoyo_path_number_perm+0x219/0x630
[  367.287080][T11291]  ? do_vfs_ioctl+0x1166/0x1530
[  367.287120][T11291]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  367.287155][T11291]  kvm_vcpu_ioctl+0xa62/0xfd0
[  367.287188][T11291]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  367.287218][T11291]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  367.287284][T11291]  ? __fget_files+0x2a/0x420
[  367.287320][T11291]  ? __fget_files+0x2a/0x420
[  367.287351][T11291]  ? __fget_files+0x3a0/0x420
[  367.287383][T11291]  ? __fget_files+0x2a/0x420
[  367.287421][T11291]  ? bpf_lsm_file_ioctl+0x9/0x20
[  367.287468][T11291]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  367.287503][T11291]  __se_sys_ioctl+0xfc/0x170
[  367.287545][T11291]  do_syscall_64+0x14d/0xf80
[  367.287581][T11291]  ? trace_irq_disable+0x3b/0x150
[  367.287611][T11291]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.287642][T11291]  ? clear_bhb_loop+0x40/0x90
[  367.287680][T11291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  367.287711][T11291] RIP: 0033:0x7fc8c639c799
[  367.287739][T11291] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  367.287764][T11291] RSP: 002b:00007fc8c71e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.287795][T11291] RAX: ffffffffffffffda RBX: 00007fc8c6615fa0 RCX: 00007fc8c639c799
[  367.287817][T11291] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  367.287835][T11291] RBP: 00007fc8c71e2090 R08: 0000000000000000 R09: 0000000000000000
[  367.287856][T11291] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  367.287873][T11291] R13: 00007fc8c6616038 R14: 00007fc8c6615fa0 R15: 00007ffcc5a5b858
[  367.287917][T11291]  </TASK>
[  367.698225][ T5821] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  368.323934][ T5887] usb 2-1: new high-speed USB device number 99 using dummy_hcd
[  368.424427][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  368.513906][ T5887] usb 2-1: Using ep0 maxpacket: 32
[  368.532079][ T5887] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  368.557863][ T5887] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  368.567833][ T5887] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  368.582519][ T5887] usb 2-1: config 1 has no interface number 0
[  368.595386][ T5887] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  368.607254][ T5887] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  368.656840][ T5887] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  368.667161][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.693454][ T5887] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  368.759096][T11312] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  368.768821][T11312] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  368.779926][T11312] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  368.915235][ T5887] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  369.174059][ T5887] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[  369.263992][ T5851] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[  369.326963][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  369.337982][ T6189] usb 2-1: USB disconnect, device number 99
[  369.347632][ T5887] usb 3-1: Using ep0 maxpacket: 16
[  369.358869][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  369.373222][ T6189] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  369.382128][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  369.399289][ T5887] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  369.414284][ T5887] usb 3-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  369.423489][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.436196][ T5851] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  369.436720][ T5887] usb 3-1: config 0 descriptor??
[  369.469020][ T5851] usb 1-1: config 0 interface 0 has no altsetting 0
[  369.496717][ T5851] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  369.508159][ T5851] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  369.534862][ T5851] usb 1-1: Product: syz
[  369.539230][ T5851] usb 1-1: Manufacturer: syz
[  369.553900][ T5851] usb 1-1: SerialNumber: syz
[  369.568546][ T5851] usb 1-1: config 0 descriptor??
[  369.592604][ T5851] usb 1-1: selecting invalid altsetting 0
[  369.803699][ T6189] usb 1-1: USB disconnect, device number 115
[  369.852782][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  369.886312][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  369.915945][T11318] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  369.933974][T11318] UDF-fs: Scanning with blocksize 512 failed
[  369.953434][ T5887] input: HID 05ac:8241 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:05AC:8241.002D/input/input60
[  369.983043][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  370.021320][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  370.052256][T11318] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  370.074144][T11318] UDF-fs: Scanning with blocksize 1024 failed
[  370.095546][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  370.107229][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  370.115770][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  370.156301][ T5887] appleir 0003:05AC:8241.002D: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  370.185992][ T5887] usb 3-1: USB disconnect, device number 96
[  370.202204][T11318] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  370.236160][T11318] UDF-fs: Scanning with blocksize 2048 failed
[  370.258506][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  370.274630][T11318] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  370.287422][T11318] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  370.298668][T11318] UDF-fs: Scanning with blocksize 4096 failed
[  370.305800][T11318] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1)
[  370.441326][T11323] fido_id[11323]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  370.611608][T11332] FAULT_INJECTION: forcing a failure.
[  370.611608][T11332] name failslab, interval 1, probability 0, space 0, times 0
[  370.628062][T11332] CPU: 0 UID: 0 PID: 11332 Comm: syz.1.1811 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  370.628097][T11332] Tainted: [L]=SOFTLOCKUP
[  370.628106][T11332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  370.628119][T11332] Call Trace:
[  370.628128][T11332]  <TASK>
[  370.628138][T11332]  dump_stack_lvl+0xe8/0x150
[  370.628173][T11332]  should_fail_ex+0x412/0x560
[  370.628213][T11332]  should_failslab+0xa8/0x100
[  370.628244][T11332]  __kmalloc_noprof+0xe8/0x760
[  370.628273][T11332]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  370.628310][T11332]  tomoyo_realpath_from_path+0xe3/0x5d0
[  370.628353][T11332]  ? tomoyo_path_number_perm+0x219/0x630
[  370.628384][T11332]  tomoyo_path_number_perm+0x246/0x630
[  370.628413][T11332]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  370.628442][T11332]  ? __lock_acquire+0x6b5/0x2cf0
[  370.628483][T11332]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  370.628534][T11332]  ? __fget_files+0x2a/0x420
[  370.628560][T11332]  ? __fget_files+0x2a/0x420
[  370.628582][T11332]  ? __fget_files+0x3a0/0x420
[  370.628604][T11332]  ? __fget_files+0x2a/0x420
[  370.628632][T11332]  security_file_ioctl+0xc3/0x2a0
[  370.628658][T11332]  __se_sys_ioctl+0x47/0x170
[  370.628691][T11332]  do_syscall_64+0x14d/0xf80
[  370.628718][T11332]  ? trace_irq_disable+0x3b/0x150
[  370.628738][T11332]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.628759][T11332]  ? clear_bhb_loop+0x40/0x90
[  370.628785][T11332]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  370.628814][T11332] RIP: 0033:0x7f5b9ef9c799
[  370.628834][T11332] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  370.628853][T11332] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.628876][T11332] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  370.628893][T11332] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  370.628905][T11332] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  370.628918][T11332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  370.628930][T11332] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  370.628963][T11332]  </TASK>
[  370.628984][T11332] ERROR: Out of memory at tomoyo_realpath_from_path.
[  370.816926][T11335] netlink: 'syz.0.1812': attribute type 11 has an invalid length.
[  370.930792][T11335] netlink: 'syz.0.1812': attribute type 11 has an invalid length.
[  370.951544][T11335] netlink: 224 bytes leftover after parsing attributes in process `syz.0.1812'.
[  371.082895][T11344] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  371.247993][T11359] netlink: 666 bytes leftover after parsing attributes in process `syz.2.1818'.
[  371.264786][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  371.368849][T11367] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  371.403957][   T10] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[  371.563943][   T10] usb 1-1: Using ep0 maxpacket: 8
[  371.574554][   T10] usb 1-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  371.597523][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.623953][   T10] usb 1-1: Product: syz
[  371.639394][   T10] usb 1-1: Manufacturer: syz
[  371.649532][   T10] usb 1-1: SerialNumber: syz
[  371.700870][T11378] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  371.722305][T11378] net veth1_virt_wifi : renamed from virt_wifi0
[  372.049707][ T5821] Bluetooth: hci3: unexpected event for opcode 0x2060
[  372.082516][T11387] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  372.194420][T11387] netlink: 774 bytes leftover after parsing attributes in process `syz.2.1827'.
[  372.216109][T11387] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1827'.
[  372.422413][T11395] FAULT_INJECTION: forcing a failure.
[  372.422413][T11395] name failslab, interval 1, probability 0, space 0, times 0
[  372.449052][T11395] CPU: 1 UID: 0 PID: 11395 Comm: syz.3.1829 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  372.449087][T11395] Tainted: [L]=SOFTLOCKUP
[  372.449095][T11395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  372.449108][T11395] Call Trace:
[  372.449117][T11395]  <TASK>
[  372.449126][T11395]  dump_stack_lvl+0xe8/0x150
[  372.449162][T11395]  should_fail_ex+0x412/0x560
[  372.449200][T11395]  should_failslab+0xa8/0x100
[  372.449232][T11395]  __kmalloc_noprof+0xe8/0x760
[  372.449277][T11395]  ? tomoyo_encode+0x28b/0x550
[  372.449313][T11395]  tomoyo_encode+0x28b/0x550
[  372.449355][T11395]  tomoyo_realpath_from_path+0x58d/0x5d0
[  372.449398][T11395]  ? tomoyo_path_number_perm+0x219/0x630
[  372.449425][T11395]  tomoyo_path_number_perm+0x246/0x630
[  372.449454][T11395]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  372.449484][T11395]  ? __lock_acquire+0x6b5/0x2cf0
[  372.449526][T11395]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  372.449577][T11395]  ? __fget_files+0x2a/0x420
[  372.449611][T11395]  ? __fget_files+0x2a/0x420
[  372.449633][T11395]  ? __fget_files+0x3a0/0x420
[  372.449655][T11395]  ? __fget_files+0x2a/0x420
[  372.449683][T11395]  security_file_ioctl+0xc3/0x2a0
[  372.449711][T11395]  __se_sys_ioctl+0x47/0x170
[  372.449743][T11395]  do_syscall_64+0x14d/0xf80
[  372.449771][T11395]  ? trace_irq_disable+0x3b/0x150
[  372.449793][T11395]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.449815][T11395]  ? clear_bhb_loop+0x40/0x90
[  372.449842][T11395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.449864][T11395] RIP: 0033:0x7f8888f9c799
[  372.449884][T11395] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  372.449901][T11395] RSP: 002b:00007f8889e18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  372.449922][T11395] RAX: ffffffffffffffda RBX: 00007f8889215fa0 RCX: 00007f8888f9c799
[  372.449938][T11395] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  372.449951][T11395] RBP: 00007f8889e18090 R08: 0000000000000000 R09: 0000000000000000
[  372.449964][T11395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.449976][T11395] R13: 00007f8889216038 R14: 00007f8889215fa0 R15: 00007fffcde1e288
[  372.450008][T11395]  </TASK>
[  372.451622][T11395] ERROR: Out of memory at tomoyo_realpath_from_path.
[  372.728851][   T10] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -71
[  372.791150][   T10] usb 1-1: USB disconnect, device number 116
[  372.866094][ T5887] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[  372.877754][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  373.055651][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  373.069216][ T5887] usb 2-1: Using ep0 maxpacket: 32
[  373.076931][ T5887] usb 2-1: config 2 has an invalid interface number: 88 but max is 0
[  373.085377][ T5887] usb 2-1: config 2 has no interface number 0
[  373.094402][ T5887] usb 2-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  373.105349][ T5887] usb 2-1: config 2 interface 88 has no altsetting 0
[  373.115698][ T5887] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  373.124868][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.132941][ T5887] usb 2-1: Product: syz
[  373.137227][ T5887] usb 2-1: Manufacturer: syz
[  373.141862][ T5887] usb 2-1: SerialNumber: syz
[  373.150520][T11393] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  373.180537][T11410] openvswitch: netlink: IP tunnel dst address not specified
[  373.451774][T11418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  373.452598][ T5887] asix 2-1:2.88: probe with driver asix failed with error -71
[  373.487724][T11418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  373.550703][ T5887] usb 2-1: USB disconnect, device number 100
[  373.559581][T11418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  373.596588][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  373.603562][T11418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  374.004018][ T5887] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[  374.170123][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.245502][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  374.286967][ T5887] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  374.346361][ T5887] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  374.377378][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.417417][ T5887] usb 3-1: config 0 descriptor??
[  374.643577][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  374.843363][ T5887] plantronics 0003:047F:FFFF.002E: invalid report_count -670467683
[  374.864288][ T5887] plantronics 0003:047F:FFFF.002E: item 0 4 1 9 parsing failed
[  374.866174][   T10] usb 1-1: new full-speed USB device number 117 using dummy_hcd
[  374.873342][ T5887] plantronics 0003:047F:FFFF.002E: parse failed
[  374.886770][ T5887] plantronics 0003:047F:FFFF.002E: probe with driver plantronics failed with error -22
[  375.045800][ T6189] usb 3-1: USB disconnect, device number 97
[  375.067418][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  375.085635][   T10] usb 1-1: not running at top speed; connect to a high speed hub
[  375.100547][   T10] usb 1-1: config 2 has an invalid interface number: 171 but max is 0
[  375.111073][   T10] usb 1-1: config 2 has no interface number 0
[  375.117640][   T10] usb 1-1: config 2 interface 171 has no altsetting 0
[  375.127398][   T10] usb 1-1: New USB device found, idVendor=046d, idProduct=0960, bcdDevice=c4.e0
[  375.144263][ T5887] usb 2-1: new high-speed USB device number 101 using dummy_hcd
[  375.148861][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.172020][   T10] usb 1-1: Product: syz
[  375.179817][   T10] usb 1-1: Manufacturer: syz
[  375.185750][   T10] usb 1-1: SerialNumber: syz
[  375.303983][ T5887] usb 2-1: Using ep0 maxpacket: 16
[  375.311539][ T5887] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  375.326687][ T5887] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  375.336731][ T5887] usb 2-1: config 0 interface 0 has no altsetting 0
[  375.343557][ T5887] usb 2-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  375.352963][ T5887] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.364713][ T5887] usb 2-1: config 0 descriptor??
[  375.407187][T11457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.428616][T11457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.448982][   T10] gspca_main: sunplus-2.14.0 probing 046d:0960
[  375.459502][   T10] gspca_sunplus: reg_w_riv err -71
[  375.464904][   T10] sunplus 1-1:2.171: probe with driver sunplus failed with error -71
[  375.482518][   T10] usb 1-1: USB disconnect, device number 117
[  375.804205][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.818791][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.827624][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.835393][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.842985][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.851560][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.872249][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.891555][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.902436][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.910078][ T5887] cougar 0003:060B:500A.002F: unknown main item tag 0x0
[  375.938537][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  375.956803][ T5887] cougar 0003:060B:500A.002F: hidraw1: USB HID v0.00 Device [HID 060b:500a] on usb-dummy_hcd.1-1/input0
[  375.996398][ T5887] usb 2-1: USB disconnect, device number 101
[  376.111703][T11492] fido_id[11492]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  376.168653][T11496] sp0: Synchronizing with TNC
[  376.368875][T11501] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  376.395611][T11501] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.568897][ T5821] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  377.012672][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  377.163972][   T42] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[  377.344192][   T42] usb 1-1: Using ep0 maxpacket: 8
[  377.360928][   T42] usb 1-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  377.378747][   T42] usb 1-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  377.393211][   T42] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.405149][   T42] usb 1-1: Product: syz
[  377.409478][   T42] usb 1-1: Manufacturer: syz
[  377.414473][   T42] usb 1-1: SerialNumber: syz
[  377.426702][   T42] hso 1-1:6.0: Not our interface
[  377.515432][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  377.640161][   T42] usb 1-1: USB disconnect, device number 118
[  377.656076][T11495] [U] �
[  377.807254][T11556] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  377.824678][T11556] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  377.958276][T11563] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1886'.
[  377.974191][T11564] netlink: 132 bytes leftover after parsing attributes in process `syz.2.1886'.
[  378.208299][T11572] FAULT_INJECTION: forcing a failure.
[  378.208299][T11572] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  378.225380][T11572] CPU: 1 UID: 0 PID: 11572 Comm: syz.1.1889 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  378.225415][T11572] Tainted: [L]=SOFTLOCKUP
[  378.225424][T11572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  378.225438][T11572] Call Trace:
[  378.225447][T11572]  <TASK>
[  378.225457][T11572]  dump_stack_lvl+0xe8/0x150
[  378.225492][T11572]  should_fail_ex+0x412/0x560
[  378.225531][T11572]  __kvm_read_guest_page+0x18d/0x240
[  378.225559][T11572]  kvm_fetch_guest_virt+0x12b/0x170
[  378.225594][T11572]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  378.225624][T11572]  __do_insn_fetch_bytes+0x31c/0x700
[  378.225657][T11572]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  378.225691][T11572]  ? trace_kvm_tdp_mmu_spte_changed+0x8a/0x260
[  378.225724][T11572]  x86_decode_insn+0x38e/0x5df0
[  378.225747][T11572]  ? handle_changed_spte+0x3f8/0x14a0
[  378.225793][T11572]  ? kvm_tdp_mmu_map+0xe16/0x1ed0
[  378.225829][T11572]  ? __pfx_x86_decode_insn+0x10/0x10
[  378.225854][T11572]  ? kvm_tdp_mmu_map+0x3bf/0x1ed0
[  378.225881][T11572]  ? kvm_mmu_faultin_pfn+0xebd/0x15e0
[  378.225914][T11572]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  378.225941][T11572]  ? __asan_memset+0x22/0x50
[  378.225965][T11572]  ? init_decode_cache+0xea/0x160
[  378.225992][T11572]  ? init_emulate_ctxt+0x4e7/0x680
[  378.226016][T11572]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  378.226040][T11572]  ? do_raw_read_unlock+0x3d/0x80
[  378.226064][T11572]  ? _raw_read_unlock+0x28/0x50
[  378.226089][T11572]  ? kvm_tdp_page_fault+0x2f4/0x370
[  378.226124][T11572]  x86_emulate_instruction+0x64a/0x2100
[  378.226152][T11572]  ? rcu_qs+0x5e/0xe0
[  378.226190][T11572]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  378.226231][T11572]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  378.226252][T11572]  ? __lock_acquire+0x6b5/0x2cf0
[  378.226291][T11572]  ? vmx_vcpu_run+0x1bb1/0x2de0
[  378.226321][T11572]  ? handle_io+0x1e3/0x270
[  378.226341][T11572]  ? __pfx_handle_io+0x10/0x10
[  378.226361][T11572]  vmx_handle_exit+0xfd1/0x16c0
[  378.226408][T11572]  vcpu_run+0x5fa2/0x7b90
[  378.226462][T11572]  ? vcpu_run+0x4ca8/0x7b90
[  378.226533][T11572]  ? __pfx_vcpu_run+0x10/0x10
[  378.226557][T11572]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  378.226592][T11572]  ? rcu_is_watching+0x15/0xb0
[  378.226628][T11572]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  378.226670][T11572]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  378.226697][T11572]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  378.226723][T11572]  ? rcu_is_watching+0x15/0xb0
[  378.226754][T11572]  ? trace_contention_end+0x3d/0x150
[  378.226777][T11572]  ? __mutex_lock+0x319/0x1300
[  378.226818][T11572]  ? kasan_quarantine_put+0xbb/0x1f0
[  378.226846][T11572]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  378.226873][T11572]  ? __pfx___mutex_lock+0x10/0x10
[  378.226903][T11572]  ? tomoyo_path_number_perm+0x219/0x630
[  378.226931][T11572]  ? do_vfs_ioctl+0x1166/0x1530
[  378.226962][T11572]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  378.226997][T11572]  kvm_vcpu_ioctl+0xa62/0xfd0
[  378.227025][T11572]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  378.227045][T11572]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  378.227095][T11572]  ? __fget_files+0x2a/0x420
[  378.227122][T11572]  ? __fget_files+0x2a/0x420
[  378.227144][T11572]  ? __fget_files+0x3a0/0x420
[  378.227174][T11572]  ? __fget_files+0x2a/0x420
[  378.227201][T11572]  ? bpf_lsm_file_ioctl+0x9/0x20
[  378.227232][T11572]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  378.227254][T11572]  __se_sys_ioctl+0xfc/0x170
[  378.227287][T11572]  do_syscall_64+0x14d/0xf80
[  378.227313][T11572]  ? trace_irq_disable+0x3b/0x150
[  378.227334][T11572]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.227356][T11572]  ? clear_bhb_loop+0x40/0x90
[  378.227382][T11572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.227404][T11572] RIP: 0033:0x7f5b9ef9c799
[  378.227425][T11572] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  378.227442][T11572] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  378.227464][T11572] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  378.227480][T11572] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  378.227492][T11572] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  378.227506][T11572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.227518][T11572] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  378.227552][T11572]  </TASK>
[  378.822372][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  378.829057][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  379.130283][T11589] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  379.156137][T11589] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  379.500033][T11612] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1905'.
[  379.512991][T11611] FAULT_INJECTION: forcing a failure.
[  379.512991][T11611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  379.528171][T11611] CPU: 0 UID: 0 PID: 11611 Comm: syz.1.1904 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  379.528203][T11611] Tainted: [L]=SOFTLOCKUP
[  379.528212][T11611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  379.528225][T11611] Call Trace:
[  379.528234][T11611]  <TASK>
[  379.528243][T11611]  dump_stack_lvl+0xe8/0x150
[  379.528277][T11611]  should_fail_ex+0x412/0x560
[  379.528316][T11611]  __kvm_read_guest_page+0x18d/0x240
[  379.528344][T11611]  kvm_fetch_guest_virt+0x12b/0x170
[  379.528378][T11611]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  379.528410][T11611]  __do_insn_fetch_bytes+0x31c/0x700
[  379.528442][T11611]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  379.528482][T11611]  x86_decode_insn+0x38e/0x5df0
[  379.528513][T11611]  ? kvm_is_mmio_pfn+0x169/0x720
[  379.528544][T11611]  ? trace_kvm_tdp_mmu_spte_changed+0x8a/0x260
[  379.528578][T11611]  ? handle_changed_spte+0x3f8/0x14a0
[  379.528610][T11611]  ? __pfx_x86_decode_insn+0x10/0x10
[  379.528638][T11611]  ? kvm_tdp_mmu_map+0x3bf/0x1ed0
[  379.528668][T11611]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  379.528695][T11611]  ? __asan_memset+0x22/0x50
[  379.528719][T11611]  ? init_decode_cache+0xea/0x160
[  379.528745][T11611]  ? init_emulate_ctxt+0x4e7/0x680
[  379.528769][T11611]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  379.528789][T11611]  ? kvm_mmu_faultin_pfn+0xebd/0x15e0
[  379.528828][T11611]  x86_emulate_instruction+0x64a/0x2100
[  379.528866][T11611]  ? do_raw_read_unlock+0x3d/0x80
[  379.528888][T11611]  ? _raw_read_unlock+0x28/0x50
[  379.528912][T11611]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  379.528939][T11611]  ? vmx_handle_exit_irqoff+0x100/0xa00
[  379.528967][T11611]  ? rcu_qs+0x5e/0xe0
[  379.529000][T11611]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  379.529038][T11611]  handle_ud+0x189/0x590
[  379.529080][T11611]  ? __pfx_handle_ud+0x10/0x10
[  379.529129][T11611]  ? __pfx_handle_exception_nmi+0x10/0x10
[  379.529162][T11611]  vmx_handle_exit+0xfd1/0x16c0
[  379.529210][T11611]  vcpu_run+0x5fa2/0x7b90
[  379.529266][T11611]  ? vcpu_run+0x4ca8/0x7b90
[  379.529340][T11611]  ? __pfx_vcpu_run+0x10/0x10
[  379.529363][T11611]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  379.529399][T11611]  ? rcu_is_watching+0x15/0xb0
[  379.529436][T11611]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  379.529478][T11611]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  379.529505][T11611]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  379.529532][T11611]  ? rcu_is_watching+0x15/0xb0
[  379.529563][T11611]  ? trace_contention_end+0x3d/0x150
[  379.529586][T11611]  ? __mutex_lock+0x319/0x1300
[  379.529622][T11611]  ? kasan_quarantine_put+0xbb/0x1f0
[  379.529649][T11611]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  379.529676][T11611]  ? __pfx___mutex_lock+0x10/0x10
[  379.529706][T11611]  ? tomoyo_path_number_perm+0x219/0x630
[  379.529736][T11611]  ? do_vfs_ioctl+0x1166/0x1530
[  379.529768][T11611]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  379.529796][T11611]  kvm_vcpu_ioctl+0xa62/0xfd0
[  379.529822][T11611]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  379.529840][T11611]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  379.529887][T11611]  ? __fget_files+0x2a/0x420
[  379.529910][T11611]  ? __fget_files+0x2a/0x420
[  379.529927][T11611]  ? __fget_files+0x3a0/0x420
[  379.529945][T11611]  ? __fget_files+0x2a/0x420
[  379.529968][T11611]  ? bpf_lsm_file_ioctl+0x9/0x20
[  379.529993][T11611]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  379.530011][T11611]  __se_sys_ioctl+0xfc/0x170
[  379.530037][T11611]  do_syscall_64+0x14d/0xf80
[  379.530078][T11611]  ? trace_irq_disable+0x3b/0x150
[  379.530095][T11611]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.530112][T11611]  ? clear_bhb_loop+0x40/0x90
[  379.530134][T11611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.530151][T11611] RIP: 0033:0x7f5b9ef9c799
[  379.530168][T11611] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  379.530183][T11611] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  379.530201][T11611] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  379.530223][T11611] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  379.530236][T11611] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  379.530248][T11611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  379.530259][T11611] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  379.530284][T11611]  </TASK>
[  380.594725][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  380.735118][ T5887] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[  380.754935][T11646] FAULT_INJECTION: forcing a failure.
[  380.754935][T11646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.768244][T11646] CPU: 0 UID: 0 PID: 11646 Comm: syz.1.1917 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  380.768268][T11646] Tainted: [L]=SOFTLOCKUP
[  380.768274][T11646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  380.768284][T11646] Call Trace:
[  380.768290][T11646]  <TASK>
[  380.768297][T11646]  dump_stack_lvl+0xe8/0x150
[  380.768324][T11646]  should_fail_ex+0x412/0x560
[  380.768351][T11646]  __kvm_read_guest_page+0x18d/0x240
[  380.768371][T11646]  kvm_fetch_guest_virt+0x12b/0x170
[  380.768395][T11646]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  380.768418][T11646]  __do_insn_fetch_bytes+0x31c/0x700
[  380.768440][T11646]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  380.768462][T11646]  ? x86_decode_insn+0x1719/0x5df0
[  380.768483][T11646]  x86_decode_insn+0x38e/0x5df0
[  380.768522][T11646]  ? __pfx_x86_decode_insn+0x10/0x10
[  380.768542][T11646]  ? kvm_tdp_mmu_map+0x3bf/0x1ed0
[  380.768564][T11646]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  380.768582][T11646]  ? __asan_memset+0x22/0x50
[  380.768599][T11646]  ? init_decode_cache+0xea/0x160
[  380.768618][T11646]  ? init_emulate_ctxt+0x4e7/0x680
[  380.768641][T11646]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  380.768664][T11646]  x86_emulate_instruction+0x64a/0x2100
[  380.768689][T11646]  ? do_raw_read_unlock+0x3d/0x80
[  380.768706][T11646]  ? _raw_read_unlock+0x28/0x50
[  380.768725][T11646]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  380.768745][T11646]  ? vmx_handle_exit_irqoff+0x100/0xa00
[  380.768766][T11646]  ? rcu_qs+0x5e/0xe0
[  380.768786][T11646]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  380.768812][T11646]  handle_ud+0x189/0x590
[  380.768837][T11646]  ? __pfx_handle_ud+0x10/0x10
[  380.768893][T11646]  ? __pfx_handle_exception_nmi+0x10/0x10
[  380.768926][T11646]  vmx_handle_exit+0xfd1/0x16c0
[  380.768976][T11646]  vcpu_run+0x5fa2/0x7b90
[  380.769014][T11646]  ? vcpu_run+0x4ca8/0x7b90
[  380.769090][T11646]  ? __pfx_vcpu_run+0x10/0x10
[  380.769115][T11646]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  380.769151][T11646]  ? rcu_is_watching+0x15/0xb0
[  380.769184][T11646]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  380.769213][T11646]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  380.769232][T11646]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  380.769250][T11646]  ? rcu_is_watching+0x15/0xb0
[  380.769272][T11646]  ? trace_contention_end+0x3d/0x150
[  380.769288][T11646]  ? __mutex_lock+0x319/0x1300
[  380.769314][T11646]  ? kasan_quarantine_put+0xbb/0x1f0
[  380.769333][T11646]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  380.769352][T11646]  ? __pfx___mutex_lock+0x10/0x10
[  380.769373][T11646]  ? tomoyo_path_number_perm+0x219/0x630
[  380.769394][T11646]  ? do_vfs_ioctl+0x1166/0x1530
[  380.769418][T11646]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  380.769441][T11646]  kvm_vcpu_ioctl+0xa62/0xfd0
[  380.769461][T11646]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  380.769475][T11646]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  380.769511][T11646]  ? __fget_files+0x2a/0x420
[  380.769530][T11646]  ? __fget_files+0x2a/0x420
[  380.769545][T11646]  ? __fget_files+0x3a0/0x420
[  380.769560][T11646]  ? __fget_files+0x2a/0x420
[  380.769582][T11646]  ? bpf_lsm_file_ioctl+0x9/0x20
[  380.769604][T11646]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  380.769620][T11646]  __se_sys_ioctl+0xfc/0x170
[  380.769648][T11646]  do_syscall_64+0x14d/0xf80
[  380.769667][T11646]  ? trace_irq_disable+0x3b/0x150
[  380.769682][T11646]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.769697][T11646]  ? clear_bhb_loop+0x40/0x90
[  380.769716][T11646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.769732][T11646] RIP: 0033:0x7f5b9ef9c799
[  380.769747][T11646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  380.769761][T11646] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.769777][T11646] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  380.769789][T11646] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  380.769799][T11646] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  380.769808][T11646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  380.769818][T11646] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  380.769841][T11646]  </TASK>
[  381.203933][ T5887] usb 3-1: Using ep0 maxpacket: 8
[  381.228250][ T5887] usb 3-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  381.256775][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.300429][ T5887] usb 3-1: Product: syz
[  381.306354][T11649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.317375][T11649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  381.328520][ T5887] usb 3-1: Manufacturer: syz
[  381.338448][ T5887] usb 3-1: SerialNumber: syz
[  381.419017][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  381.816144][ T5887] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -71
[  381.845397][ T5887] usb 3-1: USB disconnect, device number 98
[  381.890560][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  381.995129][T11660] netlink: 'syz.3.1922': attribute type 6 has an invalid length.
[  382.080250][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  382.413964][   T10] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[  382.523950][  T797] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[  382.568355][T11679] binder: 11678:11679 ioctl c018620b 200000000280 returned -14
[  382.577263][   T10] usb 3-1: Using ep0 maxpacket: 16
[  382.586422][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  382.596897][   T10] usb 3-1: unable to read config index 0 descriptor/start: -61
[  382.605574][   T10] usb 3-1: can't read configurations, error -61
[  382.611115][T11679] binder: 11678:11679 ioctl d000943d 2000000024c0 returned -22
[  382.620690][T11679] binder: 11678:11679 ioctl d0009411 2000000004c0 returned -22
[  382.686034][  T797] usb 2-1: Using ep0 maxpacket: 32
[  382.696864][  T797] usb 2-1: unable to get BOS descriptor or descriptor too short
[  382.706156][  T797] usb 2-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x95, changing to 0x85
[  382.721173][  T797] usb 2-1: New USB device found, idVendor=249c, idProduct=931c, bcdDevice= 0.40
[  382.731689][  T797] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.739984][  T797] usb 2-1: Product: syz
[  382.744382][   T10] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[  382.752450][  T797] usb 2-1: Manufacturer: syz
[  382.757591][  T797] usb 2-1: SerialNumber: syz
[  382.916699][   T10] usb 3-1: Using ep0 maxpacket: 16
[  382.927160][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  382.937831][   T10] usb 3-1: unable to read config index 0 descriptor/start: -61
[  382.946355][   T10] usb 3-1: can't read configurations, error -61
[  382.953435][   T10] usb usb3-port1: attempt power cycle
[  382.985926][  T797] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  383.003375][  T797] usb 2-1: MIDIStreaming interface descriptor not found
[  383.035436][T11689] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  383.048369][T11689] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  383.106121][  T797] usb 2-1: USB disconnect, device number 102
[  383.152742][ T5825] udevd[5825]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  383.304799][   T10] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[  383.334929][   T10] usb 3-1: Using ep0 maxpacket: 16
[  383.342650][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  383.352315][   T10] usb 3-1: unable to read config index 0 descriptor/start: -61
[  383.360157][   T10] usb 3-1: can't read configurations, error -61
[  383.496332][   T10] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[  383.535303][   T10] usb 3-1: Using ep0 maxpacket: 16
[  383.542465][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  383.564848][   T10] usb 3-1: unable to read config index 0 descriptor/start: -61
[  383.577140][   T10] usb 3-1: can't read configurations, error -61
[  383.591702][   T10] usb usb3-port1: unable to enumerate USB device
[  383.988208][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  384.003194][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  384.484696][  T797] usb 2-1: new high-speed USB device number 103 using dummy_hcd
[  384.583951][   T10] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[  384.654109][  T797] usb 2-1: Using ep0 maxpacket: 8
[  384.663457][  T797] usb 2-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  384.673054][  T797] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.681801][  T797] usb 2-1: Product: syz
[  384.686374][  T797] usb 2-1: Manufacturer: syz
[  384.691009][  T797] usb 2-1: SerialNumber: syz
[  384.737094][   T10] usb 1-1: config 1 has an invalid interface number: 188 but max is 0
[  384.745528][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  384.755766][   T10] usb 1-1: config 1 has no interface number 0
[  384.761936][   T10] usb 1-1: config 1 interface 188 altsetting 209 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  384.775318][   T10] usb 1-1: config 1 interface 188 has no altsetting 0
[  384.786410][   T10] usb 1-1: New USB device found, idVendor=2040, idProduct=7210, bcdDevice=5b.6b
[  384.795720][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.803977][   T10] usb 1-1: Product: syz
[  384.808215][   T10] usb 1-1: Manufacturer: syz
[  384.812835][   T10] usb 1-1: SerialNumber: syz
[  385.184171][  T797] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71
[  385.237775][  T797] usb 2-1: USB disconnect, device number 103
[  385.300029][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  385.309941][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  385.336894][T11745] netlink: 25 bytes leftover after parsing attributes in process `syz.3.1954'.
[  385.542844][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  385.826165][T11761] raw_sendmsg: syz.2.1960 forgot to set AF_INET. Fix it!
[  386.123986][ T5851] usb 2-1: new high-speed USB device number 104 using dummy_hcd
[  386.170167][T11772] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.181503][T11772] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.225772][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  386.235481][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  386.324089][ T5851] usb 2-1: Using ep0 maxpacket: 16
[  386.331914][ T5851] usb 2-1: unable to get BOS descriptor or descriptor too short
[  386.341991][ T5851] usb 2-1: config 13 has an invalid interface number: 50 but max is 0
[  386.350589][ T5851] usb 2-1: config 13 has no interface number 0
[  386.354438][   T42] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[  386.358068][ T5851] usb 2-1: config 13 interface 50 altsetting 167 bulk endpoint 0x8 has invalid maxpacket 16
[  386.375615][ T5851] usb 2-1: config 13 interface 50 has no altsetting 0
[  386.385052][ T5851] usb 2-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32
[  386.394289][ T5851] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.402422][ T5851] usb 2-1: Product: syz
[  386.406749][ T5851] usb 2-1: Manufacturer: syz
[  386.408212][T11772] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.411606][ T5851] usb 2-1: SerialNumber: syz
[  386.431178][T11772] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.451311][T11763] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  386.523925][   T42] usb 3-1: Using ep0 maxpacket: 8
[  386.541019][   T42] usb 3-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  386.563918][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.584006][   T42] usb 3-1: Product: syz
[  386.588300][   T42] usb 3-1: Manufacturer: syz
[  386.594400][   T42] usb 3-1: SerialNumber: syz
[  386.725819][ T5851] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  386.733178][ T5851] usb 2-1: MIDIStreaming interface descriptor not found
[  386.825853][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  386.836366][ T5851] usb 2-1: USB disconnect, device number 104
[  387.156846][   T42] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -71
[  387.183690][   T42] usb 3-1: USB disconnect, device number 103
[  387.241305][ T6541] udevd[6541]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card4/controlC4/../uevent} for writing: No such file or directory
[  387.333471][   T10] usb 1-1: unknown interface protocol 0xc1, assuming v1
[  387.350661][   T10] usb 1-1: 188:0 : does not exist
[  387.471788][   T10] usb 1-1: USB disconnect, device number 119
[  387.483987][ T5821] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  387.855553][   T42] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[  388.036236][   T42] usb 2-1: device descriptor read/64, error -71
[  388.130934][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  388.149038][T11793] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  388.194345][T11793] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  388.295384][   T42] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[  388.444858][   T42] usb 2-1: device descriptor read/64, error -71
[  388.564793][   T42] usb usb2-port1: attempt power cycle
[  388.714113][ T5887] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[  388.763958][   T10] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[  388.844077][ T5887] usb 3-1: device descriptor read/64, error -71
[  388.903955][   T42] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[  388.933906][   T10] usb 1-1: Using ep0 maxpacket: 8
[  388.939607][   T42] usb 2-1: device descriptor read/8, error -71
[  388.949486][   T10] usb 1-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  388.959617][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  388.968115][   T10] usb 1-1: Product: syz
[  388.972421][   T10] usb 1-1: Manufacturer: syz
[  388.977732][   T10] usb 1-1: SerialNumber: syz
[  389.083943][ T5887] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[  389.183997][   T42] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[  389.204748][   T42] usb 2-1: device descriptor read/8, error -71
[  389.214171][ T5887] usb 3-1: device descriptor read/64, error -71
[  389.317504][   T42] usb usb2-port1: unable to enumerate USB device
[  389.325513][ T5887] usb usb3-port1: attempt power cycle
[  389.489376][   T10] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -71
[  389.515365][   T10] usb 1-1: USB disconnect, device number 120
[  389.547443][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  389.715180][ T5887] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[  389.774614][ T5887] usb 3-1: device descriptor read/8, error -71
[  390.114073][ T5887] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[  390.134782][ T5887] usb 3-1: device descriptor read/8, error -71
[  390.186690][T11828] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1986'.
[  390.264315][ T5887] usb usb3-port1: unable to enumerate USB device
[  390.498902][T11841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  390.509181][T11841] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  391.054441][ T5887] usb 2-1: new low-speed USB device number 109 using dummy_hcd
[  391.278321][ T5887] usb 2-1: config 255 has an invalid interface number: 133 but max is 0
[  391.296505][ T5887] usb 2-1: config 255 has no interface number 0
[  391.325072][ T5887] usb 2-1: config 255 interface 133 altsetting 12 endpoint 0x2 has invalid maxpacket 64, setting to 8
[  391.337686][ T5887] usb 2-1: config 255 interface 133 has no altsetting 0
[  391.625442][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  391.772221][ T5821] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  391.923981][   T42] usb 3-1: new full-speed USB device number 108 using dummy_hcd
[  392.096667][   T42] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  392.109936][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 223, changing to 4
[  392.122482][   T42] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid maxpacket 15461, setting to 1023
[  392.138344][   T42] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  392.148924][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  392.159038][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.167730][   T42] usb 3-1: Product: syz
[  392.172268][   T42] usb 3-1: Manufacturer: syz
[  392.179812][   T42] usb 3-1: SerialNumber: syz
[  392.188883][   T42] usb 3-1: config 0 descriptor??
[  392.283961][ T5828] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[  392.322860][T11878] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2006'.
[  392.400696][T11864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  392.416631][T11864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  392.443979][ T5828] usb 1-1: Using ep0 maxpacket: 8
[  392.459008][   T42] em28xx 3-1:0.0: New device syz syz @ 12 Mbps (2040:0264, interface 0, class 0)
[  392.478213][ T5828] usb 1-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  392.492474][   T42] em28xx 3-1:0.0: Device initialization failed.
[  392.499090][ T5828] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  392.507589][   T42] em28xx 3-1:0.0: Device must be connected to a high-speed USB 2.0 port.
[  392.516407][ T5828] usb 1-1: Product: syz
[  392.523589][ T5828] usb 1-1: Manufacturer: syz
[  392.534847][   T42] usb 3-1: USB disconnect, device number 108
[  392.541092][ T5828] usb 1-1: SerialNumber: syz
[  392.547658][T11882] netlink: 184 bytes leftover after parsing attributes in process `syz.3.2008'.
[  392.562478][T11882] xt_socket: unknown flags 0xd0
[  392.704065][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  393.312175][ T5828] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -71
[  393.350204][ T5828] usb 1-1: USB disconnect, device number 121
[  393.395387][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  393.465106][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  393.559179][ T5821] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  393.604362][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  393.865716][ T5887] usb 2-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=d7.fb
[  393.875264][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.901027][ T5887] usb 2-1: can't set config #255, error -71
[  393.939110][ T5887] usb 2-1: USB disconnect, device number 109
[  394.263121][T11916] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.289383][T11916] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.394006][   T10] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[  394.471556][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  394.563918][   T10] usb 3-1: Using ep0 maxpacket: 16
[  394.595528][   T10] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 129, using maximum allowed: 30
[  394.623959][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  394.643929][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  394.663978][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 129
[  394.686088][   T10] usb 3-1: New USB device found, idVendor=0458, idProduct=5013, bcdDevice= 0.00
[  394.715458][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  394.734590][   T10] usb 3-1: config 0 descriptor??
[  394.957324][T11933] FAULT_INJECTION: forcing a failure.
[  394.957324][T11933] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  394.973344][T11933] CPU: 1 UID: 0 PID: 11933 Comm: syz.1.2025 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  394.973379][T11933] Tainted: [L]=SOFTLOCKUP
[  394.973388][T11933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  394.973401][T11933] Call Trace:
[  394.973410][T11933]  <TASK>
[  394.973420][T11933]  dump_stack_lvl+0xe8/0x150
[  394.973457][T11933]  should_fail_ex+0x412/0x560
[  394.973498][T11933]  __kvm_read_guest_page+0x18d/0x240
[  394.973526][T11933]  kvm_fetch_guest_virt+0x12b/0x170
[  394.973562][T11933]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  394.973594][T11933]  __do_insn_fetch_bytes+0x31c/0x700
[  394.973627][T11933]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  394.973655][T11933]  ? vmx_set_cr0+0x8d0/0x1ea0
[  394.973687][T11933]  x86_decode_insn+0x38e/0x5df0
[  394.973745][T11933]  ? __pfx_x86_decode_insn+0x10/0x10
[  394.973774][T11933]  ? __pfx_kvm_io_bus_write+0x10/0x10
[  394.973813][T11933]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  394.973838][T11933]  ? __asan_memset+0x22/0x50
[  394.973862][T11933]  ? init_decode_cache+0xea/0x160
[  394.973888][T11933]  ? init_emulate_ctxt+0x4e7/0x680
[  394.973913][T11933]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  394.973937][T11933]  ? __pfx_emulator_write_gpr+0x10/0x10
[  394.973966][T11933]  ? x86_emulate_insn+0x2340/0x43d0
[  394.973995][T11933]  x86_emulate_instruction+0x64a/0x2100
[  394.974033][T11933]  ? vmx_set_rflags+0x43b/0x5c0
[  394.974065][T11933]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  394.974093][T11933]  ? vmx_handle_exit_irqoff+0x100/0xa00
[  394.974122][T11933]  ? rcu_qs+0x5e/0xe0
[  394.974150][T11933]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  394.974187][T11933]  handle_ud+0x189/0x590
[  394.974223][T11933]  ? __pfx_handle_ud+0x10/0x10
[  394.974266][T11933]  ? __pfx_handle_exception_nmi+0x10/0x10
[  394.974306][T11933]  vmx_handle_exit+0xfd1/0x16c0
[  394.974372][T11933]  vcpu_run+0x5fa2/0x7b90
[  394.974471][T11933]  ? vcpu_run+0x4ca8/0x7b90
[  394.974585][T11933]  ? __pfx_vcpu_run+0x10/0x10
[  394.974644][T11933]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  394.974697][T11933]  ? rcu_is_watching+0x15/0xb0
[  394.974784][T11933]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  394.974839][T11933]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  394.974865][T11933]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  394.974891][T11933]  ? rcu_is_watching+0x15/0xb0
[  394.974921][T11933]  ? trace_contention_end+0x3d/0x150
[  394.974944][T11933]  ? __mutex_lock+0x319/0x1300
[  394.974980][T11933]  ? kasan_quarantine_put+0xbb/0x1f0
[  394.975009][T11933]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  394.975035][T11933]  ? __pfx___mutex_lock+0x10/0x10
[  394.975065][T11933]  ? tomoyo_path_number_perm+0x219/0x630
[  394.975096][T11933]  ? do_vfs_ioctl+0x1166/0x1530
[  394.975129][T11933]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  394.975162][T11933]  kvm_vcpu_ioctl+0xa62/0xfd0
[  394.975191][T11933]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  394.975210][T11933]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  394.975260][T11933]  ? __fget_files+0x2a/0x420
[  394.975285][T11933]  ? __fget_files+0x2a/0x420
[  394.975313][T11933]  ? __fget_files+0x3a0/0x420
[  394.975334][T11933]  ? __fget_files+0x2a/0x420
[  394.975359][T11933]  ? bpf_lsm_file_ioctl+0x9/0x20
[  394.975389][T11933]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  394.975411][T11933]  __se_sys_ioctl+0xfc/0x170
[  394.975443][T11933]  do_syscall_64+0x14d/0xf80
[  394.975470][T11933]  ? trace_irq_disable+0x3b/0x150
[  394.975491][T11933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.975551][T11933]  ? clear_bhb_loop+0x40/0x90
[  394.975613][T11933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  394.975643][T11933] RIP: 0033:0x7f5b9ef9c799
[  394.975688][T11933] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  394.975735][T11933] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  394.975780][T11933] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  394.975797][T11933] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  394.975834][T11933] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  394.975869][T11933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  394.975897][T11933] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  394.975947][T11933]  </TASK>
[  395.571500][T11941] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  395.585068][T11941] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  395.644214][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  395.662714][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  395.712855][   T10] usb 3-1: USB disconnect, device number 109
[  395.857485][T11951] netlink: 176 bytes leftover after parsing attributes in process `syz.0.2027'.
[  395.948736][ T5821] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  396.625460][  T797] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[  396.670644][T11974] FAULT_INJECTION: forcing a failure.
[  396.670644][T11974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  396.683856][T11974] CPU: 1 UID: 0 PID: 11974 Comm: syz.0.2038 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  396.683890][T11974] Tainted: [L]=SOFTLOCKUP
[  396.683899][T11974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  396.683919][T11974] Call Trace:
[  396.683931][T11974]  <TASK>
[  396.683941][T11974]  dump_stack_lvl+0xe8/0x150
[  396.683985][T11974]  should_fail_ex+0x412/0x560
[  396.684034][T11974]  __kvm_read_guest_page+0x18d/0x240
[  396.684070][T11974]  kvm_fetch_guest_virt+0x12b/0x170
[  396.684114][T11974]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  396.684154][T11974]  __do_insn_fetch_bytes+0x31c/0x700
[  396.684192][T11974]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  396.684228][T11974]  ? vmx_set_cr0+0x8d0/0x1ea0
[  396.684267][T11974]  x86_decode_insn+0x38e/0x5df0
[  396.684332][T11974]  ? __pfx_x86_decode_insn+0x10/0x10
[  396.684370][T11974]  ? __pfx_kvm_io_bus_write+0x10/0x10
[  396.684408][T11974]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  396.684443][T11974]  ? __asan_memset+0x22/0x50
[  396.684473][T11974]  ? init_decode_cache+0xea/0x160
[  396.684507][T11974]  ? init_emulate_ctxt+0x4e7/0x680
[  396.684538][T11974]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  396.684568][T11974]  ? __pfx_emulator_write_gpr+0x10/0x10
[  396.684604][T11974]  ? x86_emulate_insn+0x2340/0x43d0
[  396.684639][T11974]  x86_emulate_instruction+0x64a/0x2100
[  396.684687][T11974]  ? vmx_set_rflags+0x43b/0x5c0
[  396.684727][T11974]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  396.684760][T11974]  ? vmx_handle_exit_irqoff+0x100/0xa00
[  396.684798][T11974]  ? rcu_qs+0x5e/0xe0
[  396.684834][T11974]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  396.684878][T11974]  handle_ud+0x189/0x590
[  396.684931][T11974]  ? __pfx_handle_ud+0x10/0x10
[  396.684981][T11974]  ? __pfx_handle_exception_nmi+0x10/0x10
[  396.685017][T11974]  vmx_handle_exit+0xfd1/0x16c0
[  396.685075][T11974]  vcpu_run+0x5fa2/0x7b90
[  396.685139][T11974]  ? vcpu_run+0x4ca8/0x7b90
[  396.685226][T11974]  ? __pfx_vcpu_run+0x10/0x10
[  396.685253][T11974]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  396.685296][T11974]  ? rcu_is_watching+0x15/0xb0
[  396.685341][T11974]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  396.685390][T11974]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  396.685425][T11974]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  396.685458][T11974]  ? rcu_is_watching+0x15/0xb0
[  396.685494][T11974]  ? trace_contention_end+0x3d/0x150
[  396.685525][T11974]  ? __mutex_lock+0x319/0x1300
[  396.685570][T11974]  ? kasan_quarantine_put+0xbb/0x1f0
[  396.685607][T11974]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  396.685640][T11974]  ? __pfx___mutex_lock+0x10/0x10
[  396.685677][T11974]  ? tomoyo_path_number_perm+0x219/0x630
[  396.685716][T11974]  ? do_vfs_ioctl+0x1166/0x1530
[  396.685756][T11974]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  396.685798][T11974]  kvm_vcpu_ioctl+0xa62/0xfd0
[  396.685833][T11974]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  396.685859][T11974]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  396.685929][T11974]  ? __fget_files+0x2a/0x420
[  396.685964][T11974]  ? __fget_files+0x2a/0x420
[  396.685991][T11974]  ? __fget_files+0x3a0/0x420
[  396.686021][T11974]  ? __fget_files+0x2a/0x420
[  396.686051][T11974]  ? bpf_lsm_file_ioctl+0x9/0x20
[  396.686084][T11974]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  396.686109][T11974]  __se_sys_ioctl+0xfc/0x170
[  396.686150][T11974]  do_syscall_64+0x14d/0xf80
[  396.686186][T11974]  ? trace_irq_disable+0x3b/0x150
[  396.686211][T11974]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.686240][T11974]  ? clear_bhb_loop+0x40/0x90
[  396.686275][T11974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.686300][T11974] RIP: 0033:0x7ff32c99c799
[  396.686329][T11974] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  396.686352][T11974] RSP: 002b:00007ff32abf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  396.686380][T11974] RAX: ffffffffffffffda RBX: 00007ff32cc15fa0 RCX: 00007ff32c99c799
[  396.686401][T11974] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  396.686417][T11974] RBP: 00007ff32abf6090 R08: 0000000000000000 R09: 0000000000000000
[  396.686433][T11974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  396.686453][T11974] R13: 00007ff32cc16038 R14: 00007ff32cc15fa0 R15: 00007ffe2061c0e8
[  396.686494][T11974]  </TASK>
[  397.154112][  T797] usb 3-1: Using ep0 maxpacket: 8
[  397.189052][  T797] usb 3-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  397.211275][T11978] sctp: [Deprecated]: syz.1.2039 (pid 11978) Use of int in max_burst socket option.
[  397.211275][T11978] Use struct sctp_assoc_value instead
[  397.239314][  T797] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.257874][T11977] netlink: 10 bytes leftover after parsing attributes in process `syz.1.2039'.
[  397.304891][  T797] usb 3-1: Product: syz
[  397.339673][  T797] usb 3-1: Manufacturer: syz
[  397.359841][  T797] usb 3-1: SerialNumber: syz
[  397.621858][T11985] trusted_key: encrypted_key: master key parameter '6.��Ő�Ձ�
J���
[  397.621858][T11985] �Y��>)Z4��+�
����~Z�Wϡ��^v�' is invalid
[  397.752785][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  397.966163][T11994] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.991239][T11994] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  398.222981][  T797] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -71
[  398.227662][T12002] FAULT_INJECTION: forcing a failure.
[  398.227662][T12002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.245654][T12002] CPU: 1 UID: 0 PID: 12002 Comm: syz.1.2048 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  398.245687][T12002] Tainted: [L]=SOFTLOCKUP
[  398.245696][T12002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  398.245710][T12002] Call Trace:
[  398.245719][T12002]  <TASK>
[  398.245728][T12002]  dump_stack_lvl+0xe8/0x150
[  398.245765][T12002]  should_fail_ex+0x412/0x560
[  398.245804][T12002]  __kvm_read_guest_page+0x18d/0x240
[  398.245832][T12002]  kvm_fetch_guest_virt+0x12b/0x170
[  398.245866][T12002]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  398.245897][T12002]  __do_insn_fetch_bytes+0x31c/0x700
[  398.245951][T12002]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  398.245990][T12002]  x86_decode_insn+0x38e/0x5df0
[  398.246022][T12002]  ? __pfx_x86_decode_insn+0x10/0x10
[  398.246058][T12002]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  398.246090][T12002]  ? __pfx_x86_decode_insn+0x10/0x10
[  398.246112][T12002]  ? init_emulate_ctxt+0x4e7/0x680
[  398.246136][T12002]  ? kvm_multiple_exception+0x69a/0xc00
[  398.246173][T12002]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  398.246199][T12002]  ? __asan_memset+0x22/0x50
[  398.246223][T12002]  ? init_decode_cache+0xea/0x160
[  398.246248][T12002]  ? init_emulate_ctxt+0x4e7/0x680
[  398.246271][T12002]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  398.246291][T12002]  ? finish_task_switch+0xb14/0xbe0
[  398.246320][T12002]  ? rcu_is_watching+0x15/0xb0
[  398.246355][T12002]  x86_emulate_instruction+0x64a/0x2100
[  398.246382][T12002]  ? rcu_qs+0x5e/0xe0
[  398.246408][T12002]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  398.246448][T12002]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  398.246468][T12002]  ? __lock_acquire+0x6b5/0x2cf0
[  398.246507][T12002]  ? vmx_vcpu_run+0x1bb1/0x2de0
[  398.246537][T12002]  ? handle_io+0x1e3/0x270
[  398.246557][T12002]  ? __pfx_handle_io+0x10/0x10
[  398.246577][T12002]  vmx_handle_exit+0xfd1/0x16c0
[  398.246622][T12002]  vcpu_run+0x5fa2/0x7b90
[  398.246674][T12002]  ? vcpu_run+0x4ca8/0x7b90
[  398.246748][T12002]  ? __pfx_vcpu_run+0x10/0x10
[  398.246771][T12002]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  398.246807][T12002]  ? rcu_is_watching+0x15/0xb0
[  398.246843][T12002]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  398.246884][T12002]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  398.246925][T12002]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  398.246952][T12002]  ? rcu_is_watching+0x15/0xb0
[  398.246982][T12002]  ? trace_contention_end+0x3d/0x150
[  398.247006][T12002]  ? __mutex_lock+0x319/0x1300
[  398.247048][T12002]  ? kasan_quarantine_put+0xbb/0x1f0
[  398.247077][T12002]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  398.247104][T12002]  ? __pfx___mutex_lock+0x10/0x10
[  398.247134][T12002]  ? tomoyo_path_number_perm+0x219/0x630
[  398.247162][T12002]  ? do_vfs_ioctl+0x1166/0x1530
[  398.247195][T12002]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  398.247229][T12002]  kvm_vcpu_ioctl+0xa62/0xfd0
[  398.247257][T12002]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  398.247278][T12002]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  398.247328][T12002]  ? __fget_files+0x2a/0x420
[  398.247355][T12002]  ? __fget_files+0x2a/0x420
[  398.247378][T12002]  ? __fget_files+0x3a0/0x420
[  398.247400][T12002]  ? __fget_files+0x2a/0x420
[  398.247427][T12002]  ? bpf_lsm_file_ioctl+0x9/0x20
[  398.247457][T12002]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  398.247479][T12002]  __se_sys_ioctl+0xfc/0x170
[  398.247511][T12002]  do_syscall_64+0x14d/0xf80
[  398.247537][T12002]  ? trace_irq_disable+0x3b/0x150
[  398.247557][T12002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.247579][T12002]  ? clear_bhb_loop+0x40/0x90
[  398.247606][T12002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.247626][T12002] RIP: 0033:0x7f5b9ef9c799
[  398.247646][T12002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  398.247663][T12002] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  398.247683][T12002] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  398.247697][T12002] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  398.247711][T12002] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  398.247723][T12002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  398.247735][T12002] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  398.247769][T12002]  </TASK>
[  398.703084][  T797] usb 3-1: USB disconnect, device number 110
[  398.747399][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  399.549927][T12035] FAULT_INJECTION: forcing a failure.
[  399.549927][T12035] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.563032][T12035] CPU: 0 UID: 0 PID: 12035 Comm: syz.1.2060 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  399.563066][T12035] Tainted: [L]=SOFTLOCKUP
[  399.563074][T12035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  399.563087][T12035] Call Trace:
[  399.563096][T12035]  <TASK>
[  399.563105][T12035]  dump_stack_lvl+0xe8/0x150
[  399.563142][T12035]  should_fail_ex+0x412/0x560
[  399.563180][T12035]  __kvm_read_guest_page+0x18d/0x240
[  399.563209][T12035]  kvm_vcpu_read_guest+0x75/0x150
[  399.563236][T12035]  read_emulate+0x2c/0x50
[  399.563261][T12035]  emulator_read_write_onepage+0x6a6/0xa10
[  399.563294][T12035]  emulator_read_write+0x1c9/0x560
[  399.563322][T12035]  ? __pfx_emulator_read_emulated+0x10/0x10
[  399.563352][T12035]  segmented_read+0x1ba/0x3f0
[  399.563388][T12035]  x86_emulate_insn+0x36a/0x43d0
[  399.563429][T12035]  ? __pfx_x86_emulate_insn+0x10/0x10
[  399.563458][T12035]  ? rcu_is_watching+0x15/0xb0
[  399.563494][T12035]  x86_emulate_instruction+0xef0/0x2100
[  399.563539][T12035]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  399.563560][T12035]  ? __lock_acquire+0x6b5/0x2cf0
[  399.563607][T12035]  ? vmx_vcpu_run+0x1bb1/0x2de0
[  399.563638][T12035]  ? handle_io+0x1e3/0x270
[  399.563658][T12035]  ? __pfx_handle_io+0x10/0x10
[  399.563678][T12035]  vmx_handle_exit+0xfd1/0x16c0
[  399.563727][T12035]  vcpu_run+0x5fa2/0x7b90
[  399.563781][T12035]  ? vcpu_run+0x4ca8/0x7b90
[  399.563853][T12035]  ? __pfx_vcpu_run+0x10/0x10
[  399.563876][T12035]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  399.563911][T12035]  ? rcu_is_watching+0x15/0xb0
[  399.563944][T12035]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  399.563985][T12035]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  399.564011][T12035]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  399.564037][T12035]  ? rcu_is_watching+0x15/0xb0
[  399.564067][T12035]  ? trace_contention_end+0x3d/0x150
[  399.564088][T12035]  ? __mutex_lock+0x319/0x1300
[  399.564124][T12035]  ? kasan_quarantine_put+0xbb/0x1f0
[  399.564153][T12035]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  399.564180][T12035]  ? __pfx___mutex_lock+0x10/0x10
[  399.564210][T12035]  ? tomoyo_path_number_perm+0x219/0x630
[  399.564240][T12035]  ? do_vfs_ioctl+0x1166/0x1530
[  399.564271][T12035]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  399.564305][T12035]  kvm_vcpu_ioctl+0xa62/0xfd0
[  399.564333][T12035]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  399.564352][T12035]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  399.564402][T12035]  ? __fget_files+0x2a/0x420
[  399.564428][T12035]  ? __fget_files+0x2a/0x420
[  399.564449][T12035]  ? __fget_files+0x3a0/0x420
[  399.564469][T12035]  ? __fget_files+0x2a/0x420
[  399.564494][T12035]  ? bpf_lsm_file_ioctl+0x9/0x20
[  399.564525][T12035]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  399.564548][T12035]  __se_sys_ioctl+0xfc/0x170
[  399.564579][T12035]  do_syscall_64+0x14d/0xf80
[  399.564613][T12035]  ? trace_irq_disable+0x3b/0x150
[  399.564635][T12035]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.564656][T12035]  ? clear_bhb_loop+0x40/0x90
[  399.564680][T12035]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  399.564702][T12035] RIP: 0033:0x7f5b9ef9c799
[  399.564722][T12035] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  399.564738][T12035] RSP: 002b:00007f5b9fdb0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  399.564760][T12035] RAX: ffffffffffffffda RBX: 00007f5b9f215fa0 RCX: 00007f5b9ef9c799
[  399.564777][T12035] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  399.564790][T12035] RBP: 00007f5b9fdb0090 R08: 0000000000000000 R09: 0000000000000000
[  399.564803][T12035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  399.564816][T12035] R13: 00007f5b9f216038 R14: 00007f5b9f215fa0 R15: 00007ffcd53ca668
[  399.564850][T12035]  </TASK>
[  399.955494][T12038] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  399.965655][T12038] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  399.993918][ T5887] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[  400.106684][  T797] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[  400.157236][ T5887] usb 3-1: Using ep0 maxpacket: 16
[  400.175911][ T5887] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  400.190295][ T5887] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  400.201105][ T5887] usb 3-1: config 0 has no interface number 0
[  400.209488][ T5887] usb 3-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  400.209513][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.209528][ T5887] usb 3-1: Product: syz
[  400.209540][ T5887] usb 3-1: Manufacturer: syz
[  400.209552][ T5887] usb 3-1: SerialNumber: syz
[  400.213469][ T5887] usb 3-1: config 0 descriptor??
[  400.218157][ T5887] uvcvideo 3-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[  400.218188][ T5887] uvcvideo 3-1:0.105: No valid video chain found.
[  400.312041][  T797] usb 1-1: Using ep0 maxpacket: 8
[  400.325724][  T797] usb 1-1: New USB device found, idVendor=1235, idProduct=8014, bcdDevice= 0.40
[  400.334996][  T797] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.343294][  T797] usb 1-1: Product: syz
[  400.347902][  T797] usb 1-1: Manufacturer: syz
[  400.352573][  T797] usb 1-1: SerialNumber: syz
[  400.403898][T12046] netlink: 'syz.1.2064': attribute type 8 has an invalid length.
[  400.416654][ T5887] usb 3-1: USB disconnect, device number 111
[  401.027665][ T5821] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  401.051790][  T797] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -71
[  401.108060][  T797] usb 1-1: USB disconnect, device number 122
[  401.139049][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  401.624092][  T797] usb 2-1: new full-speed USB device number 110 using dummy_hcd
[  401.705929][ T5821] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  401.798279][  T797] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  401.827350][  T797] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.841924][  T797] usb 2-1: Product: syz
[  401.846653][ T5887] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[  401.849073][  T797] usb 2-1: Manufacturer: syz
[  401.859567][  T797] usb 2-1: SerialNumber: syz
[  401.869274][  T797] usb 2-1: config 0 descriptor??
[  401.885958][T12087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  401.896432][T12087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  401.993929][ T5887] usb 1-1: device descriptor read/64, error -71
[  402.083955][  T797] dvb_usb_rtl28xxu 2-1:0.0: chip type detection failed -71
[  402.098011][  T797] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  402.114136][  T797] usb 2-1: USB disconnect, device number 110
[  402.243953][ T5887] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[  402.386951][ T5887] usb 1-1: device descriptor read/64, error -71
[  402.485012][T12091] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  402.494233][T12091] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  402.506196][ T5887] usb usb1-port1: attempt power cycle
[  402.625389][  T797] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[  402.672750][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  402.763985][  T797] usb 3-1: device descriptor read/64, error -71
[  402.854009][ T5887] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[  402.894612][ T5887] usb 1-1: device descriptor read/8, error -71
[  403.015133][  T797] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[  403.094095][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  403.163926][  T797] usb 3-1: device descriptor read/64, error -71
[  403.163926][ T5887] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[  403.205124][ T5887] usb 1-1: device descriptor read/8, error -71
[  403.269086][T12106] FAULT_INJECTION: forcing a failure.
[  403.269086][T12106] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  403.283594][  T797] usb usb3-port1: attempt power cycle
[  403.290898][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  403.300682][ T5821] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  403.300743][T12106] CPU: 0 UID: 0 PID: 12106 Comm: syz.3.2087 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  403.300775][T12106] Tainted: [L]=SOFTLOCKUP
[  403.300783][T12106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  403.300797][T12106] Call Trace:
[  403.300805][T12106]  <TASK>
[  403.300815][T12106]  dump_stack_lvl+0xe8/0x150
[  403.300849][T12106]  should_fail_ex+0x412/0x560
[  403.300889][T12106]  __kvm_read_guest_page+0x18d/0x240
[  403.300918][T12106]  kvm_fetch_guest_virt+0x12b/0x170
[  403.300954][T12106]  ? __pfx_kvm_fetch_guest_virt+0x10/0x10
[  403.300985][T12106]  __do_insn_fetch_bytes+0x31c/0x700
[  403.301018][T12106]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[  403.301057][T12106]  x86_decode_insn+0x38e/0x5df0
[  403.301089][T12106]  ? __pfx_x86_decode_insn+0x10/0x10
[  403.301125][T12106]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  403.301158][T12106]  ? __pfx_x86_decode_insn+0x10/0x10
[  403.301180][T12106]  ? init_emulate_ctxt+0x4e7/0x680
[  403.301205][T12106]  ? kvm_multiple_exception+0x69a/0xc00
[  403.301243][T12106]  ? vmx_read_guest_seg_ar+0x38f/0x5b0
[  403.301270][T12106]  ? __asan_memset+0x22/0x50
[  403.301296][T12106]  ? init_decode_cache+0xea/0x160
[  403.301332][T12106]  ? init_emulate_ctxt+0x4e7/0x680
[  403.301357][T12106]  ? __pfx_init_emulate_ctxt+0x10/0x10
[  403.301392][T12106]  x86_emulate_instruction+0x64a/0x2100
[  403.301421][T12106]  ? rcu_qs+0x5e/0xe0
[  403.301451][T12106]  ? __pfx_vmx_handle_exit_irqoff+0x10/0x10
[  403.301497][T12106]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  403.301519][T12106]  ? __lock_acquire+0x6b5/0x2cf0
[  403.301559][T12106]  ? vmx_vcpu_run+0x1bb1/0x2de0
[  403.301591][T12106]  ? handle_io+0x1e3/0x270
[  403.301614][T12106]  ? __pfx_handle_io+0x10/0x10
[  403.301634][T12106]  vmx_handle_exit+0xfd1/0x16c0
[  403.301684][T12106]  vcpu_run+0x5fa2/0x7b90
[  403.301739][T12106]  ? vcpu_run+0x4ca8/0x7b90
[  403.301814][T12106]  ? __pfx_vcpu_run+0x10/0x10
[  403.301839][T12106]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  403.301876][T12106]  ? rcu_is_watching+0x15/0xb0
[  403.301912][T12106]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  403.301956][T12106]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  403.301984][T12106]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  403.302012][T12106]  ? rcu_is_watching+0x15/0xb0
[  403.302043][T12106]  ? trace_contention_end+0x3d/0x150
[  403.302068][T12106]  ? __mutex_lock+0x319/0x1300
[  403.302107][T12106]  ? kasan_quarantine_put+0xbb/0x1f0
[  403.302135][T12106]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  403.302164][T12106]  ? __pfx___mutex_lock+0x10/0x10
[  403.302194][T12106]  ? tomoyo_path_number_perm+0x219/0x630
[  403.302225][T12106]  ? do_vfs_ioctl+0x1166/0x1530
[  403.302259][T12106]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  403.302294][T12106]  kvm_vcpu_ioctl+0xa62/0xfd0
[  403.302330][T12106]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  403.302352][T12106]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  403.302403][T12106]  ? __fget_files+0x2a/0x420
[  403.302431][T12106]  ? __fget_files+0x2a/0x420
[  403.302453][T12106]  ? __fget_files+0x3a0/0x420
[  403.302475][T12106]  ? __fget_files+0x2a/0x420
[  403.302502][T12106]  ? bpf_lsm_file_ioctl+0x9/0x20
[  403.302532][T12106]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  403.302554][T12106]  __se_sys_ioctl+0xfc/0x170
[  403.302587][T12106]  do_syscall_64+0x14d/0xf80
[  403.302614][T12106]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.302637][T12106]  ? clear_bhb_loop+0x40/0x90
[  403.302663][T12106]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  403.302684][T12106] RIP: 0033:0x7f8888f9c799
[  403.302704][T12106] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  403.302722][T12106] RSP: 002b:00007f8889e18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  403.302744][T12106] RAX: ffffffffffffffda RBX: 00007f8889215fa0 RCX: 00007f8888f9c799
[  403.302760][T12106] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  403.302772][T12106] RBP: 00007f8889e18090 R08: 0000000000000000 R09: 0000000000000000
[  403.302786][T12106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  403.302798][T12106] R13: 00007f8889216038 R14: 00007f8889215fa0 R15: 00007fffcde1e288
[  403.302833][T12106]  </TASK>
[  403.325975][ T5887] usb usb1-port1: unable to enumerate USB device
[  403.675026][  T797] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[  403.767205][  T797] usb 3-1: device descriptor read/8, error -71
[  403.963038][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  404.004993][T12117] FAULT_INJECTION: forcing a failure.
[  404.004993][T12117] name failslab, interval 1, probability 0, space 0, times 0
[  404.024814][  T797] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[  404.032424][T12117] CPU: 1 UID: 0 PID: 12117 Comm: syz.3.2091 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  404.032517][T12117] Tainted: [L]=SOFTLOCKUP
[  404.032538][T12117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  404.032570][T12117] Call Trace:
[  404.032592][T12117]  <TASK>
[  404.032620][T12117]  dump_stack_lvl+0xe8/0x150
[  404.032712][T12117]  should_fail_ex+0x412/0x560
[  404.032828][T12117]  should_failslab+0xa8/0x100
[  404.032938][T12117]  __kmalloc_noprof+0xe8/0x760
[  404.033010][T12117]  ? security_task_alloc+0x4d/0x330
[  404.033102][T12117]  security_task_alloc+0x4d/0x330
[  404.033175][T12117]  copy_process+0x16df/0x3cf0
[  404.033288][T12117]  ? copy_process+0x921/0x3cf0
[  404.033393][T12117]  ? __pfx_copy_process+0x10/0x10
[  404.033489][T12117]  ? mutex_init_lockdep+0xf9/0x130
[  404.033581][T12117]  vhost_task_create+0x1f9/0x380
[  404.033643][T12117]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  404.033704][T12117]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  404.033769][T12117]  ? __pfx_vhost_task_create+0x10/0x10
[  404.033861][T12117]  ? __pfx_vhost_task_fn+0x10/0x10
[  404.033942][T12117]  ? __lock_acquire+0x6b5/0x2cf0
[  404.034034][T12117]  kvm_mmu_post_init_vm+0x14c/0x300
[  404.034117][T12117]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  404.034216][T12117]  ? __mutex_trylock_common+0x158/0x260
[  404.034285][T12117]  ? __pfx___mutex_trylock_common+0x10/0x10
[  404.034342][T12117]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  404.034412][T12117]  ? register_lock_class+0x31/0x2e0
[  404.034494][T12117]  ? __lock_acquire+0x6b5/0x2cf0
[  404.034587][T12117]  ? kasan_quarantine_put+0xbb/0x1f0
[  404.034653][T12117]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  404.034734][T12117]  ? do_raw_write_lock+0x11d/0x260
[  404.034814][T12117]  kvm_vcpu_ioctl+0xa62/0xfd0
[  404.034843][T12117]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  404.034863][T12117]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  404.034913][T12117]  ? __fget_files+0x2a/0x420
[  404.034940][T12117]  ? __fget_files+0x2a/0x420
[  404.034961][T12117]  ? __fget_files+0x3a0/0x420
[  404.034983][T12117]  ? __fget_files+0x2a/0x420
[  404.035009][T12117]  ? bpf_lsm_file_ioctl+0x9/0x20
[  404.035039][T12117]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  404.035067][T12117]  __se_sys_ioctl+0xfc/0x170
[  404.035098][T12117]  do_syscall_64+0x14d/0xf80
[  404.035126][T12117]  ? trace_irq_disable+0x3b/0x150
[  404.035147][T12117]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.035168][T12117]  ? clear_bhb_loop+0x40/0x90
[  404.035194][T12117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.035215][T12117] RIP: 0033:0x7f8888f9c799
[  404.035270][T12117] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  404.035320][T12117] RSP: 002b:00007f8889e18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  404.035399][T12117] RAX: ffffffffffffffda RBX: 00007f8889215fa0 RCX: 00007f8888f9c799
[  404.035440][T12117] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000009
[  404.035478][T12117] RBP: 00007f8889e18090 R08: 0000000000000000 R09: 0000000000000000
[  404.035511][T12117] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.035543][T12117] R13: 00007f8889216038 R14: 00007f8889215fa0 R15: 00007fffcde1e288
[  404.035636][T12117]  </TASK>
[  404.374678][  T797] usb 3-1: device descriptor read/8, error -71
[  404.484383][  T797] usb usb3-port1: unable to enumerate USB device
[  404.623561][T12132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  404.653802][T12132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  404.709391][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  404.737463][T12134] FAULT_INJECTION: forcing a failure.
[  404.737463][T12134] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  404.751511][T12134] CPU: 1 UID: 0 PID: 12134 Comm: syz.0.2097 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  404.751544][T12134] Tainted: [L]=SOFTLOCKUP
[  404.751552][T12134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  404.751566][T12134] Call Trace:
[  404.751575][T12134]  <TASK>
[  404.751584][T12134]  dump_stack_lvl+0xe8/0x150
[  404.751619][T12134]  should_fail_ex+0x412/0x560
[  404.751659][T12134]  __kvm_read_guest_page+0x18d/0x240
[  404.751688][T12134]  kvm_vcpu_read_guest+0x75/0x150
[  404.751720][T12134]  read_emulate+0x2c/0x50
[  404.751738][T12134]  emulator_read_write_onepage+0x6a6/0xa10
[  404.751763][T12134]  emulator_read_write+0x1c9/0x560
[  404.751782][T12134]  ? __pfx_emulator_read_emulated+0x10/0x10
[  404.751804][T12134]  segmented_read+0x1ba/0x3f0
[  404.751829][T12134]  x86_emulate_insn+0x36a/0x43d0
[  404.751857][T12134]  ? __pfx_x86_emulate_insn+0x10/0x10
[  404.751877][T12134]  ? rcu_is_watching+0x15/0xb0
[  404.751902][T12134]  x86_emulate_instruction+0xef0/0x2100
[  404.751938][T12134]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  404.751954][T12134]  ? __lock_acquire+0x6b5/0x2cf0
[  404.751981][T12134]  ? vmx_vcpu_run+0x1bb1/0x2de0
[  404.752003][T12134]  ? handle_io+0x1e3/0x270
[  404.752017][T12134]  ? __pfx_handle_io+0x10/0x10
[  404.752031][T12134]  vmx_handle_exit+0xfd1/0x16c0
[  404.752064][T12134]  vcpu_run+0x5fa2/0x7b90
[  404.752101][T12134]  ? vcpu_run+0x4ca8/0x7b90
[  404.752151][T12134]  ? __pfx_vcpu_run+0x10/0x10
[  404.752172][T12134]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  404.752197][T12134]  ? rcu_is_watching+0x15/0xb0
[  404.752222][T12134]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  404.752250][T12134]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  404.752269][T12134]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  404.752288][T12134]  ? rcu_is_watching+0x15/0xb0
[  404.752309][T12134]  ? trace_contention_end+0x3d/0x150
[  404.752326][T12134]  ? __mutex_lock+0x319/0x1300
[  404.752353][T12134]  ? kasan_quarantine_put+0xbb/0x1f0
[  404.752374][T12134]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  404.752392][T12134]  ? __pfx___mutex_lock+0x10/0x10
[  404.752414][T12134]  ? tomoyo_path_number_perm+0x219/0x630
[  404.752435][T12134]  ? do_vfs_ioctl+0x1166/0x1530
[  404.752459][T12134]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  404.752482][T12134]  kvm_vcpu_ioctl+0xa62/0xfd0
[  404.752502][T12134]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  404.752516][T12134]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  404.752555][T12134]  ? __fget_files+0x2a/0x420
[  404.752574][T12134]  ? __fget_files+0x2a/0x420
[  404.752589][T12134]  ? __fget_files+0x3a0/0x420
[  404.752604][T12134]  ? __fget_files+0x2a/0x420
[  404.752622][T12134]  ? bpf_lsm_file_ioctl+0x9/0x20
[  404.752644][T12134]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  404.752660][T12134]  __se_sys_ioctl+0xfc/0x170
[  404.752683][T12134]  do_syscall_64+0x14d/0xf80
[  404.752702][T12134]  ? trace_irq_disable+0x3b/0x150
[  404.752743][T12134]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.752766][T12134]  ? clear_bhb_loop+0x40/0x90
[  404.752793][T12134]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.752817][T12134] RIP: 0033:0x7ff32c99c799
[  404.752837][T12134] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  404.752851][T12134] RSP: 002b:00007ff32abf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  404.752866][T12134] RAX: ffffffffffffffda RBX: 00007ff32cc15fa0 RCX: 00007ff32c99c799
[  404.752878][T12134] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  404.752887][T12134] RBP: 00007ff32abf6090 R08: 0000000000000000 R09: 0000000000000000
[  404.752897][T12134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  404.752906][T12134] R13: 00007ff32cc16038 R14: 00007ff32cc15fa0 R15: 00007ffe2061c0e8
[  404.752931][T12134]  </TASK>
[  405.174828][T12138] hma(sha224): entered promiscuous mode
[  405.275231][ T5821] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  405.289510][T12140] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2099'.
[  405.341476][T12140] 8021q: adding VLAN 0 to HW filter on device bond0
[  405.349369][T12140] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[  405.361257][T12140] bond0: (slave sit0): Error -95 calling set_mac_address
[  405.375436][T12140] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2099'.
[  405.445466][  T797] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[  405.595150][  T797] usb 2-1: device descriptor read/64, error -71
[  405.798744][T12159] netlink: 'syz.0.2103': attribute type 1 has an invalid length.
[  405.829697][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  405.863912][  T797] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[  406.029973][  T797] usb 2-1: device descriptor read/64, error -71
[  406.166459][  T797] usb usb2-port1: attempt power cycle
[  406.403954][ T5910] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[  406.543925][  T797] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[  406.553916][ T5910] usb 3-1: Using ep0 maxpacket: 16
[  406.564758][  T797] usb 2-1: device descriptor read/8, error -71
[  406.572934][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 32134, setting to 1024
[  406.603084][ T5910] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  406.626876][ T5910] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[  406.636750][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.645119][ T5910] usb 3-1: Product: syz
[  406.650233][ T5910] usb 3-1: Manufacturer: syz
[  406.658241][ T5910] usb 3-1: SerialNumber: syz
[  406.668125][ T5910] usb 3-1: config 0 descriptor??
[  406.677815][T12173] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  406.702892][ T5910] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  406.803981][  T797] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[  406.844522][  T797] usb 2-1: device descriptor read/8, error -71
[  406.892487][  T160] usb 3-1: Failed to submit usb control message: -71
[  406.900481][  T160] usb 3-1: unable to send the bmi data to the device: -71
[  406.908789][  T160] usb 3-1: unable to get target info from device
[  406.914577][ T5910] usb 3-1: USB disconnect, device number 116
[  406.915967][  T160] usb 3-1: could not get target info (-71)
[  406.929027][  T160] usb 3-1: could not probe fw (-71)
[  406.975911][  T797] usb usb2-port1: unable to enumerate USB device
[  407.347797][   T51] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  408.095157][ T5821] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  408.110827][   T51] Bluetooth: hci4: command 0x1003 tx timeout
[  408.144343][ T5887] usb 1-1: new low-speed USB device number 127 using dummy_hcd
[  408.146166][  T797] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[  408.325886][ T5887] usb 1-1: config 0 has an invalid interface number: 255 but max is 0
[  408.344069][ T5887] usb 1-1: config 0 has no interface number 0
[  408.354757][ T5887] usb 1-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  408.357791][  T797] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  408.367925][ T5887] usb 1-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  408.382527][  T797] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  408.412207][  T797] usb 3-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[  408.422096][ T5887] usb 1-1: config 0 interface 255 has no altsetting 0
[  408.436351][ T5887] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  408.440102][  T797] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.459721][  T797] usb 3-1: Product: syz
[  408.459913][ T5887] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.464734][  T797] usb 3-1: Manufacturer: syz
[  408.477264][  T797] usb 3-1: SerialNumber: syz
[  408.496877][ T5887] usb 1-1: config 0 descriptor??
[  408.602485][T12244] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  408.614206][T12244] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  408.632785][T12244] MINIX-fs: unable to read superblock
[  408.788225][ T5887] usb 1-1: string descriptor 0 read error: -22
[  408.795589][  T797] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  408.811828][ T5887] asix 1-1:0.255: probe with driver asix failed with error -22
[  408.823970][  T797] usb 3-1: USB disconnect, device number 117
[  408.863152][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  408.996254][ T5908] usb 1-1: USB disconnect, device number 127
[  409.055332][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  409.420530][   T51] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  409.436943][   T51] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  409.447913][   T51] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  409.461826][   T51] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  409.474939][   T51] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  409.760676][T12256] virt_wifi0 speed is unknown, defaulting to 1000
[  410.074843][T12270] tmpfs: Bad value for 'mpol'
[  410.162890][ T3538] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.216377][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  410.387700][ T3538] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.515099][ T3538] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.672508][ T3538] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  410.699212][T12295] netlink: 348 bytes leftover after parsing attributes in process `syz.3.2136'.
[  410.749928][T12295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  410.773279][T12295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  411.016459][T12256] chnl_net:caif_netlink_parms(): no params data found
[  411.184761][ T3538] bridge_slave_1: left allmulticast mode
[  411.192701][ T3538] bridge_slave_1: left promiscuous mode
[  411.201617][ T3538] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.409057][T12318] input: syz1 as /devices/virtual/input/input61
[  411.483543][T12319] kvm: MONITOR instruction emulated as NOP!
[  411.534046][ T5821] Bluetooth: hci4: command tx timeout
[  411.587195][ T5887] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[  411.709946][ T5821] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  411.753882][ T5887] usb 3-1: Using ep0 maxpacket: 8
[  411.784334][ T5887] usb 3-1: unable to get BOS descriptor or descriptor too short
[  411.809352][ T5887] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  411.836040][ T5887] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  411.853543][ T5887] usb 3-1: New USB device found, idVendor=2466, idProduct=8010, bcdDevice= 0.40
[  411.872124][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.887427][ T5887] usb 3-1: Product: syz
[  411.891675][ T5887] usb 3-1: Manufacturer: syz
[  411.896874][ T5887] usb 3-1: SerialNumber: syz
[  411.897748][T12314] netlink: 84 bytes leftover after parsing attributes in process `syz.2.2140'.
[  411.910744][T12256] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.921105][T12256] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.932780][T12256] bridge_slave_0: entered allmulticast mode
[  411.944695][T12256] bridge_slave_0: entered promiscuous mode
[  411.968512][ T3538] hma(sha224): left promiscuous mode
[  411.993408][T12256] bridge0: port 2(bridge_slave_1) entered blocking state
[  412.001164][T12256] bridge0: port 2(bridge_slave_1) entered disabled state
[  412.009421][T12256] bridge_slave_1: entered allmulticast mode
[  412.018878][T12256] bridge_slave_1: entered promiscuous mode
[  412.147665][ T3538] tipc: Left network mode
[  412.280038][T12256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.382025][ T5887] usb 3-1: cannot find UAC_HEADER
[  412.420116][T12256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  412.554981][ T5887] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  412.580793][ T5887] usb 3-1: USB disconnect, device number 118
[  412.595500][ T5821] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  412.648907][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  412.684158][T12256] team0: Port device team_slave_0 added
[  412.698229][T12256] team0: Port device team_slave_1 added
[  412.748991][T12348] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2149'.
[  412.851293][ T5821] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  412.875537][T12348] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[  412.898353][T12348] bond0: (slave sit0): Error -95 calling set_mac_address
[  412.927573][T12256] batman_adv: batadv0: Adding interface: batadv_slave_0
[  412.946498][T12256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  412.996832][T12256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  413.018833][T12256] batman_adv: batadv0: Adding interface: batadv_slave_1
[  413.030975][T12256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  413.058033][T12256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  413.270790][ T5821] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  413.333716][ T3538] hsr_slave_0: left promiscuous mode
[  413.348643][ T3538] hsr_slave_1: left promiscuous mode
[  413.355685][ T3538] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  413.365376][ T3538] batman_adv: batadv0: Removing interface: batadv_slave_1
[  413.391340][ T3538] veth1_macvtap: left promiscuous mode
[  413.398998][ T3538] veth0_macvtap: left promiscuous mode
[  413.405248][ T3538] veth1_vlan: left promiscuous mode
[  413.411497][ T3538] veth0_vlan: left promiscuous mode
[  413.514322][  T797] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[  413.614145][ T5821] Bluetooth: hci4: command tx timeout
[  413.685557][  T797] usb 3-1: config 6 has an invalid interface number: 104 but max is 0
[  413.705658][  T797] usb 3-1: config 6 has no interface number 0
[  413.724011][  T797] usb 3-1: config 6 interface 104 has no altsetting 0
[  413.735866][  T797] usb 3-1: New USB device found, idVendor=1199, idProduct=68aa, bcdDevice=23.79
[  413.757815][ T3538] team0 (unregistering): Port device team_slave_1 removed
[  413.765082][  T797] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.781591][  T797] usb 3-1: Product: syz
[  413.786812][ T3538] team0 (unregistering): Port device team_slave_0 removed
[  413.794172][  T797] usb 3-1: Manufacturer: syz
[  413.798794][  T797] usb 3-1: SerialNumber: syz
[  413.965563][T12256] hsr_slave_0: entered promiscuous mode
[  413.973181][T12256] hsr_slave_1: entered promiscuous mode
[  414.052002][T12372] i2c i2c-0: dtv_property_process_set: SET cmd 0x00000000 undefined
[  414.163007][T12382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.198796][T12382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  414.243106][  T797] sierra 3-1:6.104: Sierra USB modem converter detected
[  414.308673][  T797] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[  414.337444][  T797] usb 3-1: USB disconnect, device number 119
[  414.361586][  T797] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  414.407409][  T797] sierra 3-1:6.104: device disconnected
[  415.365789][T12408] bond0: (slave sit0): The slave device specified does not support setting the MAC address
[  415.396922][T12408] bond0: (slave sit0): Error -95 calling set_mac_address
[  415.412858][T12411] 9p: Bad value for 'rfdno'
[  415.507422][T12413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  415.519914][T12413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  415.643128][T12256] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  415.657670][T12256] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  415.669456][T12256] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  415.681557][T12256] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  415.689126][   T10] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  415.694210][ T5821] Bluetooth: hci4: command tx timeout
[  415.764901][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  415.856248][   T10] usb 1-1: unable to get BOS descriptor or descriptor too short
[  415.871732][   T10] usb 1-1: not running at top speed; connect to a high speed hub
[  415.875300][T12256] 8021q: adding VLAN 0 to HW filter on device bond0
[  415.901633][   T10] usb 1-1: New USB device found, idVendor=0b05, idProduct=1739, bcdDevice= 0.40
[  415.923139][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.933748][T12256] 8021q: adding VLAN 0 to HW filter on device team0
[  415.945110][   T10] usb 1-1: Product: syz
[  415.949487][   T10] usb 1-1: Manufacturer: syz
[  415.954390][   T10] usb 1-1: SerialNumber: syz
[  415.969933][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  415.977245][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  416.001089][ T3538] bridge0: port 2(bridge_slave_1) entered blocking state
[  416.008377][ T3538] bridge0: port 2(bridge_slave_1) entered forwarding state
[  416.202226][   T10] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  416.225415][   T10] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  416.345612][   T10] usb 1-1: USB disconnect, device number 2
[  416.410363][ T5822] udevd[5822]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  416.868298][T12256] 8021q: adding VLAN 0 to HW filter on device batadv0
[  417.110503][T12256] veth0_vlan: entered promiscuous mode
[  417.162002][T12256] veth1_vlan: entered promiscuous mode
[  417.353180][T12256] veth0_macvtap: entered promiscuous mode
[  417.405221][T12256] veth1_macvtap: entered promiscuous mode
[  417.510012][T12479] syzkaller1: entered promiscuous mode
[  417.515907][T12479] syzkaller1: entered allmulticast mode
[  417.603766][T12256] batman_adv: batadv0: Interface activated: batadv_slave_0
[  417.687103][T12256] batman_adv: batadv0: Interface activated: batadv_slave_1
[  417.732119][ T3538] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  417.755022][ T3538] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  417.785929][   T51] Bluetooth: hci4: command tx timeout
[  417.800127][ T3538] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  417.826985][   T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  417.840977][   T51] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  418.195902][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  418.209403][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  418.290776][T12494] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2177'.
[  418.373037][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  418.397042][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  418.604273][T12508] comedi comedi1: comedi_config --init_data is deprecated
[  418.673034][T12517] binder: 12514:12517 ioctl c0306201 200000004a40 returned -14
[  418.740476][ T5821] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  418.860512][T12524] netlink: 'syz.3.2186': attribute type 4 has an invalid length.
[  418.979439][T12530] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2186'.
[  419.481262][ T5873] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[  419.649910][T12534] evm: overlay not supported
[  419.666370][ T5873] usb 2-1: unable to get BOS descriptor or descriptor too short
[  419.676342][T12534] syzkaller1: entered promiscuous mode
[  419.678790][ T5873] usb 2-1: config 1 interface 0 has no altsetting 0
[  419.693381][T12534] syzkaller1: entered allmulticast mode
[  419.736141][ T5873] usb 2-1: language id specifier not provided by device, defaulting to English
[  419.771621][ T5873] usb 2-1: New USB device found, idVendor=22d4, idProduct=1503, bcdDevice= 0.40
[  419.794476][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.816156][ T5873] usb 2-1: Product: syz
[  419.822202][ T5873] usb 2-1: Manufacturer: syz
[  419.828335][ T5873] usb 2-1: SerialNumber: syz
[  419.954273][T12542] netlink: 'syz.0.2191': attribute type 4 has an invalid length.
[  420.041835][T12547] binder: 12546:12547 ioctl c0306201 200000004a40 returned -14
[  420.054276][T12523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  420.089085][T12523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  420.164534][ T5873] usbhid 2-1:1.0: can't add hid device: -71
[  420.191298][ T5873] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  420.206171][ T5873] usb 2-1: USB disconnect, device number 115
[  420.229903][ T5821] Bluetooth: hci4: unexpected event for opcode 0x2006
[  420.266104][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  420.404104][  T797] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  420.483732][T12571] netlink: 'syz.2.2200': attribute type 21 has an invalid length.
[  420.491845][T12571] netlink: 'syz.2.2200': attribute type 1 has an invalid length.
[  420.524053][T12573] netlink: 'syz.3.2201': attribute type 25 has an invalid length.
[  420.586870][  T797] usb 1-1: Using ep0 maxpacket: 16
[  420.599062][  T797] usb 1-1: config 1 has an invalid interface number: 105 but max is 0
[  420.611351][  T797] usb 1-1: config 1 has no interface number 0
[  420.619249][  T797] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  420.630635][  T797] usb 1-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  420.641095][  T797] usb 1-1: config 1 interface 105 has no altsetting 0
[  420.651375][  T797] usb 1-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  420.652216][T12577] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  420.669413][  T797] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  420.669442][  T797] usb 1-1: Product: syz
[  420.669458][  T797] usb 1-1: Manufacturer: syz
[  420.669474][  T797] usb 1-1: SerialNumber: syz
[  420.688043][T12552] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  420.702641][T12552] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  420.710516][T12577] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  420.764126][ T5873] usb 3-1: new low-speed USB device number 120 using dummy_hcd
[  420.833928][   T42] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[  420.841762][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  420.934082][ T5873] usb 3-1: Invalid ep0 maxpacket: 32
[  420.993928][   T42] usb 2-1: Using ep0 maxpacket: 32
[  421.003212][   T42] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  421.013686][   T42] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  421.024927][   T42] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  421.034964][   T42] usb 2-1: config 0 interface 0 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  421.048136][   T42] usb 2-1: config 0 interface 0 has no altsetting 0
[  421.055098][   T42] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  421.064614][ T5873] usb 3-1: new low-speed USB device number 121 using dummy_hcd
[  421.064641][   T42] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.077903][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  421.090823][   T42] usb 2-1: config 0 descriptor??
[  421.115231][T12552] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  421.122744][T12552] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  421.243888][ T5873] usb 3-1: Invalid ep0 maxpacket: 32
[  421.249841][ T5873] usb usb3-port1: attempt power cycle
[  421.324488][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  421.338123][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  421.353953][  T797] aqc111 1-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  421.365359][  T797] aqc111 1-1:1.105: probe with driver aqc111 failed with error -71
[  421.381077][  T797] usb 1-1: USB disconnect, device number 3
[  421.500173][T12582] FAULT_INJECTION: forcing a failure.
[  421.500173][T12582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  421.515303][T12582] CPU: 0 UID: 0 PID: 12582 Comm: syz.3.2205 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  421.515339][T12582] Tainted: [L]=SOFTLOCKUP
[  421.515348][T12582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  421.515361][T12582] Call Trace:
[  421.515370][T12582]  <TASK>
[  421.515380][T12582]  dump_stack_lvl+0xe8/0x150
[  421.515416][T12582]  should_fail_ex+0x412/0x560
[  421.515455][T12582]  __kvm_read_guest_page+0x18d/0x240
[  421.515483][T12582]  kvm_vcpu_read_guest+0x75/0x150
[  421.515511][T12582]  read_emulate+0x2c/0x50
[  421.515535][T12582]  emulator_read_write_onepage+0x6a6/0xa10
[  421.515570][T12582]  emulator_read_write+0x1c9/0x560
[  421.515597][T12582]  ? __pfx_emulator_read_emulated+0x10/0x10
[  421.515627][T12582]  segmented_read+0x1ba/0x3f0
[  421.515662][T12582]  x86_emulate_insn+0x36a/0x43d0
[  421.515704][T12582]  ? __pfx_x86_emulate_insn+0x10/0x10
[  421.515731][T12582]  ? rcu_is_watching+0x15/0xb0
[  421.515767][T12582]  x86_emulate_instruction+0xef0/0x2100
[  421.515812][T12582]  ? __pfx_x86_emulate_instruction+0x10/0x10
[  421.515833][T12582]  ? __lock_acquire+0x6b5/0x2cf0
[  421.515871][T12582]  ? vmx_vcpu_run+0x1bb1/0x2de0
[  421.515902][T12582]  ? handle_io+0x1e3/0x270
[  421.515922][T12582]  ? __pfx_handle_io+0x10/0x10
[  421.515942][T12582]  vmx_handle_exit+0xfd1/0x16c0
[  421.515988][T12582]  vcpu_run+0x5fa2/0x7b90
[  421.516041][T12582]  ? vcpu_run+0x4ca8/0x7b90
[  421.516123][T12582]  ? __pfx_vcpu_run+0x10/0x10
[  421.516147][T12582]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  421.516180][T12582]  ? rcu_is_watching+0x15/0xb0
[  421.516216][T12582]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  421.516258][T12582]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  421.516283][T12582]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  421.516310][T12582]  ? rcu_is_watching+0x15/0xb0
[  421.516340][T12582]  ? trace_contention_end+0x3d/0x150
[  421.516364][T12582]  ? __mutex_lock+0x319/0x1300
[  421.516402][T12582]  ? kasan_quarantine_put+0xbb/0x1f0
[  421.516431][T12582]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  421.516458][T12582]  ? __pfx___mutex_lock+0x10/0x10
[  421.516488][T12582]  ? tomoyo_path_number_perm+0x219/0x630
[  421.516519][T12582]  ? do_vfs_ioctl+0x1166/0x1530
[  421.516553][T12582]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  421.516586][T12582]  kvm_vcpu_ioctl+0xa62/0xfd0
[  421.516616][T12582]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  421.516636][T12582]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  421.516688][T12582]  ? __fget_files+0x2a/0x420
[  421.516714][T12582]  ? __fget_files+0x2a/0x420
[  421.516736][T12582]  ? __fget_files+0x3a0/0x420
[  421.516757][T12582]  ? __fget_files+0x2a/0x420
[  421.516784][T12582]  ? bpf_lsm_file_ioctl+0x9/0x20
[  421.516814][T12582]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  421.516837][T12582]  __se_sys_ioctl+0xfc/0x170
[  421.516868][T12582]  do_syscall_64+0x14d/0xf80
[  421.516895][T12582]  ? trace_irq_disable+0x3b/0x150
[  421.516915][T12582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.516935][T12582]  ? clear_bhb_loop+0x40/0x90
[  421.516961][T12582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  421.516983][T12582] RIP: 0033:0x7f8888f9c799
[  421.517005][T12582] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  421.517023][T12582] RSP: 002b:00007f8889e18028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  421.517046][T12582] RAX: ffffffffffffffda RBX: 00007f8889215fa0 RCX: 00007f8888f9c799
[  421.517061][T12582] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  421.517073][T12582] RBP: 00007f8889e18090 R08: 0000000000000000 R09: 0000000000000000
[  421.517086][T12582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  421.517106][T12582] R13: 00007f8889216038 R14: 00007f8889215fa0 R15: 00007fffcde1e288
[  421.517141][T12582]  </TASK>
[  421.520597][   T42] hid_parser_main: 1261 callbacks suppressed
[  421.520622][   T42] corsair-cpro 0003:1B1C:0C10.0030: unknown main item tag 0x0
[  421.565650][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  421.602525][   T42] corsair-cpro 0003:1B1C:0C10.0030: unknown main item tag 0x0
[  421.674347][ T5873] usb 3-1: new low-speed USB device number 122 using dummy_hcd
[  421.677660][   T42] corsair-cpro 0003:1B1C:0C10.0030: unknown main item tag 0x0
[  421.709683][ T5873] usb 3-1: Invalid ep0 maxpacket: 32
[  421.712451][   T42] corsair-cpro 0003:1B1C:0C10.0030: unknown main item tag 0x0
[  421.854701][ T5873] usb 3-1: new low-speed USB device number 123 using dummy_hcd
[  421.885627][ T5873] usb 3-1: Invalid ep0 maxpacket: 32
[  421.888705][   T42] corsair-cpro 0003:1B1C:0C10.0030: unknown main item tag 0x0
[  421.901423][ T5873] usb usb3-port1: unable to enumerate USB device
[  421.920834][   T42] corsair-cpro 0003:1B1C:0C10.0030: hidraw1: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.1-1/input0
[  421.974444][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  422.057666][T12584] ------------[ cut here ]------------
[  422.063878][T12584] !valid_signal(sig)
[  422.063912][T12584] WARNING: kernel/signal.c:2174 at do_notify_parent+0xc7e/0xd70, CPU#1: syz.1.2202/12584
[  422.077660][T12584] Modules linked in:
[  422.082046][T12584] CPU: 1 UID: 0 PID: 12584 Comm: syz.1.2202 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  422.093006][T12584] Tainted: [L]=SOFTLOCKUP
[  422.097357][T12584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  422.107446][T12584] RIP: 0010:do_notify_parent+0xc7e/0xd70
[  422.113119][T12584] Code: c6 05 7c 06 93 0e 01 48 c7 c7 c0 46 cb 8b be a3 08 00 00 48 c7 c2 40 48 cb 8b e8 6d 6e 17 00 e9 c6 fa ff ff e8 b3 1b 3b 00 90 <0f> 0b 90 45 31 e4 e9 1c ff ff ff e8 a2 1b 3b 00 90 0f 0b 90 e9 75
[  422.132813][T12584] RSP: 0000:ffffc90004fa7c40 EFLAGS: 00010093
[  422.138910][T12584] RAX: ffffffff818aed1d RBX: dffffc0000000000 RCX: ffff888027b11e80
[  422.146901][T12584] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000040
[  422.154890][T12584] RBP: ffffc90004fa7d90 R08: 0000000000000003 R09: 0000000000000004
[  422.162881][T12584] R10: dffffc0000000000 R11: fffff520009f4fa4 R12: ffff88802ef1ab90
[  422.170878][T12584] R13: ffff888027b11e80 R14: 0000000000000080 R15: 1ffff920009f4f90
[  422.178866][T12584] FS:  0000000000000000(0000) GS:ffff8881250f5000(0000) knlGS:0000000000000000
[  422.187816][T12584] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  422.194416][T12584] CR2: 00007f96e8a444ac CR3: 00000000794d6000 CR4: 00000000003526f0
[  422.202407][T12584] Call Trace:
[  422.205698][T12584]  <TASK>
[  422.208659][T12584]  ? do_raw_spin_lock+0x12b/0x2f0
[  422.213722][T12584]  ? __pfx_do_notify_parent+0x10/0x10
[  422.219146][T12584]  ? do_raw_write_lock+0x11d/0x260
[  422.224286][T12584]  ? __pfx_do_raw_write_lock+0x10/0x10
[  422.229806][T12584]  ? kill_orphaned_pgrp+0x170/0x610
[  422.235046][T12584]  do_exit+0x15b3/0x2580
[  422.239355][T12584]  ? __pfx_do_exit+0x10/0x10
[  422.243967][T12584]  ? rcu_is_watching+0x15/0xb0
[  422.248760][T12584]  __x64_sys_exit+0x40/0x40
[  422.253283][T12584]  x64_sys_call+0x2231/0x2240
[  422.257988][T12584]  do_syscall_64+0x14d/0xf80
[  422.262602][T12584]  ? trace_irq_disable+0x3b/0x150
[  422.267643][T12584]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.273728][T12584]  ? clear_bhb_loop+0x40/0x90
[  422.278440][T12584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.284348][T12584] RIP: 0033:0x7fb28239c799
[  422.288783][T12584] Code: Unable to access opcode bytes at 0x7fb28239c76f.
[  422.295808][T12584] RSP: 002b:00007fb28330dfd8 EFLAGS: 00000246 ORIG_RAX: 000000000000003c
[  422.304240][T12584] RAX: ffffffffffffffda RBX: 00007fb282615fa0 RCX: 00007fb28239c799
[  422.312231][T12584] RDX: 00007fb28330e9c8 RSI: 0000000000000000 RDI: 0000000000000000
[  422.320221][T12584] RBP: 00007fb282432bd9 R08: 0000000000000000 R09: 0000000000000000
[  422.328212][T12584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  422.336248][T12584] R13: 00007fb282616038 R14: 00007fb282615fa0 R15: 00007fff57d84728
[  422.344257][T12584]  </TASK>
[  422.347302][T12584] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  422.354597][T12584] CPU: 1 UID: 0 PID: 12584 Comm: syz.1.2202 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  422.365550][T12584] Tainted: [L]=SOFTLOCKUP
[  422.369899][T12584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  422.379982][T12584] Call Trace:
[  422.383281][T12584]  <TASK>
[  422.386228][T12584]  vpanic+0x56c/0xa60
[  422.390256][T12584]  ? __pfx__printk+0x10/0x10
[  422.394896][T12584]  ? __pfx_vpanic+0x10/0x10
[  422.399424][T12584]  ? is_bpf_text_address+0x292/0x2b0
[  422.404731][T12584]  ? is_bpf_text_address+0x26/0x2b0
[  422.409953][T12584]  panic+0xc5/0xd0
[  422.413704][T12584]  ? __pfx_panic+0x10/0x10
[  422.418163][T12584]  __warn+0x315/0x4f0
[  422.422183][T12584]  ? do_notify_parent+0xc7e/0xd70
[  422.427250][T12584]  ? do_notify_parent+0xc7e/0xd70
[  422.432302][T12584]  __report_bug+0x29a/0x540
[  422.436831][T12584]  ? task_work_run+0x1d9/0x270
[  422.441613][T12584]  ? do_exit+0x926/0x2580
[  422.445954][T12584]  ? __x64_sys_exit+0x40/0x40
[  422.450651][T12584]  ? do_notify_parent+0xc7e/0xd70
[  422.455698][T12584]  ? __pfx___report_bug+0x10/0x10
[  422.460769][T12584]  ? do_notify_parent+0xc7e/0xd70
[  422.465826][T12584]  report_bug+0x16a/0x220
[  422.470176][T12584]  ? do_notify_parent+0xc7e/0xd70
[  422.475234][T12584]  ? do_notify_parent+0xc80/0xd70
[  422.480288][T12584]  handle_bug+0x9c/0x200
[  422.484555][T12584]  exc_invalid_op+0x1a/0x50
[  422.489081][T12584]  asm_exc_invalid_op+0x1a/0x20
[  422.493953][T12584] RIP: 0010:do_notify_parent+0xc7e/0xd70
[  422.499610][T12584] Code: c6 05 7c 06 93 0e 01 48 c7 c7 c0 46 cb 8b be a3 08 00 00 48 c7 c2 40 48 cb 8b e8 6d 6e 17 00 e9 c6 fa ff ff e8 b3 1b 3b 00 90 <0f> 0b 90 45 31 e4 e9 1c ff ff ff e8 a2 1b 3b 00 90 0f 0b 90 e9 75
[  422.519257][T12584] RSP: 0000:ffffc90004fa7c40 EFLAGS: 00010093
[  422.525356][T12584] RAX: ffffffff818aed1d RBX: dffffc0000000000 RCX: ffff888027b11e80
[  422.533868][T12584] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 0000000000000040
[  422.541853][T12584] RBP: ffffc90004fa7d90 R08: 0000000000000003 R09: 0000000000000004
[  422.549836][T12584] R10: dffffc0000000000 R11: fffff520009f4fa4 R12: ffff88802ef1ab90
[  422.557821][T12584] R13: ffff888027b11e80 R14: 0000000000000080 R15: 1ffff920009f4f90
[  422.565828][T12584]  ? do_notify_parent+0xc7d/0xd70
[  422.570894][T12584]  ? do_raw_spin_lock+0x12b/0x2f0
[  422.575940][T12584]  ? __pfx_do_notify_parent+0x10/0x10
[  422.581337][T12584]  ? do_raw_write_lock+0x11d/0x260
[  422.586469][T12584]  ? __pfx_do_raw_write_lock+0x10/0x10
[  422.591946][T12584]  ? kill_orphaned_pgrp+0x170/0x610
[  422.597185][T12584]  do_exit+0x15b3/0x2580
[  422.601484][T12584]  ? __pfx_do_exit+0x10/0x10
[  422.606114][T12584]  ? rcu_is_watching+0x15/0xb0
[  422.610920][T12584]  __x64_sys_exit+0x40/0x40
[  422.615443][T12584]  x64_sys_call+0x2231/0x2240
[  422.620147][T12584]  do_syscall_64+0x14d/0xf80
[  422.624769][T12584]  ? trace_irq_disable+0x3b/0x150
[  422.629812][T12584]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.635897][T12584]  ? clear_bhb_loop+0x40/0x90
[  422.640595][T12584]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.646505][T12584] RIP: 0033:0x7fb28239c799
[  422.650935][T12584] Code: Unable to access opcode bytes at 0x7fb28239c76f.
[  422.657969][T12584] RSP: 002b:00007fb28330dfd8 EFLAGS: 00000246 ORIG_RAX: 000000000000003c
[  422.666401][T12584] RAX: ffffffffffffffda RBX: 00007fb282615fa0 RCX: 00007fb28239c799
[  422.674396][T12584] RDX: 00007fb28330e9c8 RSI: 0000000000000000 RDI: 0000000000000000
[  422.682397][T12584] RBP: 00007fb282432bd9 R08: 0000000000000000 R09: 0000000000000000
[  422.690398][T12584] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  422.698398][T12584] R13: 00007fb282616038 R14: 00007fb282615fa0 R15: 00007fff57d84728
[  422.706406][T12584]  </TASK>
[  422.710025][T12584] Kernel Offset: disabled
[  422.714362][T12584] Rebooting in 86400 seconds..