last executing test programs:

1m9.431552876s ago: executing program 2 (id=459):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
syz_emit_ethernet(0x0, 0x0, 0x0)
recvfrom(r0, 0x0, 0x0, 0x40000040, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0xc0403d15, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000801, 0xfa11, 0x406}, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4004550c, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r5, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, 0x0, 0x0)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r7, 0x7a5, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x76, 0x9, 0x4, 0x0, 0x1, 0x2, 0x3ff, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x4, 0xa1, 0xffeffffffffffffe, 0x100000001, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

1m7.275197459s ago: executing program 0 (id=464):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0), 0x2000, &(0x7f00000004c0)={&(0x7f0000000140)={0x50, 0x0, 0x1000000000, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x10, 0x100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f0000004300)="c1b0ad27d26172a2282808a63b3666a169a53df2d890fb5a415426c6ff9bb87f8efb6ea14cfe80e636e7de7e2b18b78f80a1e4c84f02ecfed07902492c1d761451483d0b9c75d1bce9e4a0d1f8a9bb1a22b951653bbce82561c6ac0fc2eaeb3fcd942b78b746455913dbea328ce1088f52d7cb35aefac657784f2cdd576c15bb8db65205430d6a1cd094d749955b73eacfddece7cb849c1554eebb88d05d597b840ebac50de06d2efcc88cb3bbdaf6388332964078936c035bd3e3f56e545ba683f4523df2d6034d5086890db8e3922638a6196fe0a1a026ef632f8c6c6ac3e66228e9c15abaa010f956968240f31f97ef8da03d671ad3d48e135c880c8e096e0f39cdaf38d0203a20362c985b38cefac182d22fb4b709c8c1b5dea4eb5e6dde7af7793b120ba2eadcb892c53de7ce0ab712ef33721121fcf841fa1d35f7a2e9ff1b054adf64e6e2261e015c9a0dd0b8d8fd363ae1bd8ffc28d41b681ece5c4568cf6adf2815b618e8308dbd1c2e664c178a4504e0a362291ac5dfa1115709d42fe8bfc92f109d60c12d43fc204a8f3458b199adab770d51eacae9eeaa4cd1569f05dde2f71e2819dc64c2c62441e4cf281acc54f88741ed1329343e0dbfb356ab7fd3732a93b2a15fac46ef120745cd49b7e65421595fd81fabaee29a28bab508c95fa74d8884c4edd6bdea3c71e8d230c8e666aeaadf6f4c67846ad43a3f458123508c77df0b13c25b3414220600e35dd2d44bbd78d7902f767dfcfb6001674106a6a952f3a47e78758893cae3bfff8d053842642c3f9eb512e12ef09313b2a823e1c31dd45b236824b057992101016204d48e1d3f7f42503b20f549371f92688624089b5460b724307b569f8570c5eba6c243702370f76c0ef78d59d5aef447852c9102618a9811f8440abac9e78a7613b00ecc1b0f6dd9c477701a975fe07c95bc35237d33f7368b9be2986566f310f16a189fe0438ae0887384b10f80b2635493839b3de154c8fe5bc020164e062d77b4826df0eb2af18c8a9e5b28c3d2849bbd29628c76306cf7f4433e0d128a93f5b12a2bea9ed9b3a85e8e4896ec6ce0ea8ef4471cd9db37d91b3f45cb72c2781864c820e4e267e6a650a3687eac83d7b010c621c1c52717b98335df8e87390e5a76874bf31993e1a801f4fe8dc9222877c693fc043d38f54b9422210f2a023f496149def0a9e936c4adbce6a290113b2fb40c5e3e79a0797cd37c2e1731e0143bb5d8bfa51c226d02d567b50c63ebbc64e1d44e120e4cb0fed4347528df660736b99ea3235e83da0c167a015cb3e7a57c5e9072b2fd358cdb20127deb4f37deb2d09ef2b2795ccb52f3bab0f5abcfc37bd0932e55f92cba6e468fb3175b983ca8597327fe67fc1aa89f6d1829ea7eeeec41e3920a51ac583489abe8eb5c1c841d4969a06fde61fa56e59f8f0f64b19071d8a84853047a3d766e82cf2c651586ac3f877c8909ed056b1828fff9211e414b8b8f5cd38542132d9562abae4bf63bbd0532208199e4d2c59b1e5d9a438f026d01c40fd0b8076a9e933e65e65ff9ea0fde753edc738aa079b6695c6055ac2690d6d928e9046c446bd9d0c3e685eee30f7a718436cfa917f678cfdc2f7f72e7bbe508cc64239597f5969f4a750cf1f0f5a646018eb1c35f912cc4c888da888ae8fad773fe47c6a78a63af9b035e15eb790a7ccff2f44d70acd069499d7db8bd02bb6bf252699d8d46a8923f21ba967585be41b79e4d653ab2fba065610ca31e683a5cd5b29678f45eb2593700b361919efb0dffa1782b70d0a4a34247cbd9b240536ce6d46615ec96387e05f60375a2fb8977898cdee503b1fa20924fdec96a1930dac55dddd2eb612c383e4eff4e95f6cdf88047fe76ce9dcbf18a6f81d091f8e767be97b105dbc709d92c6f25d785b4972cafaea96bafc82cdbd4525340e37903259117b8ab63bbb9fb34cf23cdc48b59f7bd0b50ea12950e424e706a5d9ef4d69b334a5de6629b2b585d64688dcd5d4230fbe6f8043e99e9942d13973568b789a34a3ec7a70ff4b34ed4f28a1ad2eb31d8c81ce77d8b554749522c149944a08669ba48926dca4429fe817a7d91f373db7a100f74d6a062ad5e9ea20c77fb575a0c54c5eafd640ee770c844c813d9d807dd80333571840bd8b4b6eae859ddef2f6dbffcd7040691e2228f927faa8c82de451e60303267df50e973b0c6c7f0738eb8cc82b899534a41ae37ede81b72c38d57d82c59f87a8acf456229cced3bd6da6003d1f456ab5849b4dce78b05eddb6188d69cf8ac5bc16799e99021b5485d5ce080b328e7e11e4bfc083a68d9ec22007fae9b04bd167ce4b8f455ed6419501ab6ca434d6418a8f8baf09a66a51ba426f61ccc2f30acfeb988f3a1f36bface215200b3ed62a3d2d74f7b8c0c8244472cc77fbec96721c55d10ae299fb1aba8c45ac1cc882ce964250b30d81bf8a8be110b9f8af1aa644313052e00ed644dd87ca7df34a50ccc3602f7d3ab93fd6ca19d5b9a06894a8f91d3aff8a3cd52fcd3af7adcc7f9ddfce8bb74b714ffd4d2e76cfe60b44a47b1d7fb2bbf0c4a3dac47edd09888fdbe781071900a2e473b4daeb545561ae8f34b4eeaa60f44900684ac1f620a6fa54e562de40645158a5d8c36e3d9027bfc65274ffc8bfca8c03d464047485c3db1e54294406d90ed05c3b0d2d4e66d5e992b99dc3ede4be703d2f31dfdc5dc8c6ef01f43b42306f4a4825be7499afdc8ba1c02e3998329726af89e030be58ecdd20bf8b5d7e5f81878791f92fbd000aa1f9c2bd0aeaba2cecdeffb476dbedf37692d23dac191dfd2f7633d04a0826512b79bc1f8a6737b9b36baec7f5a4555fc7054458f9c7169968ebac29009778dd739e3a5b6cb2f0a6ae0fcb4f545e89a61ad993e42dfa7a283bd9f3d2eac7797c345843244320da0ccad437458512747f321158cdad67ca63d9e3eb187c2fee00d5f9e20266e103317a54293a7ba090b40174d0232bfb2ebd8576adf8c8a9f963fe12a592fe19af02d6f684dbba4a2d6d98003f60a728b1e7b524cbf248666a88d6f19c4937db31e56b4f5373f8aa16926f7ec75da8a76cc340376958175d6f23585e97bee88164cd2e2df5835474c6cf21f65754b98766ab47857d3008be18186792ecc604fc17519cec1d67c727c84299201ba77ccb7e60aa7b912fcc61b5ae4f580a90892b6e7cc3610b357ba6ac5b377cf43bab2970ee240525e12767611842d1d52fe188f125d018889e3e2092b7a39ddb57c0546bb17ec2443e1bdc5a763c9ce5f9b528ed14134694802886d4420f02ee9574f62e6bcc456028663f0b1399d86599fe0047d93a2eb162d2fa13385192bd4221e41bcc61511e43103550f958ba6dfd5e1b855b82a543e8e0766678f1cdd1214a399aeef014150baba0556212132dbf135319868b9ff93adf51eefa64be829362388e2659101a3ec85e0bb5119423b60819aba5c3b8823b5e37f469783db165ff4cd2cd7306f163c0e4ac8695747b571d7941e2bf1be981a48e71f336bbcc20ccddfae7bdc7f94ab62dfda1d552bdef955189eeadc9bd710c2a3a8c9d414c45d2b99ab8b4e92f8fcf2b83380d079b3dd3ddb0978dadf5569f70444e48f26d32ae410a88bd7201a84b4e3b44a1764ad6428a8148907e86bb0a09cfc1191eda8202d3160c8a4716de885ee80fbbbb2278fcbcbfd1c76b1d55ccbb9ed228de215f5104a9a0b4d647b1fa4bc786c68bee29f5229ab9cc3ca0729199eb7bd2ec9e9be7d833b13586882ea069e2aac144f22442244655c33759aa1e101f87836ad0cb16ddc6e36a66a8755acd52b4e446c0e974756a087a725a95ef59121d39f1c75fa136d7212c71a14ad5579be27c1dd0af8f9e4fb9b407e2bbbdee423486c4d5127fcf5107177b1e21e81f1758f4c304f40c0eb35627113be1e4dcb06d209ca06696f214ca260721c4ce7b4d82db24f024c74786c8d6ba7c73f495eab53e545c44b53a78f82d0aedfe04b798bbe125c8622eb5a2a764cae9c8d01380d464bd2dc7a1b0eb2bc431ae432ccfa81f2913af53bd714fe97d958c928534aa2f7caff6cd926daad3e6ed4c44bd3dd3e1a3fe0e12e8423a79c93d7475e29d036b2491e3ae7e50e4098c107abc4eec102808c8d643c4d4ec5707ca06a0b584bbf1bdbfda771a708002ab235fbfe91923b95fe8f4decb6ea6f1022bd98b6f7df5b457a198f2dd8031db5998c56acb30526ac7a7ef157b269259d6606a91b13bc09db05d4f1ae91a8d4fddd9038e5c03506447a483f8759945ec9700b5ed83c7097c177756773c8a250c76415ff43ff091d2015452b8803297e882a832700cb2d4c5c09c9aff61aa04f9cfc81e3d68911c7029a9ab79bdf72d2814068c828c86aadf77bd56953019ad507f5e059ff6ddb5562722acb3193baf88f571a2aa6d575c35506569720d4829f4d29d155bbe186cb72707eddaab43052871ec43dbc5018c1ce41120bc53f2cae7ebcae5bfb42dd1a4d17f782638ffa9747802cb74c61ebd2936d35ae926dae166ae2ea88effad9467bcd028d733da52576db8892c7b77fb5c97814845e3651f5bd759edd3c72704cc3035cb9e15684a0e17fa0b5704a6ac35576643d6fdbee7c7d05e9f0b0ba3e691e2a281913f2f705077277311ae7b8ae3cf287faac63c8cb0534f8610aae68bfdc2e860dafca682af8ec0d73f5d521dcbd3c8b403ef5763c46a23f307c798a550d3a14c1a9db153c8f1b273cc2bbad5a3450ebc2b391f0e44a3223864a193df9fa27ca15293e36fd461bb4ffa6ca73ae5f2d79933b53e05c59017367125aaea376a509a20c9840100af4f1119f1a8cdab0b835c9315144b22335fda48835dbd7d32ac735f71f69a3fb2c593b5c344f23661ff3729e7142b6da61645f8446e2de64cd637186a66c45efc3ab13db3a9cd0117a3adbb44deae4944a9fd466a4f69af5a959430981deed8994bdfd060da92395e23e449eef961d61e82a65a4314ceb4fe3daa08bbda05ef91d70f549fb7959441cd19ac01cf221b83d6e75c3ad224eadcc3f74b097d2d9edc2ccae58ea09ad3af5bdb3e6b3e81ec38542b927fbfcce573b2ee2f2a71b14a24c4b5a443983665be22bc25251af121920540dfcf8c1f2d57d8f721b48efb9555690fbc3bab0fe71708f3edecc8ffd615b1af7feb0e893c3a458019764d16887dc2973333fa70aac3f5400bcace8dd0c8cd8c79bb1e28e744b6fd1a9a424c5f38cfe256df3e3d252a8941a3691f57098dc8658a93889b29690eb2406586ad10df48c0a34f90a37e5ba6583450946b96fc01867f462050f419058e490e5a0720258885b247f65c4db08b41f8236305daa37f0b83fe327f73a8d65a1d49986de9d8ea076c69003df5984926d0e39d30a41e4a660ef2242f42747a944d7664169fd41d0352d4362ebc6c2519dab028d904e8ca00921c936cdb197ae9f096a53c99d643ab30492be5144bb799dbde12499198c3cfb1483a2a29083fb3fb54957b68590526ef4b5a7fde45c773cd5e414f4ee4db79ba92c7a8c2cf77d3e0847f788ea6fcf10cd208ca5d04ee496f70ea0170bc60da6edbd95b444c100fddbd2e878f934c89b82480b16df600d236299886ff71612493eaaedddfa1dbebe596c8e3b8b4cdc2d231ce7e8df0f242677e6b5c3d2815b9e65e29c80ddee5c711c861950ae60d1b882803cb6c776598936d498c3a800fd1091005638efa23dab3eecd92c8a03734dec8f078e172d000313164f613f02ee24bda86e67adbcf618137a7ec3cdecf7829a8bf2546f62235d92c14ad5b39c1536d923dd579520055b1f89ef17240b89a616caeccbaff0db4d8fa087b5b2c7cadfe4507e0d351f5b045a5e401db68a8186f78edce6be621dbc5ba76b0ff3f406161b170354ca24d128d3a8bd02b7bafc1085b3dab482eaab63f1f165bb0d2d28f70bc9eee4e1fe31d73d12224363562152df7123f1977083534f8ae502984d41c593433be1936ed3296c5153dec58811d603efa95e4d895b9c8ae96af097a644dbdd0bb0aa8d3711bb8b494f3da0fcf48ede0ced49c031ee191e056426dd86276d69640fb1013747022d5b998b4fa7256a0474d2a9e183bd733d335d7208105b1c8676419d1f0252065c7de75c55cb0d221dc8e0532112403c215933ee84e654ebe4a09b34e4c747b34232344c2d3bf83ab53ee7b85f4a3f88914fe79a4f15c4c98a3ec126591591b0e6167e2544523e9070e830d792c78c693d2e6981015dea70a83982042d67a7f5229d106851c32933597e03ca171bc27c2a61380b8e58c41dd9bb808b4b308ab5ce45ba022048e02d89ca1a329f5a9cefb861ab3cd0a05236d58113b47592b0389ca6416b92ebbb367a3a41203d0baba90e8046412b7c23bb027e7cd656cbc864e38272545f66b712fb6ab080f972cd09c92c615a04ada2e24c74c1320ac02fc9ec077e5d5ba621aab5747bee120f5aaa9cb6ca91a162f06415f152cdc79f4117e0cc6fe9bfe53e7e396d5f21ad4328caec1141baddb16a7305ba49bd427e835dc23baae24e559ed66c215662ab3d517d87daf6dc4d2b4c8a3a0c77d65a9df67e756b7b719dc262b15891ccd9545919a5c63577be273276fc39df50dd9388e09fe3bcf1366df9df85fc9b8ef26651c439b76d73c40566fa035736d598ea1d77e1051a785d1717fedae7c687307b277e195555fa6ccaea28c57e07d84f51fb5ef64df87f62c651264ac4b268d116924f0ce008b6355f9901d74d7e8f0b440f337e51cb83fefc278da96edc32fec1012eb955493d8081885ec3dbe94e927f2b490b1bec6fc4b125008153706559a38e147e54d20917ab9d6bb5edf0550f5de539c7fbef949019b339f454be50a056223ccb014bbc078f04c01c8aea18ec58befeb4143c4fe2b6d23f487ff30309ef30986876c2073b7cd3589af3407ed921654683739551fe0cb65959181033b2d2de8482f9dfe9279a2febdba75f7523ae92cd89345494c41a3371f0d4c501f817aa751dc2e4c42597cf72baad04076cebbaa100fea0b0423eee35e32aa60831edb4c772dbe08918a9ede0450dd76430d47b3ebe097b99adaedf6b17dd649c25b77a81c0b1c1cf8447b69638be8872a9f17007f988cc5a555048a727078b5de08ad71156c0446764ef687e2f4bb6fcfe104c5dc862b5e78df61beeec1b1a026dc7283f65035cd5026624daec53c7b025953d9c0266d3e6f02f11931a088e47484230c00c3d6f3b72d095a66b1f87204e739f1b6d4716bb863b6b125e26c7c8e07596538f59b48cbd41250eca1efa85a9e185bc2d8a20787cb66be568f59ddc34a3b207a874d7aa4351da7df89a2ff1ff22bb9d69c177195686bcdc2f04724c8764696f7ef4a75a4e0dd875f07431883da3f9f9cbbc9950e57cfa7bb00b2b8ce162c807cc4d88dabdb91549d2d9a91b74ad5e518a2efae1b0e582423a5fb29e9aa792a2703505b578fd8c73f4f77c485916ede77a9f36be6a12391de7fdf73fdf1db6766ef38c23902be933c49ee8917858e8ee29559a2c2dec20e4a5ad650c52f97d1648f12733ef65466ce94b1268fbec2aef918c4d20886a373b6d3b5fa8b9dcca9c35033e2165803b55a34d87e012cb402ce79ae6de18a4cf57a89ad8dc698bf321a4cb0af1a4d5cdea3da832e3b44f3a47798fda07fc229ac89dde9d4f57b2f8305999400e69d2c5c8caa1bc98ccc833ccbae1682c6993f131a03466303cbc294ba22add02036f73149b2db98688d6462041be3d274d5217c7a6891694af9e2a626f8ec4d4ccb8d4946ef18904ad47a84c7a619e87e773126f61e30d5ced5232e14b6abfb4d44ad05ee999d4d54d2c751cd7c5c9cacfac6f7d47b9f97560038b0baa5e635b553a84f3cbeb04632a9abeb6740ea4ce627f60cd5e6aa71a7e2c205bc90adeb3d61bcd66f17d1296e0cd383b1fc38ad4e2cfd05d4a4ee7371f756eeaa0525bd1673f0070f9f5ae099a29e4c325015d9372ae27635d2eab686be9dd96ec2c014acd8123fea35f97d7ecb5e9bc8359b397e8c0c3b90658aa9fabdc8f9f4bd565dd6e20fc871b658fc3e5944efa972d80303d7a66dfd159e904dbfd894009291ddafdfe3a5c502755b5a3dbd89792b8e5633d6f81d23b63f599fc1f29d679f64afa697260e1e6a10ec075355b58ed9007408a379d3c890bcdbea8604e51c0520be1d8c1f10b0a91d40d7ea9ef9ca2c283153b902700635ce65c3ab69cf3107e2017d8a72160f1794136185afd57c743af49d84fb535fef777e6c6f2a18a04fce9618778c832a608861bc7dd7eab315644f998595d07c5a41bac3e7270a871257802d26f42c454c797414e0d5de88ad611c5e3a05ce76df1348e26509f52b7b125eebe5ce1ec0245bf2e715f2abe2626a42f37ed65c8ac086be9d169cc31adab8da3fc2e2dad0519c0a68cd6cb202c99f5ee48a65c6ac27b0d489faf3083fed64ee5b078d0092d5939fcd01b2a71dbf007367fcc56e2f62904be4097fd7c639caa8a390a59be7a6e46aae93667a26654fe461c043bfec083f065726e66b5f12d9e7013500068de45a49a87dc2d0933287e7575c9f3914071c110c9a8f492c67fc48784aea5c22d1ce26f3281d6deb14da66d69ef6ec8e9080ef0d543bc6ce58b177c01ade4232688fb252d6f3e1ceba283d1d59ae82a15b464746df9bec915f00a184469b846a19a7968d9b38e476e3aef47ae41ed8a7d4d3cf744da190747ee3266ff689428d372545f28e40713615b7f886e1f294056a95f3e50e1afa211ca3a2f4a04535646bf9f4cb709a5ecf437807072cc8b77fbed51e01bfac16c73876a5d2d4916555f7084a772847356855c69c193d8db2d37d8c1a5e6adb2169ddd3bd5b7a2cbf9418d00f174295381d51733924bfdc46017250df28679d6b378cc316c67198b57634f46d5f9c169fde3715ddbeb792fd2c1c74a7f97101d373351037c73af2643b8952665eca13f874aace302f60681e12523b6de8f5c5750d4fb480fe0cad1546af7c88426319baafceccca2b49fe96d2ff446a4867cc0ff6ef7845c93c6a6f2bbeac1e31d5d95618c990646a86b691ba387f6b31f75a69fc68e52c7efd0a1de03be8455514231e04bf7370ab6b49d931f4b581b52ca6e0b104bbd07013651d048dcc5271bce8de0f855c4d289a70b19fa616cddbe27b217116d3a52dfb590df3f932e9fee79e34b42844d4efe8a31844694ffaaf811d72b07ab4a281d75c4dd73f7fc82f9beb49e9ef70c72c31c6b7802ad77d25b405a002d63ba30c078aac97ad8cb9ac85299024c6dba7912c3844ed27097e6852a4567d332560e54bb835d2bfbc31a9bc181f8273b878349c9921c6cbd5466fdea1da224f5361c0c50c5fb4f6ccd9f15f6febea4d24265131cc991d85a5d3bf28ce78dd79a5ddff2b507c8b3d38ece81b386f428ed6cf9258657e7647dfa8a8b0aef5ce051208bf44e2d973885f72835f55458ed6cfcbcb75d998be711af59990eae176c637439b79ad8c41b1b71858a90e65aae941d92a2e9616784ad513321da97a2d1036d083c41eeacb374ca45904d6f205101b5e894cd3f0e2d7b8a737a07802a3a74eb4db792b204f69bf3278fff2538878634b84746b51a87d3364c64a860c568d82757761773b137a1f92fdb012c4f38add32dfd4cf0a6b6ccb8e7958abf0d8ab7cbe7c32919e3bf5618096af980cac33df3eae62fe9bb36eda0aac74dd81fd562113e2515c3d4aa6daec990506bf3b958888119d0b1dc215d5e5418eba9778bd53faa7e9f732ce01f3056fd5b89cafe357648592287c990fd5326df9eebb9452b69e0a94cca107d8ae2e72bca993a08c3531791762f52baef6486848d462854357cdd8788b20383b095d58a35b9ab04380629d8a10707b862bff7024b90555233f0b05848dc1c5145906e90b63b243bd7491673a55d9234a928e9bb37ed35afa3c9a4b936ac42ccb1d1dcb5abe7cc21717fa1025525d24f4eb745f1fe0b3584448e35ef9916fef74cfa511bf189591b2cabb0ff81306d13a37eb8578d183ebc7200b3e28d2c2f39e56ba76078d60192d806c972f4ad6077be01111b412587760e65105faa0d5cb2326f99687ceb7617e2d4d45b918dc581223f0909eb519856748849fac49a2bb4edf727a7b2edf6e4454f526d02ed459d7805b68142c25dfc5544ca04dc7fb3c45418eee7609712f5cdaeb3aa3c6936cdd1f1e0d1486dbe2f3ee05f6856727ebe888e797d834beafb969a90f950198b5ee0ec876172c290466118f8dee069bbdb463040ab8840b842bf2d1637b03040994ccf1b8180131c755c623e65a03c96172bd15ddf0f90dba2ac60800252c193547b0b6beb63c3542f95aa373bda1941edc0d441d6d758bac9a1d7301f51009aab487f1b2cb3935a5c8935e8f2ee2ee3e2dee90f06c6ae693f715b9480219c59abc458e6aee1a210767d26bd5c24f8a4fc6be59011417aac0eaac7ad5715c5942fe87fd341c842544f3e394bebce42c5667a511a0a363a89462aa18595ea6b51f86dd48db166c078adaf2d127b87e6ac9cb6826fb0010d869bf03f2afaee97b6a064fedf3cc0806d75060cd4c86d1014a47b9b81303d3c2716b8c0fa30193393dc1ddda76426fad6c03a41192f6c7cfaaa8e37e9e3eb3cc0c6bdaa721b66a9fab82e6c0fdf964286e4aca0d66201c0adca7c33fae61bba1be0c874f3b495f3f7857cb156ea2538e4101f89e708b4554444e95096a0a40fc78c35be82d843e2d2a3adb8d78d662cabedba523079fb6d52df3bb710d268d7cf32a6a0a88d4f80628c0ac8a447f3fc5e0d091514ca2c64680b7da00d9196adc481f61e281381f748f3b3b0d78f1c77fef19ce0b7466e14bde12a3a9bc5cb225d81fbef39cc1b3c5668e533a8a82375f6fb46dd8413c119a4366314350587685250b3799f0629e75e6a9ec79db0d589849401019fd5074a4ae910fd665c2736974f4ada686655329136e385a46c82d6929b9e01babecb45e780d444855a521ddf1c0f8dae1c1db21a72af45b82ca64939150a87af4e9b1a6d4ed11d547076a93853935f4a12cb388d7fbc5c054353d9ea5ac028dc4a2613b28014f52eda3610347babb083372240b4253071b20862355629a52e9d6342febd19d4ed645fcd1e6f6a1ad089e0a93c079eaf573890e5844d2c94e40549cae5988d5e68a7b4d7ce9f0a6d8917678cc0b9e416e88c7155eadd5a2b2d5a032dc2e409c7f587aee7d641a0c9cdff084708c0066045674e59267ee7b6e3e127fbfe1f3451f4396f568cb46856da5ea6af1bc5698e49c216a897dfd07771d5c4ffcee4ca502fd8df2b81972e5cae58b59b9c7a3368e43f2f9e7c86d68995c536a91b990c87fe90dba70b1cbd3d2396a4291c3d555561f5ec1acbca8f4922083603c94fd0f41ef5b9392ce42a5535829de651bad14cb05914f0e31e3e606728b823dfdc091a3d8d427f7aefa21bbb59f67dbaf0d05ebb5a55d50dd06fbcc5dfefb41cea425c19559d4423fb13d3174a040c3cb7ec86e4cdfaa253031c0af1328ba1570684d2aa3d534a016416a18800", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x18, 0x0, 0xde2, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89ed, 0x0)
llistxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x8c)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='comm\x00')
read$FUSE(r2, &(0x7f0000000180)={0x2020}, 0x2020)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x40, &(0x7f00000021c0)=ANY=[@ANYBLOB="3500004ef65452a775af7767d7d60e27f17d9666f49c809cf7fe7efd5508766b91d017878cdd04d2e6981712b42893c3b8dbf87b91cd85f60d3f5a0fec1aa0338ca1277938e887803c454a25911ef5488eded5bac9eff53851a34a57c41694e6ee37229c98cfbe79e0c49d0cbff8b787ae17f4de819c88faa0a4c6139e78e8254fe25994e43cc4f5519e145344ed3bc800eecaf9d6610bcc22feb7680241f6ee86b83fea735da2ee17f0cd"])
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

1m4.447958454s ago: executing program 2 (id=470):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x280880, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r3, 0x4068aea3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
socket$packet(0x11, 0x2, 0x300)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4138ae84, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x2fb71da98128d4bd, 0x0)
readv(r1, &(0x7f0000000240)=[{&(0x7f0000000040)=""/84, 0x9000}], 0x1) (fail_nth: 2)
close_range(r0, 0xffffffffffffffff, 0x0)

1m3.047490664s ago: executing program 0 (id=472):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fdinfo\x00')
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
lseek(r1, 0x2, 0x1)
getdents64(r1, 0x0, 0x22)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

1m2.366178715s ago: executing program 2 (id=475):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0', [], 0xa, "a3867447c2f07094334282810afb291bd6f592b57ee4bb8153711352071d91d3ee0f4ef793c841a29ed9c11f5e758778e529ec9d3260de53ffc836130000000000000008d123c06d37e6e946e7c62e62bbe6782fa8b489af923bad74ce61dcdd8c3f732e8864dc252f4b"}, 0x75)
recvmmsg(r1, &(0x7f0000002100)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000009c0)=""/4096, 0x1000}], 0x1}, 0x80000000}], 0x1, 0xcb, 0x0)

1m2.117684991s ago: executing program 2 (id=477):
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0700000004000000000100000400000000800000a37e80c34e619c106d69485afe7ec2af39c5f8d71e719fc818983d58914ba893f7b6402173fb32476fa25ce76897757ae9b6b01ac922f1043d07c0927a891a7101238f973418fd08e47e5517397b8980995b1108ea51539f30d653af10129731494cdb5254c703f1abe7dc663256b3ae2b5326efc19303678e86a69486592738957db41983259d97a3181e8f6a77d6d409560537e97fff8ad480d8fb7a48c53360411686c792878433fdbe80f5fa3841c14082024b1cd15fbf84cf73e36ee47aedac97636c7336ac64f1f62a1ec647ff523361bd39276b068f8dce2c6f150487a5", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0], 0x50)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000180)={0x0, 0x7, 0x5, 0x4}, &(0x7f00000003c0)=0x10)

1m2.004584063s ago: executing program 2 (id=479):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x765f2dee690bd45d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
clock_gettime(0x3, &(0x7f0000000000))
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r7, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000002c0)={0x10, 0x0, &(0x7f0000000240)=[@request_death], 0x0, 0x0, 0x0})

1m0.102616822s ago: executing program 2 (id=480):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
syz_emit_ethernet(0x0, 0x0, 0x0)
recvfrom(r0, 0x0, 0x0, 0x40000040, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0xc0403d15, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000801, 0xfa11, 0x406}, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4004550c, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r6, 0x7a5, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x76, 0x9, 0x4, 0x0, 0x1, 0x2, 0x3ff, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x4, 0xa1, 0xffeffffffffffffe, 0x100000001, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

58.429697998s ago: executing program 4 (id=481):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x765f2dee690bd45d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
clock_gettime(0x3, &(0x7f0000000000))
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

56.549746345s ago: executing program 4 (id=482):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept$alg(r0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000180)={'#! ', './file0', [], 0xa, "a3867447c2f07094334282810afb291bd6f592b57ee4bb8153711352071d91d3ee0f4ef793c841a29ed9c11f5e758778e529ec9d3260de53ffc836130000000000000008d123c06d37e6e946e7c62e62bbe6782fa8b489af923bad74ce61dcdd8c3f732e8864dc252f4bf5bcdf415dc847628a11c2764da6"}, 0x83)
recvmmsg(r1, &(0x7f0000002100)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000009c0)=""/4096, 0x1000}], 0x1}, 0x80000000}], 0x1, 0xcb, 0x0)

56.430377031s ago: executing program 0 (id=484):
r0 = mq_open(&(0x7f0000000380)='&\x00w\xb4N6Bf\xa9\xc2\xd0\b\x06L\xbbQ\xd6T\xe3+SD\xa8\x0f\xefwHw\xdab\xc4\x1a\xe55@hA5\xd6\xec.)\x8f}\xc5#L\x99\"\x84;{\xfa\x04~\xf1\x17\x1d\x90\x83\xfc\x1e\xae\xb0/(\xbb\xd3\xb7\xca\x13j\xab\xfa\xc5Mq\xb7ks\xe0 \x9d\xf8\x7f\x84b\xa4h\xeekc\xffZ\x9fg\x84lm\xd7F\x97\xdcX\xe3\x87\x18\x90\x03\x12^\xf2{\xf1\xbe\x12[~\xe7\xca\xe4\x13\xd6k\xa6\xf3v5F\xc9.\xce\x87z\xd4<\xa8\xba\xd0\x9c\ff\xe1\xe2\xf9\x18\xc0\xd0\xa1\x02K\xdd<a\xbe\xbeZ\r\xce\x9f\x835W\x87\xea\xe4e\xbdD\xc7\xb2', 0x40, 0x1a2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mq_notify(r0, 0x0) (fail_nth: 1)

53.794428176s ago: executing program 0 (id=488):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

52.052638154s ago: executing program 1 (id=490):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000200)=ANY=[@ANYBLOB="1201410130f56920ac05190272f00102030109021b000100001000090455070103490200090582030004"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000580)={0x84, &(0x7f0000000340)=ANY=[@ANYBLOB='\x00N\b'], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=', @ANYRESHEX, @ANYBLOB=',rootmode=00000000000000000060000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0), 0x2000, &(0x7f00000004c0)={&(0x7f0000000140)={0x50, 0x0, 0x1000000000, {0x7, 0x2b, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x10, 0x100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004300)="c1b0ad27d26172a2282808a63b3666a169a53df2d890fb5a415426c6ff9bb87f8efb6ea14cfe80e636e7de7e2b18b78f80a1e4c84f02ecfed07902492c1d761451483d0b9c75d1bce9e4a0d1f8a9bb1a22b951653bbce82561c6ac0fc2eaeb3fcd942b78b746455913dbea328ce1088f52d7cb35aefac657784f2cdd576c15bb8db65205430d6a1cd094d749955b73eacfddece7cb849c1554eebb88d05d597b840ebac50de06d2efcc88cb3bbdaf6388332964078936c035bd3e3f56e545ba683f4523df2d6034d5086890db8e3922638a6196fe0a1a026ef632f8c6c6ac3e66228e9c15abaa010f956968240f31f97ef8da03d671ad3d48e135c880c8e096e0f39cdaf38d0203a20362c985b38cefac182d22fb4b709c8c1b5dea4eb5e6dde7af7793b120ba2eadcb892c53de7ce0ab712ef33721121fcf841fa1d35f7a2e9ff1b054adf64e6e2261e015c9a0dd0b8d8fd363ae1bd8ffc28d41b681ece5c4568cf6adf2815b618e8308dbd1c2e664c178a4504e0a362291ac5dfa1115709d42fe8bfc92f109d60c12d43fc204a8f3458b199adab770d51eacae9eeaa4cd1569f05dde2f71e2819dc64c2c62441e4cf281acc54f88741ed1329343e0dbfb356ab7fd3732a93b2a15fac46ef120745cd49b7e65421595fd81fabaee29a28bab508c95fa74d8884c4edd6bdea3c71e8d230c8e666aeaadf6f4c67846ad43a3f458123508c77df0b13c25b3414220600e35dd2d44bbd78d7902f767dfcfb6001674106a6a952f3a47e78758893cae3bfff8d053842642c3f9eb512e12ef09313b2a823e1c31dd45b236824b057992101016204d48e1d3f7f42503b20f549371f92688624089b5460b724307b569f8570c5eba6c243702370f76c0ef78d59d5aef447852c9102618a9811f8440abac9e78a7613b00ecc1b0f6dd9c477701a975fe07c95bc35237d33f7368b9be2986566f310f16a189fe0438ae0887384b10f80b2635493839b3de154c8fe5bc020164e062d77b4826df0eb2af18c8a9e5b28c3d2849bbd29628c76306cf7f4433e0d128a93f5b12a2bea9ed9b3a85e8e4896ec6ce0ea8ef4471cd9db37d91b3f45cb72c2781864c820e4e267e6a650a3687eac83d7b010c621c1c52717b98335df8e87390e5a76874bf31993e1a801f4fe8dc9222877c693fc043d38f54b9422210f2a023f496149def0a9e936c4adbce6a290113b2fb40c5e3e79a0797cd37c2e1731e0143bb5d8bfa51c226d02d567b50c63ebbc64e1d44e120e4cb0fed4347528df660736b99ea3235e83da0c167a015cb3e7a57c5e9072b2fd358cdb20127deb4f37deb2d09ef2b2795ccb52f3bab0f5abcfc37bd0932e55f92cba6e468fb3175b983ca8597327fe67fc1aa89f6d1829ea7eeeec41e3920a51ac583489abe8eb5c1c841d4969a06fde61fa56e59f8f0f64b19071d8a84853047a3d766e82cf2c651586ac3f877c8909ed056b1828fff9211e414b8b8f5cd38542132d9562abae4bf63bbd0532208199e4d2c59b1e5d9a438f026d01c40fd0b8076a9e933e65e65ff9ea0fde753edc738aa079b6695c6055ac2690d6d928e9046c446bd9d0c3e685eee30f7a718436cfa917f678cfdc2f7f72e7bbe508cc64239597f5969f4a750cf1f0f5a646018eb1c35f912cc4c888da888ae8fad773fe47c6a78a63af9b035e15eb790a7ccff2f44d70acd069499d7db8bd02bb6bf252699d8d46a8923f21ba967585be41b79e4d653ab2fba065610ca31e683a5cd5b29678f45eb2593700b361919efb0dffa1782b70d0a4a34247cbd9b240536ce6d46615ec96387e05f60375a2fb8977898cdee503b1fa20924fdec96a1930dac55dddd2eb612c383e4eff4e95f6cdf88047fe76ce9dcbf18a6f81d091f8e767be97b105dbc709d92c6f25d785b4972cafaea96bafc82cdbd4525340e37903259117b8ab63bbb9fb34cf23cdc48b59f7bd0b50ea12950e424e706a5d9ef4d69b334a5de6629b2b585d64688dcd5d4230fbe6f8043e99e9942d13973568b789a34a3ec7a70ff4b34ed4f28a1ad2eb31d8c81ce77d8b554749522c149944a08669ba48926dca4429fe817a7d91f373db7a100f74d6a062ad5e9ea20c77fb575a0c54c5eafd640ee770c844c813d9d807dd80333571840bd8b4b6eae859ddef2f6dbffcd7040691e2228f927faa8c82de451e60303267df50e973b0c6c7f0738eb8cc82b899534a41ae37ede81b72c38d57d82c59f87a8acf456229cced3bd6da6003d1f456ab5849b4dce78b05eddb6188d69cf8ac5bc16799e99021b5485d5ce080b328e7e11e4bfc083a68d9ec22007fae9b04bd167ce4b8f455ed6419501ab6ca434d6418a8f8baf09a66a51ba426f61ccc2f30acfeb988f3a1f36bface215200b3ed62a3d2d74f7b8c0c8244472cc77fbec96721c55d10ae299fb1aba8c45ac1cc882ce964250b30d81bf8a8be110b9f8af1aa644313052e00ed644dd87ca7df34a50ccc3602f7d3ab93fd6ca19d5b9a06894a8f91d3aff8a3cd52fcd3af7adcc7f9ddfce8bb74b714ffd4d2e76cfe60b44a47b1d7fb2bbf0c4a3dac47edd09888fdbe781071900a2e473b4daeb545561ae8f34b4eeaa60f44900684ac1f620a6fa54e562de40645158a5d8c36e3d9027bfc65274ffc8bfca8c03d464047485c3db1e54294406d90ed05c3b0d2d4e66d5e992b99dc3ede4be703d2f31dfdc5dc8c6ef01f43b42306f4a4825be7499afdc8ba1c02e3998329726af89e030be58ecdd20bf8b5d7e5f81878791f92fbd000aa1f9c2bd0aeaba2cecdeffb476dbedf37692d23dac191dfd2f7633d04a0826512b79bc1f8a6737b9b36baec7f5a4555fc7054458f9c7169968ebac29009778dd739e3a5b6cb2f0a6ae0fcb4f545e89a61ad993e42dfa7a283bd9f3d2eac7797c345843244320da0ccad437458512747f321158cdad67ca63d9e3eb187c2fee00d5f9e20266e103317a54293a7ba090b40174d0232bfb2ebd8576adf8c8a9f963fe12a592fe19af02d6f684dbba4a2d6d98003f60a728b1e7b524cbf248666a88d6f19c4937db31e56b4f5373f8aa16926f7ec75da8a76cc340376958175d6f23585e97bee88164cd2e2df5835474c6cf21f65754b98766ab47857d3008be18186792ecc604fc17519cec1d67c727c84299201ba77ccb7e60aa7b912fcc61b5ae4f580a90892b6e7cc3610b357ba6ac5b377cf43bab2970ee240525e12767611842d1d52fe188f125d018889e3e2092b7a39ddb57c0546bb17ec2443e1bdc5a763c9ce5f9b528ed14134694802886d4420f02ee9574f62e6bcc456028663f0b1399d86599fe0047d93a2eb162d2fa13385192bd4221e41bcc61511e43103550f958ba6dfd5e1b855b82a543e8e0766678f1cdd1214a399aeef014150baba0556212132dbf135319868b9ff93adf51eefa64be829362388e2659101a3ec85e0bb5119423b60819aba5c3b8823b5e37f469783db165ff4cd2cd7306f163c0e4ac8695747b571d7941e2bf1be981a48e71f336bbcc20ccddfae7bdc7f94ab62dfda1d552bdef955189eeadc9bd710c2a3a8c9d414c45d2b99ab8b4e92f8fcf2b83380d079b3dd3ddb0978dadf5569f70444e48f26d32ae410a88bd7201a84b4e3b44a1764ad6428a8148907e86bb0a09cfc1191eda8202d3160c8a4716de885ee80fbbbb2278fcbcbfd1c76b1d55ccbb9ed228de215f5104a9a0b4d647b1fa4bc786c68bee29f5229ab9cc3ca0729199eb7bd2ec9e9be7d833b13586882ea069e2aac144f22442244655c33759aa1e101f87836ad0cb16ddc6e36a66a8755acd52b4e446c0e974756a087a725a95ef59121d39f1c75fa136d7212c71a14ad5579be27c1dd0af8f9e4fb9b407e2bbbdee423486c4d5127fcf5107177b1e21e81f1758f4c304f40c0eb35627113be1e4dcb06d209ca06696f214ca260721c4ce7b4d82db24f024c74786c8d6ba7c73f495eab53e545c44b53a78f82d0aedfe04b798bbe125c8622eb5a2a764cae9c8d01380d464bd2dc7a1b0eb2bc431ae432ccfa81f2913af53bd714fe97d958c928534aa2f7caff6cd926daad3e6ed4c44bd3dd3e1a3fe0e12e8423a79c93d7475e29d036b2491e3ae7e50e4098c107abc4eec102808c8d643c4d4ec5707ca06a0b584bbf1bdbfda771a708002ab235fbfe91923b95fe8f4decb6ea6f1022bd98b6f7df5b457a198f2dd8031db5998c56acb30526ac7a7ef157b269259d6606a91b13bc09db05d4f1ae91a8d4fddd9038e5c03506447a483f8759945ec9700b5ed83c7097c177756773c8a250c76415ff43ff091d2015452b8803297e882a832700cb2d4c5c09c9aff61aa04f9cfc81e3d68911c7029a9ab79bdf72d2814068c828c86aadf77bd56953019ad507f5e059ff6ddb5562722acb3193baf88f571a2aa6d575c35506569720d4829f4d29d155bbe186cb72707eddaab43052871ec43dbc5018c1ce41120bc53f2cae7ebcae5bfb42dd1a4d17f782638ffa9747802cb74c61ebd2936d35ae926dae166ae2ea88effad9467bcd028d733da52576db8892c7b77fb5c97814845e3651f5bd759edd3c72704cc3035cb9e15684a0e17fa0b5704a6ac35576643d6fdbee7c7d05e9f0b0ba3e691e2a281913f2f705077277311ae7b8ae3cf287faac63c8cb0534f8610aae68bfdc2e860dafca682af8ec0d73f5d521dcbd3c8b403ef5763c46a23f307c798a550d3a14c1a9db153c8f1b273cc2bbad5a3450ebc2b391f0e44a3223864a193df9fa27ca15293e36fd461bb4ffa6ca73ae5f2d79933b53e05c59017367125aaea376a509a20c9840100af4f1119f1a8cdab0b835c9315144b22335fda48835dbd7d32ac735f71f69a3fb2c593b5c344f23661ff3729e7142b6da61645f8446e2de64cd637186a66c45efc3ab13db3a9cd0117a3adbb44deae4944a9fd466a4f69af5a959430981deed8994bdfd060da92395e23e449eef961d61e82a65a4314ceb4fe3daa08bbda05ef91d70f549fb7959441cd19ac01cf221b83d6e75c3ad224eadcc3f74b097d2d9edc2ccae58ea09ad3af5bdb3e6b3e81ec38542b927fbfcce573b2ee2f2a71b14a24c4b5a443983665be22bc25251af121920540dfcf8c1f2d57d8f721b48efb9555690fbc3bab0fe71708f3edecc8ffd615b1af7feb0e893c3a458019764d16887dc2973333fa70aac3f5400bcace8dd0c8cd8c79bb1e28e744b6fd1a9a424c5f38cfe256df3e3d252a8941a3691f57098dc8658a93889b29690eb2406586ad10df48c0a34f90a37e5ba6583450946b96fc01867f462050f419058e490e5a0720258885b247f65c4db08b41f8236305daa37f0b83fe327f73a8d65a1d49986de9d8ea076c69003df5984926d0e39d30a41e4a660ef2242f42747a944d7664169fd41d0352d4362ebc6c2519dab028d904e8ca00921c936cdb197ae9f096a53c99d643ab30492be5144bb799dbde12499198c3cfb1483a2a29083fb3fb54957b68590526ef4b5a7fde45c773cd5e414f4ee4db79ba92c7a8c2cf77d3e0847f788ea6fcf10cd208ca5d04ee496f70ea0170bc60da6edbd95b444c100fddbd2e878f934c89b82480b16df600d236299886ff71612493eaaedddfa1dbebe596c8e3b8b4cdc2d231ce7e8df0f242677e6b5c3d2815b9e65e29c80ddee5c711c861950ae60d1b882803cb6c776598936d498c3a800fd1091005638efa23dab3eecd92c8a03734dec8f078e172d000313164f613f02ee24bda86e67adbcf618137a7ec3cdecf7829a8bf2546f62235d92c14ad5b39c1536d923dd579520055b1f89ef17240b89a616caeccbaff0db4d8fa087b5b2c7cadfe4507e0d351f5b045a5e401db68a8186f78edce6be621dbc5ba76b0ff3f406161b170354ca24d128d3a8bd02b7bafc1085b3dab482eaab63f1f165bb0d2d28f70bc9eee4e1fe31d73d12224363562152df7123f1977083534f8ae502984d41c593433be1936ed3296c5153dec58811d603efa95e4d895b9c8ae96af097a644dbdd0bb0aa8d3711bb8b494f3da0fcf48ede0ced49c031ee191e056426dd86276d69640fb1013747022d5b998b4fa7256a0474d2a9e183bd733d335d7208105b1c8676419d1f0252065c7de75c55cb0d221dc8e0532112403c215933ee84e654ebe4a09b34e4c747b34232344c2d3bf83ab53ee7b85f4a3f88914fe79a4f15c4c98a3ec126591591b0e6167e2544523e9070e830d792c78c693d2e6981015dea70a83982042d67a7f5229d106851c32933597e03ca171bc27c2a61380b8e58c41dd9bb808b4b308ab5ce45ba022048e02d89ca1a329f5a9cefb861ab3cd0a05236d58113b47592b0389ca6416b92ebbb367a3a41203d0baba90e8046412b7c23bb027e7cd656cbc864e38272545f66b712fb6ab080f972cd09c92c615a04ada2e24c74c1320ac02fc9ec077e5d5ba621aab5747bee120f5aaa9cb6ca91a162f06415f152cdc79f4117e0cc6fe9bfe53e7e396d5f21ad4328caec1141baddb16a7305ba49bd427e835dc23baae24e559ed66c215662ab3d517d87daf6dc4d2b4c8a3a0c77d65a9df67e756b7b719dc262b15891ccd9545919a5c63577be273276fc39df50dd9388e09fe3bcf1366df9df85fc9b8ef26651c439b76d73c40566fa035736d598ea1d77e1051a785d1717fedae7c687307b277e195555fa6ccaea28c57e07d84f51fb5ef64df87f62c651264ac4b268d116924f0ce008b6355f9901d74d7e8f0b440f337e51cb83fefc278da96edc32fec1012eb955493d8081885ec3dbe94e927f2b490b1bec6fc4b125008153706559a38e147e54d20917ab9d6bb5edf0550f5de539c7fbef949019b339f454be50a056223ccb014bbc078f04c01c8aea18ec58befeb4143c4fe2b6d23f487ff30309ef30986876c2073b7cd3589af3407ed921654683739551fe0cb65959181033b2d2de8482f9dfe9279a2febdba75f7523ae92cd89345494c41a3371f0d4c501f817aa751dc2e4c42597cf72baad04076cebbaa100fea0b0423eee35e32aa60831edb4c772dbe08918a9ede0450dd76430d47b3ebe097b99adaedf6b17dd649c25b77a81c0b1c1cf8447b69638be8872a9f17007f988cc5a555048a727078b5de08ad71156c0446764ef687e2f4bb6fcfe104c5dc862b5e78df61beeec1b1a026dc7283f65035cd5026624daec53c7b025953d9c0266d3e6f02f11931a088e47484230c00c3d6f3b72d095a66b1f87204e739f1b6d4716bb863b6b125e26c7c8e07596538f59b48cbd41250eca1efa85a9e185bc2d8a20787cb66be568f59ddc34a3b207a874d7aa4351da7df89a2ff1ff22bb9d69c177195686bcdc2f04724c8764696f7ef4a75a4e0dd875f07431883da3f9f9cbbc9950e57cfa7bb00b2b8ce162c807cc4d88dabdb91549d2d9a91b74ad5e518a2efae1b0e582423a5fb29e9aa792a2703505b578fd8c73f4f77c485916ede77a9f36be6a12391de7fdf73fdf1db6766ef38c23902be933c49ee8917858e8ee29559a2c2dec20e4a5ad650c52f97d1648f12733ef65466ce94b1268fbec2aef918c4d20886a373b6d3b5fa8b9dcca9c35033e2165803b55a34d87e012cb402ce79ae6de18a4cf57a89ad8dc698bf321a4cb0af1a4d5cdea3da832e3b44f3a47798fda07fc229ac89dde9d4f57b2f8305999400e69d2c5c8caa1bc98ccc833ccbae1682c6993f131a03466303cbc294ba22add02036f73149b2db98688d6462041be3d274d5217c7a6891694af9e2a626f8ec4d4ccb8d4946ef18904ad47a84c7a619e87e773126f61e30d5ced5232e14b6abfb4d44ad05ee999d4d54d2c751cd7c5c9cacfac6f7d47b9f97560038b0baa5e635b553a84f3cbeb04632a9abeb6740ea4ce627f60cd5e6aa71a7e2c205bc90adeb3d61bcd66f17d1296e0cd383b1fc38ad4e2cfd05d4a4ee7371f756eeaa0525bd1673f0070f9f5ae099a29e4c325015d9372ae27635d2eab686be9dd96ec2c014acd8123fea35f97d7ecb5e9bc8359b397e8c0c3b90658aa9fabdc8f9f4bd565dd6e20fc871b658fc3e5944efa972d80303d7a66dfd159e904dbfd894009291ddafdfe3a5c502755b5a3dbd89792b8e5633d6f81d23b63f599fc1f29d679f64afa697260e1e6a10ec075355b58ed9007408a379d3c890bcdbea8604e51c0520be1d8c1f10b0a91d40d7ea9ef9ca2c283153b902700635ce65c3ab69cf3107e2017d8a72160f1794136185afd57c743af49d84fb535fef777e6c6f2a18a04fce9618778c832a608861bc7dd7eab315644f998595d07c5a41bac3e7270a871257802d26f42c454c797414e0d5de88ad611c5e3a05ce76df1348e26509f52b7b125eebe5ce1ec0245bf2e715f2abe2626a42f37ed65c8ac086be9d169cc31adab8da3fc2e2dad0519c0a68cd6cb202c99f5ee48a65c6ac27b0d489faf3083fed64ee5b078d0092d5939fcd01b2a71dbf007367fcc56e2f62904be4097fd7c639caa8a390a59be7a6e46aae93667a26654fe461c043bfec083f065726e66b5f12d9e7013500068de45a49a87dc2d0933287e7575c9f3914071c110c9a8f492c67fc48784aea5c22d1ce26f3281d6deb14da66d69ef6ec8e9080ef0d543bc6ce58b177c01ade4232688fb252d6f3e1ceba283d1d59ae82a15b464746df9bec915f00a184469b846a19a7968d9b38e476e3aef47ae41ed8a7d4d3cf744da190747ee3266ff689428d372545f28e40713615b7f886e1f294056a95f3e50e1afa211ca3a2f4a04535646bf9f4cb709a5ecf437807072cc8b77fbed51e01bfac16c73876a5d2d4916555f7084a772847356855c69c193d8db2d37d8c1a5e6adb2169ddd3bd5b7a2cbf9418d00f174295381d51733924bfdc46017250df28679d6b378cc316c67198b57634f46d5f9c169fde3715ddbeb792fd2c1c74a7f97101d373351037c73af2643b8952665eca13f874aace302f60681e12523b6de8f5c5750d4fb480fe0cad1546af7c88426319baafceccca2b49fe96d2ff446a4867cc0ff6ef7845c93c6a6f2bbeac1e31d5d95618c990646a86b691ba387f6b31f75a69fc68e52c7efd0a1de03be8455514231e04bf7370ab6b49d931f4b581b52ca6e0b104bbd07013651d048dcc5271bce8de0f855c4d289a70b19fa616cddbe27b217116d3a52dfb590df3f932e9fee79e34b42844d4efe8a31844694ffaaf811d72b07ab4a281d75c4dd73f7fc82f9beb49e9ef70c72c31c6b7802ad77d25b405a002d63ba30c078aac97ad8cb9ac85299024c6dba7912c3844ed27097e6852a4567d332560e54bb835d2bfbc31a9bc181f8273b878349c9921c6cbd5466fdea1da224f5361c0c50c5fb4f6ccd9f15f6febea4d24265131cc991d85a5d3bf28ce78dd79a5ddff2b507c8b3d38ece81b386f428ed6cf9258657e7647dfa8a8b0aef5ce051208bf44e2d973885f72835f55458ed6cfcbcb75d998be711af59990eae176c637439b79ad8c41b1b71858a90e65aae941d92a2e9616784ad513321da97a2d1036d083c41eeacb374ca45904d6f205101b5e894cd3f0e2d7b8a737a07802a3a74eb4db792b204f69bf3278fff2538878634b84746b51a87d3364c64a860c568d82757761773b137a1f92fdb012c4f38add32dfd4cf0a6b6ccb8e7958abf0d8ab7cbe7c32919e3bf5618096af980cac33df3eae62fe9bb36eda0aac74dd81fd562113e2515c3d4aa6daec990506bf3b958888119d0b1dc215d5e5418eba9778bd53faa7e9f732ce01f3056fd5b89cafe357648592287c990fd5326df9eebb9452b69e0a94cca107d8ae2e72bca993a08c3531791762f52baef6486848d462854357cdd8788b20383b095d58a35b9ab04380629d8a10707b862bff7024b90555233f0b05848dc1c5145906e90b63b243bd7491673a55d9234a928e9bb37ed35afa3c9a4b936ac42ccb1d1dcb5abe7cc21717fa1025525d24f4eb745f1fe0b3584448e35ef9916fef74cfa511bf189591b2cabb0ff81306d13a37eb8578d183ebc7200b3e28d2c2f39e56ba76078d60192d806c972f4ad6077be01111b412587760e65105faa0d5cb2326f99687ceb7617e2d4d45b918dc581223f0909eb519856748849fac49a2bb4edf727a7b2edf6e4454f526d02ed459d7805b68142c25dfc5544ca04dc7fb3c45418eee7609712f5cdaeb3aa3c6936cdd1f1e0d1486dbe2f3ee05f6856727ebe888e797d834beafb969a90f950198b5ee0ec876172c290466118f8dee069bbdb463040ab8840b842bf2d1637b03040994ccf1b8180131c755c623e65a03c96172bd15ddf0f90dba2ac60800252c193547b0b6beb63c3542f95aa373bda1941edc0d441d6d758bac9a1d7301f51009aab487f1b2cb3935a5c8935e8f2ee2ee3e2dee90f06c6ae693f715b9480219c59abc458e6aee1a210767d26bd5c24f8a4fc6be59011417aac0eaac7ad5715c5942fe87fd341c842544f3e394bebce42c5667a511a0a363a89462aa18595ea6b51f86dd48db166c078adaf2d127b87e6ac9cb6826fb0010d869bf03f2afaee97b6a064fedf3cc0806d75060cd4c86d1014a47b9b81303d3c2716b8c0fa30193393dc1ddda76426fad6c03a41192f6c7cfaaa8e37e9e3eb3cc0c6bdaa721b66a9fab82e6c0fdf964286e4aca0d66201c0adca7c33fae61bba1be0c874f3b495f3f7857cb156ea2538e4101f89e708b4554444e95096a0a40fc78c35be82d843e2d2a3adb8d78d662cabedba523079fb6d52df3bb710d268d7cf32a6a0a88d4f80628c0ac8a447f3fc5e0d091514ca2c64680b7da00d9196adc481f61e281381f748f3b3b0d78f1c77fef19ce0b7466e14bde12a3a9bc5cb225d81fbef39cc1b3c5668e533a8a82375f6fb46dd8413c119a4366314350587685250b3799f0629e75e6a9ec79db0d589849401019fd5074a4ae910fd665c2736974f4ada686655329136e385a46c82d6929b9e01babecb45e780d444855a521ddf1c0f8dae1c1db21a72af45b82ca64939150a87af4e9b1a6d4ed11d547076a93853935f4a12cb388d7fbc5c054353d9ea5ac028dc4a2613b28014f52eda3610347babb083372240b4253071b20862355629a52e9d6342febd19d4ed645fcd1e6f6a1ad089e0a93c079eaf573890e5844d2c94e40549cae5988d5e68a7b4d7ce9f0a6d8917678cc0b9e416e88c7155eadd5a2b2d5a032dc2e409c7f587aee7d641a0c9cdff084708c0066045674e59267ee7b6e3e127fbfe1f3451f4396f568cb46856da5ea6af1bc5698e49c216a897dfd07771d5c4ffcee4ca502fd8df2b81972e5cae58b59b9c7a3368e43f2f9e7c86d68995c536a91b990c87fe90dba70b1cbd3d2396a4291c3d555561f5ec1acbca8f4922083603c94fd0f41ef5b9392ce42a5535829de651bad14cb05914f0e31e3e606728b823dfdc091a3d8d427f7aefa21bbb59f67dbaf0d05ebb5a55d50dd06fbcc5dfefb41cea425c19559d4423fb13d3174a040c3cb7ec86e4cdfaa253031c0af1328ba1570684d2aa3d534a016416a18800", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x18, 0x0, 0xde2, {0x1}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$SIOCPNENABLEPIPE(0xffffffffffffffff, 0x89ed, 0x0)
llistxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x8c)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='comm\x00')
read$FUSE(r1, &(0x7f0000000180)={0x2020}, 0x2020)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x40, &(0x7f00000021c0)=ANY=[@ANYBLOB="3500004ef65452a775af7767d7d60e27f17d9666f49c809cf7fe7efd5508766b91d017878cdd04d2e6981712b42893c3b8dbf87b91cd85f60d3f5a0fec1aa0338ca1277938e887803c454a25911ef5488eded5bac9eff53851a34a57c41694e6ee37229c98cfbe79e0c49d0cbff8b787ae17f4de819c88faa0a4c6139e78e8254fe25994e43cc4f5519e145344ed3bc800eecaf9d6610bcc22feb7680241f6ee86b83fea735da2ee17f0cd"])
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

51.849325162s ago: executing program 4 (id=491):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2603)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000100)={&(0x7f0000000f40)=[{0x6b, 0x2001, 0x3e, &(0x7f0000000140)="000000000094f6028e757a9e8c20251bb6cb8c2f8590946a7c35ac9497ab06000000bf425c3d43f1f43e3bc80801bdc5039fba63a058f07799dd0e33226e"}], 0x1})

50.881779303s ago: executing program 0 (id=492):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x765f2dee690bd45d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
r7 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r7, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

49.049925755s ago: executing program 0 (id=493):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r0, &(0x7f0000000240)={0x24, @short={0x2, 0x1, 0xffff}}, 0x14)
sendmmsg(r0, &(0x7f00000196c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0xd, 0x0}}], 0x4000050, 0x400c010)

48.693470716s ago: executing program 4 (id=494):
r0 = syz_open_dev$video4linux(&(0x7f0000000600), 0x14, 0x40080)
ioctl$VIDIOC_TRY_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000000)={0xa20000, 0x0, 0x10000081, 0xffffffffffffffff, 0x0, 0x0})
socket$kcm(0x21, 0x2, 0xa)
socket$inet(0x2, 0x2, 0x1)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r1 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x7, 0x23b})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)
r2 = socket$inet(0x2, 0x80001, 0x84)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, 0x0, 0x300, 0x0, 0x0, {{}, {@void, @void}}}, 0x14}}, 0x4000004)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000300)=0x8)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

47.194854212s ago: executing program 4 (id=496):
syz_open_dev$usbfs(&(0x7f0000000080), 0xf7a2, 0x109301)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x5, 0x141a42)
r1 = socket$inet6(0xa, 0x2, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x403, 0x6101, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4ed6f, 0x43426}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ICV_LEN={0x5, 0x3, 0xf}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20044801}, 0x0)
sendmmsg$inet6(r1, &(0x7f0000002c40)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @dev={0xfe, 0x80, '\x00', 0x3a}, 0x2}, 0x1c, 0x0}}, {{&(0x7f00000000c0)={0xa, 0x4e20, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x6}, 0x1c, 0x0, 0x0, &(0x7f0000000440)=[@tclass={{0x14, 0x29, 0x43, 0x4}}, @pktinfo={{0x24, 0x29, 0x32, {@mcast1}}}], 0x40}}], 0x2, 0x20002040)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x68, 0x10, 0x401, 0x0, 0x3, {0x0, 0x0, 0x0, 0x0, 0xe59bca127d81b0fa, 0xc574450d1af3b5bc}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @bridge_slave={{0x11}, {0x1c, 0x5, 0x0, 0x1, [@IFLA_BRPORT_GUARD={0x5}, @IFLA_BRPORT_MCAST_EHT_HOSTS_LIMIT={0x8, 0x25, 0x1}, @IFLA_BRPORT_FAST_LEAVE={0x5}]}}}, @IFLA_IFNAME={0x14, 0x3, 'bridge_slave_0\x00'}]}, 0x68}, 0x1, 0x0, 0x0, 0x20044010}, 0x4040)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$EBT_SO_GET_ENTRIES(r4, 0x84, 0x81, &(0x7f00000001c0)={'broute\x00', 0x0, 0x3, 0x0, [0x1, 0x9, 0x7973, 0x7, 0x9, 0xffffffff80000000], 0x0, 0x0, 0x0}, &(0x7f0000000080)=0x50)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_entry\x00', 0x2, 0x0)
sendmsg$TIPC_NL_PEER_REMOVE(r5, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x4004c020)

45.471941283s ago: executing program 4 (id=499):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffd5e, &(0x7f00000002c0)=0x10000009)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x49, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x0, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x80000006, 0x7, 0xe4, 0x6, 0xfc000000, 0x1, 0xbbf, 0x4a732f64, 0x1, 0x8, 0x5, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x17, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x3, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x404], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x4, 0x1, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x400, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x4, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x28, 0x1afa, 0xbfc, 0x8, 0x7c84, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x1, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x3, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0xbdb], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0500000000040000000001000000090001007379"], 0xa4}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

43.401264369s ago: executing program 32 (id=480):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
syz_emit_ethernet(0x0, 0x0, 0x0)
recvfrom(r0, 0x0, 0x0, 0x40000040, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)
ioctl$PTP_PEROUT_REQUEST2(r2, 0xc0403d15, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x6, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000801, 0xfa11, 0x406}, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4004550c, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000780)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0, 0x2c}, &(0x7f00000006c0)=[{&(0x7f0000000100)=""/44, 0x410200}], 0x1}}], 0x48}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xb8}}, 0x20040014)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, 0x0, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r6, 0x7a5, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x76, 0x9, 0x4, 0x0, 0x1, 0x2, 0x3ff, 0xffffffffffffffff}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x4, 0xa1, 0xffeffffffffffffe, 0x100000001, 0x0, 0x1}, &(0x7f0000000080)={0x0, 0x3938700}, 0x0)

40.553148863s ago: executing program 1 (id=502):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x765f2dee690bd45d, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102392, 0x18ff8)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})

38.275259284s ago: executing program 1 (id=503):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x765f2dee690bd45d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})

36.418356242s ago: executing program 1 (id=505):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002040)=[{{&(0x7f0000000000)={0xa, 0x0, 0x0, @private0, 0x3}, 0x1c, &(0x7f0000000300)=[{&(0x7f0000000080)="2b09e113abe4b43016588a0900", 0xd}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x4e23, 0x3, @private1, 0x9}, 0x1c, &(0x7f0000000140)=[{&(0x7f0000000340)}], 0x1}}], 0x2, 0x8000)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180), &(0x7f00000001c0)=0x4)

33.341143373s ago: executing program 33 (id=493):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0102}}}, 0x14)
connect$802154_dgram(r0, &(0x7f0000000240)={0x24, @short={0x2, 0x1, 0xffff}}, 0x14)
sendmmsg(r0, &(0x7f00000196c0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0xd, 0x0}}], 0x4000050, 0x400c010)

30.885239238s ago: executing program 1 (id=508):
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006380)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x200000000, 0x20000000, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x0, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x0, 0x0, 0xfffffffc, r2, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x26, 0x8, 0xfffffffff323ca46, 0x0, 0xfffc, 0x6, 0x5d3186cc, 0x0, 0x0, 0x1, 0x10001}}, 0x50)
creat(&(0x7f0000000180)='./file0/file0\x00', 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46380e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa894a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca23c884d9478de40ec3efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b2e405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4afbd7b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec1567e866497bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a9031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f7500", 0x2000, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0xfffffffffffffffe, 0x16c, {{0xfffffffffffffffe, 0x0, 0x180000, 0x0, 0xfffffffb, 0x3, {0x200000000, 0x7fff, 0x5, 0xffff, 0x4, 0x4, 0xe, 0x9, 0x0, 0x8000, 0x0, r2, 0xee01, 0xd5, 0x400000}}, {0x0, 0xe}}}, 0x0, 0x0})
mq_open(&(0x7f0000000000)='\':\x00', 0x40, 0x3, &(0x7f0000000040)={0x10001, 0x4, 0x80000001, 0x3})

30.825368648s ago: executing program 1 (id=509):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffd5e, &(0x7f00000002c0)=0x10000009)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000046"], 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xc080)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x49, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x0, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x80000006, 0x7, 0xe4, 0x6, 0xfc000000, 0x1, 0xbbf, 0x4a732f64, 0x1, 0x8, 0x5, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x17, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x3, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x404], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x4, 0x1, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x400, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x4, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x28, 0x1afa, 0xbfc, 0x8, 0x7c84, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x1, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x3, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0xbdb], 0x25000, 0x304})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0500000000040000000001000000090001007379"], 0xa4}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

29.640645396s ago: executing program 34 (id=499):
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffd5e, &(0x7f00000002c0)=0x10000009)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x49, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x0, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x80000006, 0x7, 0xe4, 0x6, 0xfc000000, 0x1, 0xbbf, 0x4a732f64, 0x1, 0x8, 0x5, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x17, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x3, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x404], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x4, 0x1, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x400, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x4, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x28, 0x1afa, 0xbfc, 0x8, 0x7c84, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x1, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x3, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0xbdb], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0500000000040000000001000000090001007379"], 0xa4}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

29.032063062s ago: executing program 3 (id=511):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001100)={&(0x7f0000000700)=ANY=[@ANYBLOB="140100001600010028bd7000fcdbdf2520010000000000000000000000000000ac1e00010000000000000000000000004e24fff74e220002000020205c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000004d26c000000e00000020000000000000000000000000600000000000000070000000000000003000000000000000008000000000000080000000000000007000000000000005a81000000000000d70000000000000003000000000000000100000001000000020000000000000005000000000000000a00000081000000ff7f00002bbd7000000000000000010040000300000010000a002cbd70002c"], 0x114}}, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805621a6ab4733661286b513bb2f65fbfdb15544b7bbaad0ddecacbf314b88d", @ANYRES64=r0], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
socket(0x15, 0x5, 0x0)
socket$netlink(0x10, 0x3, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0))
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8401)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000240)=""/74, 0x0, 0x1000, 0x2}, 0x20)
setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000200)=0x1, 0x4)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r3=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r1, &(0x7f0000000100)={0x2c, 0xa, r3}, 0x10)
r4 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
dup(r4)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)

25.184212736s ago: executing program 3 (id=512):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
close(0x3)
r2 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000080)={@remote, 0x800, 0x0, 0x3, 0x1, 0x8}, 0x20)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r1, &(0x7f00000000c0)={&(0x7f0000000000)={0xa, 0x1, 0x80000, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, 0xfffffffe}, 0x1c, 0x0, 0x0, &(0x7f0000000140)=ANY=[], 0x18}, 0x40048d0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)

24.904776913s ago: executing program 3 (id=513):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r2}, 0x18)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000040)={0x0})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r7, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)={0x84, 0x0, 0x2, 0x401, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASTER={0x30, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @dev={0xfe, 0x80, '\x00', 0x20}}, {0x14, 0x4, @mcast1}}}]}, @CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @local}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x86}}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x24000801}, 0x4)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8801}, 0x0)
mount$9p_rdma(0x0, 0x0, 0x0, 0x800, &(0x7f0000000100)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@sq={'sq', 0x3d, 0xffffffffffffffaf}}, {@timeout={'timeout', 0x3d, 0xe}}], [{@rootcontext={'rootcontext', 0x3d, 'root'}}]}})
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000140)={0x28, 0x0, 0x0, @local}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2107, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

23.607260931s ago: executing program 3 (id=514):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setpriority(0x2, 0x0, 0x7fffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x3c, &(0x7f0000000000)={0x0, 0x0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
connect$rxrpc(0xffffffffffffffff, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e20, 0x200, @loopback, 0x1}}, 0x24)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})

19.402803787s ago: executing program 3 (id=515):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./cgroup\x00', 0x0, 0x765f2dee690bd45d, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000032680)=""/102392, 0x18ff8)
clock_gettime(0x3, &(0x7f0000000000))
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000bc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000002c0)={0x10, 0x0, &(0x7f0000000240)=[@request_death], 0x0, 0x0, 0x0})

16.240231537s ago: executing program 3 (id=516):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
getpid()
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x49, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x0, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x80000006, 0x7, 0xe4, 0x6, 0xfc000000, 0x1, 0xbbf, 0x4a732f64, 0x1, 0x8, 0x5, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x17, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x3, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x404], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x4, 0x1, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x400, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x4, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x28, 0x1afa, 0xbfc, 0x8, 0x7c84, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x1, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x3, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0xbdb], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

15.15127884s ago: executing program 35 (id=509):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffd5e, &(0x7f00000002c0)=0x10000009)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1400000046"], 0x14}, 0x1, 0x0, 0x0, 0x4048011}, 0xc080)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x49, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x0, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x80000006, 0x7, 0xe4, 0x6, 0xfc000000, 0x1, 0xbbf, 0x4a732f64, 0x1, 0x8, 0x5, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x17, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x3, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x404], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x4, 0x1, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x400, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x4, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x28, 0x1afa, 0xbfc, 0x8, 0x7c84, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x1, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x3, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0xbdb], 0x25000, 0x304})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0500000000040000000001000000090001007379"], 0xa4}}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

0s ago: executing program 36 (id=516):
socket(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bind$802154_raw(0xffffffffffffffff, 0x0, 0x0)
getpid()
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x49, [0xfffffff8, 0x8, 0x5, 0x9, 0x8, 0x155f, 0x6, 0x0, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x80000006, 0x7, 0xe4, 0x6, 0xfc000000, 0x1, 0xbbf, 0x4a732f64, 0x1, 0x8, 0x5, 0x4, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x4, 0x0, 0x91, 0x4, 0x4, 0x17, 0x2, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x3, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x6, 0x404], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0x2, 0x809, 0x4, 0xa7, 0x1000, 0x0, 0x200b398, 0x400000, 0x0, 0x4, 0x1c, 0x7, 0x1, 0x2, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0x3, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x200006, 0x8, 0x400, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x4, 0x1, 0x8000003, 0x5, 0x9, 0x0, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x400, 0x400, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0x9, 0xfd, 0x601, 0x101, 0xdd80, 0x60a0, 0x7f, 0x9d26, 0x10000, 0x1, 0x4, 0x2, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x8, 0x1], [0xa772, 0x6, 0x28, 0x1afa, 0xbfc, 0x8, 0x7c84, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x1, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0xd, 0xfffffff7, 0x8, 0x140f2, 0x5396, 0x3, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x3, 0x4, 0xdab, 0x3, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0xbdb], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

x10/0x10
[  155.081159][ T6350]  ? import_iovec+0x74/0xa0
[  155.081184][ T6350]  ___sys_recvmsg+0x1b5/0x510
[  155.081219][ T6350]  ? __pfx____sys_recvmsg+0x10/0x10
[  155.081251][ T6350]  ? __fget_files+0x2a/0x420
[  155.081293][ T6350]  ? __fget_files+0x3a6/0x420
[  155.081328][ T6350]  do_recvmmsg+0x30d/0x770
[  155.081364][ T6350]  ? __pfx_do_recvmmsg+0x10/0x10
[  155.081410][ T6350]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  155.081452][ T6350]  __x64_sys_recvmmsg+0x190/0x240
[  155.081482][ T6350]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  155.081520][ T6350]  do_syscall_64+0xec/0xf80
[  155.081540][ T6350]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.081561][ T6350]  ? clear_bhb_loop+0x60/0xb0
[  155.081587][ T6350]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.081608][ T6350] RIP: 0033:0x7fe1806ff749
[  155.081626][ T6350] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.081643][ T6350] RSP: 002b:00007fe17e966038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  155.081664][ T6350] RAX: ffffffffffffffda RBX: 00007fe180955fa0 RCX: 00007fe1806ff749
[  155.081679][ T6350] RDX: 0000000000000001 RSI: 0000200000000900 RDI: 0000000000000003
[  155.081692][ T6350] RBP: 00007fe17e966090 R08: 0000000000000000 R09: 0000000000000000
[  155.081705][ T6350] R10: 0000000040002042 R11: 0000000000000246 R12: 0000000000000001
[  155.081718][ T6350] R13: 00007fe180956038 R14: 00007fe180955fa0 R15: 00007ffe86429088
[  155.081752][ T6350]  </TASK>
[  155.635847][ T6268] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  155.744163][ T6354] netlink: 32 bytes leftover after parsing attributes in process `syz.4.135'.
[  155.785859][ T6268] usb 1-1: device descriptor read/64, error -71
[  155.925920][ T6268] usb usb1-port1: attempt power cycle
[  156.037682][ T6360] FAULT_INJECTION: forcing a failure.
[  156.037682][ T6360] name failslab, interval 1, probability 0, space 0, times 0
[  156.037717][ T6360] CPU: 1 UID: 0 PID: 6360 Comm: syz.4.139 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  156.037742][ T6360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  156.037755][ T6360] Call Trace:
[  156.037764][ T6360]  <TASK>
[  156.037773][ T6360]  dump_stack_lvl+0xe8/0x150
[  156.037808][ T6360]  should_fail_ex+0x46c/0x600
[  156.037842][ T6360]  ? __alloc_skb+0x1dc/0x3a0
[  156.037866][ T6360]  should_failslab+0xa8/0x100
[  156.037889][ T6360]  ? __alloc_skb+0x1dc/0x3a0
[  156.037910][ T6360]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  156.037942][ T6360]  ? lockdep_hardirqs_on+0x7b/0x110
[  156.037965][ T6360]  ? __alloc_skb+0x198/0x3a0
[  156.037990][ T6360]  __alloc_skb+0x1dc/0x3a0
[  156.038019][ T6360]  netlink_sendmsg+0x5c6/0xb30
[  156.038060][ T6360]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.038100][ T6360]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  156.038128][ T6360]  ? __pfx_netlink_sendmsg+0x10/0x10
[  156.038179][ T6360]  __sock_sendmsg+0x21c/0x270
[  156.038216][ T6360]  ____sys_sendmsg+0x508/0x810
[  156.038250][ T6360]  ? __pfx_____sys_sendmsg+0x10/0x10
[  156.038289][ T6360]  ? import_iovec+0x74/0xa0
[  156.038314][ T6360]  ___sys_sendmsg+0x21f/0x2a0
[  156.038344][ T6360]  ? __pfx____sys_sendmsg+0x10/0x10
[  156.038417][ T6360]  ? __fget_files+0x2a/0x420
[  156.038439][ T6360]  ? __fget_files+0x3a6/0x420
[  156.038474][ T6360]  __x64_sys_sendmsg+0x1a1/0x260
[  156.038506][ T6360]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  156.038543][ T6360]  ? __pfx_ksys_write+0x10/0x10
[  156.038587][ T6360]  do_syscall_64+0xec/0xf80
[  156.038609][ T6360]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.038629][ T6360]  ? trace_irq_disable+0x37/0x100
[  156.038653][ T6360]  ? clear_bhb_loop+0x60/0xb0
[  156.038680][ T6360]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.038701][ T6360] RIP: 0033:0x7fe1806ff749
[  156.038720][ T6360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.038738][ T6360] RSP: 002b:00007fe17e966038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.038761][ T6360] RAX: ffffffffffffffda RBX: 00007fe180955fa0 RCX: 00007fe1806ff749
[  156.038777][ T6360] RDX: 0000000020000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  156.038791][ T6360] RBP: 00007fe17e966090 R08: 0000000000000000 R09: 0000000000000000
[  156.038804][ T6360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  156.038817][ T6360] R13: 00007fe180956038 R14: 00007fe180955fa0 R15: 00007ffe86429088
[  156.038852][ T6360]  </TASK>
[  156.323175][  T804] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  156.369411][ T6364] netlink: 20 bytes leftover after parsing attributes in process `syz.3.136'.
[  156.369430][ T6364] netlink: 24 bytes leftover after parsing attributes in process `syz.3.136'.
[  156.416498][ T6268] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  156.482657][ T6268] usb 1-1: device descriptor read/8, error -71
[  156.496563][  T804] usb 3-1: Using ep0 maxpacket: 32
[  156.502041][  T804] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  156.502062][  T804] usb 3-1: config 0 has no interface number 0
[  156.502098][  T804] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  156.502118][  T804] usb 3-1: config 0 interface 85 has no altsetting 0
[  156.514796][  T804] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  156.514881][  T804] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.514935][  T804] usb 3-1: Product: syz
[  156.514977][  T804] usb 3-1: Manufacturer: syz
[  156.515018][  T804] usb 3-1: SerialNumber: syz
[  156.610035][  T804] usb 3-1: config 0 descriptor??
[  156.715869][ T6268] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  156.736853][ T6268] usb 1-1: device descriptor read/8, error -71
[  156.860143][ T6368] netlink: 'syz.4.140': attribute type 3 has an invalid length.
[  156.860166][ T6368] netlink: 'syz.4.140': attribute type 2 has an invalid length.
[  156.887635][ T6369] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  156.957166][ T6268] usb usb1-port1: unable to enumerate USB device
[  157.317987][  T804] appletouch 3-1:0.85: Geyser mode initialized.
[  157.331955][  T804] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input10
[  157.527076][ T5992] usb 3-1: USB disconnect, device number 8
[  157.978120][ T6389] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  158.728944][ T5992] appletouch 3-1:0.85: input: appletouch disconnected
[  158.919480][ T6396] netlink: 32 bytes leftover after parsing attributes in process `syz.3.149'.
[  162.519020][ T6416] sctp: [Deprecated]: syz.0.153 (pid 6416) Use of int in maxseg socket option.
[  162.519020][ T6416] Use struct sctp_assoc_value instead
[  165.286966][    T9] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  165.495883][    T9] usb 3-1: Using ep0 maxpacket: 32
[  165.499233][    T9] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  165.499260][    T9] usb 3-1: config 0 has no interface number 0
[  165.499307][    T9] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  165.499335][    T9] usb 3-1: config 0 interface 85 has no altsetting 0
[  165.504235][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  165.504265][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.504286][    T9] usb 3-1: Product: syz
[  165.504302][    T9] usb 3-1: Manufacturer: syz
[  165.504330][    T9] usb 3-1: SerialNumber: syz
[  165.512713][ T6434] netlink: 32 bytes leftover after parsing attributes in process `syz.3.162'.
[  165.533105][    T9] usb 3-1: config 0 descriptor??
[  166.346401][    T9] appletouch 3-1:0.85: Geyser mode initialized.
[  166.348782][    T9] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input11
[  166.879129][ T6442] gfs2: not a GFS2 filesystem
[  167.738412][ T6444] FAULT_INJECTION: forcing a failure.
[  167.738412][ T6444] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  167.738438][ T6444] CPU: 0 UID: 0 PID: 6444 Comm: syz.4.158 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  167.738456][ T6444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  167.738466][ T6444] Call Trace:
[  167.738494][ T6444]  <TASK>
[  167.738501][ T6444]  dump_stack_lvl+0xe8/0x150
[  167.738528][ T6444]  should_fail_ex+0x46c/0x600
[  167.738553][ T6444]  _copy_from_user+0x2d/0xb0
[  167.738569][ T6444]  sctp_getsockopt_pf_expose+0xb8/0x2e0
[  167.738592][ T6444]  ? __local_bh_enable+0x1e2/0x2f0
[  167.738612][ T6444]  ? __pfx_sctp_getsockopt_pf_expose+0x10/0x10
[  167.738635][ T6444]  ? __local_bh_enable_ip+0x1af/0x2c0
[  167.738652][ T6444]  ? lockdep_hardirqs_on+0x7b/0x110
[  167.738671][ T6444]  sctp_getsockopt+0x45f/0xb90
[  167.738692][ T6444]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  167.738709][ T6444]  do_sock_getsockopt+0x2b4/0x3d0
[  167.738730][ T6444]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  167.738749][ T6444]  ? __fget_files+0x3a6/0x420
[  167.738765][ T6444]  ? __fget_files+0x2a/0x420
[  167.738785][ T6444]  __x64_sys_getsockopt+0x1ab/0x250
[  167.738810][ T6444]  do_syscall_64+0xec/0xf80
[  167.738825][ T6444]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.738839][ T6444]  ? trace_irq_disable+0x37/0x100
[  167.738856][ T6444]  ? clear_bhb_loop+0x60/0xb0
[  167.738874][ T6444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  167.738888][ T6444] RIP: 0033:0x7fe1806ff749
[  167.738901][ T6444] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  167.738913][ T6444] RSP: 002b:00007fe17e966038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  167.738929][ T6444] RAX: ffffffffffffffda RBX: 00007fe180955fa0 RCX: 00007fe1806ff749
[  167.738940][ T6444] RDX: 0000000000000083 RSI: 0000000000000084 RDI: 0000000000000003
[  167.738949][ T6444] RBP: 00007fe17e966090 R08: 00002000000004c0 R09: 0000000000000000
[  167.738958][ T6444] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  167.738967][ T6444] R13: 00007fe180956038 R14: 00007fe180955fa0 R15: 00007ffe86429088
[  167.738991][ T6444]  </TASK>
[  168.075077][ T5978] usb 3-1: USB disconnect, device number 9
[  170.118373][ T5978] appletouch 3-1:0.85: input: appletouch disconnected
[  170.506219][ T6465] sctp: [Deprecated]: syz.2.170 (pid 6465) Use of int in maxseg socket option.
[  170.506219][ T6465] Use struct sctp_assoc_value instead
[  176.475817][ T6498] sctp: [Deprecated]: syz.4.182 (pid 6498) Use of int in maxseg socket option.
[  176.475817][ T6498] Use struct sctp_assoc_value instead
[  178.995900][ T5889] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  179.145797][ T5889] usb 5-1: Using ep0 maxpacket: 32
[  179.147902][ T5889] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  179.147921][ T5889] usb 5-1: config 0 has no interface number 0
[  179.147954][ T5889] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  179.147969][ T5889] usb 5-1: config 0 interface 1 has no altsetting 0
[  179.324574][ T5889] usb 5-1: New USB device found, idVendor=0572, idProduct=58a2, bcdDevice=27.0a
[  179.324607][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.324628][ T5889] usb 5-1: Product: syz
[  179.324643][ T5889] usb 5-1: Manufacturer: syz
[  179.324659][ T5889] usb 5-1: SerialNumber: syz
[  179.341217][ T5889] usb 5-1: config 0 descriptor??
[  180.143318][ T5889] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a2) with 1 interfaces
[  180.143361][ T5889] cx231xx 5-1:0.1: Not found matching IAD interface
[  180.148552][ T5889] usb 5-1: USB disconnect, device number 3
[  180.437238][   T38] audit: type=1800 audit(1767711415.070:3): pid=6526 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.188" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  182.925954][ T6019] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  182.936151][ T6539] netlink: 'syz.3.195': attribute type 4 has an invalid length.
[  182.974704][ T6540] netlink: 'syz.3.195': attribute type 4 has an invalid length.
[  183.084163][ T6019] usb 5-1: Using ep0 maxpacket: 16
[  183.096154][ T6019] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  183.096177][ T6019] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  183.096194][ T6019] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  183.096213][ T6019] usb 5-1: config 1 interface 0 has no altsetting 0
[  183.149901][ T6019] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  183.149933][ T6019] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.149953][ T6019] usb 5-1: Product: syz
[  183.149969][ T6019] usb 5-1: Manufacturer: syz
[  183.149984][ T6019] usb 5-1: SerialNumber: syz
[  183.483764][ T6537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  183.484231][ T6537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  183.536218][ T6019] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  183.909972][ T6548] FAULT_INJECTION: forcing a failure.
[  183.909972][ T6548] name failslab, interval 1, probability 0, space 0, times 0
[  183.909999][ T6548] CPU: 0 UID: 0 PID: 6548 Comm: syz.1.191 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  183.910017][ T6548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  183.910027][ T6548] Call Trace:
[  183.910032][ T6548]  <TASK>
[  183.910039][ T6548]  dump_stack_lvl+0xe8/0x150
[  183.910067][ T6548]  should_fail_ex+0x46c/0x600
[  183.910093][ T6548]  should_failslab+0xa8/0x100
[  183.910109][ T6548]  __kvmalloc_node_noprof+0x181/0x940
[  183.910143][ T6548]  ? vmemdup_user+0x2b/0xd0
[  183.910166][ T6548]  vmemdup_user+0x2b/0xd0
[  183.910184][ T6548]  path_setxattrat+0x244/0x3a0
[  183.910213][ T6548]  ? __pfx_path_setxattrat+0x10/0x10
[  183.910254][ T6548]  ? ksys_write+0x230/0x260
[  183.910278][ T6548]  ? __pfx_ksys_write+0x10/0x10
[  183.910304][ T6548]  __x64_sys_fsetxattr+0xbc/0xe0
[  183.910324][ T6548]  do_syscall_64+0xec/0xf80
[  183.910340][ T6548]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.910355][ T6548]  ? trace_irq_disable+0x37/0x100
[  183.910372][ T6548]  ? clear_bhb_loop+0x60/0xb0
[  183.910394][ T6548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  183.910408][ T6548] RIP: 0033:0x7f0b7a2ff749
[  183.910422][ T6548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  183.910434][ T6548] RSP: 002b:00007f0b7855e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000be
[  183.910451][ T6548] RAX: ffffffffffffffda RBX: 00007f0b7a555fa0 RCX: 00007f0b7a2ff749
[  183.910462][ T6548] RDX: 0000200000000440 RSI: 0000200000000380 RDI: 0000000000000003
[  183.910472][ T6548] RBP: 00007f0b7855e090 R08: 0000000000000003 R09: 0000000000000000
[  183.910481][ T6548] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  183.910490][ T6548] R13: 00007f0b7a556038 R14: 00007f0b7a555fa0 R15: 00007ffc97063d08
[  183.910514][ T6548]  </TASK>
[  184.288594][ T5964] usb 5-1: USB disconnect, device number 4
[  184.321741][ T5964] usblp0: removed
[  185.873103][ T6562] netlink: 'syz.4.201': attribute type 1 has an invalid length.
[  185.873127][ T6562] netlink: 224 bytes leftover after parsing attributes in process `syz.4.201'.
[  186.068676][ T6563] netlink: 68 bytes leftover after parsing attributes in process `syz.1.199'.
[  186.095865][ T5964] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  186.245895][ T5964] usb 3-1: Using ep0 maxpacket: 16
[  186.275613][ T5964] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.275636][ T5964] usb 3-1: config 0 interface 0 has no altsetting 0
[  186.275661][ T5964] usb 3-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  186.277839][ T5964] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.337561][ T5964] usb 3-1: config 0 descriptor??
[  187.045530][  T804] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  187.060722][ T5964] hid (null): unknown global tag 0xe
[  187.752996][ T6550] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.753413][ T6550] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  187.765793][  T804] usb 5-1: Using ep0 maxpacket: 8
[  187.784592][  T804] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  187.784621][  T804] usb 5-1: config 179 has no interface number 0
[  187.784669][  T804] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 64, changing to 10
[  187.784697][  T804] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 1029, setting to 1024
[  187.784726][  T804] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  187.784752][  T804] usb 5-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[  187.784775][  T804] usb 5-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  187.784803][  T804] usb 5-1: config 179 interface 65 has no altsetting 0
[  187.784844][  T804] usb 5-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  187.784867][  T804] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.969889][ T6569] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  188.072885][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.072927][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.072953][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.072979][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.073004][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.073030][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.073068][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.073094][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.073120][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.073146][ T5964] cougar 0003:060B:500A.0002: unknown main item tag 0x0
[  188.074319][ T5964] cougar 0003:060B:500A.0002: unknown global tag 0xe
[  188.074339][ T5964] cougar 0003:060B:500A.0002: item 0 0 1 14 parsing failed
[  188.075212][ T5964] cougar 0003:060B:500A.0002: parse failed
[  188.075326][ T5964] cougar 0003:060B:500A.0002: probe with driver cougar failed with error -22
[  188.108150][ T5964] usb 3-1: USB disconnect, device number 10
[  188.342555][  T804] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input12
[  190.132944][    C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  190.144222][  T804] usb 5-1: USB disconnect, device number 5
[  192.406305][  T804] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  193.960079][  T804] usb 5-1: device descriptor read/all, error -71
[  194.147707][ T6598] fuse: Bad value for 'fd'
[  199.562843][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  199.562904][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  200.106695][ T5986] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  201.581372][ T5986] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  201.581401][ T5986] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  201.584027][ T5986] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  201.584056][ T5986] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.584077][ T5986] usb 2-1: Product: syz
[  201.584091][ T5986] usb 2-1: Manufacturer: syz
[  201.584106][ T5986] usb 2-1: SerialNumber: syz
[  201.866435][ T5986] usb 2-1: 0:2 : does not exist
[  201.996096][ T5986] usb 2-1: USB disconnect, device number 6
[  202.473882][ T6644] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[  202.585905][ T6645] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  202.586908][ T6645] kvm: requested 13409 ns i8254 timer period limited to 200000 ns
[  202.587100][ T6645] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  202.587153][ T6645] kvm: requested 41904 ns i8254 timer period limited to 200000 ns
[  202.587513][ T6645] kvm: requested 838 ns i8254 timer period limited to 200000 ns
[  202.588435][ T6645] kvm: requested 2514 ns i8254 timer period limited to 200000 ns
[  202.588759][ T6645] kvm: requested 3352 ns i8254 timer period limited to 200000 ns
[  202.588930][ T6645] kvm: requested 100571 ns i8254 timer period limited to 200000 ns
[  202.589962][ T6645] kvm: requested 53638 ns i8254 timer period limited to 200000 ns
[  211.395172][ T6677] netlink: 'syz.4.235': attribute type 4 has an invalid length.
[  211.421616][ T6677] netlink: 'syz.4.235': attribute type 4 has an invalid length.
[  211.816890][ T6683] FAULT_INJECTION: forcing a failure.
[  211.816890][ T6683] name failslab, interval 1, probability 0, space 0, times 0
[  211.816926][ T6683] CPU: 0 UID: 0 PID: 6683 Comm: syz.3.236 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  211.816950][ T6683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  211.816963][ T6683] Call Trace:
[  211.816971][ T6683]  <TASK>
[  211.816980][ T6683]  dump_stack_lvl+0xe8/0x150
[  211.817016][ T6683]  should_fail_ex+0x46c/0x600
[  211.817053][ T6683]  should_failslab+0xa8/0x100
[  211.817076][ T6683]  __kmalloc_noprof+0xe0/0x7e0
[  211.817109][ T6683]  ? bpf_test_init+0x9f/0x150
[  211.817143][ T6683]  bpf_test_init+0x9f/0x150
[  211.817177][ T6683]  bpf_prog_test_run_xdp+0x503/0x10e0
[  211.817225][ T6683]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  211.817270][ T6683]  ? __fget_files+0x2a/0x420
[  211.817305][ T6683]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  211.817337][ T6683]  bpf_prog_test_run+0x2cd/0x340
[  211.817369][ T6683]  __sys_bpf+0x562/0x860
[  211.817397][ T6683]  ? __pfx___sys_bpf+0x10/0x10
[  211.817419][ T6683]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  211.817467][ T6683]  ? ksys_write+0x230/0x260
[  211.817501][ T6683]  ? __pfx_ksys_write+0x10/0x10
[  211.817541][ T6683]  __x64_sys_bpf+0x7c/0x90
[  211.817565][ T6683]  do_syscall_64+0xec/0xf80
[  211.817585][ T6683]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.817607][ T6683]  ? trace_irq_disable+0x37/0x100
[  211.817630][ T6683]  ? clear_bhb_loop+0x60/0xb0
[  211.817657][ T6683]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.817679][ T6683] RIP: 0033:0x7fe8d355f749
[  211.817697][ T6683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.817714][ T6683] RSP: 002b:00007fe8d17be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  211.817737][ T6683] RAX: ffffffffffffffda RBX: 00007fe8d37b5fa0 RCX: 00007fe8d355f749
[  211.817753][ T6683] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[  211.817766][ T6683] RBP: 00007fe8d17be090 R08: 0000000000000000 R09: 0000000000000000
[  211.817780][ T6683] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  211.817792][ T6683] R13: 00007fe8d37b6038 R14: 00007fe8d37b5fa0 R15: 00007ffe7572e408
[  211.817827][ T6683]  </TASK>
[  214.195828][ T5986] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  214.348528][ T5986] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  214.348556][ T5986] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  214.351710][ T5986] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  214.351739][ T5986] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.351759][ T5986] usb 5-1: Product: syz
[  214.351774][ T5986] usb 5-1: Manufacturer: syz
[  214.351789][ T5986] usb 5-1: SerialNumber: syz
[  216.098406][ T6019] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  216.365830][ T6019] usb 2-1: Using ep0 maxpacket: 8
[  216.383213][ T6019] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  216.383273][ T6019] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  216.383853][ T6019] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  216.383881][ T6019] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  216.383906][ T6019] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  216.384647][ T6019] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  216.384672][ T6019] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.476502][ T5986] usb 5-1: 0:2 : does not exist
[  216.832241][ T6019] usb 2-1: GET_CAPABILITIES returned 0
[  216.832278][ T6019] usbtmc 2-1:16.0: can't read capabilities
[  216.848989][ T5986] usb 5-1: USB disconnect, device number 8
[  216.946549][ T6705] FAULT_INJECTION: forcing a failure.
[  216.946549][ T6705] name failslab, interval 1, probability 0, space 0, times 0
[  216.946584][ T6705] CPU: 1 UID: 0 PID: 6705 Comm: syz.4.242 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  216.946607][ T6705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  216.946619][ T6705] Call Trace:
[  216.946627][ T6705]  <TASK>
[  216.946635][ T6705]  dump_stack_lvl+0xe8/0x150
[  216.946670][ T6705]  should_fail_ex+0x46c/0x600
[  216.946706][ T6705]  should_failslab+0xa8/0x100
[  216.946728][ T6705]  __kmalloc_noprof+0xe0/0x7e0
[  216.946759][ T6705]  ? tomoyo_encode+0x28b/0x550
[  216.946795][ T6705]  tomoyo_encode+0x28b/0x550
[  216.946821][ T6705]  tomoyo_realpath_from_path+0x58d/0x5d0
[  216.946852][ T6705]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  216.946880][ T6705]  tomoyo_path_number_perm+0x1e8/0x5a0
[  216.946910][ T6705]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  216.946937][ T6705]  ? __lock_acquire+0x6b6/0x2cf0
[  216.946968][ T6705]  ? do_raw_spin_lock+0x121/0x290
[  216.947023][ T6705]  ? __fget_files+0x2a/0x420
[  216.947046][ T6705]  ? __fget_files+0x2a/0x420
[  216.947066][ T6705]  ? __fget_files+0x3a6/0x420
[  216.947085][ T6705]  ? __fget_files+0x2a/0x420
[  216.947109][ T6705]  security_file_ioctl+0xcb/0x2d0
[  216.947140][ T6705]  __se_sys_ioctl+0x47/0x170
[  216.947169][ T6705]  do_syscall_64+0xec/0xf80
[  216.947188][ T6705]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.947207][ T6705]  ? trace_irq_disable+0x37/0x100
[  216.947228][ T6705]  ? clear_bhb_loop+0x60/0xb0
[  216.947252][ T6705]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.947271][ T6705] RIP: 0033:0x7fe1806ff749
[  216.947288][ T6705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  216.947322][ T6705] RSP: 002b:00007fe17e966038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  216.947344][ T6705] RAX: ffffffffffffffda RBX: 00007fe180955fa0 RCX: 00007fe1806ff749
[  216.947359][ T6705] RDX: 00002000000000c0 RSI: 0000000040505412 RDI: 0000000000000003
[  216.947373][ T6705] RBP: 00007fe17e966090 R08: 0000000000000000 R09: 0000000000000000
[  216.947386][ T6705] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.947398][ T6705] R13: 00007fe180956038 R14: 00007fe180955fa0 R15: 00007ffe86429088
[  216.947433][ T6705]  </TASK>
[  216.947451][ T6705] ERROR: Out of memory at tomoyo_realpath_from_path.
[  217.133323][ T5889] usb 2-1: USB disconnect, device number 7
[  218.663981][ T6723] FAULT_INJECTION: forcing a failure.
[  218.663981][ T6723] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  218.664019][ T6723] CPU: 1 UID: 0 PID: 6723 Comm: syz.1.247 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  218.664044][ T6723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  218.664057][ T6723] Call Trace:
[  218.664065][ T6723]  <TASK>
[  218.664074][ T6723]  dump_stack_lvl+0xe8/0x150
[  218.664111][ T6723]  should_fail_ex+0x46c/0x600
[  218.664149][ T6723]  _copy_from_user+0x2d/0xb0
[  218.664172][ T6723]  copy_from_sockptr+0x5e/0xa0
[  218.664210][ T6723]  do_ipv6_setsockopt+0x1741/0x2eb0
[  218.664244][ T6723]  ? get_pid_task+0x20/0x1f0
[  218.664285][ T6723]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  218.664322][ T6723]  ? get_pid_task+0x20/0x1f0
[  218.664350][ T6723]  ? get_pid_task+0x20/0x1f0
[  218.664393][ T6723]  ? __lock_acquire+0x6b6/0x2cf0
[  218.664438][ T6723]  ? do_raw_spin_lock+0x121/0x290
[  218.664476][ T6723]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  218.664521][ T6723]  ? __fget_files+0x2a/0x420
[  218.664555][ T6723]  ? __fget_files+0x2a/0x420
[  218.664582][ T6723]  ipv6_setsockopt+0x59/0x170
[  218.664601][ T6723]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  218.664625][ T6723]  do_sock_setsockopt+0x17c/0x1b0
[  218.664656][ T6723]  __x64_sys_setsockopt+0x145/0x1b0
[  218.664687][ T6723]  do_syscall_64+0xec/0xf80
[  218.664708][ T6723]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.664728][ T6723]  ? trace_irq_disable+0x37/0x100
[  218.664750][ T6723]  ? clear_bhb_loop+0x60/0xb0
[  218.664781][ T6723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.664802][ T6723] RIP: 0033:0x7f0b7a2ff749
[  218.664821][ T6723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.664839][ T6723] RSP: 002b:00007f0b7855e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  218.664861][ T6723] RAX: ffffffffffffffda RBX: 00007f0b7a555fa0 RCX: 00007f0b7a2ff749
[  218.664877][ T6723] RDX: 000000000000001b RSI: 0000000000000029 RDI: 0000000000000003
[  218.664889][ T6723] RBP: 00007f0b7855e090 R08: 0000000000000014 R09: 0000000000000000
[  218.664903][ T6723] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.664916][ T6723] R13: 00007f0b7a556038 R14: 00007f0b7a555fa0 R15: 00007ffc97063d08
[  218.664951][ T6723]  </TASK>
[  219.046257][ T6725] netlink: 'syz.3.248': attribute type 4 has an invalid length.
[  219.076531][ T6725] netlink: 'syz.3.248': attribute type 4 has an invalid length.
[  221.065848][  T804] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  221.241383][  T804] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  221.241412][  T804] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  221.245180][  T804] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  221.245210][  T804] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.245230][  T804] usb 4-1: Product: syz
[  221.245246][  T804] usb 4-1: Manufacturer: syz
[  221.245261][  T804] usb 4-1: SerialNumber: syz
[  221.377485][ T6456] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  221.535902][ T6456] usb 1-1: Using ep0 maxpacket: 32
[  221.551474][  T804] usb 4-1: 0:2 : does not exist
[  221.575974][ T6456] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  221.576003][ T6456] usb 1-1: config 0 has no interface number 0
[  221.576049][ T6456] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  221.576076][ T6456] usb 1-1: config 0 interface 85 has no altsetting 0
[  221.639894][ T6456] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  221.639923][ T6456] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.639943][ T6456] usb 1-1: Product: syz
[  221.639957][ T6456] usb 1-1: Manufacturer: syz
[  221.639970][ T6456] usb 1-1: SerialNumber: syz
[  221.705564][ T6456] usb 1-1: config 0 descriptor??
[  221.750759][  T804] usb 4-1: USB disconnect, device number 4
[  223.005833][ T5803] Bluetooth: hci2: command 0x0406 tx timeout
[  223.005877][ T5813] Bluetooth: hci1: command 0x0406 tx timeout
[  223.006684][ T5813] Bluetooth: hci0: command 0x0406 tx timeout
[  223.006752][ T5811] Bluetooth: hci3: command 0x0406 tx timeout
[  223.215060][ T6456] appletouch 1-1:0.85: Failed to request geyser raw mode
[  223.215318][ T6456] appletouch 1-1:0.85: probe with driver appletouch failed with error -5
[  224.572256][ T6456] usb 1-1: USB disconnect, device number 7
[  225.806638][ T6760] gfs2: not a GFS2 filesystem
[  226.635958][ T6456] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  228.075998][ T6456] usb 5-1: Using ep0 maxpacket: 32
[  228.082095][ T6456] usb 5-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  228.082129][ T6456] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.082150][ T6456] usb 5-1: Product: syz
[  228.082165][ T6456] usb 5-1: Manufacturer: syz
[  228.082180][ T6456] usb 5-1: SerialNumber: syz
[  228.105833][ T6268] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  228.136458][ T6456] usb 5-1: config 0 descriptor??
[  228.145128][ T6456] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  228.326529][ T6268] usb 4-1: Using ep0 maxpacket: 16
[  228.342485][ T6268] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  228.342740][ T6268] usb 4-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  228.342768][ T6268] usb 4-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  228.342796][ T6268] usb 4-1: config 1 interface 0 has no altsetting 0
[  228.397810][ T6268] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  228.397899][ T6268] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.397921][ T6268] usb 4-1: Product: syz
[  228.397942][ T6268] usb 4-1: Manufacturer: syz
[  228.397958][ T6268] usb 4-1: SerialNumber: syz
[  228.445864][ T6456] gspca_ov534_9: reg_w failed -71
[  228.662997][ T6764] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  228.663450][ T6764] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  228.692795][ T6268] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  228.855751][ T6456] gspca_ov534_9: Unknown sensor 0000
[  228.856244][ T6456] ov534_9 5-1:0.0: probe with driver ov534_9 failed with error -22
[  228.859848][ T6456] usb 5-1: USB disconnect, device number 9
[  228.935839][   T38] audit: type=1800 audit(1767711463.540:4): pid=6774 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.263" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  229.132974][ T6780] netlink: 4 bytes leftover after parsing attributes in process `syz.0.264'.
[  229.195987][ T6780] dummy0: entered promiscuous mode
[  229.196298][ T6780] macvtap1: entered promiscuous mode
[  229.199584][ T6780] macvtap1: entered allmulticast mode
[  229.199609][ T6780] dummy0: entered allmulticast mode
[  229.325902][ T5986] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  229.468267][   T10] usb 4-1: USB disconnect, device number 5
[  229.471690][   T10] usblp0: removed
[  229.485946][ T5986] usb 5-1: Using ep0 maxpacket: 32
[  229.488392][ T5986] usb 5-1: config 0 has an invalid interface number: 85 but max is 0
[  229.488418][ T5986] usb 5-1: config 0 has no interface number 0
[  229.488471][ T5986] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  229.488499][ T5986] usb 5-1: config 0 interface 85 has no altsetting 0
[  229.491519][ T5986] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  229.491548][ T5986] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.491569][ T5986] usb 5-1: Product: syz
[  229.491584][ T5986] usb 5-1: Manufacturer: syz
[  229.491600][ T5986] usb 5-1: SerialNumber: syz
[  229.601584][ T5986] usb 5-1: config 0 descriptor??
[  231.738880][ T6456] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  231.800360][   T10] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  231.925758][ T6456] usb 1-1: device descriptor read/64, error -71
[  231.969792][ T5986] appletouch 5-1:0.85: Failed to request geyser raw mode
[  231.969959][ T5986] appletouch 5-1:0.85: probe with driver appletouch failed with error -5
[  231.995201][   T10] usb 4-1: Using ep0 maxpacket: 32
[  232.007219][   T10] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  232.007247][   T10] usb 4-1: config 0 has no interface number 0
[  232.007309][   T10] usb 4-1: config 0 interface 184 has no altsetting 0
[  232.014478][   T10] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  232.014499][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.014514][   T10] usb 4-1: Product: syz
[  232.014524][   T10] usb 4-1: Manufacturer: syz
[  232.014534][   T10] usb 4-1: SerialNumber: syz
[  232.042277][ T5986] usb 5-1: USB disconnect, device number 10
[  232.098819][   T10] usb 4-1: config 0 descriptor??
[  232.102523][   T10] smsc75xx v1.0.0
[  232.225879][ T6456] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  232.328510][   T10] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  232.329113][   T10] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  232.366571][ T6456] usb 1-1: device descriptor read/64, error -71
[  232.381881][   T10] usb 4-1: USB disconnect, device number 6
[  232.476560][ T6456] usb usb1-port1: attempt power cycle
[  233.736688][   T38] audit: type=1800 audit(1767711468.370:5): pid=6805 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.274" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  233.852666][ T6811] netlink: 32 bytes leftover after parsing attributes in process `syz.2.269'.
[  234.233281][ T6817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.277'.
[  234.280425][ T6817] batadv0: entered promiscuous mode
[  234.280740][ T6817] macvtap2: entered promiscuous mode
[  234.280926][ T6817] macvtap2: entered allmulticast mode
[  234.280938][ T6817] batadv0: entered allmulticast mode
[  234.282645][ T6822] netlink: 'syz.2.279': attribute type 4 has an invalid length.
[  234.334410][ T6824] netlink: 'syz.2.279': attribute type 4 has an invalid length.
[  234.354279][ T6817] 8021q: adding VLAN 0 to HW filter on device macvtap2
[  234.888235][   T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  235.026900][   T10] usb 3-1: device descriptor read/64, error -71
[  235.085891][ T5888] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  235.137431][ T5964] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  235.235915][ T5888] usb 5-1: Using ep0 maxpacket: 32
[  235.238089][ T5888] usb 5-1: config 0 has an invalid interface number: 85 but max is 0
[  235.238116][ T5888] usb 5-1: config 0 has no interface number 0
[  235.238166][ T5888] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  235.238196][ T5888] usb 5-1: config 0 interface 85 has no altsetting 0
[  235.240841][ T5888] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  235.240870][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.240891][ T5888] usb 5-1: Product: syz
[  235.240906][ T5888] usb 5-1: Manufacturer: syz
[  235.240921][ T5888] usb 5-1: SerialNumber: syz
[  235.259735][ T5888] usb 5-1: config 0 descriptor??
[  235.265840][   T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  235.328862][ T5964] usb 1-1: Using ep0 maxpacket: 32
[  235.347911][ T5964] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  235.347942][ T5964] usb 1-1: config 0 has no interface number 0
[  235.347996][ T5964] usb 1-1: config 0 interface 184 has no altsetting 0
[  235.363625][ T5964] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  235.363829][ T5964] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.363885][ T5964] usb 1-1: Product: syz
[  235.364043][ T5964] usb 1-1: Manufacturer: syz
[  235.364060][ T5964] usb 1-1: SerialNumber: syz
[  235.485133][ T5964] usb 1-1: config 0 descriptor??
[  235.506758][   T10] usb 3-1: device descriptor read/64, error -71
[  235.516428][ T5964] smsc75xx v1.0.0
[  236.897257][   T10] usb usb3-port1: attempt power cycle
[  236.940878][ T5964] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  236.944985][ T5964] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  237.078751][ T5964] usb 1-1: USB disconnect, device number 11
[  237.105875][ T5888] appletouch 5-1:0.85: Failed to request geyser raw mode
[  237.106110][ T5888] appletouch 5-1:0.85: probe with driver appletouch failed with error -5
[  237.151547][ T5888] usb 5-1: USB disconnect, device number 11
[  237.441697][   T10] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  237.456652][   T10] usb 3-1: device descriptor read/8, error -71
[  237.695917][   T10] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  237.774670][   T10] usb 3-1: device descriptor read/8, error -71
[  237.916798][ T6850] netlink: 32 bytes leftover after parsing attributes in process `syz.4.289'.
[  238.046237][ T6852] netlink: 156 bytes leftover after parsing attributes in process `syz.2.291'.
[  238.105442][   T10] usb usb3-port1: unable to enumerate USB device
[  238.203424][ T6856] FAULT_INJECTION: forcing a failure.
[  238.203424][ T6856] name failslab, interval 1, probability 0, space 0, times 0
[  238.203462][ T6856] CPU: 1 UID: 0 PID: 6856 Comm: syz.1.290 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  238.203487][ T6856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  238.203500][ T6856] Call Trace:
[  238.203509][ T6856]  <TASK>
[  238.203518][ T6856]  dump_stack_lvl+0xe8/0x150
[  238.203556][ T6856]  should_fail_ex+0x46c/0x600
[  238.203592][ T6856]  ? security_inode_alloc+0x39/0x330
[  238.203618][ T6856]  should_failslab+0xa8/0x100
[  238.203640][ T6856]  ? security_inode_alloc+0x39/0x330
[  238.203664][ T6856]  kmem_cache_alloc_noprof+0x84/0x6c0
[  238.203703][ T6856]  security_inode_alloc+0x39/0x330
[  238.203731][ T6856]  inode_init_always_gfp+0x9bf/0xd70
[  238.203760][ T6856]  ? __pfx_sock_alloc_inode+0x10/0x10
[  238.203795][ T6856]  alloc_inode+0x82/0x1b0
[  238.203818][ T6856]  __sock_create+0x12d/0x9d0
[  238.203841][ T6856]  ? __might_fault+0xb0/0x130
[  238.203880][ T6856]  __sys_socketpair+0x1c5/0x560
[  238.203911][ T6856]  __x64_sys_socketpair+0x9b/0xb0
[  238.203937][ T6856]  do_syscall_64+0xec/0xf80
[  238.203959][ T6856]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.203981][ T6856]  ? trace_irq_disable+0x37/0x100
[  238.204004][ T6856]  ? clear_bhb_loop+0x60/0xb0
[  238.204032][ T6856]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  238.204054][ T6856] RIP: 0033:0x7f0b7a2ff749
[  238.204073][ T6856] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  238.204091][ T6856] RSP: 002b:00007f0b7851c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[  238.204115][ T6856] RAX: ffffffffffffffda RBX: 00007f0b7a556180 RCX: 00007f0b7a2ff749
[  238.204131][ T6856] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 000000000000001f
[  238.204144][ T6856] RBP: 00007f0b7851c090 R08: 0000000000000000 R09: 0000000000000000
[  238.204157][ T6856] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  238.204170][ T6856] R13: 00007f0b7a556218 R14: 00007f0b7a556180 R15: 00007ffc97063d08
[  238.204212][ T6856]  </TASK>
[  238.204245][ T6856] socket: no more sockets
[  238.393224][ T6855] netlink: 'syz.0.292': attribute type 4 has an invalid length.
[  238.527946][ T6859] netlink: 'syz.0.292': attribute type 4 has an invalid length.
[  239.053744][ T6268] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  239.224744][ T6866] netlink: 28 bytes leftover after parsing attributes in process `syz.1.294'.
[  239.278229][ T6268] usb 3-1: config 0 has an invalid interface number: 83 but max is 0
[  239.278259][ T6268] usb 3-1: config 0 has no interface number 0
[  239.278303][ T6268] usb 3-1: config 0 interface 83 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  239.278330][ T6268] usb 3-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[  239.278346][ T6268] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  239.284221][ T6268] usb 3-1: config 0 descriptor??
[  239.344611][ T6268] ttusbir 3-1:0.83: cannot find expected altsetting
[  239.390131][   T38] audit: type=1800 audit(1767711474.030:6): pid=6864 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.287" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  240.705981][ T5956] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  240.766564][ T5992] usb 3-1: USB disconnect, device number 15
[  240.895892][ T5956] usb 2-1: Using ep0 maxpacket: 8
[  240.898365][ T5956] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  240.898422][ T5956] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  240.898453][ T5956] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x62, changing to 0x2
[  240.898480][ T5956] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 46186, setting to 1024
[  240.898507][ T5956] usb 2-1: config 168 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  240.900080][ T5956] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  240.900134][ T5956] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  240.900164][ T5956] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x62, changing to 0x2
[  240.900191][ T5956] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 46186, setting to 1024
[  240.900218][ T5956] usb 2-1: config 168 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  240.901629][ T5956] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  240.901691][ T5956] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  240.901721][ T5956] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x62, changing to 0x2
[  240.901747][ T5956] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 46186, setting to 1024
[  240.901775][ T5956] usb 2-1: config 168 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  240.907323][ T5956] usb 2-1: string descriptor 0 read error: -22
[  240.907471][ T5956] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  240.907492][ T5956] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.918998][ T5956] adutux 2-1:168.0: interrupt endpoints not found
[  241.242207][ T6268] usb 2-1: USB disconnect, device number 8
[  243.906522][ T5867] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  243.924392][ T6895] netlink: 'syz.3.305': attribute type 4 has an invalid length.
[  244.006959][ T6895] netlink: 'syz.3.305': attribute type 4 has an invalid length.
[  244.055842][ T5867] usb 5-1: Using ep0 maxpacket: 32
[  244.058170][ T5867] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  244.058198][ T5867] usb 5-1: config 0 has no interface number 0
[  244.058277][ T5867] usb 5-1: config 0 interface 184 has no altsetting 0
[  244.061636][ T5867] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  244.061665][ T5867] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.061694][ T5867] usb 5-1: Product: syz
[  244.061710][ T5867] usb 5-1: Manufacturer: syz
[  244.061726][ T5867] usb 5-1: SerialNumber: syz
[  244.093439][ T5867] usb 5-1: config 0 descriptor??
[  244.161947][ T5867] smsc75xx v1.0.0
[  246.156530][ T5867] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  246.156852][ T5867] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  246.242372][ T5867] usb 5-1: USB disconnect, device number 12
[  247.806877][ T6478] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  247.967931][ T6478] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  247.967960][ T6478] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  248.006129][ T6478] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  248.006169][ T6478] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.006190][ T6478] usb 2-1: Product: syz
[  248.006205][ T6478] usb 2-1: Manufacturer: syz
[  248.006220][ T6478] usb 2-1: SerialNumber: syz
[  248.397731][ T6478] usb 2-1: 0:2 : does not exist
[  249.263783][ T6478] usb 2-1: USB disconnect, device number 9
[  251.915905][ T5992] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  252.106167][ T5992] usb 5-1: device descriptor read/64, error -71
[  254.005793][ T5992] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  254.146143][ T5992] usb 5-1: device descriptor read/64, error -71
[  256.017843][ T5992] usb usb5-port1: attempt power cycle
[  258.565999][ T5802] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  258.715808][ T5802] usb 2-1: Using ep0 maxpacket: 32
[  258.718387][ T5802] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  258.718415][ T5802] usb 2-1: config 0 has no interface number 0
[  258.718465][ T5802] usb 2-1: config 0 interface 184 has no altsetting 0
[  258.777529][ T5802] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  258.777562][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.777582][ T5802] usb 2-1: Product: syz
[  258.777597][ T5802] usb 2-1: Manufacturer: syz
[  258.777612][ T5802] usb 2-1: SerialNumber: syz
[  258.784616][ T5802] usb 2-1: config 0 descriptor??
[  258.831945][ T5802] smsc75xx v1.0.0
[  260.935859][ T5802] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  260.936441][ T5802] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  260.976623][ T5802] usb 2-1: USB disconnect, device number 10
[  261.001189][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  261.001264][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  267.086550][ T5874] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  267.258625][ T6989] netlink: 20 bytes leftover after parsing attributes in process `syz.2.332'.
[  268.175763][ T5874] usb 4-1: Using ep0 maxpacket: 32
[  268.192812][ T5874] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  268.192840][ T5874] usb 4-1: config 0 has no interface number 0
[  268.192889][ T5874] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  268.192922][ T5874] usb 4-1: config 0 interface 85 has no altsetting 0
[  268.197639][ T5801] Bluetooth: hci4: command 0x0406 tx timeout
[  268.239014][ T5874] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  268.239046][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.239068][ T5874] usb 4-1: Product: syz
[  268.239084][ T5874] usb 4-1: Manufacturer: syz
[  268.239099][ T5874] usb 4-1: SerialNumber: syz
[  268.318511][ T5874] usb 4-1: config 0 descriptor??
[  269.076861][ T6992] binder_alloc: 6990: binder_alloc_buf, no vma
[  270.314999][ T5874] appletouch 4-1:0.85: Failed to read mode from device.
[  270.315239][ T5874] appletouch 4-1:0.85: probe with driver appletouch failed with error -5
[  270.357723][ T5874] usb 4-1: USB disconnect, device number 7
[  272.584836][ T6936] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  272.825969][ T7008] gfs2: not a GFS2 filesystem
[  273.628084][ T6936] usb 4-1: Using ep0 maxpacket: 32
[  275.396263][ T6936] usb 4-1: device descriptor read/all, error -71
[  277.985795][ T6936] usb 4-1: new low-speed USB device number 9 using dummy_hcd
[  278.070695][ T6268] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  278.139378][ T6936] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  278.139459][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  278.139488][ T6936] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  278.139514][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  278.139541][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  278.140754][ T6936] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  278.140818][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  278.140846][ T6936] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  278.140871][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  278.140898][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  278.142056][ T6936] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  278.142109][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  278.142137][ T6936] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  278.142163][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  278.142197][ T6936] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  278.195822][ T6936] usb 4-1: string descriptor 0 read error: -22
[  278.195979][ T6936] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  278.196011][ T6936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.217541][ T6268] usb 1-1: Using ep0 maxpacket: 32
[  278.358688][ T6268] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  278.358719][ T6268] usb 1-1: config 0 has no interface number 0
[  278.358776][ T6268] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  278.358804][ T6268] usb 1-1: config 0 interface 85 has no altsetting 0
[  278.398067][ T6936] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  278.413810][ T6268] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  278.413841][ T6268] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.413862][ T6268] usb 1-1: Product: syz
[  278.413877][ T6268] usb 1-1: Manufacturer: syz
[  278.413892][ T6268] usb 1-1: SerialNumber: syz
[  278.499220][ T6268] usb 1-1: config 0 descriptor??
[  278.562431][ T6456] usb 4-1: USB disconnect, device number 9
[  279.229810][ T6268] appletouch 1-1:0.85: Geyser mode initialized.
[  280.076438][ T6268] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input18
[  282.319553][ T6478] usb 1-1: USB disconnect, device number 12
[  284.329143][ T6478] appletouch 1-1:0.85: input: appletouch disconnected
[  284.796597][ T6478] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  284.946456][ T6478] usb 1-1: Using ep0 maxpacket: 32
[  284.949135][ T6478] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  284.949162][ T6478] usb 1-1: config 0 has no interface number 0
[  284.949217][ T6478] usb 1-1: config 0 interface 184 has no altsetting 0
[  284.952223][ T6478] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  284.952251][ T6478] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.952272][ T6478] usb 1-1: Product: syz
[  284.952287][ T6478] usb 1-1: Manufacturer: syz
[  284.952302][ T6478] usb 1-1: SerialNumber: syz
[  285.031644][ T6478] usb 1-1: config 0 descriptor??
[  285.043979][ T6478] smsc75xx v1.0.0
[  285.281422][ T6478] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  285.281720][ T6478] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -71
[  285.357725][ T6478] usb 1-1: USB disconnect, device number 13
[  285.387887][ T7058] af_packet: tpacket_rcv: packet too big, clamped from 252 to 4294967272. macoff=96
[  288.805815][ T5802] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  288.955768][ T5802] usb 3-1: Using ep0 maxpacket: 32
[  288.969982][ T5802] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  288.970009][ T5802] usb 3-1: config 0 has no interface number 0
[  288.970058][ T5802] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  288.970078][ T5802] usb 3-1: config 0 interface 85 has no altsetting 0
[  288.973094][ T5802] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  288.973136][ T5802] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.973150][ T5802] usb 3-1: Product: syz
[  288.973160][ T5802] usb 3-1: Manufacturer: syz
[  288.973170][ T5802] usb 3-1: SerialNumber: syz
[  288.998011][ T5802] usb 3-1: config 0 descriptor??
[  290.555958][ T5802] appletouch 3-1:0.85: Geyser mode initialized.
[  290.558210][ T5802] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input19
[  291.816371][   T31] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  292.284980][ T5971] usb 3-1: USB disconnect, device number 16
[  292.325799][   T31] usb 2-1: Using ep0 maxpacket: 16
[  292.437155][   T31] usb 2-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  292.437186][   T31] usb 2-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  292.437211][   T31] usb 2-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  292.437238][   T31] usb 2-1: config 1 interface 0 has no altsetting 0
[  292.441237][   T31] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  292.441264][   T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.441278][   T31] usb 2-1: Product: syz
[  292.441288][   T31] usb 2-1: Manufacturer: syz
[  292.441299][   T31] usb 2-1: SerialNumber: syz
[  292.679052][ T5971] appletouch 3-1:0.85: input: appletouch disconnected
[  292.723836][ T7093] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  292.724257][ T7093] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  292.753347][   T31] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  295.036951][ T5802] usb 2-1: USB disconnect, device number 11
[  295.062052][ T5802] usblp0: removed
[  295.555877][ T5802] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  295.885803][ T5802] usb 2-1: Using ep0 maxpacket: 32
[  295.889355][ T5802] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  295.889382][ T5802] usb 2-1: config 0 has no interface number 0
[  295.889443][ T5802] usb 2-1: config 0 interface 184 has no altsetting 0
[  295.928525][ T5802] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  295.928556][ T5802] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.928577][ T5802] usb 2-1: Product: syz
[  295.928592][ T5802] usb 2-1: Manufacturer: syz
[  295.928608][ T5802] usb 2-1: SerialNumber: syz
[  297.638947][ T5802] usb 2-1: config 0 descriptor??
[  297.649227][ T5802] smsc75xx v1.0.0
[  298.092680][ T5802] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  298.092982][ T5802] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  299.054299][ T5802] usb 2-1: USB disconnect, device number 12
[  299.210409][   T38] audit: type=1800 audit(1767711533.850:7): pid=7125 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.376" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  299.706480][ T6391] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  299.826896][ T5874] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  299.866331][ T6391] usb 3-1: Using ep0 maxpacket: 32
[  299.871844][ T6391] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  299.871866][ T6391] usb 3-1: config 0 has no interface number 0
[  299.871903][ T6391] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  299.871923][ T6391] usb 3-1: config 0 interface 85 has no altsetting 0
[  300.201712][ T7136] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  300.699064][ T5874] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  300.699094][ T5874] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  300.703668][ T6391] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  300.703691][ T6391] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.703706][ T6391] usb 3-1: Product: syz
[  300.703717][ T6391] usb 3-1: Manufacturer: syz
[  300.703728][ T6391] usb 3-1: SerialNumber: syz
[  300.763964][ T6391] usb 3-1: config 0 descriptor??
[  300.812490][ T5874] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  300.812588][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.812611][ T5874] usb 5-1: Product: syz
[  300.812626][ T5874] usb 5-1: Manufacturer: syz
[  300.812642][ T5874] usb 5-1: SerialNumber: syz
[  301.102222][ T5874] usb 5-1: 0:2 : does not exist
[  301.102335][ T5874] usb 5-1: unit 6 not found!
[  301.162210][ T5874] usb 5-1: USB disconnect, device number 16
[  301.601017][ T6391] appletouch 3-1:0.85: Geyser mode initialized.
[  301.603165][ T6391] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input20
[  303.153462][ T5978] usb 3-1: USB disconnect, device number 17
[  303.444836][ T5978] appletouch 3-1:0.85: input: appletouch disconnected
[  309.013964][ T7171] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  309.586429][ T6391] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  309.736281][ T6391] usb 5-1: Using ep0 maxpacket: 32
[  309.738230][ T6391] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  309.738257][ T6391] usb 5-1: config 0 has no interface number 0
[  309.738308][ T6391] usb 5-1: config 0 interface 184 has no altsetting 0
[  309.745201][ T6391] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  309.745234][ T6391] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  309.745256][ T6391] usb 5-1: Product: syz
[  309.745271][ T6391] usb 5-1: Manufacturer: syz
[  309.745296][ T6391] usb 5-1: SerialNumber: syz
[  309.828195][ T6391] usb 5-1: config 0 descriptor??
[  309.834237][ T6391] smsc75xx v1.0.0
[  311.736254][ T5874] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  311.796572][ T6391] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -71
[  311.798913][ T6391] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -71
[  311.876660][ T6391] usb 5-1: USB disconnect, device number 17
[  311.950569][ T5874] usb 2-1: Using ep0 maxpacket: 32
[  311.962580][ T5874] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  311.962611][ T5874] usb 2-1: config 0 has no interface number 0
[  311.962656][ T5874] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  311.962682][ T5874] usb 2-1: config 0 interface 85 has no altsetting 0
[  311.965321][ T5874] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  311.965362][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  311.965383][ T5874] usb 2-1: Product: syz
[  311.965398][ T5874] usb 2-1: Manufacturer: syz
[  311.965414][ T5874] usb 2-1: SerialNumber: syz
[  312.055397][ T5874] usb 2-1: config 0 descriptor??
[  315.843545][ T5874] appletouch 2-1:0.85: Failed to request geyser raw mode
[  315.843706][ T5874] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[  315.889410][ T5874] usb 2-1: USB disconnect, device number 13
[  316.011370][  T989] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  316.167215][  T989] usb 3-1: Using ep0 maxpacket: 8
[  316.168311][  T989] usb 3-1: no configurations
[  316.168329][  T989] usb 3-1: can't read configurations, error -22
[  316.315761][  T989] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  316.495833][  T989] usb 3-1: Using ep0 maxpacket: 8
[  316.499024][  T989] usb 3-1: no configurations
[  316.499052][  T989] usb 3-1: can't read configurations, error -22
[  316.499430][  T989] usb usb3-port1: attempt power cycle
[  316.835828][  T989] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  316.857069][  T989] usb 3-1: Using ep0 maxpacket: 8
[  316.858047][  T989] usb 3-1: no configurations
[  316.858065][  T989] usb 3-1: can't read configurations, error -22
[  316.985834][  T989] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  317.006489][  T989] usb 3-1: Using ep0 maxpacket: 8
[  317.007343][  T989] usb 3-1: no configurations
[  317.007372][  T989] usb 3-1: can't read configurations, error -22
[  317.007980][  T989] usb usb3-port1: unable to enumerate USB device
[  318.084355][ T7206] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  321.366929][ T7220] FAULT_INJECTION: forcing a failure.
[  321.366929][ T7220] name failslab, interval 1, probability 0, space 0, times 0
[  321.366956][ T7220] CPU: 0 UID: 0 PID: 7220 Comm: syz.3.393 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  321.366974][ T7220] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  321.366993][ T7220] Call Trace:
[  321.366999][ T7220]  <TASK>
[  321.367006][ T7220]  dump_stack_lvl+0xe8/0x150
[  321.367033][ T7220]  should_fail_ex+0x46c/0x600
[  321.367057][ T7220]  ? __alloc_skb+0x1dc/0x3a0
[  321.367074][ T7220]  should_failslab+0xa8/0x100
[  321.367089][ T7220]  ? __alloc_skb+0x1dc/0x3a0
[  321.367104][ T7220]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  321.367127][ T7220]  ? lockdep_hardirqs_on+0x7b/0x110
[  321.367144][ T7220]  ? __alloc_skb+0x198/0x3a0
[  321.367160][ T7220]  __alloc_skb+0x1dc/0x3a0
[  321.367180][ T7220]  netlink_sendmsg+0x5c6/0xb30
[  321.367208][ T7220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.367235][ T7220]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  321.367255][ T7220]  ? __pfx_netlink_sendmsg+0x10/0x10
[  321.367276][ T7220]  __sock_sendmsg+0x21c/0x270
[  321.367303][ T7220]  ____sys_sendmsg+0x508/0x810
[  321.367327][ T7220]  ? __pfx_____sys_sendmsg+0x10/0x10
[  321.367352][ T7220]  ? import_iovec+0x74/0xa0
[  321.367370][ T7220]  ___sys_sendmsg+0x21f/0x2a0
[  321.367391][ T7220]  ? __pfx____sys_sendmsg+0x10/0x10
[  321.367434][ T7220]  ? __fget_files+0x2a/0x420
[  321.367450][ T7220]  ? __fget_files+0x3a6/0x420
[  321.367473][ T7220]  __x64_sys_sendmsg+0x1a1/0x260
[  321.367494][ T7220]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  321.367521][ T7220]  ? __pfx_ksys_write+0x10/0x10
[  321.367550][ T7220]  do_syscall_64+0xec/0xf80
[  321.367565][ T7220]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.367579][ T7220]  ? trace_irq_disable+0x37/0x100
[  321.367596][ T7220]  ? clear_bhb_loop+0x60/0xb0
[  321.367614][ T7220]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.367629][ T7220] RIP: 0033:0x7fe8d355f749
[  321.367652][ T7220] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.367665][ T7220] RSP: 002b:00007fe8d17be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  321.367681][ T7220] RAX: ffffffffffffffda RBX: 00007fe8d37b5fa0 RCX: 00007fe8d355f749
[  321.367692][ T7220] RDX: 0000000000000000 RSI: 00002000000004c0 RDI: 0000000000000003
[  321.367702][ T7220] RBP: 00007fe8d17be090 R08: 0000000000000000 R09: 0000000000000000
[  321.367711][ T7220] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.367720][ T7220] R13: 00007fe8d37b6038 R14: 00007fe8d37b5fa0 R15: 00007ffe7572e408
[  321.367762][ T7220]  </TASK>
[  323.063916][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  323.064021][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  323.189689][ T7225] FAULT_INJECTION: forcing a failure.
[  323.189689][ T7225] name failslab, interval 1, probability 0, space 0, times 0
[  323.189734][ T7225] CPU: 0 UID: 0 PID: 7225 Comm: syz.3.407 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  323.189759][ T7225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  323.189772][ T7225] Call Trace:
[  323.189780][ T7225]  <TASK>
[  323.189789][ T7225]  dump_stack_lvl+0xe8/0x150
[  323.189824][ T7225]  should_fail_ex+0x46c/0x600
[  323.189862][ T7225]  should_failslab+0xa8/0x100
[  323.189885][ T7225]  __kmalloc_noprof+0xe0/0x7e0
[  323.189918][ T7225]  ? tomoyo_encode+0x28b/0x550
[  323.189946][ T7225]  tomoyo_encode+0x28b/0x550
[  323.189974][ T7225]  tomoyo_realpath_from_path+0x58d/0x5d0
[  323.189999][ T7225]  ? tomoyo_domain+0xd9/0x130
[  323.190028][ T7225]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  323.190061][ T7225]  tomoyo_path_number_perm+0x1e8/0x5a0
[  323.190096][ T7225]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  323.190126][ T7225]  ? __lock_acquire+0x6b6/0x2cf0
[  323.190161][ T7225]  ? do_raw_spin_lock+0x121/0x290
[  323.190224][ T7225]  ? __fget_files+0x2a/0x420
[  323.190251][ T7225]  ? __fget_files+0x2a/0x420
[  323.190272][ T7225]  ? __fget_files+0x3a6/0x420
[  323.190293][ T7225]  ? __fget_files+0x2a/0x420
[  323.190320][ T7225]  security_file_ioctl+0xcb/0x2d0
[  323.190355][ T7225]  __se_sys_ioctl+0x47/0x170
[  323.190389][ T7225]  do_syscall_64+0xec/0xf80
[  323.190409][ T7225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.190431][ T7225]  ? trace_irq_disable+0x37/0x100
[  323.190455][ T7225]  ? clear_bhb_loop+0x60/0xb0
[  323.190483][ T7225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.190504][ T7225] RIP: 0033:0x7fe8d355f749
[  323.190532][ T7225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.190551][ T7225] RSP: 002b:00007fe8d17be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  323.190574][ T7225] RAX: ffffffffffffffda RBX: 00007fe8d37b5fa0 RCX: 00007fe8d355f749
[  323.190590][ T7225] RDX: 0000200000000000 RSI: 0000000000008940 RDI: 0000000000000003
[  323.190604][ T7225] RBP: 00007fe8d17be090 R08: 0000000000000000 R09: 0000000000000000
[  323.190618][ T7225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.190630][ T7225] R13: 00007fe8d37b6038 R14: 00007fe8d37b5fa0 R15: 00007ffe7572e408
[  323.190666][ T7225]  </TASK>
[  323.191741][ T7225] ERROR: Out of memory at tomoyo_realpath_from_path.
[  323.438857][ T6456] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  323.592673][ T6456] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.592731][ T6456] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  323.618781][ T6456] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  323.618815][ T6456] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.618837][ T6456] usb 1-1: Product: syz
[  323.618854][ T6456] usb 1-1: Manufacturer: syz
[  323.618870][ T6456] usb 1-1: SerialNumber: syz
[  323.663211][ T6456] cdc_mbim 1-1:1.0: skipping garbage
[  323.696313][ T5978] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  323.846590][ T5978] usb 3-1: Using ep0 maxpacket: 32
[  323.849425][ T5978] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  323.849445][ T5978] usb 3-1: config 0 has no interface number 0
[  323.849478][ T5978] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  323.849498][ T5978] usb 3-1: config 0 interface 85 has no altsetting 0
[  323.854525][ T5978] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  323.854616][ T5978] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.854638][ T5978] usb 3-1: Product: syz
[  323.854655][ T5978] usb 3-1: Manufacturer: syz
[  323.854670][ T5978] usb 3-1: SerialNumber: syz
[  323.855022][ T7227] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  323.974762][ T5978] usb 3-1: config 0 descriptor??
[  325.430244][ T7248] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  325.628178][ T6456] cdc_mbim 1-1:1.0: bind() failure
[  325.739279][ T6456] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  325.739333][ T6456] cdc_ncm 1-1:1.1: bind() failure
[  325.811272][ T5978] appletouch 3-1:0.85: Geyser mode initialized.
[  325.859987][ T6456] usb 1-1: USB disconnect, device number 14
[  327.340317][ T5978] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input22
[  327.531297][ T5978] usb 3-1: USB disconnect, device number 22
[  327.531396][    C1] appletouch 3-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  327.704007][ T5978] appletouch 3-1:0.85: input: appletouch disconnected
[  327.849799][ T7266] FAULT_INJECTION: forcing a failure.
[  327.849799][ T7266] name failslab, interval 1, probability 0, space 0, times 0
[  327.849840][ T7266] CPU: 0 UID: 0 PID: 7266 Comm: syz.0.417 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  327.849887][ T7266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  327.849912][ T7266] Call Trace:
[  327.849927][ T7266]  <TASK>
[  327.849944][ T7266]  dump_stack_lvl+0xe8/0x150
[  327.849994][ T7266]  should_fail_ex+0x46c/0x600
[  327.850030][ T7266]  should_failslab+0xa8/0x100
[  327.850053][ T7266]  __kmalloc_cache_node_noprof+0x8b/0x700
[  327.850098][ T7266]  ? __get_vm_area_node+0x172/0x350
[  327.850134][ T7266]  __get_vm_area_node+0x172/0x350
[  327.850170][ T7266]  __vmalloc_node_range_noprof+0x371/0x16a0
[  327.850205][ T7266]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.850258][ T7266]  ? is_bpf_text_address+0x26/0x2b0
[  327.850291][ T7266]  ? kernel_text_address+0xa5/0xe0
[  327.850331][ T7266]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  327.850368][ T7266]  ? __lock_acquire+0x6b6/0x2cf0
[  327.850408][ T7266]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.850432][ T7266]  __vmalloc_noprof+0xd2/0x120
[  327.850464][ T7266]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.850495][ T7266]  bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.850527][ T7266]  bpf_prog_alloc+0x3c/0x1a0
[  327.850556][ T7266]  bpf_prog_load+0x735/0x1a10
[  327.850591][ T7266]  ? get_pid_task+0x20/0x1f0
[  327.850624][ T7266]  ? __pfx_bpf_prog_load+0x10/0x10
[  327.850651][ T7266]  ? __might_fault+0xb0/0x130
[  327.850704][ T7266]  ? bpf_lsm_bpf+0x9/0x20
[  327.850722][ T7266]  ? security_bpf+0x7e/0x300
[  327.850759][ T7266]  __sys_bpf+0x507/0x860
[  327.850786][ T7266]  ? __pfx___sys_bpf+0x10/0x10
[  327.850808][ T7266]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  327.850856][ T7266]  ? ksys_write+0x230/0x260
[  327.850891][ T7266]  ? __pfx_ksys_write+0x10/0x10
[  327.850929][ T7266]  __x64_sys_bpf+0x7c/0x90
[  327.850952][ T7266]  do_syscall_64+0xec/0xf80
[  327.850974][ T7266]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.850994][ T7266]  ? trace_irq_disable+0x37/0x100
[  327.851018][ T7266]  ? clear_bhb_loop+0x60/0xb0
[  327.851045][ T7266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.851073][ T7266] RIP: 0033:0x7fd5c28cf749
[  327.851092][ T7266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.851112][ T7266] RSP: 002b:00007fd5c0b36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  327.851136][ T7266] RAX: ffffffffffffffda RBX: 00007fd5c2b25fa0 RCX: 00007fd5c28cf749
[  327.851152][ T7266] RDX: 000000000000006b RSI: 0000200000000440 RDI: 0000000000000005
[  327.851166][ T7266] RBP: 00007fd5c0b36090 R08: 0000000000000000 R09: 0000000000000000
[  327.851185][ T7266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.851197][ T7266] R13: 00007fd5c2b26038 R14: 00007fd5c2b25fa0 R15: 00007fff981c8f68
[  327.851232][ T7266]  </TASK>
[  327.851600][ T7266] syz.0.417: vmalloc error: size 4096, vm_struct allocation failed, mode:0x500dc0(GFP_USER|__GFP_ZERO|__GFP_ACCOUNT), nodemask=(null),cpuset=/,mems_allowed=0-1
[  327.888230][ T7266] CPU: 1 UID: 0 PID: 7266 Comm: syz.0.417 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  327.888295][ T7266] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  327.888337][ T7266] Call Trace:
[  327.888359][ T7266]  <TASK>
[  327.888381][ T7266]  dump_stack_lvl+0xe8/0x150
[  327.888471][ T7266]  warn_alloc+0x22e/0x3b0
[  327.888558][ T7266]  ? should_fail_ex+0x344/0x600
[  327.888673][ T7266]  ? __pfx_warn_alloc+0x10/0x10
[  327.888824][ T7266]  ? __kmalloc_cache_node_noprof+0x2aa/0x700
[  327.888917][ T7266]  ? __get_vm_area_node+0x172/0x350
[  327.888998][ T7266]  ? __get_vm_area_node+0x2e2/0x350
[  327.889094][ T7266]  __vmalloc_node_range_noprof+0x396/0x16a0
[  327.889230][ T7266]  ? is_bpf_text_address+0x26/0x2b0
[  327.889316][ T7266]  ? kernel_text_address+0xa5/0xe0
[  327.889423][ T7266]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  327.889513][ T7266]  ? __lock_acquire+0x6b6/0x2cf0
[  327.889615][ T7266]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.889690][ T7266]  __vmalloc_noprof+0xd2/0x120
[  327.889763][ T7266]  ? bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.889851][ T7266]  bpf_prog_alloc_no_stats+0x4a/0x4d0
[  327.889938][ T7266]  bpf_prog_alloc+0x3c/0x1a0
[  327.890015][ T7266]  bpf_prog_load+0x735/0x1a10
[  327.890097][ T7266]  ? get_pid_task+0x20/0x1f0
[  327.890200][ T7266]  ? __pfx_bpf_prog_load+0x10/0x10
[  327.890267][ T7266]  ? __might_fault+0xb0/0x130
[  327.890422][ T7266]  ? bpf_lsm_bpf+0x9/0x20
[  327.890468][ T7266]  ? security_bpf+0x7e/0x300
[  327.890559][ T7266]  __sys_bpf+0x507/0x860
[  327.890635][ T7266]  ? __pfx___sys_bpf+0x10/0x10
[  327.890691][ T7266]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  327.890865][ T7266]  ? ksys_write+0x230/0x260
[  327.890954][ T7266]  ? __pfx_ksys_write+0x10/0x10
[  327.891035][ T7266]  __x64_sys_bpf+0x7c/0x90
[  327.891094][ T7266]  do_syscall_64+0xec/0xf80
[  327.891159][ T7266]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.891225][ T7266]  ? trace_irq_disable+0x37/0x100
[  327.891283][ T7266]  ? clear_bhb_loop+0x60/0xb0
[  327.891359][ T7266]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.891424][ T7266] RIP: 0033:0x7fd5c28cf749
[  327.891494][ T7266] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  327.891556][ T7266] RSP: 002b:00007fd5c0b36038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  327.891619][ T7266] RAX: ffffffffffffffda RBX: 00007fd5c2b25fa0 RCX: 00007fd5c28cf749
[  327.891657][ T7266] RDX: 000000000000006b RSI: 0000200000000440 RDI: 0000000000000005
[  327.891699][ T7266] RBP: 00007fd5c0b36090 R08: 0000000000000000 R09: 0000000000000000
[  327.891734][ T7266] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.891768][ T7266] R13: 00007fd5c2b26038 R14: 00007fd5c2b25fa0 R15: 00007fff981c8f68
[  327.891861][ T7266]  </TASK>
[  327.891901][ T7266] Mem-Info:
[  327.891936][ T7266] active_anon:248 inactive_anon:38491 isolated_anon:0
[  327.891936][ T7266]  active_file:25866 inactive_file:36479 isolated_file:0
[  327.891936][ T7266]  unevictable:768 dirty:243 writeback:0
[  327.891936][ T7266]  slab_reclaimable:12621 slab_unreclaimable:98890
[  327.891936][ T7266]  mapped:29836 shmem:35363 pagetables:1043
[  327.891936][ T7266]  sec_pagetables:0 bounce:0
[  327.891936][ T7266]  kernel_misc_reclaimable:0
[  327.891936][ T7266]  free:1274560 free_pcp:9654 free_cma:0
[  327.892077][ T7266] Node 0 active_anon:992kB inactive_anon:153964kB active_file:103260kB inactive_file:145916kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:119344kB dirty:972kB writeback:0kB shmem:139916kB kernel_stack:13440kB pagetables:4016kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  327.892202][ T7266] Node 1 active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB kernel_stack:64kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  327.892325][ T7266] Node 0 DMA free:15360kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  327.892494][ T7266] lowmem_reserve[]: 0 2514 2515 2515 2515
[  327.892607][ T7266] Node 0 DMA32 free:1179104kB boost:0kB min:3944kB low:6492kB high:9040kB reserved_highatomic:0KB free_highatomic:0KB active_anon:992kB inactive_anon:153964kB active_file:103260kB inactive_file:145916kB unevictable:1536kB writepending:972kB zspages:0kB present:3129332kB managed:2574684kB mlocked:0kB bounce:0kB free_pcp:38616kB local_pcp:32964kB free_cma:0kB
[  327.892788][ T7266] lowmem_reserve[]: 0 0 1 1 1
[  327.892898][ T7266] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  327.893051][ T7266] lowmem_reserve[]: 0 0 0 0 0
[  327.893096][ T7266] Node 1 Normal free:3903776kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:204kB inactive_file:0kB unevictable:1536kB writepending:0kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  327.893257][ T7266] lowmem_reserve[]: 0 0 0 0 0
[  327.893373][ T7266] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  327.893682][ T7266] Node 0 DMA32: 348*4kB (UME) 694*8kB (UME) 508*16kB (UME) 262*32kB (UME) 232*64kB (UME) 122*128kB (UM) 47*256kB (UME) 22*512kB (UM) 10*1024kB (UM) 1*2048kB (M) 266*4096kB (UM) = 1179040kB
[  327.894147][ T7266] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  327.894428][ T7266] Node 1 Normal: 180*4kB (U) 60*8kB (UME) 41*16kB (UME) 199*32kB (UME) 84*64kB (UME) 30*128kB (UME) 13*256kB (UM) 6*512kB (UM) 3*1024kB (UME) 1*2048kB (E) 946*4096kB (M) = 3903776kB
[  327.894909][ T7266] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  327.894948][ T7266] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  327.894993][ T7266] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  327.895038][ T7266] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  327.895076][ T7266] 97704 total pagecache pages
[  327.895099][ T7266] 0 pages in swap cache
[  327.895113][ T7266] Free swap  = 124996kB
[  327.895135][ T7266] Total swap = 124996kB
[  327.895157][ T7266] 2097051 pages RAM
[  327.895178][ T7266] 0 pages HighMem/MovableOnly
[  327.895200][ T7266] 421354 pages reserved
[  327.895215][ T7266] 0 pages cma reserved
[  329.498879][ T7274] gfs2: not a GFS2 filesystem
[  333.040604][ T7288] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  335.406485][ T5874] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  335.566441][ T5874] usb 2-1: Using ep0 maxpacket: 8
[  335.570606][ T5874] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  335.570635][ T5874] usb 2-1: config 0 has no interfaces?
[  335.570668][ T5874] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  335.570713][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  335.629039][ T5874] usb 2-1: config 0 descriptor??
[  338.317011][    T9] usb 2-1: USB disconnect, device number 14
[  338.447334][ T7307] FAULT_INJECTION: forcing a failure.
[  338.447334][ T7307] name failslab, interval 1, probability 0, space 0, times 0
[  338.447362][ T7307] CPU: 0 UID: 0 PID: 7307 Comm: syz.1.429 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  338.447380][ T7307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  338.447390][ T7307] Call Trace:
[  338.447396][ T7307]  <TASK>
[  338.447402][ T7307]  dump_stack_lvl+0xe8/0x150
[  338.447430][ T7307]  should_fail_ex+0x46c/0x600
[  338.447456][ T7307]  ? mas_alloc_nodes+0x291/0x350
[  338.447479][ T7307]  should_failslab+0xa8/0x100
[  338.447496][ T7307]  ? mas_alloc_nodes+0x291/0x350
[  338.447518][ T7307]  kmem_cache_alloc_noprof+0x84/0x6c0
[  338.447546][ T7307]  mas_alloc_nodes+0x291/0x350
[  338.447574][ T7307]  mas_preallocate+0x2e0/0x670
[  338.447602][ T7307]  ? __pfx_mas_preallocate+0x10/0x10
[  338.447635][ T7307]  ? __mas_set_range+0x12f/0x3c0
[  338.447659][ T7307]  __split_vma+0x2fd/0x9e0
[  338.447686][ T7307]  ? __pfx___split_vma+0x10/0x10
[  338.447713][ T7307]  ? mas_find+0xb0e/0xd30
[  338.447742][ T7307]  vms_gather_munmap_vmas+0x4c6/0x12f0
[  338.447813][ T7307]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  338.447849][ T7307]  ? mas_find+0xa7d/0xd30
[  338.447888][ T7307]  mmap_region+0x742/0x1d00
[  338.447925][ T7307]  ? __lock_acquire+0x6b6/0x2cf0
[  338.447961][ T7307]  ? __pfx_mmap_region+0x10/0x10
[  338.448051][ T7307]  ? __pfx_process_measurement+0x10/0x10
[  338.448107][ T7307]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  338.448145][ T7307]  ? __lock_acquire+0x6b6/0x2cf0
[  338.448176][ T7307]  ? cap_mmap_addr+0xb0/0x100
[  338.448210][ T7307]  ? bpf_lsm_mmap_addr+0x9/0x20
[  338.448243][ T7307]  ? security_mmap_addr+0x71/0x270
[  338.448284][ T7307]  ? shmem_mapping+0xd/0x50
[  338.448310][ T7307]  ? memfd_check_seals_mmap+0xcb/0x210
[  338.448341][ T7307]  do_mmap+0xc23/0x10c0
[  338.448377][ T7307]  ? lockdep_hardirqs_on+0x7b/0x110
[  338.448400][ T7307]  ? __pfx_do_mmap+0x10/0x10
[  338.448427][ T7307]  ? rwbase_write_lock+0x56f/0x750
[  338.448467][ T7307]  vm_mmap_pgoff+0x2a9/0x4d0
[  338.448504][ T7307]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  338.448539][ T7307]  ? __fget_files+0x2a/0x420
[  338.448563][ T7307]  ? __fget_files+0x3a6/0x420
[  338.448585][ T7307]  ? __fget_files+0x2a/0x420
[  338.448613][ T7307]  ksys_mmap_pgoff+0x4e9/0x720
[  338.448644][ T7307]  ? __x64_sys_mmap+0x7f/0x140
[  338.448673][ T7307]  do_syscall_64+0xec/0xf80
[  338.448694][ T7307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.448716][ T7307]  ? trace_irq_disable+0x37/0x100
[  338.448740][ T7307]  ? clear_bhb_loop+0x60/0xb0
[  338.448767][ T7307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.448788][ T7307] RIP: 0033:0x7f0b7a2ff749
[  338.448809][ T7307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.448828][ T7307] RSP: 002b:00007f0b7855e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  338.448849][ T7307] RAX: ffffffffffffffda RBX: 00007f0b7a555fa0 RCX: 00007f0b7a2ff749
[  338.448865][ T7307] RDX: b635773f06ebbeec RSI: 0000000000b36000 RDI: 0000200000000000
[  338.448879][ T7307] RBP: 00007f0b7855e090 R08: 0000000000000003 R09: 00000000dd9d5000
[  338.448893][ T7307] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  338.448906][ T7307] R13: 00007f0b7a556038 R14: 00007f0b7a555fa0 R15: 00007ffc97063d08
[  338.448941][ T7307]  </TASK>
[  339.456497][ T5971] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  340.516514][ T5971] usb 2-1: Using ep0 maxpacket: 32
[  340.522794][ T5971] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  340.522825][ T5971] usb 2-1: config 0 has no interface number 0
[  340.522875][ T5971] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  340.522905][ T5971] usb 2-1: config 0 interface 85 has no altsetting 0
[  340.526984][ T5971] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  340.527125][ T5971] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.527172][ T5971] usb 2-1: Product: syz
[  340.527213][ T5971] usb 2-1: Manufacturer: syz
[  340.527248][ T5971] usb 2-1: SerialNumber: syz
[  341.660830][ T5971] usb 2-1: config 0 descriptor??
[  343.478095][ T5971] appletouch 2-1:0.85: Failed to request geyser raw mode
[  343.478339][ T5971] appletouch 2-1:0.85: probe with driver appletouch failed with error -5
[  343.581426][ T5971] usb 2-1: USB disconnect, device number 15
[  345.556507][ T5971] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  346.073506][ T5971] usb 3-1: Using ep0 maxpacket: 8
[  346.715498][ T5971] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  346.715528][ T5971] usb 3-1: config 0 has no interfaces?
[  346.715559][ T5971] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  346.715583][ T5971] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.732203][ T5971] usb 3-1: config 0 descriptor??
[  349.393035][ T6019] usb 3-1: USB disconnect, device number 23
[  354.871987][ T6391] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  357.481205][ T6478] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  357.656416][ T6478] usb 4-1: Using ep0 maxpacket: 8
[  357.677927][ T6478] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  357.677956][ T6478] usb 4-1: config 0 has no interfaces?
[  357.677990][ T6478] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  357.678015][ T6478] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  357.733217][ T6478] usb 4-1: config 0 descriptor??
[  358.515796][ T5887] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  358.665800][ T5887] usb 5-1: Using ep0 maxpacket: 32
[  358.668896][ T5887] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  358.668926][ T5887] usb 5-1: config 0 has no interface number 0
[  358.668976][ T5887] usb 5-1: config 0 interface 35 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  358.671722][ T5887] usb 5-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.ad
[  358.671753][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.671781][ T5887] usb 5-1: Product: syz
[  358.671800][ T5887] usb 5-1: Manufacturer: syz
[  358.672002][ T5887] usb 5-1: SerialNumber: syz
[  358.924339][ T5887] usb 5-1: config 0 descriptor??
[  359.002726][ T5887] radio-si470x 5-1:0.35: could not find interrupt in endpoint
[  359.003660][ T5887] radio-si470x 5-1:0.35: probe with driver radio-si470x failed with error -5
[  360.383445][ T5887] radio-raremono 5-1:0.35: Thanko's Raremono connected: (10C4:818A)
[  360.468512][ T6478] usb 4-1: USB disconnect, device number 10
[  360.575118][ T5887] radio-raremono 5-1:0.35: raremono_cmd_main failed (-71)
[  360.629701][ T5887] radio-raremono 5-1:0.35: V4L2 device registered as radio48
[  360.658656][ T5887] usb 5-1: USB disconnect, device number 18
[  360.660341][ T5887] radio-raremono 5-1:0.35: Thanko's Raremono disconnected
[  361.095825][ T5887] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  361.255766][ T5887] usb 1-1: Using ep0 maxpacket: 32
[  361.260305][ T5887] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  361.260334][ T5887] usb 1-1: config 0 has no interface number 0
[  361.260790][ T5887] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  361.260822][ T5887] usb 1-1: config 0 interface 85 has no altsetting 0
[  361.577477][ T5887] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  361.577515][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.577530][ T5887] usb 1-1: Product: syz
[  361.577541][ T5887] usb 1-1: Manufacturer: syz
[  361.577551][ T5887] usb 1-1: SerialNumber: syz
[  361.659569][ T7432] netlink: 20 bytes leftover after parsing attributes in process `syz.3.467'.
[  362.350532][ T5887] usb 1-1: config 0 descriptor??
[  362.770221][ T6478] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  362.897153][ T6478] usb 4-1: device descriptor read/64, error -71
[  363.005786][ T5887] appletouch 1-1:0.85: Geyser mode initialized.
[  363.009494][ T5887] input: appletouch as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.85/input/input24
[  363.146640][ T6478] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  363.209000][ T5993] usb 1-1: USB disconnect, device number 15
[  363.286302][ T6478] usb 4-1: device descriptor read/64, error -71
[  363.406888][ T6478] usb usb4-port1: attempt power cycle
[  363.425427][ T5993] appletouch 1-1:0.85: input: appletouch disconnected
[  364.958302][ T6478] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  364.977944][ T6478] usb 4-1: device descriptor read/8, error -71
[  365.082440][ T7442] FAULT_INJECTION: forcing a failure.
[  365.082440][ T7442] name failslab, interval 1, probability 0, space 0, times 0
[  365.082471][ T7442] CPU: 1 UID: 0 PID: 7442 Comm: syz.2.470 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  365.082489][ T7442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  365.082500][ T7442] Call Trace:
[  365.082507][ T7442]  <TASK>
[  365.082513][ T7442]  dump_stack_lvl+0xe8/0x150
[  365.082542][ T7442]  should_fail_ex+0x46c/0x600
[  365.082568][ T7442]  should_failslab+0xa8/0x100
[  365.082584][ T7442]  __kmalloc_noprof+0xe0/0x7e0
[  365.082608][ T7442]  ? vb2_core_reqbufs+0x904/0x1420
[  365.082633][ T7442]  ? vb2_core_reqbufs+0x8a4/0x1420
[  365.082660][ T7442]  vb2_core_reqbufs+0x904/0x1420
[  365.082699][ T7442]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[  365.082729][ T7442]  ? __kmalloc_cache_noprof+0x1fb/0x6d0
[  365.082753][ T7442]  ? __vb2_init_fileio+0x1e8/0xff0
[  365.082772][ T7442]  __vb2_init_fileio+0x318/0xff0
[  365.082803][ T7442]  __vb2_perform_fileio+0x284/0x1600
[  365.082826][ T7442]  ? mutex_lock_interruptible_nested+0x154/0x1d0
[  365.082848][ T7442]  ? vb2_fop_read+0x101/0x360
[  365.082866][ T7442]  vb2_fop_read+0x27c/0x360
[  365.082886][ T7442]  v4l2_read+0x19f/0x2c0
[  365.082904][ T7442]  vfs_readv+0x5b3/0x850
[  365.082922][ T7442]  ? __pfx_v4l2_read+0x10/0x10
[  365.082938][ T7442]  ? __pfx_vfs_readv+0x10/0x10
[  365.082976][ T7442]  ? __fget_files+0x2a/0x420
[  365.082998][ T7442]  ? __fget_files+0x3a6/0x420
[  365.083018][ T7442]  ? __fget_files+0x2a/0x420
[  365.083043][ T7442]  do_readv+0x153/0x2d0
[  365.083064][ T7442]  ? __pfx_do_readv+0x10/0x10
[  365.083091][ T7442]  do_syscall_64+0xec/0xf80
[  365.083108][ T7442]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.083123][ T7442]  ? trace_irq_disable+0x37/0x100
[  365.083140][ T7442]  ? clear_bhb_loop+0x60/0xb0
[  365.083159][ T7442]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  365.083175][ T7442] RIP: 0033:0x7efdc2fdf749
[  365.083191][ T7442] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  365.083204][ T7442] RSP: 002b:00007efdc123e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  365.083223][ T7442] RAX: ffffffffffffffda RBX: 00007efdc3235fa0 RCX: 00007efdc2fdf749
[  365.083235][ T7442] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000004
[  365.083244][ T7442] RBP: 00007efdc123e090 R08: 0000000000000000 R09: 0000000000000000
[  365.083254][ T7442] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  365.083263][ T7442] R13: 00007efdc3236038 R14: 00007efdc3235fa0 R15: 00007ffd01439ed8
[  365.083289][ T7442]  </TASK>
[  365.227259][ T6478] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  365.254484][ T6478] usb 4-1: device descriptor read/8, error -71
[  365.368476][ T6478] usb usb4-port1: unable to enumerate USB device
[  365.916490][ T6478] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  367.807774][ T6478] usb 5-1: Using ep0 maxpacket: 8
[  367.810342][ T6478] usb 5-1: config 252 has an invalid descriptor of length 0, skipping remainder of the config
[  367.810370][ T6478] usb 5-1: config 252 has 0 interfaces, different from the descriptor's value: 1
[  367.810420][ T6478] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  367.810444][ T6478] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.136466][ T6478] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  368.288920][ T6478] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  368.288966][ T6478] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  368.288996][ T6478] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  368.289048][ T6478] usb 4-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  368.289073][ T6478] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.294581][ T6478] usb 4-1: config 0 descriptor??
[  369.486855][ T7440] usb 5-1: USB disconnect, device number 19
[  371.433611][ T6478] usbhid 4-1:0.0: can't add hid device: -71
[  371.433756][ T6478] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  371.485163][ T6478] usb 4-1: USB disconnect, device number 15
[  371.806533][ T7479] fuse: Bad value for 'fd'
[  372.067258][ T7484] FAULT_INJECTION: forcing a failure.
[  372.067258][ T7484] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.067360][ T7484] CPU: 1 UID: 0 PID: 7484 Comm: syz.0.484 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  372.067394][ T7484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  372.067414][ T7484] Call Trace:
[  372.067427][ T7484]  <TASK>
[  372.067438][ T7484]  dump_stack_lvl+0xe8/0x150
[  372.067477][ T7484]  should_fail_ex+0x46c/0x600
[  372.067515][ T7484]  _copy_to_user+0x31/0xb0
[  372.067540][ T7484]  simple_read_from_buffer+0xe1/0x170
[  372.067569][ T7484]  proc_fail_nth_read+0x1b6/0x220
[  372.067607][ T7484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.067644][ T7484]  ? rw_verify_area+0x2ac/0x4e0
[  372.067673][ T7484]  ? lockdep_hardirqs_on+0x7b/0x110
[  372.067694][ T7484]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  372.067729][ T7484]  vfs_read+0x206/0xa30
[  372.067764][ T7484]  ? preempt_schedule_thunk+0x16/0x30
[  372.067792][ T7484]  ? __pfx_vfs_read+0x10/0x10
[  372.067821][ T7484]  ? preempt_schedule_thunk+0x16/0x30
[  372.067852][ T7484]  ? _raw_spin_unlock_irqrestore+0x74/0x80
[  372.067874][ T7484]  ? mutex_lock_nested+0x154/0x1d0
[  372.067903][ T7484]  ? fdget_pos+0x253/0x320
[  372.067937][ T7484]  ksys_read+0x14b/0x260
[  372.067971][ T7484]  ? __pfx_ksys_read+0x10/0x10
[  372.068016][ T7484]  do_syscall_64+0xec/0xf80
[  372.068037][ T7484]  ? rcu_is_watching+0x15/0xb0
[  372.068057][ T7484]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.068079][ T7484]  ? clear_bhb_loop+0x60/0xb0
[  372.068107][ T7484]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.068130][ T7484] RIP: 0033:0x7fd5c28ce15c
[  372.068149][ T7484] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  372.068169][ T7484] RSP: 002b:00007fd5c0af4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  372.068193][ T7484] RAX: ffffffffffffffda RBX: 00007fd5c2b26180 RCX: 00007fd5c28ce15c
[  372.068210][ T7484] RDX: 000000000000000f RSI: 00007fd5c0af40a0 RDI: 0000000000000006
[  372.068224][ T7484] RBP: 00007fd5c0af4090 R08: 0000000000000000 R09: 0000000000000000
[  372.068238][ T7484] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  372.068251][ T7484] R13: 00007fd5c2b26218 R14: 00007fd5c2b26180 R15: 00007fff981c8f68
[  372.068288][ T7484]  </TASK>
[  376.376244][   T31] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  376.526348][   T31] usb 5-1: Using ep0 maxpacket: 8
[  376.529718][   T31] usb 5-1: config 252 has an invalid descriptor of length 0, skipping remainder of the config
[  376.529748][   T31] usb 5-1: config 252 has 0 interfaces, different from the descriptor's value: 1
[  376.529788][   T31] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  376.529813][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  377.872366][ T7504] binder_alloc: 7501: binder_alloc_buf, no vma
[  379.202933][ T7507] sctp: [Deprecated]: syz.3.489 (pid 7507) Use of int in maxseg socket option.
[  379.202933][ T7507] Use struct sctp_assoc_value instead
[  379.223158][ T5887] usb 5-1: USB disconnect, device number 20
[  380.367329][ T7511] NILFS (nullb0): couldn't find nilfs on the device
[  381.362786][ T7521] fuse: Invalid rootmode
[  381.435851][ T5888] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  381.585754][ T5888] usb 2-1: Using ep0 maxpacket: 32
[  381.588181][ T5888] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  381.588209][ T5888] usb 2-1: config 0 has no interface number 0
[  381.588259][ T5888] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  381.588288][ T5888] usb 2-1: config 0 interface 85 has no altsetting 0
[  381.591667][ T5888] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  381.591694][ T5888] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.591712][ T5888] usb 2-1: Product: syz
[  381.591726][ T5888] usb 2-1: Manufacturer: syz
[  381.591740][ T5888] usb 2-1: SerialNumber: syz
[  381.689380][ T5888] usb 2-1: config 0 descriptor??
[  383.706107][  T989] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  383.889590][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  383.889738][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  384.168475][ T5888] appletouch 2-1:0.85: Geyser mode initialized.
[  384.537619][ T5888] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input25
[  384.618797][  T989] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  384.619041][  T989] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  384.650487][  T989] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  384.650521][  T989] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.650542][  T989] usb 4-1: Product: syz
[  384.650616][  T989] usb 4-1: Manufacturer: syz
[  384.650633][  T989] usb 4-1: SerialNumber: syz
[  385.790055][ T5888] usb 2-1: USB disconnect, device number 16
[  387.237265][  T989] usb 4-1: can't set config #1, error -71
[  387.240519][  T989] usb 4-1: USB disconnect, device number 16
[  388.970204][ T5888] appletouch 2-1:0.85: input: appletouch disconnected
[  389.951795][ T5801] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  389.976667][ T5801] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  389.996533][ T5801] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  389.998292][ T5801] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  389.999387][ T5801] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  391.005960][ T7547] binder_alloc: 7543: binder_alloc_buf, no vma
[  393.372993][ T5801] Bluetooth: hci5: command tx timeout
[  395.396162][ T5801] Bluetooth: hci5: command tx timeout
[  396.426748][   T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  396.430592][   T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  396.475947][   T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  396.504681][   T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  396.514125][   T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  396.787413][ T7540] chnl_net:caif_netlink_parms(): no params data found
[  397.040149][ T7564] sctp: [Deprecated]: syz.1.505 (pid 7564) Use of int in maxseg socket option.
[  397.040149][ T7564] Use struct sctp_assoc_value instead
[  397.127197][ T7566] fuse: Invalid rootmode
[  397.476192][   T61] Bluetooth: hci5: command tx timeout
[  398.755848][   T61] Bluetooth: hci6: command tx timeout
[  399.055971][ T7576] netlink: 28 bytes leftover after parsing attributes in process `syz.3.511'.
[  399.104693][ T5801] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  399.123568][ T5801] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  399.125202][ T5801] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  399.142023][ T5801] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  399.142974][ T5801] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  399.316056][ T7030] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  399.485736][ T7030] usb 4-1: Using ep0 maxpacket: 8
[  399.488236][ T7030] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  399.488299][ T7030] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  399.488329][ T7030] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x62, changing to 0x2
[  399.488356][ T7030] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 46186, setting to 1024
[  399.488385][ T7030] usb 4-1: config 168 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  399.491700][ T7030] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  399.491757][ T7030] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  399.491786][ T7030] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x62, changing to 0x2
[  399.491814][ T7030] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 46186, setting to 1024
[  399.491842][ T7030] usb 4-1: config 168 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  399.493251][ T7030] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  399.493304][ T7030] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  399.493333][ T7030] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0x62, changing to 0x2
[  399.493358][ T7030] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 46186, setting to 1024
[  399.493387][ T7030] usb 4-1: config 168 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1024
[  399.498757][ T7030] usb 4-1: string descriptor 0 read error: -22
[  399.499280][ T7030] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  399.499346][ T7030] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.595269][ T5801] Bluetooth: hci5: command tx timeout
[  399.645210][ T7030] adutux 4-1:168.0: interrupt endpoints not found
[  400.835735][ T5801] Bluetooth: hci6: command tx timeout
[  401.475787][ T5801] Bluetooth: hci4: command tx timeout
[  402.769742][ T5986] usb 4-1: USB disconnect, device number 17
[  402.915796][ T5801] Bluetooth: hci6: command tx timeout
[  404.309192][ T5801] Bluetooth: hci4: command tx timeout
[  404.995870][ T5801] Bluetooth: hci6: command tx timeout
[  406.356091][ T5801] Bluetooth: hci4: command tx timeout
[  408.436126][ T5801] Bluetooth: hci4: command tx timeout
[  408.978452][ T7540] bridge0: port 1(bridge_slave_0) entered blocking state
[  408.978675][ T7540] bridge0: port 1(bridge_slave_0) entered disabled state
[  408.978892][ T7540] bridge_slave_0: entered allmulticast mode
[  408.981816][ T7540] bridge_slave_0: entered promiscuous mode
[  409.060761][ T7540] bridge0: port 2(bridge_slave_1) entered blocking state
[  409.060895][ T7540] bridge0: port 2(bridge_slave_1) entered disabled state
[  409.061470][ T7540] bridge_slave_1: entered allmulticast mode
[  409.064446][ T7540] bridge_slave_1: entered promiscuous mode
[  412.732275][ T7540] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  412.769789][ T7540] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  413.089217][   T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  413.108669][   T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  413.110116][   T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  413.113895][   T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  413.114874][   T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  415.157810][   T61] Bluetooth: hci2: command tx timeout
[  415.301923][ T7540] team0: Port device team_slave_0 added
[  415.355826][ T7540] team0: Port device team_slave_1 added
[  417.235859][   T61] Bluetooth: hci2: command tx timeout
[  417.497722][ T7540] batman_adv: batadv0: Adding interface: batadv_slave_0
[  417.497742][ T7540] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  417.497771][ T7540] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  417.609744][ T7540] batman_adv: batadv0: Adding interface: batadv_slave_1
[  417.609763][ T7540] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  417.609793][ T7540] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  419.317549][   T61] Bluetooth: hci2: command tx timeout
[  419.453994][ T7540] hsr_slave_0: entered promiscuous mode
[  419.455551][ T7540] hsr_slave_1: entered promiscuous mode
[  419.470718][ T7540] debugfs: 'hsr0' already exists in 'hsr'
[  419.470747][ T7540] Cannot create hsr debugfs directory
[  419.513451][ T7561] chnl_net:caif_netlink_parms(): no params data found
[  421.397942][   T61] Bluetooth: hci2: command tx timeout
[  422.764123][ T7577] chnl_net:caif_netlink_parms(): no params data found
[  428.006193][ T7561] bridge0: port 1(bridge_slave_0) entered blocking state
[  428.006434][ T7561] bridge0: port 1(bridge_slave_0) entered disabled state
[  428.006651][ T7561] bridge_slave_0: entered allmulticast mode
[  428.010491][ T7561] bridge_slave_0: entered promiscuous mode
[  428.082441][ T7561] bridge0: port 2(bridge_slave_1) entered blocking state
[  428.082850][ T7561] bridge0: port 2(bridge_slave_1) entered disabled state
[  428.083362][ T7561] bridge_slave_1: entered allmulticast mode
[  428.090259][ T7561] bridge_slave_1: entered promiscuous mode
[  428.339770][ T5801] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  428.343333][ T5801] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  428.371509][ T5801] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  428.372884][ T5801] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  428.374808][ T5801] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  430.436268][ T5801] Bluetooth: hci7: command tx timeout
[  432.515912][ T5801] Bluetooth: hci7: command tx timeout
[  433.573801][ T7561] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  433.632085][ T7577] bridge0: port 1(bridge_slave_0) entered blocking state
[  433.632334][ T7577] bridge0: port 1(bridge_slave_0) entered disabled state
[  433.632579][ T7577] bridge_slave_0: entered allmulticast mode
[  433.661766][ T7577] bridge_slave_0: entered promiscuous mode
[  433.701940][ T7561] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  433.764738][ T7577] bridge0: port 2(bridge_slave_1) entered blocking state
[  433.764884][ T7577] bridge0: port 2(bridge_slave_1) entered disabled state
[  433.765102][ T7577] bridge_slave_1: entered allmulticast mode
[  433.811591][ T7577] bridge_slave_1: entered promiscuous mode
[  434.596009][ T5801] Bluetooth: hci7: command tx timeout
[  436.675862][ T5801] Bluetooth: hci7: command tx timeout
[  437.447600][ T7561] team0: Port device team_slave_0 added
[  437.516955][ T7577] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  437.520289][ T7561] team0: Port device team_slave_1 added
[  437.520693][ T7604] chnl_net:caif_netlink_parms(): no params data found
[  439.383111][ T7577] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  440.911458][ T7561] batman_adv: batadv0: Adding interface: batadv_slave_0
[  440.911480][ T7561] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  440.911509][ T7561] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  442.613334][ T7561] batman_adv: batadv0: Adding interface: batadv_slave_1
[  442.613348][ T7561] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  442.613370][ T7561] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  442.661117][ T7577] team0: Port device team_slave_0 added
[  442.792744][ T7577] team0: Port device team_slave_1 added
[  445.327419][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  445.327496][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  446.790547][   T61] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  446.794884][   T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  446.823406][   T61] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  446.824847][   T61] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  446.841468][   T61] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  448.423503][ T7540] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  448.563517][ T7577] batman_adv: batadv0: Adding interface: batadv_slave_0
[  448.563536][ T7577] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  448.563567][ T7577] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  448.925203][   T61] Bluetooth: hci3: command tx timeout
[  449.967248][ T7577] batman_adv: batadv0: Adding interface: batadv_slave_1
[  449.967268][ T7577] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  449.967299][ T7577] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  450.074360][ T7604] bridge0: port 1(bridge_slave_0) entered blocking state
[  450.083089][ T7604] bridge0: port 1(bridge_slave_0) entered disabled state
[  450.083887][ T7604] bridge_slave_0: entered allmulticast mode
[  450.120954][ T7604] bridge_slave_0: entered promiscuous mode
[  450.996077][   T61] Bluetooth: hci3: command tx timeout
[  453.076115][   T61] Bluetooth: hci3: command tx timeout
[  453.261073][ T7561] hsr_slave_0: entered promiscuous mode
[  453.262602][ T7561] hsr_slave_1: entered promiscuous mode
[  453.263623][ T7561] debugfs: 'hsr0' already exists in 'hsr'
[  453.263648][ T7561] Cannot create hsr debugfs directory
[  453.344327][ T7604] bridge0: port 2(bridge_slave_1) entered blocking state
[  453.344460][ T7604] bridge0: port 2(bridge_slave_1) entered disabled state
[  453.345062][ T7604] bridge_slave_1: entered allmulticast mode
[  453.370524][ T7604] bridge_slave_1: entered promiscuous mode
[  455.155892][   T61] Bluetooth: hci3: command tx timeout
[  455.262887][ T5801] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  455.282144][ T5801] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  455.283457][ T5801] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  455.284839][ T5801] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  455.328930][ T5801] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  457.397013][   T61] Bluetooth: hci5: command tx timeout
[  458.394404][ T7604] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  458.442678][ T7577] hsr_slave_0: entered promiscuous mode
[  458.444269][ T7577] hsr_slave_1: entered promiscuous mode
[  458.445383][ T7577] debugfs: 'hsr0' already exists in 'hsr'
[  458.445408][ T7577] Cannot create hsr debugfs directory
[  458.482388][ T7604] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  459.458461][ T5801] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  459.478139][ T5808] Bluetooth: hci5: command tx timeout
[  459.498020][ T5801] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  459.500463][ T5801] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  459.501865][ T5801] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  459.502803][ T5801] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  461.556634][   T61] Bluetooth: hci5: command tx timeout
[  461.556768][ T5801] Bluetooth: hci6: command tx timeout
[  463.636465][   T61] Bluetooth: hci5: command tx timeout
[  463.636527][ T5801] Bluetooth: hci6: command tx timeout
[  465.716462][ T5801] Bluetooth: hci6: command tx timeout
[  467.564901][ T7604] team0: Port device team_slave_0 added
[  467.650972][ T7604] team0: Port device team_slave_1 added
[  467.796505][ T5801] Bluetooth: hci6: command tx timeout
[  472.712105][ T7604] batman_adv: batadv0: Adding interface: batadv_slave_0
[  472.712128][ T7604] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  472.712159][ T7604] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  472.839898][ T7619] chnl_net:caif_netlink_parms(): no params data found
[  472.861471][ T7604] batman_adv: batadv0: Adding interface: batadv_slave_1
[  472.861490][ T7604] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  472.861519][ T7604] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  473.772798][   T61] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  473.795190][   T61] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  473.808636][   T61] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  473.810602][   T61] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  473.811552][   T61] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  475.876055][ T5801] Bluetooth: hci4: command tx timeout
[  477.956280][   T61] Bluetooth: hci4: command tx timeout
[  480.045614][ T5801] Bluetooth: hci4: command tx timeout
[  480.124891][ T7619] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.133250][ T7619] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.133562][ T7619] bridge_slave_0: entered allmulticast mode
[  480.149900][ T7619] bridge_slave_0: entered promiscuous mode
[  481.792836][ T7619] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.793047][ T7619] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.793345][ T7619] bridge_slave_1: entered allmulticast mode
[  481.824410][ T7619] bridge_slave_1: entered promiscuous mode
[  482.116540][ T5801] Bluetooth: hci4: command tx timeout
[  484.841522][ T7619] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  484.894231][ T7619] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  484.894898][ T7627] chnl_net:caif_netlink_parms(): no params data found
[  488.323143][   T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  488.339019][   T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  488.345019][   T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  488.371238][   T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  488.372808][   T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  490.435798][   T61] Bluetooth: hci2: command tx timeout
[  492.516020][   T61] Bluetooth: hci2: command tx timeout
[  492.653779][ T7635] chnl_net:caif_netlink_parms(): no params data found
[  494.596397][ T5801] Bluetooth: hci2: command tx timeout
[  496.675884][   T61] Bluetooth: hci2: command tx timeout
[  501.718405][ T7627] bridge0: port 1(bridge_slave_0) entered blocking state
[  501.718878][ T7627] bridge0: port 1(bridge_slave_0) entered disabled state
[  501.719155][ T7627] bridge_slave_0: entered allmulticast mode
[  501.722039][ T7627] bridge_slave_0: entered promiscuous mode
[  504.452600][ T7640] chnl_net:caif_netlink_parms(): no params data found
[  504.492819][ T7627] bridge0: port 2(bridge_slave_1) entered blocking state
[  504.492982][ T7627] bridge0: port 2(bridge_slave_1) entered disabled state
[  504.493258][ T7627] bridge_slave_1: entered allmulticast mode
[  504.521483][ T7627] bridge_slave_1: entered promiscuous mode
[  506.772538][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  506.772637][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[  507.867231][ T5801] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  507.886755][ T5801] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  507.888890][ T5801] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  507.890331][ T5801] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  507.891298][ T5801] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  509.956171][   T61] Bluetooth: hci7: command tx timeout
[  512.036124][ T5801] Bluetooth: hci7: command tx timeout
[  514.117209][ T5801] Bluetooth: hci7: command tx timeout
[  515.357269][   T61] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  515.361163][   T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  515.391217][   T61] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  515.406250][   T61] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  515.407151][   T61] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  515.454023][ T7635] bridge0: port 1(bridge_slave_0) entered blocking state
[  515.454618][ T7635] bridge0: port 1(bridge_slave_0) entered disabled state
[  515.454928][ T7635] bridge_slave_0: entered allmulticast mode
[  515.489272][ T7635] bridge_slave_0: entered promiscuous mode
[  516.195718][   T61] Bluetooth: hci7: command tx timeout
[  516.945387][ T7646] chnl_net:caif_netlink_parms(): no params data found
[  517.479264][   T61] Bluetooth: hci3: command tx timeout
[  517.623223][ T7640] bridge0: port 1(bridge_slave_0) entered blocking state
[  517.633142][ T7640] bridge0: port 1(bridge_slave_0) entered disabled state
[  517.633474][ T7640] bridge_slave_0: entered allmulticast mode
[  517.658462][ T7640] bridge_slave_0: entered promiscuous mode
[  517.802896][ T7640] bridge0: port 2(bridge_slave_1) entered blocking state
[  517.814424][ T7640] bridge0: port 2(bridge_slave_1) entered disabled state
[  517.814747][ T7640] bridge_slave_1: entered allmulticast mode
[  517.846105][ T7640] bridge_slave_1: entered promiscuous mode
[  519.427012][ T5801] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  519.430797][ T5801] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  519.451812][ T5801] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  519.453908][ T5801] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  519.455055][ T5801] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  519.556091][   T61] Bluetooth: hci3: command tx timeout
[  521.556131][ T5801] Bluetooth: hci5: command tx timeout
[  521.636167][ T5801] Bluetooth: hci3: command tx timeout
[  523.635846][ T5801] Bluetooth: hci5: command tx timeout
[  523.715977][ T5801] Bluetooth: hci3: command tx timeout
[  525.715861][ T5801] Bluetooth: hci5: command tx timeout
[  527.795903][ T5801] Bluetooth: hci5: command tx timeout
[  531.539527][ T7646] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.539764][ T7646] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.540099][ T7646] bridge_slave_0: entered allmulticast mode
[  531.602124][ T7646] bridge_slave_0: entered promiscuous mode
[  531.685401][ T7646] bridge0: port 2(bridge_slave_1) entered blocking state
[  531.692925][ T7646] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.693261][ T7646] bridge_slave_1: entered allmulticast mode
[  531.712923][ T7646] bridge_slave_1: entered promiscuous mode
[  533.887537][   T61] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  533.892200][   T61] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  533.893633][   T61] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  533.894846][   T61] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  533.925495][   T61] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  534.242279][ T7657] chnl_net:caif_netlink_parms(): no params data found
[  536.106065][   T61] Bluetooth: hci6: command tx timeout
[  538.116234][ T5801] Bluetooth: hci6: command tx timeout
[  540.196006][   T61] Bluetooth: hci6: command tx timeout
[  542.276117][   T61] Bluetooth: hci6: command tx timeout
[  542.777475][ T7657] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.777706][ T7657] bridge0: port 1(bridge_slave_0) entered disabled state
[  542.778029][ T7657] bridge_slave_0: entered allmulticast mode
[  542.781149][ T7657] bridge_slave_0: entered promiscuous mode
[  542.897926][ T7657] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.902061][ T7657] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.902452][ T7657] bridge_slave_1: entered allmulticast mode
[  542.905504][ T7657] bridge_slave_1: entered promiscuous mode
[  543.001388][ T7668] chnl_net:caif_netlink_parms(): no params data found
[  545.936063][   T39] INFO: task syz.2.480:7499 blocked for more than 143 seconds.
[  545.936092][   T39]       Not tainted syzkaller #0
[  545.936104][   T39]       Blocked by coredump.
[  545.936111][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  545.936122][   T39] task:syz.2.480       state:D stack:21880 pid:7499  tgid:7495  ppid:5799   task_flags:0x40044c flags:0x00080001
[  545.936189][   T39] Call Trace:
[  545.936198][   T39]  <TASK>
[  545.936213][   T39]  __schedule+0x145f/0x5070
[  545.936284][   T39]  ? irqentry_exit+0x5e8/0x670
[  545.936304][   T39]  ? rcu_is_watching+0x15/0xb0
[  545.936328][   T39]  ? __pfx___schedule+0x10/0x10
[  545.936366][   T39]  ? preempt_schedule_thunk+0x16/0x30
[  545.936397][   T39]  ? preempt_schedule_thunk+0x16/0x30
[  545.936425][   T39]  rt_mutex_schedule+0x77/0xf0
[  545.936462][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  545.936494][   T39]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  545.936542][   T39]  rt_mutex_slowlock+0x2a8/0x6b0
[  545.936576][   T39]  ? rt_mutex_slowlock+0x1c9/0x6b0
[  545.936607][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  545.936651][   T39]  ? rcu_barrier+0x4c/0x570
[  545.936680][   T39]  ? rcu_barrier+0x4c/0x570
[  545.936711][   T39]  ? rcu_barrier+0x4c/0x570
[  545.936734][   T39]  mutex_lock_nested+0x16a/0x1d0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  545.936761][   T39]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  545.936796][   T39]  ? __pfx_tun_chr_close+0x10/0x10
[  545.936827][   T39]  rcu_barrier+0x4c/0x570
[  545.936855][   T39]  ? __pfx_tun_chr_close+0x10/0x10
[  545.936884][   T39]  ? __pfx_tun_chr_close+0x10/0x10
[  545.936913][   T39]  netdev_run_todo+0x327/0xea0
[  545.936951][   T39]  ? __pfx_netif_state_change+0x10/0x10
[  545.936975][   T39]  ? __pfx_netdev_run_todo+0x10/0x10
[  545.937015][   T39]  ? kasan_quarantine_put+0xbb/0x1f0
[  545.937058][   T39]  ? netdev_state_change+0x1ca/0x220
[  545.937088][   T39]  ? __pfx_tun_chr_close+0x10/0x10
[  545.937121][   T39]  tun_chr_close+0x13f/0x1c0
[  545.937152][   T39]  __fput+0x45b/0xa80
[  545.937192][   T39]  task_work_run+0x1d4/0x260
[  545.937231][   T39]  ? __pfx_task_work_run+0x10/0x10
[  545.937266][   T39]  ? do_exit+0x68f/0x22f0
[  545.937297][   T39]  ? do_exit+0x68f/0x22f0
[  545.937337][   T39]  do_exit+0x694/0x22f0
[  545.937377][   T39]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  545.937401][   T39]  ? lockdep_hardirqs_on+0x7b/0x110
[  545.937426][   T39]  ? __pfx_do_exit+0x10/0x10
[  545.937456][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[  545.937487][   T39]  ? reacquire_held_locks+0x104/0x190
[  545.937522][   T39]  ? rt_spin_lock+0x1c1/0x3e0
[  545.937567][   T39]  do_group_exit+0x21c/0x2d0
[  545.937602][   T39]  ? rt_spin_unlock+0x161/0x200
[  545.937636][   T39]  get_signal+0x125d/0x1310
[  545.937685][   T39]  arch_do_signal_or_restart+0x9a/0x7a0
[  545.937725][   T39]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  545.937771][   T39]  ? __x64_sys_recvmmsg+0x190/0x240
[  545.937812][   T39]  exit_to_user_mode_loop+0x87/0x4e0
[  545.937846][   T39]  ? rcu_is_watching+0x15/0xb0
[  545.937870][   T39]  do_syscall_64+0x2c1/0xf80
[  545.937892][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.937915][   T39]  ? trace_[  545.937915][   T39]  ? trace_irq_disable+0x37/0x100
[  545.937939][   T39]  ? clear_bhb_loop+0x60/0xb0
[  545.937967][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.937991][   T39] RIP: 0033:0x7efdc2fdf749
[  545.938018][   T39] RSP: 002b:00007efdc121d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  545.938041][   T39] RAX: 0000000000010106 RBX: 00007efdc3236090 RCX: 00007efdc2fdf749
[  545.938057][   T39] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000006
[  545.938072][   T39] RBP: 00007efdc3063f91 R08: 0000000000000000 R09: 0000000000000000
[  545.938086][   T39] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  545.938099][   T39] R13: 00007efdc3236128 R14: 00007efdc3236090 R15: 00007ffd01439ed8
[  545.938136][   T39]  </TASK>
[  545.938151][   T39] INFO: task syz.1.509:7567 blocked for more than 143 seconds.
[  545.938166][   T39]       Not tainted syzkaller #0
[  545.938177][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  545.938187][   T39] task:syz.1.509       state:D stack:24952 pid:7567  tgid:7567  ppid:5795   task_flags:0x400040 flags:0x00080002
[  545.938280][   T39] Call Trace:
[  545.938288][   T39]  <TASK>
[  545.938301][   T39]  __schedule+0x145f/0x5070
[  545.938367][   T39]  ? __pfx___schedule+0x10/0x10
[  545.938422][   T39]  rt_mutex_schedule+0x77/0xf0
[  545.938458][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  545.938488][   T39]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  545.938538][   T39]  rt_mutex_slowlock+0x2a8/0x6b0
[  545.938571][   T39]  ? rt_mutex_slowlock+0x1c9/0x6b0
[  545.938603][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  545.938632][   T39]  ? do_raw_spin_lock+0x121/0x290
[  545.938670][   T39]  ? rcu_barrier+0x4c/0x570
[  545.938700][   T39]  ? rcu_barrier+0x4c/0x570
[  545.938731][   T39]  ? rcu_barrier+0x4c/0x570
[  545.938753][   T39]  mutex_lock_nested+0x16a/0x1d0
[  545.938782][   T39]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  545.938819][   T39]  rcu_barrier+0x4c/0x570
[  545.938842][   T39]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  545.938865][   T39]  ? rt_write_unlock+0x191/0x230
[  545.938904][   T39]  kvm_mmu_uninit_vm+0x53/0x90
[  545.938939][   T39]  kvm_arch_destroy_vm+0x23d/0x280
[  545.938971][   T39]  kvm_put_kvm+0x6ca/0xa80
[  545.939019][   T39]  ? __pfx_kvm_vm_release+0x10/0x10
[  545.939049][   T39]  kvm_vm_release+0x46/0x50
[  545.939075][   T39]  __fput+0x45b/0xa80
[  545.939114][   T39]  task_work_run+0x1d4/0x260
[  545.939153][   T39]  ? __pfx_task_work_run+0x10/0x10
[  545.939200][   T39]  exit_to_user_mode_loop+0xef/0x4e0
[  545.939232][   T39]  ? rcu_is_watching+0x15/0xb0
[  545.939263][   T39]  do_syscall_64+0x2c1/0xf80
[  545.939285][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.939306][   T39]  ? clear_bhb_loop+0x60/0xb0
[  545.939335][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.939358][   T39] RIP: 0033:0x7f0b7a2ff749
[  545.939376][   T39] RSP: 002b:00007ffc97063e68 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  545.939399][   T39] RAX: 0000000000000000 RBX: 00007f0b7a557da0 RCX: 00007f0b7a2ff749
[  545.939415][   T39] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  545.939429][   T39] RBP: 00007f0b7a557da0 R08: 00000000000047b4 R09: 000000149706415f
[  545.939445][   T39] R10: 00007f0b7a557cb0 R11: 0000000000000246 R12: 000000000006113c
[  545.939460][   T39] R13: 00007f0b7a556090 R14: ffffffffffffffff R15: 00007ffc97063f80
[  545.939497][   T39]  </TASK>
[  545.939506][   T39] INFO: task syz.1.509:7568 blocked for more than 143 seconds.
[  545.939520][   T39]       Not tainted syzkaller #0
[  545.939531][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  545.939542][   T39] task:syz.1.509       state:D stack:26360 pid:7568  tgid:7567  ppid:5795   task_flags:0x400040 flags:0x00080002
[  545.939616][   T39] Call Trace:
[  545.939624][   T39]  <TASK>
[  545.939637][   T39]  __schedule+0x145f/0x5070
[  545.939703][   T39]  ? __pfx___schedule+0x10/0x10
[  545.939757][   T39]  rt_mutex_schedule+0x77/0xf0
[  545.939794][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  545.939824][   T39]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  545.939873][   T39]  rt_mutex_slowlock+0x2a8/0x6b0
[  545.939907][   T39]  ? rt_mutex_slowlock+0x1c9/0x6b0
[  545.939939][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  545.939968][   T39]  ? do_raw_spin_lock+0x121/0x290
[  545.940013][   T39]  ? rcu_barrier+0x4c/0x570
[  545.940043][   T39]  ? rcu_barrier+0x4c/0x570
[  545.940072][   T39]  ? rcu_barrier+0x4c/0x570
[  545.940095][   T39]  mutex_lock_nested+0x16a/0x1d0
[  545.940124][   T39]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  545.940159][   T39]  rcu_barrier+0x4c/0x570
[  545.940183][   T39]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  545.940206][   T39]  ? rt_write_unlock+0x191/0x230
[  545.940243][   T39]  kvm_mmu_uninit_vm+0x53/0x90
[  545.940275][   T39]  kvm_arch_destroy_vm+0x23d/0x280
[  545.940305][   T39]  kvm_put_kvm+0x6ca/0xa80
[  545.940343][   T39]  ? __pfx_kvm_vm_release+0x10/0x10
[  545.940370][   T39]  kvm_vm_release+0x46/0x50
[  545.940396][   T39]  __fput+0x45b/0xa80
[  545.940435][   T39]  task_work_run+0x1d4/0x260
[  545.940473][   T39]  ? __pfx_task_work_run+0x10/0x10
[  545.940505][   T39]  ? __fput_deferred+0x245/0x3e0
[  545.940531][   T39]  ? __pfx___fput_deferred+0x10/0x10
[  545.940566][   T39]  exit_to_user_mode_loop+0xef/0x4e0
[  545.940598][   T39]  ? rcu_is_watching+0x15/0xb0
[  545.940622][   T39]  do_syscall_64+0x2c1/0xf80
[  545.940643][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.940665][   T39]  ? trace_irq_disable+0x37/0x100
[  545.940690][   T39]  ? clear_bhb_loop+0x60/0xb0
[  545.940717][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.940739][   T39] RIP: 0033:0x7f0b7a2ff34b
[  545.940756][   T39] RSP: 002b:00007f0b7855c490 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  545.940780][   T39] RAX: 0000000000000000 RBX: 00007f0b7855cbe0 RCX: 00007f0b7a2ff34b
[  545.940795][   T39] RDX: 00007f0b7855cbe0 RSI: 000000004020ae46 RDI: 0000000000000008
[  545.940810][   T39] RBP: 0000000000000008 R08: 0000000000000001 R09: 0000000000000000
[  545.940824][   T39] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000011
[  545.940837][   T39] R13: 0000200000011000 R14: 0000200000000000 R15: 00000000fec00000
[  545.940873][   T39]  </TASK>
[  545.940926][   T39] 
[  545.940926][   T39] Showing all locks held in the system:
[  545.940939][   T39] 4 locks held by ktimers/1/29:
[  545.940953][   T39] 5 locks held by kworker/1:0/31:
[  545.940966][   T39] 1 lock held by khungtaskd/39:
[  545.940979][   T39]  #0: ffffffff8d5ae940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  545.941082][   T39] 4 locks held by kworker/u8:13/3477:
[  545.941097][   T39] 2 locks held by getty/5557:
[  545.941109][   T39]  #0: ffff88814dfa50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  545.941167][   T39]  #1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x44f/0x1460
[  545.941229][   T39] 3 locks held by kworker/u8:21/6664:
[  545.941242][   T39]  #0: ffff88813ff69938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[  545.941302][   T39]  #1: ffffc9000d96fbc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[  545.941354][   T39]  #2: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[  545.941414][   T39] 1 lock held by syz.2.480/7499:
[  545.941426][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941481][   T39] 1 lock held by syz.4.499/7527:
[  545.941493][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941544][   T39] 1 lock held by syz-executor/7540:
[  545.941557][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941609][   T39] 1 lock held by syz.0.493/7556:
[  545.941622][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941673][   T39] 1 lock held by syz-executor/7561:
[  545.941686][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941739][   T39] 1 lock held by syz.1.509/7567:
[  545.941751][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941805][   T39] 1 lock held by syz.1.509/7568:
[  545.941817][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941869][   T39] 1 lock held by syz-executor/7577:
[  545.941882][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.941936][   T39] 1 lock held by syz.3.516/7599:
[  545.941948][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942001][   T39] 1 lock held by syz.3.516/7600:
[  545.942021][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942074][   T39] 1 lock held by syz-executor/7604:
[  545.942087][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942141][   T39] 1 lock held by syz-executor/7619:
[  545.942152][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942207][   T39] 1 lock held by syz-executor/7627:
[  545.942219][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942272][   T39] 1 lock held by syz-executor/7635:
[  545.942284][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942337][   T39] 1 lock held by syz-executor/7640:
[  545.942350][   T39]  #0: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  545.942403][   T39] 1 lock held by syz-executor/7646:
[  545.942415][   T39]  #0: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  545.942472][   T39] 2 locks held by syz-executor/7657:
[  545.942484][   T39]  #0: ffffffff8e021f08 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  545.942545][   T39]  #1: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[  545.942598][   T39] 2 locks held by syz-executor/7668:
[  545.942610][   T39]  #0: ffffffff8e02f488 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  545.942670][   T39]  #1: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[  545.942724][   T39] 2 locks held by syz-executor/7678:
[  545.942736][   T39]  #0: ffffffff8edb4f28 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  545.942798][   T39]  #1: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[  545.942850][   T39] 2 locks held by syz-executor/7686:
[  545.942862][   T39]  #0: ffffffff8edcf120 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x23/0x250
[  545.942923][   T39]  #1: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[  545.942976][   T39] 2 locks held by syz-executor/7697:
[  545.942988][   T39]  #0: ffffffff8e8989e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x3cc/0x570
[  545.943046][   T39]  #1: ffffffff8e8a5af8 (rtnl_mutex){+.+.}-{4:4}, at: register_netdev+0x18/0x60
[  545.943107][   T39] 
[  545.943112][   T39] =============================================
[  545.943112][   T39] 
[  545.943130][   T39] NMI backtrace for cpu 0
[  545.943147][   T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  545.943170][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  545.943184][   T39] Call Trace:
[  545.943193][   T39]  <TASK>
[  545.943202][   T39]  dump_stack_lvl+0xe8/0x150
[  545.943235][   T39]  nmi_cpu_backtrace+0x274/0x2d0
[  545.943265][   T39]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  545.943292][   T39]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  545.943325][   T39]  sys_info+0x135/0x170
[  545.943349][   T39]  watchdog+0xf95/0xfe0
[  545.943397][   T39]  ? watchdog+0x20a/0xfe0
[  545.943429][   T39]  kthread+0x711/0x8a0
[  545.943464][   T39]  ? __pfx_watchdog+0x10/0x10
[  545.943489][   T39]  ? __pfx_kthread+0x10/0x10
[  545.943516][   T39]  ? rt_spin_unlock+0x150/0x200
[  545.943551][   T39]  ? rt_spin_unlock+0x161/0x200
[  545.943578][   T39]  ? __pfx_kthread+0x10/0x10
[  545.943611][   T39]  ret_from_fork+0x510/0xa50
[  545.943637][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  545.943659][   T39]  ? __switch_to+0xc9e/0x1480
[  545.943697][   T39]  ? __pfx_kthread+0x10/0x10
[  545.943730][   T39]  ret_from_fork_asm+0x1a/0x30
[  545.943782][   T39]  </TASK>
[  545.943790][   T39] Sending NMI from CPU 0 to CPUs 1:
[  545.943825][    C1] NMI backtrace for cpu 1
[  545.943840][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  545.943862][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  545.943873][    C1] RIP: 0010:unwind_next_frame+0x1861/0x23d0
[  545.943903][    C1] Code: b6 04 28 84 c0 0f 85 4a 0a 00 00 48 89 d0 48 c1 e8 03 0f b6 04 28 84 c0 48 8b 74 24 18 0f 85 57 0a 00 00 48 0f bf 03 48 01 c6 <49> 8d 56 40 4c 89 f7 eb 5d 49 8d 5e 40 48 89 d8 48 c1 e8 03 80 3c
[  545.943919][    C1] RSP: 0018:ffffc90000a3ea98 EFLAGS: 00000287
[  545.943936][    C1] RAX: fffffffffffffff0 RBX: ffffffff8f687254 RCX: 0000000000000000
[  545.943950][    C1] RDX: ffffffff8f687255 RSI: ffffc90000a3fcd8 RDI: ffffc90000a3ebc8
[  545.943964][    C1] RBP: dffffc0000000000 R08: ffffc90000a3ebc7 R09: 0000000000000000
[  545.943977][    C1] R10: ffffc90000a3ebb8 R11: fffff52000147d79 R12: ffffc90000a3ebb8
[  545.943991][    C1] R13: 1ffff92000147d6f R14: ffffc90000a3eb68 R15: 1ffffffff1ed0e4a
[  545.944006][    C1] FS:  0000000000000000(0000) GS:ffff888126def000(0000) knlGS:0000000000000000
[  545.944023][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  545.944036][    C1] CR2: 00007f440293ae90 CR3: 000000007bc32000 CR4: 00000000003526f0
[  545.944053][    C1] Call Trace:
[  545.944060][    C1]  <TASK>
[  545.944071][    C1]  ? unwind_next_frame+0xa5/0x23d0
[  545.944097][    C1]  ? handle_softirqs+0x1df/0x650
[  545.944121][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  545.944153][    C1]  arch_stack_walk+0x11c/0x150
[  545.944180][    C1]  ? run_ktimerd+0x69/0x100
[  545.944207][    C1]  stack_trace_save+0x9c/0xe0
[  545.944234][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  545.944256][    C1]  ? do_raw_spin_lock+0x121/0x290
[  545.944287][    C1]  kasan_save_track+0x3e/0x80
[  545.944318][    C1]  ? kasan_save_track+0x3e/0x80
[  545.944343][    C1]  ? __kasan_slab_alloc+0x6c/0x80
[  545.944370][    C1]  ? kmem_cache_alloc_node_noprof+0x23c/0x6f0
[  545.944398][    C1]  ? kmalloc_reserve+0xbd/0x290
[  545.944418][    C1]  ? __alloc_skb+0x204/0x3a0
[  545.944436][    C1]  ? synproxy_send_client_synack+0x16c/0xe20
[  545.944465][    C1]  ? nft_synproxy_eval_v4+0x36e/0x560
[  545.944485][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[  545.944504][    C1]  ? nft_do_chain+0x40c/0x1920
[  545.944521][    C1]  ? nft_do_chain_inet+0x25d/0x340
[  545.944539][    C1]  ? nf_hook_slow+0xc5/0x220
[  545.944564][    C1]  ? NF_HOOK+0x206/0x3a0
[  545.944587][    C1]  ? NF_HOOK+0x30c/0x3a0
[  545.944609][    C1]  ? __netif_receive_skb+0x143/0x380
[  545.944632][    C1]  ? process_backlog+0x315/0x8f0
[  545.944650][    C1]  ? __napi_poll+0xae/0x520
[  545.944665][    C1]  ? net_rx_action+0x64a/0xdb0
[  545.944684][    C1]  ? handle_softirqs+0x1df/0x650
[  545.944726][    C1]  ? __slab_alloc+0xc6/0x1f0
[  545.944746][    C1]  __kasan_slab_alloc+0x6c/0x80
[  545.944781][    C1]  kmem_cache_alloc_node_noprof+0x23c/0x6f0
[  545.944807][    C1]  ? kmalloc_reserve+0xbd/0x290
[  545.944827][    C1]  ? __alloc_skb+0x1dc/0x3a0
[  545.944850][    C1]  kmalloc_reserve+0xbd/0x290
[  545.944871][    C1]  ? __alloc_skb+0x198/0x3a0
[  545.944890][    C1]  __alloc_skb+0x204/0x3a0
[  545.944912][    C1]  synproxy_send_client_synack+0x16c/0xe20
[  545.944949][    C1]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  545.944979][    C1]  ? nft_tunnel_get_eval+0x7e0/0x840
[  545.945006][    C1]  ? synproxy_pernet+0x45/0x270
[  545.945031][    C1]  nft_synproxy_eval_v4+0x36e/0x560
[  545.945055][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  545.945078][    C1]  ? nf_ip_checksum+0x13c/0x510
[  545.945099][    C1]  nft_synproxy_do_eval+0x345/0x570
[  545.945123][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  545.945154][    C1]  nft_do_chain+0x40c/0x1920
[  545.945180][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  545.945221][    C1]  nft_do_chain_inet+0x25d/0x340
[  545.945239][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  545.945264][    C1]  ? NF_HOOK+0x9a/0x3a0
[  545.945288][    C1]  ? NF_HOOK+0x9a/0x3a0
[  545.945312][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  545.945333][    C1]  nf_hook_slow+0xc5/0x220
[  545.945363][    C1]  NF_HOOK+0x206/0x3a0
[  545.945388][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  545.945414][    C1]  ? NF_HOOK+0x9a/0x3a0
[  545.945437][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  545.945460][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[  545.945487][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  545.945519][    C1]  ? skb_dst+0x4f/0xd0
[  545.945557][    C1]  ? ip_local_deliver+0x12a/0x1b0
[  545.945603][    C1]  NF_HOOK+0x30c/0x3a0
[  545.945638][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  545.945663][    C1]  ? NF_HOOK+0x9a/0x3a0
[  545.945686][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  545.945712][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  545.945742][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  545.945771][    C1]  __netif_receive_skb+0x143/0x380
[  545.945792][    C1]  ? process_backlog+0x272/0x8f0
[  545.945811][    C1]  process_backlog+0x315/0x8f0
[  545.945838][    C1]  __napi_poll+0xae/0x520
[  545.945857][    C1]  net_rx_action+0x64a/0xdb0
[  545.945876][    C1]  ? _raw_spin_unlock_irq+0x2e/0x50
[  545.945902][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  545.945932][    C1]  ? __local_bh_disable_ip+0x3c/0x420
[  545.945958][    C1]  handle_softirqs+0x1df/0x650
[  545.945985][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  545.946114][    C1]  run_ktimerd+0x69/0x100
[  545.946142][    C1]  smpboot_thread_fn+0x542/0xa60
[  545.946167][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  545.946196][    C1]  kthread+0x711/0x8a0
[  545.946224][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  545.946248][    C1]  ? __pfx_kthread+0x10/0x10
[  545.946273][    C1]  ? rt_spin_unlock+0x150/0x200
[  545.946302][    C1]  ? rt_spin_unlock+0x161/0x200
[  545.946326][    C1]  ? __pfx_kthread+0x10/0x10
[  545.946354][    C1]  ret_from_fork+0x510/0xa50
[  545.946376][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  545.946395][    C1]  ? __switch_to+0xc9e/0x1480
[  545.946427][    C1]  ? __pfx_kthread+0x10/0x10
[  545.946455][    C1]  ret_from_fork_asm+0x1a/0x30
[  545.946493][    C1]  </TASK>
[  546.336012][   T39] Kernel panic - not syncing: hung_task: blocked tasks
[  546.336048][   T39] CPU: 0 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  546.336074][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  546.336090][   T39] Call Trace:
[  546.336099][   T39]  <TASK>
[  546.336109][   T39]  vpanic+0x1e0/0x670
[  546.336150][   T39]  panic+0xb9/0xc0
[  546.336181][   T39]  ? __pfx_panic+0x10/0x10
[  546.336215][   T39]  ? preempt_schedule_thunk+0x16/0x30
[  546.336247][   T39]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  546.336283][   T39]  watchdog+0xfdf/0xfe0
[  546.336315][   T39]  ? watchdog+0x20a/0xfe0
[  546.336348][   T39]  kthread+0x711/0x8a0
[  546.336384][   T39]  ? __pfx_watchdog+0x10/0x10
[  546.336408][   T39]  ? __pfx_kthread+0x10/0x10
[  546.336437][   T39]  ? rt_spin_unlock+0x150/0x200
[  546.336472][   T39]  ? rt_spin_unlock+0x161/0x200
[  546.336502][   T39]  ? __pfx_kthread+0x10/0x10
[  546.336536][   T39]  ret_from_fork+0x510/0xa50
[  546.336563][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[  546.336586][   T39]  ? __switch_to+0xc9e/0x1480
[  546.336625][   T39]  ? __pfx_kthread+0x10/0x10
[  546.336659][   T39]  ret_from_fork_asm+0x1a/0x30
[  546.336710][   T39]  </TASK>
[  546.337332][   T39] Kernel Offset: disabled