last executing test programs:

2m3.936311366s ago: executing program 0 (id=2704):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000040000a20000000000a03000000000000000000010000000900010073797a300000000048000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800024000000000080001400000000008000740000000015c000000160a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380040001"], 0xec}}, 0x0)

2m3.811907034s ago: executing program 0 (id=2706):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000004c0)="0f064b0fc71ac441e012e9c4427d257c6402c423f978f50066baf80cb81c07da87ef66bafc0cecf342a60f00d6c7442400f5ff0000c744240203000000c7442406000000000f011424c4415f5c9297e5ffff", 0x52}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0xfffffffffffffcfd}, "00000000000000000000000000000000000000000000000000000000000000001900"})

2m3.655944419s ago: executing program 0 (id=2709):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'nicvf0\x00', {0x2, 0x0, @loopback}})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r3=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000100)={&(0x7f00000000c0)="0c9864aa8d037692d279a6f384ecbaf6ae914d64ddf246638fe122cae3089aeaec374740cae602023e41da711bba33913cb8b043", 0x34})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf411119ed9bebbbd, 0xa0011, r5, 0x52fbb000)
ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f0000001180)={[0x6, 0x1, 0x49d6069d, 0x3f5, 0x2, 0x0, 0x5, 0x3, 0x3df, 0x1, 0x4, 0x4, 0xe, 0x1000, 0x0, 0x2, 0x4, 0x6, 0xffff, 0x1, 0xd, 0xb, 0x9, 0x3, 0x75d6, 0x3, 0x4, 0xffff, 0x10001, 0x0, 0x553, 0x3, 0x7, 0xda, 0x1, 0x0, 0xfffffffa, 0x0, 0xa, 0x2, 0x8, 0xffffffff, 0xffff2cd5, 0x3, 0xf, 0x8, 0x3, 0xbc1, 0x1, 0x0, 0x5620, 0x7, 0xa4b, 0xffff, 0x5, 0x9, 0x2, 0x4, 0x8000, 0x4, 0x400, 0x6, 0x4a, 0x3, 0x401, 0x0, 0x80000000, 0x62, 0xfff, 0x6, 0x8, 0x800000, 0x5, 0x1, 0x3, 0xc, 0x900, 0x9, 0xfffff801, 0xd14, 0xffffffff, 0x7f, 0x9, 0x7, 0x6, 0x7, 0x5, 0x5, 0x1, 0xfab7, 0x4, 0x8, 0x8, 0x5ab6, 0x80000000, 0x0, 0x99, 0x5, 0x9, 0x1ff, 0x6, 0x80, 0x915f, 0x1, 0xdcde, 0x2, 0x450, 0x2, 0x1, 0x8, 0x1, 0x0, 0x9, 0x6, 0x9, 0xfff00000, 0x0, 0x4, 0x4, 0x9, 0x7, 0x2dec, 0x2, 0x8073, 0x6, 0xa, 0x2, 0xfffffff9, 0x0, 0x7d3, 0x4, 0x1, 0x80000000, 0x4, 0xe, 0xe, 0x0, 0x6, 0x7fffffff, 0x9, 0x6, 0xfffffff3, 0x40, 0xee, 0xadb, 0x5, 0x2, 0xa00, 0xd13, 0x55de, 0x8, 0x2, 0x0, 0x4, 0x6bbe, 0xb18, 0x6, 0x800, 0x8, 0x8, 0xda3f, 0xaf, 0x4, 0x2, 0x100, 0x80, 0x7, 0x5, 0x4, 0x2, 0x80000001, 0x400, 0xffff2826, 0x9, 0x7, 0x2, 0x487f4171, 0x3, 0x5, 0x800, 0x80000000, 0x7, 0x4, 0x871, 0x50, 0x0, 0xff, 0x0, 0x7, 0x5, 0x1, 0x10000, 0xfffffffe, 0x5, 0x2, 0xb0, 0xfffffff5, 0x319, 0x2392, 0xbfd, 0x7, 0x80, 0x13, 0x6, 0x448, 0xeb48, 0x6, 0x5, 0x6c, 0x100, 0x80, 0x4, 0x5, 0x0, 0xe3a1, 0xffff, 0x17f, 0x4, 0x2, 0x6, 0x32c, 0x1000, 0x5, 0x4, 0xfffffff0, 0x3, 0x6, 0x7, 0x8, 0x9, 0x10, 0x6, 0x9, 0x915e, 0x7, 0x7, 0x738d, 0x10, 0x7, 0x1, 0xf, 0x7446, 0xfffffff9, 0x1, 0x7, 0xfffffff8, 0x9, 0xff, 0x0, 0x3, 0xe5, 0x2e2, 0x26210000, 0x3, 0x9, 0x40, 0xe, 0x7fffffff, 0x1, 0x4, 0x1, 0x75ee915a, 0x0, 0x1, 0x6, 0xa8ba, 0x0, 0x2, 0x5, 0x6, 0x7fff, 0x7ff, 0x4, 0x565, 0x80000000, 0x81, 0x7, 0xc, 0x0, 0xffffffff, 0x10, 0x2, 0xe, 0x5, 0x3, 0x8, 0x6, 0x9, 0x7, 0x2, 0x2, 0x3, 0x8, 0x6, 0x9, 0xb, 0x3, 0xb58d, 0x4, 0xfffffff8, 0xa9, 0x4, 0x9, 0xffff0000, 0x8, 0x7, 0x9, 0xfffffffa, 0x1, 0x7, 0x1, 0x7fffffff, 0x5, 0x8, 0x7b, 0xf, 0xc, 0xb08f, 0x5, 0x7ff, 0x2, 0xcaab, 0x9, 0x5, 0x7ff, 0x9, 0x3, 0x6, 0xffffff01, 0xd12, 0x3, 0x8, 0x6, 0x400, 0x3, 0x7, 0xa935, 0x300000, 0xa3, 0xc, 0x5, 0x5, 0x7ff, 0x7, 0x10000, 0x2, 0x8, 0x10001, 0x3ff, 0x3, 0x3, 0x3, 0x66a, 0x3, 0xff, 0x1ff, 0x6, 0x6, 0x6, 0x2, 0x80, 0x0, 0x8, 0x88c, 0x56c, 0x7, 0x98, 0x5, 0x2, 0x8, 0x8, 0x1, 0x7ff, 0x0, 0x5a3c, 0x7fffffff, 0x7, 0x9c, 0x1ff, 0xa00000, 0xffff, 0xd, 0xc6ea, 0xfff, 0x7ff, 0xc594, 0x3, 0x18, 0xa, 0x726c, 0x8, 0x3, 0xd71, 0xc, 0x9, 0x8, 0x2, 0x5, 0x0, 0x10, 0x0, 0xb9, 0x4, 0x9, 0xfff, 0x12, 0x7fff, 0x9, 0x8, 0x7fff, 0x9, 0xb4b, 0x6, 0x1, 0xa312, 0x553, 0x1, 0x0, 0xfffffffc, 0x2, 0xf, 0xe, 0x1, 0x3, 0x48, 0xf2, 0xa28, 0x4, 0xb3c, 0x4, 0xfffffffe, 0xf726, 0x0, 0x4, 0x80000000, 0x1, 0x8, 0xf4, 0x9, 0x2, 0x3, 0x8, 0x4, 0xfffffffe, 0x7, 0x7, 0x48, 0xf, 0xbab, 0xfffffe00, 0x2, 0x7fffffff, 0xfffffffc, 0x10000, 0x4, 0x36c, 0x1, 0x100, 0x3, 0x101, 0x7, 0x0, 0x6, 0x2, 0x5, 0x1, 0x800000, 0x4, 0x5, 0x100, 0x1000, 0x9, 0xde5c, 0x200, 0x80000001, 0xff, 0x0, 0xd, 0x4, 0x0, 0x7cbe8276, 0x3d4, 0x186, 0x1, 0x4, 0x6, 0xfffffffa, 0x1, 0xa000, 0x8, 0x3ad3125e, 0xfffff491, 0x81, 0x2, 0xffffff01, 0x800, 0x3ff, 0x39ae, 0xdf3, 0xe1d2, 0xffffee22, 0x1, 0x1000, 0x1a2f91b4, 0x6, 0x8, 0xfb3, 0x8, 0x3, 0x8, 0xc, 0x1, 0x152, 0xfffffff9, 0x2a, 0x5, 0xfff, 0x7fffffff, 0x4, 0x3000, 0x9, 0x8, 0x7fff, 0x10, 0x3, 0x8, 0x10, 0x57, 0xf, 0x8, 0x2, 0xff, 0xe1, 0xa9, 0x8, 0x8, 0x8c, 0x69e8, 0x130a, 0x4, 0x9, 0x80, 0x2, 0x8, 0x9, 0xfff, 0x7fff, 0x10000, 0x7ff80, 0x8, 0x2, 0x4, 0x90000000, 0x1, 0x7, 0xfffffffd, 0xa12, 0x7, 0xea8, 0x5bf8, 0x2, 0x6ab, 0x3, 0xf, 0xffff, 0x1, 0xfffffffb, 0x80000001, 0x80000001, 0x5, 0x0, 0x78, 0x8, 0x0, 0x0, 0x8001, 0x1, 0x6, 0x4, 0x7, 0x6, 0x400, 0x1, 0xb72, 0x0, 0x4800, 0xdd7f, 0x7, 0x6, 0x9, 0xe, 0x95f, 0x1ff, 0xe5, 0x37ae, 0x0, 0xa92, 0x4, 0x5, 0x9, 0x1, 0x6, 0x2, 0x3ff, 0x3b, 0xb, 0x4, 0x1, 0x12e7, 0x2, 0x10001, 0x7, 0xc5, 0x6, 0x5, 0x1, 0x1, 0x7fffffff, 0x5, 0xa1, 0xffffffff, 0x1, 0x1, 0x743, 0x1, 0x7, 0xffffe9fb, 0xb, 0x7, 0x1, 0x0, 0x100, 0xfffffff7, 0x0, 0x7ff, 0x1, 0x6, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1, 0x9, 0x5, 0x10001, 0x3, 0x8, 0x4, 0x3, 0xb4, 0x80000001, 0x1, 0xbe8b, 0x0, 0x9, 0x3, 0x81, 0x3, 0xdf8, 0x4, 0x71, 0x3, 0x3, 0x9, 0x4edc, 0x100, 0x8, 0x0, 0x2, 0x10, 0x8, 0x7, 0x7f, 0xa58, 0x6, 0x81, 0xfffffffa, 0x3, 0xff, 0xfffff000, 0x1237, 0x71a66a2a, 0x6, 0x1, 0x1, 0xcf0c, 0x4, 0x81, 0xff, 0x1, 0x698fdd79, 0xfffffffc, 0x8, 0x6, 0x7, 0x7f9a, 0x0, 0x0, 0x3, 0x6f5, 0xa, 0x6, 0xfffffffd, 0x2, 0x3, 0xffffffff, 0xfffffff3, 0x3, 0x6, 0x0, 0x200, 0x3cf5dd3d, 0x7, 0x1, 0xa, 0x200, 0x200, 0x92fe25b, 0xc, 0x1, 0x9, 0x81, 0x7, 0x7, 0x1000, 0xc651, 0xf, 0x3, 0x8, 0x6, 0x0, 0x0, 0x7fffffff, 0xffffffff, 0xffffffff, 0x5, 0xd02, 0x2, 0x7, 0x10001, 0x0, 0x9, 0x7, 0xfffffffb, 0x64e, 0x4403c5ae, 0xc, 0xfffffffc, 0x0, 0x3, 0x7f, 0x1, 0x4, 0x1, 0xfffffff6, 0x516, 0x5, 0x2, 0x200, 0xc3, 0x2b1c, 0x6, 0x4, 0x0, 0x81, 0x5, 0x6fa, 0x6, 0x2, 0x80000000, 0x6e7, 0x7f, 0x7, 0x8, 0xfffffff9, 0x3, 0x7f, 0x10000, 0x3, 0x6, 0x37, 0x89, 0x2, 0x2, 0x89a, 0xb, 0x80000000, 0x4, 0x10, 0x6, 0x1, 0x0, 0x5, 0xf8d9, 0x5, 0x2, 0x2, 0x9, 0x2, 0xb8, 0x74e2, 0x2, 0x3ff, 0x1, 0x9, 0x2, 0x1, 0x7, 0x2, 0x0, 0x8, 0x1000, 0x2, 0x6, 0x1, 0x8, 0x7, 0x3, 0x7, 0x7, 0xf, 0x7ff, 0xffffffc6, 0x9, 0xcc9, 0x7, 0x5, 0xb0, 0xe4, 0x5, 0x80000001, 0xc410, 0x8000, 0x7fffffff, 0x3, 0x6, 0x1c000000, 0x101, 0x79, 0xfffffffb, 0x3, 0x1, 0xff, 0x6, 0x81, 0xfffffffc, 0x6, 0x30000, 0x6, 0x7, 0x6, 0x8, 0xc0e1, 0x5, 0x3, 0x6f, 0x5, 0x5, 0x800, 0x1, 0x80000000, 0x8, 0x81, 0x2, 0x9, 0x0, 0x7a8, 0x8e, 0x4, 0x1356, 0x3, 0x80000000, 0x8, 0x7, 0x81, 0x8, 0x1, 0x0, 0x5, 0xa, 0x1d, 0xa22, 0x5, 0xffffffc5, 0xc, 0xa, 0x7, 0x81, 0x2d063505, 0x223, 0xd7, 0x80000001, 0x5, 0xff, 0x4800000, 0x80000000, 0x8001, 0x8, 0x10, 0x9, 0x200, 0x5, 0xfffffffa, 0xd093, 0x3, 0x1, 0x3, 0x5, 0x5, 0x5, 0x589c1fd7, 0xd0f, 0x4, 0x0, 0xb55d, 0x920, 0x7f, 0x3ff, 0x4, 0x7, 0xfffffffd, 0x9, 0x0, 0xe, 0x3ff, 0x0, 0x5, 0x1, 0xffff4bfc, 0x1, 0x10001, 0xfe05, 0x5, 0x79, 0x1000, 0x9, 0x10000, 0xf8b9, 0x4, 0x3832, 0x1, 0xd, 0x81, 0x8, 0x5, 0xbd, 0x4, 0x800, 0x5, 0x826, 0xffffed29, 0x7f, 0x60b8, 0x200, 0x7, 0x6, 0x9, 0x101, 0x0, 0xfffffff8, 0x8, 0x8, 0x401, 0x5, 0x4d800000, 0xa44, 0x3, 0x6, 0xc00, 0x5, 0x2, 0x0, 0x3, 0x200, 0x1fc000, 0x3, 0x3, 0x5, 0x2, 0x8, 0xd, 0x1, 0x80000000, 0xbd1a, 0x0, 0x1, 0xfc4, 0x3, 0xfb1c, 0x42, 0x0, 0x400, 0x7, 0x8d7, 0xd, 0xfffffff9, 0x1, 0xc27a, 0x2, 0x5, 0x5, 0x101, 0x7, 0x0, 0x5, 0x7f, 0x2, 0x8, 0x8, 0x4, 0x8, 0x4, 0x7, 0x9, 0x1, 0x3, 0x3ff, 0x4b6, 0x9, 0x9, 0x3, 0x0, 0x5]})
socket$inet_sctp(0x2, 0x1, 0x84) (async)
ioctl$sock_inet_SIOCGIFDSTADDR(r0, 0x8917, &(0x7f0000000000)={'nicvf0\x00', {0x2, 0x0, @loopback}}) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)) (async)
ioctl$DRM_IOCTL_MODE_CREATEPROPBLOB(r3, 0xc01064bd, &(0x7f0000000100)={&(0x7f00000000c0)="0c9864aa8d037692d279a6f384ecbaf6ae914d64ddf246638fe122cae3089aeaec374740cae602023e41da711bba33913cb8b043", 0x34}) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x60a00, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf411119ed9bebbbd, 0xa0011, r5, 0x52fbb000) (async)
ioctl$KVM_SET_XSAVE(r4, 0x5000aea5, &(0x7f0000001180)={[0x6, 0x1, 0x49d6069d, 0x3f5, 0x2, 0x0, 0x5, 0x3, 0x3df, 0x1, 0x4, 0x4, 0xe, 0x1000, 0x0, 0x2, 0x4, 0x6, 0xffff, 0x1, 0xd, 0xb, 0x9, 0x3, 0x75d6, 0x3, 0x4, 0xffff, 0x10001, 0x0, 0x553, 0x3, 0x7, 0xda, 0x1, 0x0, 0xfffffffa, 0x0, 0xa, 0x2, 0x8, 0xffffffff, 0xffff2cd5, 0x3, 0xf, 0x8, 0x3, 0xbc1, 0x1, 0x0, 0x5620, 0x7, 0xa4b, 0xffff, 0x5, 0x9, 0x2, 0x4, 0x8000, 0x4, 0x400, 0x6, 0x4a, 0x3, 0x401, 0x0, 0x80000000, 0x62, 0xfff, 0x6, 0x8, 0x800000, 0x5, 0x1, 0x3, 0xc, 0x900, 0x9, 0xfffff801, 0xd14, 0xffffffff, 0x7f, 0x9, 0x7, 0x6, 0x7, 0x5, 0x5, 0x1, 0xfab7, 0x4, 0x8, 0x8, 0x5ab6, 0x80000000, 0x0, 0x99, 0x5, 0x9, 0x1ff, 0x6, 0x80, 0x915f, 0x1, 0xdcde, 0x2, 0x450, 0x2, 0x1, 0x8, 0x1, 0x0, 0x9, 0x6, 0x9, 0xfff00000, 0x0, 0x4, 0x4, 0x9, 0x7, 0x2dec, 0x2, 0x8073, 0x6, 0xa, 0x2, 0xfffffff9, 0x0, 0x7d3, 0x4, 0x1, 0x80000000, 0x4, 0xe, 0xe, 0x0, 0x6, 0x7fffffff, 0x9, 0x6, 0xfffffff3, 0x40, 0xee, 0xadb, 0x5, 0x2, 0xa00, 0xd13, 0x55de, 0x8, 0x2, 0x0, 0x4, 0x6bbe, 0xb18, 0x6, 0x800, 0x8, 0x8, 0xda3f, 0xaf, 0x4, 0x2, 0x100, 0x80, 0x7, 0x5, 0x4, 0x2, 0x80000001, 0x400, 0xffff2826, 0x9, 0x7, 0x2, 0x487f4171, 0x3, 0x5, 0x800, 0x80000000, 0x7, 0x4, 0x871, 0x50, 0x0, 0xff, 0x0, 0x7, 0x5, 0x1, 0x10000, 0xfffffffe, 0x5, 0x2, 0xb0, 0xfffffff5, 0x319, 0x2392, 0xbfd, 0x7, 0x80, 0x13, 0x6, 0x448, 0xeb48, 0x6, 0x5, 0x6c, 0x100, 0x80, 0x4, 0x5, 0x0, 0xe3a1, 0xffff, 0x17f, 0x4, 0x2, 0x6, 0x32c, 0x1000, 0x5, 0x4, 0xfffffff0, 0x3, 0x6, 0x7, 0x8, 0x9, 0x10, 0x6, 0x9, 0x915e, 0x7, 0x7, 0x738d, 0x10, 0x7, 0x1, 0xf, 0x7446, 0xfffffff9, 0x1, 0x7, 0xfffffff8, 0x9, 0xff, 0x0, 0x3, 0xe5, 0x2e2, 0x26210000, 0x3, 0x9, 0x40, 0xe, 0x7fffffff, 0x1, 0x4, 0x1, 0x75ee915a, 0x0, 0x1, 0x6, 0xa8ba, 0x0, 0x2, 0x5, 0x6, 0x7fff, 0x7ff, 0x4, 0x565, 0x80000000, 0x81, 0x7, 0xc, 0x0, 0xffffffff, 0x10, 0x2, 0xe, 0x5, 0x3, 0x8, 0x6, 0x9, 0x7, 0x2, 0x2, 0x3, 0x8, 0x6, 0x9, 0xb, 0x3, 0xb58d, 0x4, 0xfffffff8, 0xa9, 0x4, 0x9, 0xffff0000, 0x8, 0x7, 0x9, 0xfffffffa, 0x1, 0x7, 0x1, 0x7fffffff, 0x5, 0x8, 0x7b, 0xf, 0xc, 0xb08f, 0x5, 0x7ff, 0x2, 0xcaab, 0x9, 0x5, 0x7ff, 0x9, 0x3, 0x6, 0xffffff01, 0xd12, 0x3, 0x8, 0x6, 0x400, 0x3, 0x7, 0xa935, 0x300000, 0xa3, 0xc, 0x5, 0x5, 0x7ff, 0x7, 0x10000, 0x2, 0x8, 0x10001, 0x3ff, 0x3, 0x3, 0x3, 0x66a, 0x3, 0xff, 0x1ff, 0x6, 0x6, 0x6, 0x2, 0x80, 0x0, 0x8, 0x88c, 0x56c, 0x7, 0x98, 0x5, 0x2, 0x8, 0x8, 0x1, 0x7ff, 0x0, 0x5a3c, 0x7fffffff, 0x7, 0x9c, 0x1ff, 0xa00000, 0xffff, 0xd, 0xc6ea, 0xfff, 0x7ff, 0xc594, 0x3, 0x18, 0xa, 0x726c, 0x8, 0x3, 0xd71, 0xc, 0x9, 0x8, 0x2, 0x5, 0x0, 0x10, 0x0, 0xb9, 0x4, 0x9, 0xfff, 0x12, 0x7fff, 0x9, 0x8, 0x7fff, 0x9, 0xb4b, 0x6, 0x1, 0xa312, 0x553, 0x1, 0x0, 0xfffffffc, 0x2, 0xf, 0xe, 0x1, 0x3, 0x48, 0xf2, 0xa28, 0x4, 0xb3c, 0x4, 0xfffffffe, 0xf726, 0x0, 0x4, 0x80000000, 0x1, 0x8, 0xf4, 0x9, 0x2, 0x3, 0x8, 0x4, 0xfffffffe, 0x7, 0x7, 0x48, 0xf, 0xbab, 0xfffffe00, 0x2, 0x7fffffff, 0xfffffffc, 0x10000, 0x4, 0x36c, 0x1, 0x100, 0x3, 0x101, 0x7, 0x0, 0x6, 0x2, 0x5, 0x1, 0x800000, 0x4, 0x5, 0x100, 0x1000, 0x9, 0xde5c, 0x200, 0x80000001, 0xff, 0x0, 0xd, 0x4, 0x0, 0x7cbe8276, 0x3d4, 0x186, 0x1, 0x4, 0x6, 0xfffffffa, 0x1, 0xa000, 0x8, 0x3ad3125e, 0xfffff491, 0x81, 0x2, 0xffffff01, 0x800, 0x3ff, 0x39ae, 0xdf3, 0xe1d2, 0xffffee22, 0x1, 0x1000, 0x1a2f91b4, 0x6, 0x8, 0xfb3, 0x8, 0x3, 0x8, 0xc, 0x1, 0x152, 0xfffffff9, 0x2a, 0x5, 0xfff, 0x7fffffff, 0x4, 0x3000, 0x9, 0x8, 0x7fff, 0x10, 0x3, 0x8, 0x10, 0x57, 0xf, 0x8, 0x2, 0xff, 0xe1, 0xa9, 0x8, 0x8, 0x8c, 0x69e8, 0x130a, 0x4, 0x9, 0x80, 0x2, 0x8, 0x9, 0xfff, 0x7fff, 0x10000, 0x7ff80, 0x8, 0x2, 0x4, 0x90000000, 0x1, 0x7, 0xfffffffd, 0xa12, 0x7, 0xea8, 0x5bf8, 0x2, 0x6ab, 0x3, 0xf, 0xffff, 0x1, 0xfffffffb, 0x80000001, 0x80000001, 0x5, 0x0, 0x78, 0x8, 0x0, 0x0, 0x8001, 0x1, 0x6, 0x4, 0x7, 0x6, 0x400, 0x1, 0xb72, 0x0, 0x4800, 0xdd7f, 0x7, 0x6, 0x9, 0xe, 0x95f, 0x1ff, 0xe5, 0x37ae, 0x0, 0xa92, 0x4, 0x5, 0x9, 0x1, 0x6, 0x2, 0x3ff, 0x3b, 0xb, 0x4, 0x1, 0x12e7, 0x2, 0x10001, 0x7, 0xc5, 0x6, 0x5, 0x1, 0x1, 0x7fffffff, 0x5, 0xa1, 0xffffffff, 0x1, 0x1, 0x743, 0x1, 0x7, 0xffffe9fb, 0xb, 0x7, 0x1, 0x0, 0x100, 0xfffffff7, 0x0, 0x7ff, 0x1, 0x6, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1, 0x9, 0x5, 0x10001, 0x3, 0x8, 0x4, 0x3, 0xb4, 0x80000001, 0x1, 0xbe8b, 0x0, 0x9, 0x3, 0x81, 0x3, 0xdf8, 0x4, 0x71, 0x3, 0x3, 0x9, 0x4edc, 0x100, 0x8, 0x0, 0x2, 0x10, 0x8, 0x7, 0x7f, 0xa58, 0x6, 0x81, 0xfffffffa, 0x3, 0xff, 0xfffff000, 0x1237, 0x71a66a2a, 0x6, 0x1, 0x1, 0xcf0c, 0x4, 0x81, 0xff, 0x1, 0x698fdd79, 0xfffffffc, 0x8, 0x6, 0x7, 0x7f9a, 0x0, 0x0, 0x3, 0x6f5, 0xa, 0x6, 0xfffffffd, 0x2, 0x3, 0xffffffff, 0xfffffff3, 0x3, 0x6, 0x0, 0x200, 0x3cf5dd3d, 0x7, 0x1, 0xa, 0x200, 0x200, 0x92fe25b, 0xc, 0x1, 0x9, 0x81, 0x7, 0x7, 0x1000, 0xc651, 0xf, 0x3, 0x8, 0x6, 0x0, 0x0, 0x7fffffff, 0xffffffff, 0xffffffff, 0x5, 0xd02, 0x2, 0x7, 0x10001, 0x0, 0x9, 0x7, 0xfffffffb, 0x64e, 0x4403c5ae, 0xc, 0xfffffffc, 0x0, 0x3, 0x7f, 0x1, 0x4, 0x1, 0xfffffff6, 0x516, 0x5, 0x2, 0x200, 0xc3, 0x2b1c, 0x6, 0x4, 0x0, 0x81, 0x5, 0x6fa, 0x6, 0x2, 0x80000000, 0x6e7, 0x7f, 0x7, 0x8, 0xfffffff9, 0x3, 0x7f, 0x10000, 0x3, 0x6, 0x37, 0x89, 0x2, 0x2, 0x89a, 0xb, 0x80000000, 0x4, 0x10, 0x6, 0x1, 0x0, 0x5, 0xf8d9, 0x5, 0x2, 0x2, 0x9, 0x2, 0xb8, 0x74e2, 0x2, 0x3ff, 0x1, 0x9, 0x2, 0x1, 0x7, 0x2, 0x0, 0x8, 0x1000, 0x2, 0x6, 0x1, 0x8, 0x7, 0x3, 0x7, 0x7, 0xf, 0x7ff, 0xffffffc6, 0x9, 0xcc9, 0x7, 0x5, 0xb0, 0xe4, 0x5, 0x80000001, 0xc410, 0x8000, 0x7fffffff, 0x3, 0x6, 0x1c000000, 0x101, 0x79, 0xfffffffb, 0x3, 0x1, 0xff, 0x6, 0x81, 0xfffffffc, 0x6, 0x30000, 0x6, 0x7, 0x6, 0x8, 0xc0e1, 0x5, 0x3, 0x6f, 0x5, 0x5, 0x800, 0x1, 0x80000000, 0x8, 0x81, 0x2, 0x9, 0x0, 0x7a8, 0x8e, 0x4, 0x1356, 0x3, 0x80000000, 0x8, 0x7, 0x81, 0x8, 0x1, 0x0, 0x5, 0xa, 0x1d, 0xa22, 0x5, 0xffffffc5, 0xc, 0xa, 0x7, 0x81, 0x2d063505, 0x223, 0xd7, 0x80000001, 0x5, 0xff, 0x4800000, 0x80000000, 0x8001, 0x8, 0x10, 0x9, 0x200, 0x5, 0xfffffffa, 0xd093, 0x3, 0x1, 0x3, 0x5, 0x5, 0x5, 0x589c1fd7, 0xd0f, 0x4, 0x0, 0xb55d, 0x920, 0x7f, 0x3ff, 0x4, 0x7, 0xfffffffd, 0x9, 0x0, 0xe, 0x3ff, 0x0, 0x5, 0x1, 0xffff4bfc, 0x1, 0x10001, 0xfe05, 0x5, 0x79, 0x1000, 0x9, 0x10000, 0xf8b9, 0x4, 0x3832, 0x1, 0xd, 0x81, 0x8, 0x5, 0xbd, 0x4, 0x800, 0x5, 0x826, 0xffffed29, 0x7f, 0x60b8, 0x200, 0x7, 0x6, 0x9, 0x101, 0x0, 0xfffffff8, 0x8, 0x8, 0x401, 0x5, 0x4d800000, 0xa44, 0x3, 0x6, 0xc00, 0x5, 0x2, 0x0, 0x3, 0x200, 0x1fc000, 0x3, 0x3, 0x5, 0x2, 0x8, 0xd, 0x1, 0x80000000, 0xbd1a, 0x0, 0x1, 0xfc4, 0x3, 0xfb1c, 0x42, 0x0, 0x400, 0x7, 0x8d7, 0xd, 0xfffffff9, 0x1, 0xc27a, 0x2, 0x5, 0x5, 0x101, 0x7, 0x0, 0x5, 0x7f, 0x2, 0x8, 0x8, 0x4, 0x8, 0x4, 0x7, 0x9, 0x1, 0x3, 0x3ff, 0x4b6, 0x9, 0x9, 0x3, 0x0, 0x5]}) (async)

2m3.326975987s ago: executing program 0 (id=2712):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000000)="d80000001000810468f70082db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94000534cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1, 0x0, 0x0, 0x900}, 0x20000000)

2m3.195849447s ago: executing program 0 (id=2713):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000180), 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000000000000f47"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000002c0), 0x12080, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0xa2465)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x1c, 0x0, 0x1, 0x70bd28, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40089}, 0x8004)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8b24, &(0x7f0000000000)={'wlan1\x00'})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
landlock_create_ruleset(&(0x7f00000000c0)={0x100, 0x0, 0x7}, 0x18, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f0000000100)="e015425c", 0x4}], 0x1, 0x2, 0x6, 0x5)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0x45c5, 0xc595, 0x7, 0x2, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0xc], 0x8000000, 0x2010d3})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
connect$802154_dgram(0xffffffffffffffff, &(0x7f0000000100), 0x14)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x1000040, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = open(&(0x7f0000000000)='.\x00', 0x2000, 0x20)
mkdirat(0xffffffffffffff9c, &(0x7f0000000740)='./file0\x00', 0x271)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='system.posix_acl_access\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="020000000100000000000000040000000000000008000000", @ANYRES32=0x0, @ANYBLOB="100000000000000020"], 0x2c, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x40049366, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
creat(&(0x7f0000000140)='./file0\x00', 0x71)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='hfsplus\x00', 0x208083, 0x0)

2m2.369133272s ago: executing program 0 (id=2715):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001403060002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)

1m46.792975002s ago: executing program 32 (id=2715):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000003000000400001802c0004001403060002000000ac1414aa00000000000000001400020002000000e000000200000000000004000d0001007564703a73"], 0x54}, 0x1, 0x0, 0x0, 0x40}, 0x0)

1m40.483965611s ago: executing program 1 (id=2852):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a20000000000a03000000000000000000010000000900010073797a300000000048000000160a01020000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800024000000000080001400000000008000740000000015c000000160a01010000000000000000010000000900020073797a30000000000900010073797a3000000000300003802c000380040001"], 0xec}}, 0x0)

1m40.483780062s ago: executing program 1 (id=2853):
syz_emit_vhci(&(0x7f0000002580)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x0, 0x12}, @l2cap_cid_le_signaling={{0xe}, @l2cap_le_conn_req={{0x14, 0x5, 0xa}, {0xfff, 0x0, 0x8, 0x2, 0x6}}}}, 0x17)

1m40.454459786s ago: executing program 1 (id=2855):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xd}})
write$tun(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="034886dd010000000000140000006016000003082f00fe88a43de1a4000000000000fff57d01ff0200000000000000000000000000010000883e"], 0xfdef)

1m40.345042501s ago: executing program 1 (id=2856):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x13, r1, 0x2000)
madvise(&(0x7f000009e000/0x3000)=nil, 0x3000, 0x9)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ioctl$VHOST_VDPA_GET_IOVA_RANGE(r1, 0x8010af78, &(0x7f0000000100))
accept4$unix(0xffffffffffffffff, 0x0, &(0x7f00000000c0), 0x800)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x60, 0x1403, 0x100, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'nicvf0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'macvtap0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x48014}, 0x400c4)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x32, 0xffffffffffffffff, 0x2ec37000)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
add_key(&(0x7f00000000c0)='pkcs7_test\x00', 0x0, &(0x7f0000000200)="100c0608266be7d06c91b62300e9", 0xe, 0xfffffffffffffffc)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000c00000/0x400000)=nil)
ptrace$poke(0x5, r2, &(0x7f0000000000), 0x8)
preadv(r0, &(0x7f0000000080)=[{&(0x7f0000000280)=""/212, 0xfffffed3}], 0x1, 0xffeffffb, 0x1007)

1m40.142391605s ago: executing program 1 (id=2858):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000600c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c0003"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m39.864277758s ago: executing program 1 (id=2863):
syz_emit_vhci(0x0, 0x0)

1m39.620294398s ago: executing program 33 (id=2863):
syz_emit_vhci(0x0, 0x0)

5.683809606s ago: executing program 3 (id=3662):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="000086dd000012000000d8a9000060fc080000002c00fe8000000000000000000000000000aaff020000000000000000000000000001"], 0x7a)
r3 = syz_usb_connect(0x0, 0x48, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000022546940fa0ae803d099010203010902360001"], 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x79, 0x11, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="400e0b000000050d33"], 0x0, 0x0, 0x0, 0x0}, 0x0)
name_to_handle_at(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
syz_usb_ep_write(r3, 0xb, 0xac, &(0x7f0000000380)="15d39c4770b9001014ca06acff7e63f578baf6d389ffb9b75501f31b43c8fd79ce4ce8bac90e0e3f65298f0315272a925907ed40c2a6d3d479a8b3ce6c59f9ad3f12d1bcb5ba53b52606e380e903934224258100b6d26cc31305589acb7f43003d7f8f4528a023d2febfb38ad60e6181fa3a90c705bde77866a0d3219f026c2479003be3a85fb7fe966f90376dc81382dd6297311ee965eda35ae05448e57c5263c4d902f486b8103be34c10")
syz_usb_control_io$uac1(r3, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r8=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r6, 0x84, 0x10, &(0x7f0000000080)=@assoc_value={r8, 0x9}, 0x8)
socket$inet_tcp(0x2, 0x1, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r12 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r12, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f00000000c0)={0x2, 0x3, 0x0, 0x9, 0x2}, 0x10}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f0000000080)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r10], 0x3c}}, 0x10)

4.57361872s ago: executing program 2 (id=3670):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

4.51917651s ago: executing program 2 (id=3671):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000018000000000a0000060900020073797a31000000000900010073797a31000000001c0003"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

4.427829458s ago: executing program 2 (id=3672):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0xe7, 0x2, 0xff, 0x7, "ea71061d0000000001000200", 0x0, 0x80})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0)=0xa)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000009b80)={0x3c, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
ioprio_set$pid(0x1, 0x0, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
sendfile(r2, r2, 0x0, 0x7ffff000)

3.541069447s ago: executing program 2 (id=3682):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x7ffff000)
socket$can_bcm(0x1d, 0x2, 0x2)
r1 = syz_open_dev$video(&(0x7f0000000040), 0x7, 0x0)
ioctl$VIDIOC_G_AUDIO(r1, 0x80345621, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="04050400c90001f1e12bf8e0b865b0e351e98eb72d692f8b164cf3cb3c479088b87def2d8114cf7b36e85fb0fd30cedeb7b4c305a4b59c7a02bf9db48df56053c40cb4a8a6c96aab55c33c23268bc15b54f142b86b4c59424af913d908899e757485e777bc5fe0bd71c4631d5ff6"], 0x7)
r2 = syz_usb_connect$cdc_ncm(0x4, 0x85, &(0x7f0000000200)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x73, 0x2, 0x1, 0x0, 0x90, 0xc, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, "1e"}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x8, 0x3, 0xecbd, 0xfd}, {0x6, 0x24, 0x1a, 0x8, 0x3}, [@obex={0x5, 0x24, 0x15, 0x1a0}, @mbim={0xc, 0x24, 0x1b, 0x1ff, 0x3, 0x4, 0x0, 0x5, 0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x0, 0xb}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0xfe, 0x39}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0xe0, 0x6, 0x4}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x10, 0x7, 0x8}}}}}}}]}}, &(0x7f0000000380)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x110, 0xbf, 0x0, 0x3, 0x20, 0x8}, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="050f0c1d010710020400799b9787031e9c02ce25bea8c0b68b07f2d13e4ec30bee779805a4ed138ff05c8feea4df0743a285bb7c5edb5101892f007381ec36457cd2e6e24393c7a1153c7b081eb2420159071f9742047dc2617171fbd2b4cb10d83a62a6a85f6ceda06cec0030b1f4095f7b9ed5389f4725d58f412e9cb1bf3c0900c70286644f877909cb9689ab2f3c743ca37815853bc599ee03dd941f62e21981383abc895a9aa8a863b3ae220cda326b459585e64a1bfdee7be6c1db2390082de1c94e3679c7d8c1126fd43d2c92532efbbc52c40b83428ac77529ce425852616960aff8a4b72a38f4f92f3a15290be847e8cef45ce3d11b58767af36337183e931480fb771844c336edbe74b7f246cd5d6c812536439a448f3872eae7af4202b2e16b0000"], 0x3, [{0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x1407}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x81d}}, {0x4, &(0x7f0000000340)=@lang_id={0x4, 0x3, 0x427}}]})
r3 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, 0x0, 0x2f)
syz_usb_disconnect(r2)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, &(0x7f0000000040)={{@my=0x1, 0xe}, 0x0, 0x1, 0x2})

2.951343529s ago: executing program 4 (id=3685):
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000180)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {<r1=>0xffffffffffffffff, 0xee00}}, './cgroup/file0\x00'}) (async)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000001c0)={{{@in=@multicast1, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@empty}, 0x0, @in=@loopback}}, &(0x7f00000002c0)=0xe8) (async)
r3 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r3, &(0x7f0000000080)={0xd, 0x0, 0x3, 0x1}, 0x8)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r5 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000000c0)={'wg2\x00', &(0x7f0000000280)=@ethtool_gstrings={0x1b, 0x4}}) (async)
connect$netlink(0xffffffffffffffff, &(0x7f0000000300)=@proc={0x10, 0x0, 0x25dfdbfe, 0x4}, 0xc) (async)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f0000000340)=0xf)
r6 = fcntl$dupfd(r4, 0x0, r4) (async)
ioctl$TCFLSH(r4, 0x400455c8, 0x0) (async)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), r7)
sendmsg$TIPC_CMD_GET_LINKS(r7, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)={0x24, r8, 0x41b, 0x70bd27, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x10) (async)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000080)=0x4)
mount$nfs(&(0x7f0000000080)='hpfs\x00', &(0x7f0000000100)='.\x00', &(0x7f0000000140), 0x16a9040, &(0x7f0000000400)=ANY=[@ANYBLOB='/dev/rnullb0\x00,hpfs\x00,/dev/rnullb0\x00,subj_role=/dev/rnullb0\x00,seclabel,smackfshat=/dev/rnullb0\x00,fscontext=unconfined_u,uid=', @ANYRESDEC=r1, @ANYBLOB=',appraise,dont_measure,dont_appraise,euid<', @ANYRESDEC=r2, @ANYBLOB="ae62e23be91cdaa1cf0cccad014758792141d56a44c229e4ab333f2e8b0d41a18b8a98c12bfd09aaa22dc1bf884e80069ba8853876f6e0fdcab0415cdb08b9891910542ace32ccd39bc6b5bb1762538f1cd8e154dd46b7e0e5b0bc0209bb0a810fdadd7fc9484066532ceb3052981a8d9981428fed64ba73ab046e9e61286e8948fc140e72a6bad7278df605"])
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r9, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc140000001100010000000000000000000100000a3089844f7a445ae18ecf83ab82537b165b24199fd963bad4"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000) (async)
sendmsg$NFT_BATCH(r9, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x2fc, 0x9, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_SET_TIMEOUT={0xc, 0xb, 0x1, 0x0, 0x1}, @NFTA_SET_EXPRESSIONS={0x2cc, 0x12, 0x0, 0x1, [{0x50, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_DUP_SREG_DEV={0x8}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x13}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x16}]}}}, {0x10, 0x1, 0x0, 0x1, @masq={{0x9}, @void}}, {0x64, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x54, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x16}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x1a}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xa}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0x11}, @NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xe}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x12}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_META_DREG={0x8, 0x1, 0x1, 0x0, 0xc}]}}}, {0x14, 0x1, 0x0, 0x1, @byteorder={{0xe}, @void}}, {0x14, 0x1, 0x0, 0x1, @immediate={{0xe}, @void}}, {0x10, 0x1, 0x0, 0x1, @reject={{0xb}, @void}}, {0x1c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x13}]}}}, {0xc0, 0x1, 0x0, 0x1, @range={{0xa}, @val={0xb0, 0x2, 0x0, 0x1, [@NFTA_RANGE_TO_DATA={0xa4, 0x4, 0x0, 0x1, [@NFTA_DATA_VALUE={0x9e, 0x1, "596aaf2a32da067380fea284cf557fbdbc36558e87e4048ac9f893910b023ffafb7f129f4490bccf1b24121d80d075c139b4656c3f0592451842698637aebfe488e634464a1f3841082bebf4fbecb019cae4756ff9dcea8ef6255752980f61aba8bec8783b1f2e584eab6c8ea7aac1fb295b40af55c7720740e19d70e81c756aeb9418d05b369d3750bcedafa082cc90ee3a0d20f86ba49ba21b"}]}, @NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xe}]}}}, {0xf0, 0x1, 0x0, 0x1, @bitwise={{0xc}, @val={0xe0, 0x2, 0x0, 0x1, [@NFTA_BITWISE_MASK={0xdc, 0x4, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x28, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}]}, @NFTA_DATA_VERDICT={0x64, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFTA_DATA_VERDICT={0x4c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffd}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}]}]}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x82}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x25}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x324}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
syz_clone3(&(0x7f0000000f80)={0x20000, &(0x7f00000003c0), &(0x7f0000000d80), &(0x7f0000000dc0), {0x2d}, &(0x7f0000000e00)=""/136, 0x88, &(0x7f0000000ec0)=""/101, &(0x7f0000000f40)=[0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0], 0x8, {r0}}, 0x58) (async, rerun: 32)
r10 = socket$inet_udplite(0x2, 0x2, 0x88) (rerun: 32)
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000240)={0x0, <r11=>0x0}, &(0x7f0000000280)=0x5)
setuid(r11) (async)
syz_clone(0x2000, &(0x7f0000001480)="f1f09f5790969633e3286e50165a5c03431809617f28c9580190da9d0c0677e88b9823dd524e795c500b31784a1d7d34e4", 0x31, &(0x7f00000014c0), &(0x7f0000001500), &(0x7f0000001540)="540b58f4d2fb0a65f95383bb5c0d2000aaf7fff49023a1390e8c918bf62061c84768ae951ea36149413a25d303605067cc646835b28c96150f7e7929fd1264") (async)
r12 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r13 = ioctl$KVM_CREATE_VM(r12, 0xae01, 0x0)
ioctl$KVM_CHECK_EXTENSION_VM(r13, 0xae03, 0x51) (async)
r14 = syz_open_dev$usbfs(&(0x7f0000000240), 0xb, 0x101301)
ioctl$USBDEVFS_IOCTL(r14, 0xc0105512, &(0x7f00000000c0)=@usbdevfs_connect={0x1eb})

2.790117504s ago: executing program 2 (id=3687):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003a80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a3100000000681c0000060a010400000000000000000100000008000b4000000000401c0480441701800e000100696d6d65646961746500000030170280080001400000000000020280da000100eacc8759c940812b39f267d0d50d0499c80ced83ec4e58ded054b8c4a69ce3e9988eede7727e27e3dbff7e874cb1b05d587c253d495a053c719492db971f200e5bcf9a3bc095a26b61c9223f919be897ec511a8f508c6a5c8b12302d7734616c27da2316dd53a73312d3b378520796a6e349b06f99806394ad060919c8e6ec0702663f3c0ab0d9ed5f5944b8c19374ca21c2d2af8a899321e4549923584914221e95e35a16e33def4b5fbd5a78387388356f070ebdf992da0d227e98833e7d1ac7b846b257489164571ad67de3a54982f48f6538870e0000280002800800018000000000080003400000000008000340000000000900020073797a32000000005400028008000180000000000900020073797a31000000000900020073797a31000000000800034000000000080003400000000008000340000000000900020073797a30000000000900020073797a3000000000100002800900020073797a320000000094000100a601cb73261b6882237a065ff363762d4e1f15598e444ff364754c34b4528543748c9b79c430aa603175a7e3b5b9d190a2c2c4188b7c26120148c094d265a74365a97767ab9cbb31397039ab3f063f96a0d751f68f1af1a4f74a3f5d1cd4c3f29834815f07d702f399b124dfd3b860402c6998b9ad7d6cab6628759fc92df931a9e7e7bb6acbcb7ef909c15a79d6479a0800014000000000b41102806000010065fe9bb27826716fe37215876f3fdda74da914f0fe731980c3a4996a301da00f85e6a0d1e57217beef5c385d81f53cda9f47f7a3be67cf71ac8f58d16c169cfd9eba864d0d4d18181c1553667bc0f38b5d57f6db4617cf5aaee197826b000100f04fae3424364745390144ae9195c1d849951647176fbdd72c494fc2c8de4c3944c44516d2102eb25df75495a12cc963f6a65ea08d592069903d9ee593f218fb2d283c99fd01863a445de39926371b52a915a28c9fb94599947edf821d946b401a8b5693727aad002400028008000340000000000900020073797a32000000000900020073797a32000000000400028020000100a1d1361784d5d07d33e06b7ce747466cd48ee5496c948e573baa0d077c0001007cec8b0057578ebd97c694cb01a31ef11e6f6f569023457553731f08213dcee163ae01b55a7a5fd908b8b74bfb5976c6b37dc1869e7383660478b5ff689033897f8792462855aef9e6222e794a93f8e9e1f6908c646c7b0bc78eb6bfa6fd829658a286d8b211229ec22252f93aa88bb87d05a35cf8e88d2c0c0002800800018000000000040002800c000280080003400000000004100100a50dccc20bdba1839e7e75a6bd58dac9063761500001c99a5a3edac0be788c5e3a0bd46472e7f5b6e49c7d9a9bec4b199c37e72b6e37497d9a7ff6911f9e588b3f5973c3bb9d22d90fede8ff634ed65fd5e4c0aa24a8f81e7ffc690221569c425c0e98c4c76a0b2fcc283328eee6e7fbb9348622add94e22229754b31f66b336bf5fa31b7d628a9024383408755f9d90e9050cb637524ca1b83f22b2009944656cec2b6696b528571e10fd82b0526b9dd7c128953863376e0bb9931b085db2572561e67b227763010f1f41dd5eb52b076900354c6c39279e0ee4d9d42f002b923518d13a0e5c092ce532d9f4b74fa8039549eaee57f6db389b0fa08604caa4edadef0cc3825133d26a4db36770cc2384822cb67efcb1fda960bb9b30b43f0f480bb38f9695d244153d411d407180c42f0b7edbc2a67dc0127442be628e5923eb9ede3579666fe9054afae87fc70928a7f65acf020628ef352f0e536a73d0cad686607d8958ffa02caa38305c0d6c5757569479c7d24f2f77828d029c6caf99bd9ebe723187521c9a90860a71bcb2756eda673f05138112c46cf01452d493ca5c7169fdd9b072f249f465e06e98c4e14fe87eebe28712ef7ff84c6501cb708ad2a8a256a2a6996bd449a62e6f08ec4338be46d84c129fb555ffb8857a9662098cb0123f82cb348dff614cb0d5fd9bd88b0052981dae9375edc65939f6a372dd26b9fd6da8e7aa60d2b77870a388477575683e4b071f8df923b38dadafff09eae68dbad4932d70a9a76cff3bb7c2deb3efe1c311ab212380cc51986cd9eacad9ef77b0e3d7212fdacc25707ac72518ee9b9ac136fb3297fb3197ef04e489aef2cdb5c21ddadea7ac8eb4a5b411c24e9ad00de7b07e8b2299fa6b85f8eed59aca91622bf9ebafc8051413ff279e88b8c835f486e9e169d0d0b71a86182a0f153db5c74e2bfba3355b21b155ef77a1aaf39f4031132281a99171455d6801c435073d5d8143b24d9241bba82b7553e7b36c44062fc4047bf4bc8d6c9d594dd6bb220297616256ae9d30d98d33c1fad934f2f392bcc977d417d6463f84feb16f410045772bb92ed2d7eb93fec3dbe9490f10b4e7e293a50c1e196b8c4b9479013b9f9ad74eb96d7e828e0843f56a0c652b1054e7c20740cd540eb78c45d46ab7ee71e908b2fe1f072b5066ff2b8c232992ce6e38629f3acdfc6876dbc6f67e91ca069b8aa785b94d6569667f4a5675b1ad3274f96c411a8cdb500c4a50d56951d196a5849d7d4651cf38d73b88c66a6e9ac9d6103ded9f686fda7a56d262b5f7aca3661329ff505152d61bb10306e03338bc331096513123926b8b3005bf63486b8179ffbeba6c2122d53caa76ba756e1b8c5dd2d64915017d0ac348aac7e20280700b0379604c57988f4d13760e16ff4c29fd6ad76775d8c1619cc9a286958ea390635c90957aeac760caab20f297765091e8c4620e4041c256e3e063c4a75ad4e1b8563e84393f77f36212baba9c6644735de1b09acc0c33d88ec1c86f016e6fb8c0662645d2755a5470043c1bd2059079723ca0d0acb27c1916bf3821309606b8876ca60b87e52dce1fee4c697fc606406ed9d5aea44646891df32dfa567e9b93c02fcdff6e8a3583bd0c8507974805c0786895489f69d19c8970a762b03448894187f3150fcf433b00ead09987cee6473e28492532e74c846d0ab6e7908e260571f62e712fd8d0212030e41681b1e23c8f60af3c458eba1d41c1a365901039adee88ccc1f8dd06911ec37048509acbb56491ed5bc91d274faad42ca11e2b3d02f14c95d20aab34e313f1b91928408142d19570b217237b39a6281322b7cc7d8dee6a07145cd3827dff0e55b7ac5ac618e8e81b42002efb045fff6c08915888470bbe430749693c0d65c182c3483561624b7c309e19e94ba194f403ee8a1406d5f09df5cfa3839e1017d99b226b40a6baa06aff4b17a6fe995a6a83c56bba65a118bd93432d27d44fcc125e395f818fef7b82360eccc399ed0f03e1f0be86baeec92b67b54fcab9389bb5fdcb8b4303b6c2a4262ee30b37b917c6e14f2b52d481d2e5ad02739851b203b8602b983dc19bffdd3748fd0b29dc6b70054e68534888c02cdef58d15c79258c9880dd32ad90fbd2c766b2a68b880e7f0262640fc3e32c88e913dac1cf34201adda0cd457e87013889dc6f69d17bf1318b11c6293c1fb429050dcd33af8b7e31ce38990d358da60c5b31d16dadd46c6aad637b92ccad11b6249679998be4918d50e8208dd8286b1e325b8e023cbd9d707481752ecc6c5bfdb12aa88e14a154db4e79a64daa5ee9a53ac35b42c0000f07a9e427c3f215f11deef388b8f9960ac15251f2bb02ec282c858605061006211958260a8ce394f55a1c70883271709f24c1eb3f64eff2c2b69fb1368cce3d0f8d3d62e6192fc8b2368b0ae1311da57a8633060153293435ba8945249b9226ea630b2b6aa33d181cacddda6d3338fe6e9f1779d966d14c1f156757d5f5fb15102002c39421cb41b97b142853b6da4b86bb88aadf526447c5a12b4c324f9a1604cb7956b9afb5c596641f9cd9fc6be37eff82f32ce45d0515bf1cc966b8e57397986817399c98047622c87acfb1c6bfb0a37f326d285e22f6308bd1384c1e8681d44762dae45e073d246b52f6414eedecb90217057d42f985a2f8e2acd041af03e61d69e67e1689459a267090993e3d98f45314b9d43570a482c21ef678793f85f181eb677b4f73981c5d0a1ca8c6e65249359ca95093185cc8640e1f1cec8abfef53ba9c7fc24f0ca20389e9606dcfbaa93f5426e084d9cf522b3c75411aa34c22b289b1a7bd3ab01efebc27a1e09ee81056a113839234c0400dba9696c219eeacae13623505cdded580bc54819974c06ffcbb87c45d377c0bedf25907327bb7f4d07b600c9a816620815275c75aca418ade32ea85c965b379e8af6d8c8a32aa7f546978617cd907d39e75aab3221bb030194559e73d93e74d897b114b39d53ec305d332310b7abbef44569307703e916f7514b8497b6f3fb6f0daccd7bd301f67cad840419cf7128aa0b6264c6bbfd0c21eb6771bfbcc8590cbf7de3e6d9aa83667deb776715736c9194bb8825d0abce6d9b2693f93aa81ca67eb0ac9566456d6dababb75ccef060df30c8c23be41560e58f9f846debbf43765649047187cc7549d6728190675e7be45b3f56ed71564ae74b544b493e567459503b237a811a84036512e0728879eecc085ed1807613eb097ed784237c8746e96b73912be98f20dd2e2d4a79d0f6df706cf2366acbd01eafad1de8930d04bef65a5ee17ee453d5cb648d6279dd602814445d2967af8c1b1e92dc049ad9bee6f3b746ba5d8323b02f3ad671538f71efb65dd31fb86c090b77de525a678c12be72b86a62d1d850a1ab62ec46e0f11d34f43dac738bb2c2f925af7cc9d46a2b63f54077f0bc0035848da6f4ffff071ef4e1b8ba9a4fe2e4e1778c4f715a97787c29a4187c718dedf0459a4a6c736d0cefd2d6e2c49b7332d68ede037fe6f4281fee0afeccdd2c22763783f681ed014461aa805fdce74a1712a79473b5d99ab08b9dd4c3c6eae5d16f689ec2084382bf1b44fb1ac891e0a5adddcefb1b11f755ff2eadfa2d992c740826b246d3a91346a87f8802796e269323151f9c359715c6199338c003e19f8dfc474bc898bc3f0ef4a9b8d47cea6c655840dc9cc685c6e16104beadca4b069957fd54b62c6077c717f1b8ff6052aa89237ce8b71c44ca4f2fcedcee464774eb56132ddf1c037def1ad39a14e00f76f1fe84d90b48dd3c28bbbfeb157416b659b740bc35949765e8644a50eca9116c043718e233f80a307cf78c93cd6e38a2cf143faaaf602806556dc293d4907f5aa4e541901ee12267697cfc7fa35d979d6aaf8312e21c4f571dd32b506fc488da3843629ff5b63db55a5021286346b691ce7d8f930cdbcb4d07411f585de89696b33e0a8f32bc42ec9f6699f4a8af2fd74d1359898558ea0158342ff7703611af8d5a98c537b3bf6856bdfec88c73013b9cdcf987a12c9df591aa75d28ead7537e975479b9712d713b36744e5dc4ffd05f168be52bd0f4ffeb4ae6a638f2e415ef1a2d5d4d9d9a9e8bdb08265492b49e2ca6651a93230ed3ba9c09bc112591117939b043016732a083be675327b92c4624cbc62113c85253e653d001c157d23a3d1784a1cc1cf6d564bdb1c910a492d351c3471ee5486887c1f32555fb286da41ae46f3910516ed3bc4c8262cf6a668d0fb4f472dd7ffd23f9c5dbaa9f22f0f5a97905effdcb7877aba1213a2412bc5bd5fc6d8e7d0e7be5baa3c09dcc2b2299a72450adf04667244c930e638d4ce768386f8d954fba62a4fdc723c7cb8432361addbf15c086b4c1321463f2ec34d623426c4de8f4724b403ca013d5ea473be184d44716c3d7bc74d802e7f3898799346a752130aa3db94962ef7625fad6d2fa3b3ce37ba6ece06a4fde35b6490285bb66718551ca883edef903d3885deb852dd05df86eedec946b3543cf85cc5f3f89f13dae6cdc9d3b238fce59f4aae66ff2aba8c99ffd7c14b07a069fbade76084bdfbcecc00492147356d3d931bf15cf4b759981c290b9951d7abee0e43a6f9fac598c174d2ae0894dc5697633a0d051c5ace7f295376b53cfbfb5b49d01d09e56912d74d9494741c6fde0562004c5397c9f477a80be0db173a5336cfd74afa55f8afb1f0b93f2d6cc8b18cc3bbc954291a69c889f8361d0d93ccd9f1e0d950e08e1030eed47957c369e64c97aef34c289a778863d34684d90f54ec29a1a45b058d96dcd77d4708c8ce8fa087dc212f0f4785b1e145c7e6c734fcc8ec0a0fdc457cb60c57bc1259d05ed92ddacc9ba2d8e810ffde8ccf67ec43ac8f05c5f9dff3efbafe67271a7cbfd85dc90f870a3a2be2145b767edfa0e666a041ca7b99ac6cf09379df560e27bf00b60acc8bdc28bf765fd1a3a6daf20905e5f0a2dd473b3fbe1eaa414e5af8d4fa9847af219db7118d609cf28a45d810cfc2cbc9dfcdd1676816309165d89cf3a138fb785f4e41adb7e15cf40e6401ca684bfb976d4a7989b4fe6666fd926857366da896815d243c033fa243f6d02c683091d8b9ba613225246ab1f661f8085da9f18682e410e9aa771e6f30cb8b00d17e7cfaefd9d9b80a8760506f34ba04e0844b5dc8ec53cdf578d2a0bbdbe3ba4c92ff75d85caa97b396405f06dcecf136a3a73944a44e333df258a86960285f6cf2a5185b9e1afdd6feadef8f25b0836ab644eaedaa39b7f840332b6ba4a2e2ca4007dc02a8009e81d23428651a597437155d03a177e9c8501fbfca334d2515cbbde3116e5db438de268eb4ed4c29c7e19a421e7581969919449ea4982018a0ab283790a3741495572568476abc5ef7110db461167846cdfb21f5af30692724a3930b34a95fbfd2fea886ae5c3d30ab3737a5df1689ca3e30e24c1a907196e34002247bec3c7b58ead4c5b374f2ff6408bfc8f513c6bf7e8cf3a493046c16340459053a569fedf652bd4f6b04c43fa770b084defa3b2d7182feff095c4f0fd23e33ba1a3513e7a9c6a42ac35afa085083fe1ec331a1b1d4b11c5fc9573cfaf984027c98191ef52ec14e23477ce2b8ebc8523f3dc74fea42984d8711c2d5a98a92bfa26e8b92053e448f1d0aa9b3ad6bb159e08eb923d710e50784166e2d0021a933de490eb0542e45072c178646a6f674a5eabdde0aff8c20ef266c41bcb3150a8e2948e46e618988d44305ccb39dd77909f24704000280b80002809c000100875ba50afb7c4103b226f60ec3155234e3877c38dfdddca157704e58f963af3fd3ab9cddf625c2c3b44632f25af3de897f9aef70806700bc24c712677751fe844e94e44aa78410a88d4d32cc8fc592535e47a2045b6b13fec2acff1c57ec2e44789220c6ad86cde3262c0e29767d0793beb652eaa9ef1c9befb0a0641870d88c46e54141d2d8882c844b51249f0528a3413711f0c9b13a3b170001004310bc2a4e2de1f78da171e70703a65b8066da0004000280e0010280490001003342d233e05edebf6453ad40ffb8fdc32e50e78270ec9bdf6e7643df95e8d153f0fc5e15f615da4801b0fdb192177422b143dbbe14ee95b9f90e9d8797ca929c8a7ca57574000000e40001006aa6eaac6f4b461864c9dbab56133eaaa9f50b6770a119a9d89fec6e4376b5b2c32f661be94a4fe7c0755fd642f4b8d4752b9660d5b61226062d8871599bbcfa7c8206e27495557f57bc4647d209c70145e88dfe8b23aab7743c420ca8d3bffa2d96d91374fa565ac88aba12fb8163ec8d485eda1ff86f398f947db05a51b74abee278e6add982c178c4e08fb5aa9ef689629f74947a06d3b2d653216aaba7124ab6cf2a2bb2662834fc66fa32961f2065450b967516aaa8bed092ee58639c4fa0afe229c4a5e5c6f0d899360b0a26467db5b4f43fb3228fab59ae84be114ba08800010000000001290ad3eb30b6f62075fa7597f1fd84d9549fb819d48dc0632c14e96918cc653ec6718691516a727a180f8cd727f98394328b476bd4496f31fbdbecac89913ab041d49d9083286f1919c157b091587e87ec3ece2bfeb2c64400e7f8d1919215eb96d3f0919ae61554cf4911b5c2b6e2332e869e337ab23d2de9544ec2b5304dc52400028008000340000000000800018000000000080003400000000008000180000000004800028044000280080003400000000008000180000000000900020073797a3100000000080003400000000008000180000000000900020073797a3000000000080001800000000048000280340002800900020073797a300000000008000340000000000900020073797a300000000008000340000000000800018000000000100002800900020073797a32000000003800028034000280080001800000000008000340000000000800034000000000080001800000000008000180fffffffd0800034000000000b40401800c0001006269747769736500a4040280080003400000000008000240000000000800064000000000080006400000000064020580bb0001001d92704a203d5ecc985c4e4280e5378a36a2856959ffa601c237cc270251cf18420d11613ec98e629c7d84c655efcb2b5ecd71666675bf512cadfe09e4d05a4f60f60e007ca1cf70a5185f973cec0f1ab052acf1acf6a2df83dd88facc62c6e94a1b6368d6bda68abcaed2ee48c3d589bf2a814b728efb93401dfa1d1063200c10e56294dba0e7b780ce0f6090bd0de9f5e000c98c4b97cd985c91284c2bca23e4757407bb41fd8de797502a72e122032d4ef3160f9f7b00fd000100854e3cb6d05d310db3d528811da7f7450ebb2d62cddc6981343570b9f4ab17d75de9411dea482f508c0dce42c25c4778ebc56bb303f9f51c489eedffcb1490560ab26ab7507ec029cca3ddfe7c4f4f6d91db07cbc008636bc7bea7f96954d31da9d8a9ca043df7b409ca2864d56fc6b2a70fcc2f1a3579737bf47542dae337d5203869caff9ab95a317c25521ebf848fad8ceb87f4655ace0701dbe961e9dcaeffa37bfa2e9d127d61b8d6edc1437b46f54c061e1c9d68120ac8300e91d19c708aa9589c37de59a9f8df5546855e934599a2f31b6cb847347fc02231fec395b906e60300340d60ebe7a3f23e1aa6eec9e0150a9d16b3c25e590000002400028008000340000000000800034000000000080003400000000008000180000000006200010091de8d9ca3503f5a0a8259007bc5088ccfe97cfebb5ebb90e05d4e8a63fcbee6f14ab7eff7469cf243a6ef6e528b811dfd72af1e7e08de8fbdd4849367ea82016412fab2ccc0fb94fa63fac7fd0c6ea48c0e9ac7d1a30ecf3e70e44ed5ff00001c0002800800034000000000080003400000000008000180000000000800014000000000600004804000028008000180000000000900020073797a3000000000080001800000000008000180000000000900020073797a31000000000900020073797a31000000001c0002800900020073797a31000000000900020073797a32000000000800024000000000ac010480b200010006687351802453c1b314541f275193ac658985478517d01198c7d90f63dbcb74fce872904af6593131bccce0ef918bcbf359a0d8aa2801d0f31fc8aae73107413f6112724ccec7e130fb84435e63fed1d71f589f8b071b95bb38e0532478f6d3592922c17c635ea7a8f7ad3260e620447bf7f845e6017d17014e26504fe91922a2b5e10b8511169b2a9ac673e340506a052cea05d8a429d989757a396fe43535df4fe926987ed7fc41dd6acfdf2600000b0001000bca99f460f4b0002800028008000180000000000900020073797a30000000000800034000000000080003400000000004000100bc000100e27404a10a99dbcc4575917adc29373e2cc46e5e8f99d7a36b7c42c92713cce62084d863a11eb9c2e19fde212924e527db981a9be0c2c15f6a04a67e9e20f86e4bebd07665e2d01da200712427a5525403c1c75468f31b91a60def25f7757c9921d08b9a5b0bc6f8953efbd0416091bf2b30d9a37e789198313dd07b7b70cebff25c562434b67e9a6b70708dd84c86135ab9b0ffda2c4b2fb4a139220c101f4c0a3d58eb124346005c82dea6f0f36444b28300758475eb3d34000180090001006d6574610000000024000280080002400000000008000340000000000800035000000000080003400000003cd43137800a0001006c696d69740000000900010073797a30"], 0x1cdc}}, 0x0)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r2, &(0x7f00000000c0), 0x10) (async)
sendmsg$can_bcm(r2, &(0x7f0000000180)={&(0x7f0000000040), 0x10, &(0x7f0000000080)={&(0x7f0000000100)={0x5, 0x400, 0x2, {0x77359400}, {0x0, 0xea60}, {0x0, 0x0, 0x1}, 0x1, @can={{0x0, 0x0, 0x1}, 0x8, 0x3, 0x0, 0x0, "8d416cfa6fc2313e"}}, 0x48}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) (async)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000900000/0x1000)=nil, 0x1000, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00')
sendmsg$netlink(r3, &(0x7f0000001080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="340000001200010026bd7002fedbdf25feffffff0b00ce00000000000000000014002e"], 0x34}], 0x1, 0x0, 0x0, 0x4000}, 0x4000800)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000228000/0x2000)=nil, 0x2000, &(0x7f0000000200)='/dev/rnullb0\x00')
mremap(&(0x7f0000064000/0x3000)=nil, 0x3000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil) (async)
openat$ipvs(0xffffffffffffff9c, &(0x7f000000ac40)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x22052, r1, 0x2000)

2.46793644s ago: executing program 3 (id=3688):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000000000004007d01ff020000000000000000000000000001"], 0xfdef)

2.42339785s ago: executing program 4 (id=3689):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000004c0)="0f064b0fc71ac441e012e9c4427d257c6402c423f978f50066baf80cb81c07da87ef66bafc0cecf342a60f00d6c7442400f5ff0000c744240203000000c7442406000000000f011424c4415f5c9297e5ffff", 0x52}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0xfffffffffffffcfd}, "0000000000000000000000000000000000000000000000000000000000000000000000000100"})

2.249829463s ago: executing program 3 (id=3691):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0)
ioctl$TCSETSF2(r1, 0x402c542d, &(0x7f0000000100)={0xfffffffc, 0xe7, 0x2, 0xff, 0x7, "ea71061d0000000001000200", 0x0, 0x80})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000001c0)=0xa)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000009b80)={0x3c, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}]}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
ioprio_set$pid(0x1, 0x0, 0x0)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
sendfile(r2, r2, 0x0, 0x7ffff000)

2.131900212s ago: executing program 4 (id=3692):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x3e)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='yeah\x00', 0x5)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d) (fail_nth: 75)

1.923666923s ago: executing program 2 (id=3693):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000180)={'pcl818\x00', [0x4f27, 0x5, 0x3, 0x4, 0x5, 0xcc9, 0xf, 0x7, 0xa, 0x0, 0xefb, 0x1, 0x6, 0x1, 0x6, 0x101, 0x1000, 0x1a449, 0x3, 0x40000007, 0x99, 0xcaa7, 0x4, 0x20001e58, 0x4, 0xe69, 0x3c, 0x8, 0x2, 0x0, 0xfffffff8]})
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000000), 0x165342, 0x0)
r2 = syz_open_dev$video(&(0x7f00000002c0), 0x20000000005, 0x8141)
ioctl$VIDIOC_CROPCAP(r2, 0xc02c563a, &(0x7f0000000040)={0x9, {0x2, 0xce7, 0x8a0, 0x8000}, {0x2, 0x5, 0x3}, {0x0, 0x801e}})
syz_usbip_server_init(0x5)
munmap(&(0x7f0000012000/0x4000)=nil, 0x4000)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x3, &(0x7f0000000080)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x50000}]})
quotactl_fd$Q_SYNC(r2, 0xffffffff80000101, 0x0, 0x0)
openat$audio(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400070000000100000000000000fbffffff000a30000000160a72230000000000000000020000000900020073797a3000000000090001007379038014000000110001"], 0x58}}, 0x0)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$GTP_CMD_NEWPDP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x2c, r7, 0x1, 0x0, 0x0, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8}, @GTPA_VERSION={0x8, 0x2, 0x1}]}, 0x2c}}, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000200)=""/78, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000680)=""/185, &(0x7f0000000140)=""/92, 0x3000})
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_FLUSH_PMKSA(r6, &(0x7f0000001440)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000001400)={&(0x7f00000003c0)={0x1c, r8, 0x300, 0x70bd26, 0x25dfdbfd, {{}, {@val={0x8}, @void}}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x24000011)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000ac0))
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f00000000c0)=0x1)
writev(r3, &(0x7f0000000000)=[{&(0x7f0000000100)="58000000140019234083feff040d8c560a06580200ff0000000000000020ffff00000000000064009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000b0c10000000224effffffff", 0x58}], 0x1)
write(r1, &(0x7f0000000400)="547bbee68789313efe846d6698abfeac0d12b144933fa6f684f1ba13b34680bd4b9ea70f71faa2a82a45ab47458c1f827355ad34033fbb8b9699eb0b279252dfcf29e377e14dcfbde42857cbf2aa88d3dad8ec2deea7afe4e747fa392fe01d425970fb2dd7a000ea3889f0d9021f347818106963e18c256e3df26b41c61d30284a8ad61c6269756119d62e3a7a24c1dcd09d3eb35dfee6ec945ac190c4797988e0d7f6f38bf9b124431dd8208a9208195a70c8e558c216e78d5f5b3f6df6f155e16bf7dd8f4e9eaf61d5142a82da7a87aeca19c25b631cd8a14ce9f2fc8dbcd05f51dc9260abc82d780c9358bd6411ebf48520694d413024432d0bfc3759a620289c9c8705009fd829da6eb5b72b454436b0af8e9dc4941ca2cff92561cad984e15849dcd73f04c7f70a30304da2fbc17f421767ad5ce47ed79d6698428eada9a39faa02f978699bc8c482224a2d5f85cc1135ea92ac1c610e32f1e7c82da6d91e0c8634da679760c32c3e891db352b76b61a65bbdd023e093a8e0d37fd8cd00679cb1bceaac84b05861740c221b2cb4afa1ce8b091c815fc4bd83995b5bf5dcdf2912572cf6180ec27445404917ff9e8e6604e2afc19a1bb3745914f0a101e03e44ea5f64d40402f12a81310c97086fb01d04e82799c40f29348eb283ad58a40d608a47fbf9a25dbb308aa03b2425ffa896e1a70a37cf49e6dbdeda39ee88aadb26811eba78a0dfe5400a51428c31582edcc5f75b5dd963707a54b9b1e35f9966995d6474acbf7094124cecf38369aba3f6a5e3ad071f5e3df902843a3947623fe01571d97625c3e27721b08a6f85fd7b879acd400de5beabdd2603d566fdb4018bf8bd74c3ea1ae67c988992c7dab4ebcf501a73815e1b527d3ff1cf9e729d55127118565f794d253fef25609e5a415615d1b5fca5381b49446d9b9e75fbfcdd9218b0d8d8d965871b897544e32fd0b4cb5600ffdcdb0056bcad75216759590f8a94db82b0acd2a5a34e5c34241a19f1a7a7cceb894341f55c6b474f3cc052f9863a67519dfadee6576f08d7448929424c13e845e2e636b87dc14e1ab4ad05d69f896ca1bc5c1267befb686c4207e21aa30bdae1d1602d3e4080784834e213c426ba5446f90d3b3885a5d6942c6b0e637f5bb9c7908460bd7d04497ab054c8fc7f89068f7535976ad051bfe94c243ce7604a63b2099b69f1ed73590a318fad9a170fa0cddfe60e981a92de2e1aab3465b11a968108e08deadfa1fa546c4cbc0c34ac28597848562583ae8d93cb60f2e06c7a1f743add51eb8cd732b40d48fde00117cb2d654100dfcc66b7c9fefac80e137caa5cf43ae897780251a3ebbc4ddd3b003168963c9e2c9446cb29731fc4bbb5e551aca6913f7b8576ce34012581b5a363917970399ca369688e637cf06ff3c8114383d2fcbf9c69f1ca63cd21695254a440df5ef0a8abfdbd0a651a533b6cdb82382e3bd70f87c1d3eb0a6e22452605026fafe6d35158c0728c1050a39330c80ee2ee0b09366fc6382883ecd0796feec657b36aee4091471e406e9faffd5ede27943e5fbf1b7249ab8bad71f60063697f04db52e980a9fb3eb5e53b89be8a5f0e6afea7435789ecd444c28eb411cdc2158e434178749f36cc957dbd17efb2b218592f78d6864f2708e8c6db2da0d3f6de53959afec0c90d3d62a13a0bc3857bce58d81223eddd05cf3c1ec6b3fc5307d0f16d470f2065300295197e9fa81d2e5574b2c7b18f1c6c85156a9b1174d62dcd3cb026f4b67e6babd66c8f427b9687585f37b18c82e0100507035e78ce010b78ea1b5d3884db25df36ae929dd535a854a31cba5e47655873df72be7463c600b704e9da0e7cb2d61d0710248814ecced2eef8f227c8aec308c2c9d0a39d1a6b306080e8eaef8edece0f6d0d1612c582d70c3999a1a6bd529538f51ba4869ce74bc8509a7126d96db118cdb55411a36f4361d53c8027c12a7486e9c84e4de445b454630be27bdc2ec268702d9c1890297bdd1fc7a235f1a47f4645d286146f3cb9a7ce650f4157a1e7f134eb1815001d59905d3103efad3c66479330e8a5da941c9c38bf21bc0770e3fd56cafa19ad6e9d51f94ed4f900062b5602653aacdcc956aeecfb1dd613caf918e1ca8ef2e1504c42768e77df43569d5fe4b48c237cad5285c578b26b4e47c8ce06fd2686e17eb6d5df5645d0fdde7782216be07a1135dabc3a59598bdbab249c5391832f18ac5163aa7a1a890128a4520835a53eb750604c5e328ecb3216516b3eba3f97652caeb4327da8865880a932dc8e7668666ac3b76a2a424ca37b5dfb52495710611e20790427a9f9e7ac59bb86f0fb7a17a5def347a98dd8e733b784d78d5c7f16f327a2606d4252411457465540a60b0757802f470d08337c0fe4eee5f5cfe4f296d0f7068e80828a022c95632beb7b7f802135e246b1adebebf24c821dee7205e9fe1a437b16aaa8dcb4a58b0bdbc8dbc2fce09271c27430cc9ca8141955ec5ff4228627c3816cfe1bb2c0f40f6a61e8bfa4e2dd744e41ed80b83e9aef77119f4b062b98e86690711e83e795bafa7a8db16f241cee76aa01ff749100c113fda966aa8c83ebe975f760c18e3864065a5de6e8028a9e3199f4acff11e14bb13bc50faf97fdeab46edc371e55cab78841a2de17ca116b0183ac38b658c57a64ab11bb0de071c971a7a5175ad0bac6ac1d1118230a5412a35bd005b369df0e04e749ea93d7e56f713b9ceff580547a2a76ea4753a78b4a5cd0311024c5536b536c8ede63bac8e8b4c5851248d9098a7c6bcc3d5f209178b45aef3c1afa4ab73d8feac3e1f771626d73d85f72dc15d16bd3b7b93e622626f6f3d96b4425d328236cf1579f1ca834a7b318b012e27b9a2dc528189cf1eb3705d90de50ce7ac0c256b7e41500113e164fb7d53c74c6f829552a5bce73eeab9a46d01551bdab18fd3a7e82b036872f1e876b12c5676f63a6ef0c6ff159788a0c2fc40f179a259c656e8aba9295e90027e74ef910ce3c56d6e2de917947410b05603b6a5052453f13e6ac058b3f621573bfe6224bad8c3a5f575e1eb774839cb554c53c9b3ad623df6c5c9627cce856f9ba5847557bc9f854cbb37a936f20a733ba352ee5b343b941290a399fb862434d1b551da420053cad3bad65195cde40b345740e30e9a22619add8aedb763473b729c0649f7a1ea45325534c9b629a1fe3a54a78fe44969715182c6df5c9ecf6878380831b2996579332ac37286e72ab16824c3fc9ef8d74a7f1f5cf80fa37f6bb990db3a7a70139887a4eba0763247c58f4fe770a0496a5ef49a3ba4d62bb900644d49b5fba7e58d58af6ae50c96da346618434ed46b8f4c27cde5e8863d5b090dc117f3b16db2c4273fa84f8b06d3df436bf4a8cfa6d33d7f0e78ef422d5d7640c821398c9adf4d6ccb1b2f7cd0e497023cfdd6b5bb9ad6a29edb8b78fb3322414cad1458eb12699853acb165076db7088f518386380850c111cbe74034ddbfe217db714325ebc4d6b46eba640cf125b87eed0832077ab775e475e431079756b3da6f9bb3c861ce7eabf6adf70b76eb9642a1bab3d7afef2d7b40c8a19b98123ad7449c1039c494e73bc91a86e8e92c39a9482cf60605b9e5c209262c4fcfde76ee370bd6a78253b64c5cbb19a11b34c5a9ccf634c52751277268cd97e795b43867af5a4db51bd631ac547906fd52aff43eb98edacecf08f94a060902b5cb82e87ec856305005bd1150e581d9717460e31ba724da5e7ad72fa580f8509fe838dbc1bfbbf53e29688f25ca602d2de702e4411d3d133e2ab2f454f71f98efc2cd0eb468544cacf608c6689ef122009cf61e813e26b7b2b1695143fcd510f509ec2bf7205e674ba6767eaa29605c51e434c298bde0969617292e960d22b085632d241aa2a8e0f6ac6f2d56d0ed2c6bd3eca306a3224915065894480e737c7d7a11901bb7f977525cfcab652476baab0fd3b68dc59fd14ccdd6248bd5c5a0ab1dbae28a848b2d4ad0d973bb149ff4115b0436b7d145a6f8081d314039131f60dc8ed0ccf2c4971f0a59a65b3b1ef638e6d009dff793a4b7266c58f88bb117d665cae8fc6f6c2840470333bdbc8df12c6633a6ac7b664e089a85dc6d49f52459dd2df1be552194eef6027c1b45f62b97647788c3325f05609c1e02cbc9a18be72e4b502df719e4f9cb82615e3a03b5732328e552023dbfdcf91ed5ab51242e7d09a9b73674f0946976d8a8fa9288dce4d54d5820a0f0053b892685f79a6c8dbac724fce4d24a7b75e383f54ac58af3951d666a22f158637acc4f0e09e248e85f8e1439501afc0d5b7e9eab40fa737ae93482a1e29f3e327fa31d0d764c65ab976af1eb91fe08c5bc10a48b93453ad192d1d538cf93b792a70246bde99f46a78b670edea552840e08c787c928ee311f954b73d07287a59b470e38d4e624ddba8e4b21a74d7c07cc684b0ea82212129901029e74312866722dfa2dc53de3e8ddc00adc21deb7510ed15c50d139296297408da3d6beb589e7bb3f1d74e4e8dddec14b9cdf371d7f142136cdca5644d09edd97228a0abcd2e7b402c5cc68683cb980f50ca7aea8338dc5990a6ebb2d2b95a3deecc45f5a4f4e0e40a57e29f3e227c41db00e17dc962e2ea3184b5057c89974bcab651a22e588a527d7d8ec695e7ab5622c1ad3763d045a8393b7acfa04488556ac957777d1aebfc5d0e2a8150a6984d5607ac2400789d8f622c837d6a9b78fcc2d8aa872949edde53e3a99b5f5bf35bff5f0db7874ad3f172f9d8dd6cbb17a770b1482c79b9a15605cd0d89c6bae9aa6db8e886cfff8f843b99df95dde88c96202ae6ced4d539a3f70997ee7b2bdb7bbe529f9bc55b143066de8d9dcd7fa38c54094f2235e4a17ef8e910b4d48c373ce5e6fc9824ca8f115e579b002df16c591557cd6cac1363b8d8fc656075ca703a87f1efa76e4122eb7358389f659681fb49cb82215f73b284a7678b8b1528472d0cfab1980ee3d4410bdc1c31f1f798c3ca5744077e2f6cb4ca6e415f1e3afc8c00dd95d3307de5428883513f01ed19dde487e1c103619fd78583f09d02982512e0ee20a670b3b24986dcb7431f1ef3fd12e801bb2454213ff7b1962a464647eb4c8125cf2ed098160da880024a98add9b2917e133dcee7a8e25387fd5bf2b3f8fb05b2f7ed5f719b30b9cca4b1754e31d48bd2ec79e7e9c155130ea5f0876f3bb4d94ac74b209633ecb03deb8b9448e8cf4b4bcb04ffdb38ac457881f84636246a4e5e7773166129fb8b7803c6dde0ee69fd1f76f1d93b729eacc9d8dbd6e61e638a3f8de972a824936b1d869a15daaa21db04760e9110c5b7c736671d31a72fcd57a6f7424c898791cafa21a48921215a78d60a367aa7c6284a1aaa1fee0c5291bdc91bf8c032c9917fd28e68fc046ea4b17952f1abbe01af5f19e4fa99fc6a985f6264f9efbb208e6146d3465cc603ef36d3d59b5197bca1696bf5658b60cf0e0455cb1e174e52c4acb712a3ed9202a1ae334427b93305939c7f15e9e5eed09b5fc8d1e3836720d46d133841d4482ec2427d3002d95bce996b4b2d5b59b2a43970afe35517674bfdd8807931697422045f60641138fefa27865b9d477ef04847dd02d305e8f15e228522e54d1ffda6d5b26ad831146c66e6f9153ebeb0785ea75283df66816d771c7e4297c1686d06494a59046313169f2e2b4988a2758198fcb166d9d112d187a4456503e6c0bdfb390c89dcebf3cb8260a27fdebddbc6071857010ad4c59c062db35a4", 0xffffffffffffff27)

1.907210706s ago: executing program 4 (id=3694):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40000000010800034000000014480000000c0a010100000048000000000a0000060900020073797a31000000000900010073797a31000000001c0003"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1.759919472s ago: executing program 4 (id=3695):
mknod(&(0x7f00000000c0)='./file0\x00', 0x8001420, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x6)
r0 = socket$inet(0x2, 0x2, 0x1)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000480)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000000050005000200000c12000300686173683a6e65742c706f7274"], 0x4c}}, 0x2)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYRESDEC=r2], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x80)
syz_usb_disconnect(0xffffffffffffffff)
close_range(r0, 0xffffffffffffffff, 0x0)
mount$afs(&(0x7f0000000480)=ANY=[@ANYBLOB="2373797a310373797a302e"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3a)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
write$binfmt_script(r4, &(0x7f0000000200), 0xfffffd9d)

1.133826949s ago: executing program 3 (id=3698):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x60a00, 0x0)
write(r0, &(0x7f0000000100)="ba99a432a2b5be5a5e668735ad4088ff9f94cfad19f793ed844e948c728236e4b091a02c85ac970346684ff3a18bde95b729d173e4e906ef68eebfcab13f6147d1abf99d34d7770b222200bfc1fe85c3265f5c5882ffd7e296867145111a9afea4ad791e9da14f82a445bd3ddac62a", 0x6f)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x59327139ae2673af, 0x12, r0, 0x57789000) (async)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ip6_mr_vif\x00') (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1) (async, rerun: 32)
r1 = socket$inet6(0xa, 0x80002, 0x0) (rerun: 32)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x33, &(0x7f00000000c0)={0x0, 0x0}, 0x10) (async)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

818.700196ms ago: executing program 5 (id=3700):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070084000000060004404e220000"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

751.933417ms ago: executing program 5 (id=3701):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffc], [0x0, 0x0, 0x2, 0xb16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x88000001, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd4, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1002, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x6cf5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x3, 0x2, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0x6, 0x0, 0xfffc}, 0x4d, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x1, 0x4, 0x0, 0x0, 0x0, 0x11, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x591, 0x0, 0x4, 0x0, 0x1, 0xffffffff, 0x80000, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x0, 0x13693958, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0x0, 0x0, 0x7, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2, 0x9, 0x0, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x10000002, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8000000, 0x0, 0x0, 0x6, 0x0, 0x3, 0xfffffffe, 0x80, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffe, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd244, 0x0, 0x5, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x3, 0x4, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x10, 0x8, 0x0, 0x2, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x1ff]}, 0x45c)

659.928756ms ago: executing program 3 (id=3702):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xd}})
write$tun(r0, &(0x7f0000000500)=ANY=[@ANYBLOB="034886dd0100000000001400000060e1fd2800082f00fe88a43de1a400000000000000007d01ff0200f5ffffff0000000000000000010000883e"], 0xfdef)

128.488312ms ago: executing program 5 (id=3703):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f00000003c0)={0x89, r1, 0x1, 0x70bd2b, 0xfffffffe, {0x1e}, [{@nsim={{0xe}, {0x4a, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3e}, {0xc}, {0xffffffffffffffd3, 0x90, 0x3}}]}, 0x9d}, 0x1, 0x0, 0x0, 0x4000081}, 0x20044010)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2)
mmap(&(0x7f000009e000/0x10000)=nil, 0x10000, 0x1000002, 0x11, r3, 0x3000)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20000009, 0x0, &(0x7f0000000240)={0x0, 0x0, 0xfffc, 0x360}, 0x8, 0x9, 0x80, 0x0, 0x0, 0x101, 0x0})
r4 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x2c, r4, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}]}, 0x2c}}, 0x0)
sendmsg$SMC_PNETID_FLUSH(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000280)={0x44, r4, 0x8, 0x70bd2b, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'team_slave_0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'pimreg1\x00'}]}, 0x44}, 0x1, 0x0, 0x0, 0x48004}, 0x4801)
ioctl$PPPIOCUNBRIDGECHAN(r2, 0x7434)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000100)='affs\x00', 0xa0c00e, 0x0)

128.265834ms ago: executing program 3 (id=3704):
open(&(0x7f00000021c0)='./file0\x00', 0x48442, 0x182)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='lp\x00', 0x3a)
write$binfmt_script(r0, &(0x7f0000000200), 0xfffffd9d)

127.397309ms ago: executing program 5 (id=3705):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000380)=0x14) (async)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00') (async)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000040)="d8000000180081034e81f783db4cb9040a1d020006007c09e8fc55a10a002a000400142603600e120800060000000441a8000800a4001040040000000c5c04613e60a2a6c30942519c6f749229c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a707f4090000001fb71b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad9e3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5dd330d4e1ffffffffc1c9b6278754ca397cc87566388b0dd6e4edef3d9300", 0xd8}], 0x1}, 0x4000)
move_mount(r2, &(0x7f00000000c0)='./mnt\x00', r2, 0x0, 0x177) (async)
bind$xdp(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, 0xf, r1, 0xf, r2}, 0x10) (async)
connect$inet6(r0, 0x0, 0x0) (async)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0) (async)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000001400)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40) (async)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="2c0000000d0a010300000000000000000a0000010900020073797a31000000000900010073797a3100000000f15c0c38f27b09fb9d9dd6e19930c122b7d72dc8bb05c73c9e35b285f0c0c28ac47f78a9c1f3294e3986cd31fa1b5d5c29f0287e99076c5b3471440b5e4b690b295946be22ac3d8daf71b669c3c180cf857602436c09fe7709c0882d652aa6713d5da6d56f325e397759e5129199e8f8f9a03c4ac0d77604b4304b498ffac0a2b553576e8665b4c776b2666e1f5f336d6737622eba7aa66c030f89b895424f9ce2927b708bdda874dd2564"], 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
recvfrom(r5, 0x0, 0x0, 0x40002062, 0x0, 0x0) (async)
r6 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000300), 0x147342, 0x0) (async)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0) (async)
mkdir(&(0x7f0000000000)='./file0\x00', 0x6)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="66a83d8342ef0ee6ef37b671cc2bcb9128e0497e4843253972a6c77079e19f6296064f8dd90bb84e598fc4d50961a3097372184c208607b2c0ca59f7f412414bdf5b2d72a035e46648351b5d65212b5dfa13f95f29400b492a306541f0e1f2325e555f07d6855b230c50b7d685fa958400b0fd3f917adaae0f846b52ffe91363166923ecbdaa6933c650ad7968e6bc50cf15e325bd4da50fe72e63ea8d6c", @ANYRESHEX=r8, @ANYRES16=r0, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) (async)
read$FUSE(r8, &(0x7f0000006840)={0x2020, 0x0, <r9=>0x0}, 0x2020) (async)
syz_fuse_handle_req(r8, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
fcntl$dupfd(r4, 0x0, r6) (async)
write$FUSE_INIT(r8, &(0x7f0000004200)={0x50, 0x0, r9}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x81, 0x0, 0x0, {0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x10b}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
r10 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x2, 0x0)
lseek(r10, 0x0, 0x3) (async)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) (async)
sendto$inet(r7, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

127.093243ms ago: executing program 5 (id=3706):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000004c0)="0f064b0fc71ac441e012e9c4427d257c6402c423f978f50066baf80cb81c07da87ef66bafc0cecf342a60f00d6c7442400f5ff0000c744240203000000c7442406000000000f011424c4415f5c9297e5ffff", 0x52}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_NESTED_STATE(r2, 0xc080aebe, &(0x7f000000a100)={{0x0, 0x0, 0xfffffffffffffcfd}, "0000000000000000000000000000000000000000000000000000000000000000000000000200"})

99.249034ms ago: executing program 4 (id=3707):
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x66002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x1}, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0)
r0 = syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x80000)
r1 = socket(0x2, 0x1, 0x0)
r2 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SOCK(r0, 0xab00, r1)
ioctl$NBD_DO_IT(r2, 0xab03)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000004a00)='./file1\x00', &(0x7f0000000080)='udf\x00', 0x2008087, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x64342, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r4 = getpid()
r5 = gettid()
rt_tgsigqueueinfo(r4, r5, 0xb, &(0x7f0000000080)={0x0, 0x10, 0x2})
r6 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffff9]}, 0x8)
read(r6, &(0x7f0000000740)=""/377, 0x179)
socket$key(0xf, 0x3, 0x2)
r7 = socket$inet6(0xa, 0x1, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r8, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000180)={{{@in=@private, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x2}, {}, {}, 0x0, 0x0, 0x1, 0x0, 0x9833bf88d1b218f5, 0x3}, {{@in=@empty, 0x4d6, 0x6c}, 0x0, @in6=@loopback, 0x0, 0x0, 0x0, 0x4, 0x8}}, 0xe8)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
sendfile(r3, r3, 0x0, 0x7ffff000)
r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$LOOP_CTL_REMOVE(r9, 0x4c81, 0x2)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r10, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r10, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x27, 0x0, 0x27}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x4c, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x300, 0x0, 0x28, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2, 0x0, 0x700}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0xfd6c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x4010, r10, 0x2000)

0s ago: executing program 5 (id=3708):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f000000040b2100000095f5758483"], 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
ioctl$HIDIOCGUSAGES(r2, 0xd01c4813, 0x0)

kernel console output (not intermixed with test programs):


[  531.664160][ T6863] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  531.691386][ T6863] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  531.711388][ T6863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.731002][ T6863] usb 4-1: config 0 descriptor??
[  531.898727][T15096] FAULT_INJECTION: forcing a failure.
[  531.898727][T15096] name failslab, interval 1, probability 0, space 0, times 0
[  531.912046][T15096] CPU: 1 UID: 0 PID: 15096 Comm: syz.5.3322 Not tainted syzkaller #0 PREEMPT(full) 
[  531.912080][T15096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  531.912096][T15096] Call Trace:
[  531.912105][T15096]  <TASK>
[  531.912115][T15096]  dump_stack_lvl+0x189/0x250
[  531.912161][T15096]  ? __pfx____ratelimit+0x10/0x10
[  531.912191][T15096]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.912225][T15096]  ? __pfx__printk+0x10/0x10
[  531.912261][T15096]  ? __pfx___might_resched+0x10/0x10
[  531.912285][T15096]  ? lock_acquire+0x5f/0x360
[  531.912309][T15096]  should_fail_ex+0x414/0x560
[  531.912342][T15096]  should_failslab+0xa8/0x100
[  531.912364][T15096]  __kmalloc_noprof+0xcb/0x4b0
[  531.912395][T15096]  ? kfree+0x4d/0x440
[  531.912422][T15096]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  531.912458][T15096]  tomoyo_realpath_from_path+0xe3/0x5d0
[  531.912495][T15096]  ? tomoyo_mount_permission+0x27a/0x970
[  531.912525][T15096]  tomoyo_mount_permission+0x377/0x970
[  531.912556][T15096]  ? tomoyo_mount_permission+0x27a/0x970
[  531.912586][T15096]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  531.912646][T15096]  security_sb_mount+0xec/0x350
[  531.912678][T15096]  path_mount+0xbc/0xfe0
[  531.912702][T15096]  ? user_path_at+0x44/0x60
[  531.912734][T15096]  ? kmem_cache_free+0x18f/0x400
[  531.912774][T15096]  __se_sys_mount+0x317/0x410
[  531.912803][T15096]  ? __pfx___se_sys_mount+0x10/0x10
[  531.912832][T15096]  ? rcu_is_watching+0x15/0xb0
[  531.912857][T15096]  ? __x64_sys_mount+0x20/0xc0
[  531.912885][T15096]  do_syscall_64+0xfa/0xfa0
[  531.912917][T15096]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.912949][T15096]  ? clear_bhb_loop+0x60/0xb0
[  531.912975][T15096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.912998][T15096] RIP: 0033:0x7f338ff8ebe9
[  531.913018][T15096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.913039][T15096] RSP: 002b:00007f3390ee0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  531.913064][T15096] RAX: ffffffffffffffda RBX: 00007f33901c5fa0 RCX: 00007f338ff8ebe9
[  531.913081][T15096] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  531.913097][T15096] RBP: 00007f3390ee0090 R08: 0000000000000000 R09: 0000000000000000
[  531.913112][T15096] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000001
[  531.913126][T15096] R13: 00007f33901c6038 R14: 00007f33901c5fa0 R15: 00007ffdefe10b98
[  531.913154][T15096]  </TASK>
[  532.159194][T15096] ERROR: Out of memory at tomoyo_realpath_from_path.
[  532.199202][T15098] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  532.383412][T15105] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  532.390341][T15105] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  532.397346][T15105] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  532.404095][T15105] comedi comedi3: 8255: I/O port conflict (0x7fffffff,4)
[  532.411497][T15105] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[  532.418764][T15105] comedi comedi3: 8255: I/O port conflict (0xffffffff80000005,4)
[  532.428558][T15105] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[  532.435345][T15105] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  532.441943][T15105] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  532.448879][T15105] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  532.454764][   T10] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  532.609668][   T10] usb 6-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0
[  532.620343][   T10] usb 6-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  532.634563][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  532.641540][   T10] usb 6-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.00
[  532.651102][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.662736][   T10] usb 6-1: config 0 descriptor??
[  532.754366][ T6863] usbhid 4-1:0.0: can't add hid device: -71
[  532.764267][ T6863] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  532.778315][ T6863] usb 4-1: USB disconnect, device number 71
[  532.880541][T15100] input: syz0 as /devices/virtual/input/input112
[  532.893449][T15100] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3324'.
[  532.966485][   T10] usb 6-1: string descriptor 0 read error: -71
[  532.976787][   T10] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input113
[  532.989149][ T5220] bcm5974 6-1:0.0: could not read from device
[  532.992606][   T10] usb 6-1: USB disconnect, device number 16
[  533.002994][ T5220] bcm5974 6-1:0.0: could not read from device
[  533.507782][T15117] input: syz0 as /devices/virtual/input/input114
[  533.644869][ T5901] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  533.814790][ T5901] usb 4-1: Using ep0 maxpacket: 16
[  533.821729][ T5901] usb 4-1: config 0 has an invalid interface number: 49 but max is 0
[  533.835077][ T5901] usb 4-1: config 0 has no interface number 0
[  533.844696][ T5901] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  533.856151][ T5901] usb 4-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  533.869738][ T5901] usb 4-1: config 0 interface 49 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  533.882032][ T5901] usb 4-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  533.891909][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.900425][ T5901] usb 4-1: Product: syz
[  533.905184][ T5901] usb 4-1: Manufacturer: syz
[  533.910054][ T5901] usb 4-1: SerialNumber: syz
[  533.918757][ T5901] usb 4-1: config 0 descriptor??
[  534.137995][T15115] netlink: 56 bytes leftover after parsing attributes in process `syz.3.3330'.
[  534.240277][T15126] FAULT_INJECTION: forcing a failure.
[  534.240277][T15126] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  534.254473][T15126] CPU: 1 UID: 0 PID: 15126 Comm: syz.4.3335 Not tainted syzkaller #0 PREEMPT(full) 
[  534.254503][T15126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  534.254516][T15126] Call Trace:
[  534.254524][T15126]  <TASK>
[  534.254533][T15126]  dump_stack_lvl+0x189/0x250
[  534.254574][T15126]  ? __pfx____ratelimit+0x10/0x10
[  534.254600][T15126]  ? __pfx_dump_stack_lvl+0x10/0x10
[  534.254632][T15126]  ? __pfx__printk+0x10/0x10
[  534.254663][T15126]  ? rcu_is_watching+0x15/0xb0
[  534.254687][T15126]  should_fail_ex+0x414/0x560
[  534.254716][T15126]  strncpy_from_user+0x36/0x290
[  534.254744][T15126]  getname_flags+0xf3/0x540
[  534.254768][T15126]  ? _copy_from_user+0x94/0xb0
[  534.254791][T15126]  user_path_at+0x24/0x60
[  534.254820][T15126]  __se_sys_mount+0x2d3/0x410
[  534.254847][T15126]  ? __pfx___se_sys_mount+0x10/0x10
[  534.254874][T15126]  ? rcu_is_watching+0x15/0xb0
[  534.254895][T15126]  ? __x64_sys_mount+0x20/0xc0
[  534.254919][T15126]  do_syscall_64+0xfa/0xfa0
[  534.254947][T15126]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.254977][T15126]  ? clear_bhb_loop+0x60/0xb0
[  534.255001][T15126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.255021][T15126] RIP: 0033:0x7fe09ab8ebe9
[  534.255040][T15126] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  534.255058][T15126] RSP: 002b:00007fe09ba0a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  534.255081][T15126] RAX: ffffffffffffffda RBX: 00007fe09adc5fa0 RCX: 00007fe09ab8ebe9
[  534.255097][T15126] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  534.255112][T15126] RBP: 00007fe09ba0a090 R08: 0000000000000000 R09: 0000000000000000
[  534.255125][T15126] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000001
[  534.255138][T15126] R13: 00007fe09adc6038 R14: 00007fe09adc5fa0 R15: 00007ffe60e82618
[  534.255162][T15126]  </TASK>
[  534.546760][T15129] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  534.568951][T15129] VFS: Can't find a romfs filesystem on dev rnullb0.
[  534.568951][T15129] 
[  534.604546][T15138] tipc: Started in network mode
[  534.609726][T15138] tipc: Node identity ac1414aa, cluster identity 4711
[  534.620763][T15138] tipc: Enabled bearer <udp:s>, priority 10
[  535.118438][T15161] input: syz0 as /devices/virtual/input/input115
[  535.121169][T15162] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  535.225003][   T10] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  535.253642][T15165] XFS (rnullb0): Invalid superblock magic number
[  535.377555][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  535.390269][   T10] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  535.400805][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.415632][   T10] usb 3-1: config 0 descriptor??
[  535.554827][ T6863] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  535.626653][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  535.634725][ T5864] tipc: Node number set to 2886997162
[  535.637045][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  535.650239][   T10] usb 3-1: USB disconnect, device number 84
[  535.661901][T15186] kAFS: No cell specified
[  535.708249][ T6863] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  535.718738][ T6863] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  535.731898][ T6863] usb 5-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  535.741314][ T6863] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.749740][ T6863] usb 5-1: Product: syz
[  535.753944][ T6863] usb 5-1: Manufacturer: syz
[  535.758729][ T6863] usb 5-1: SerialNumber: syz
[  535.766940][ T6863] usb 5-1: config 0 descriptor??
[  535.914853][ T5972] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  536.030249][   T10] usb 5-1: USB disconnect, device number 15
[  536.063864][T15190] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  536.074811][ T5972] usb 6-1: Using ep0 maxpacket: 16
[  536.075038][ T5864] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  536.086284][ T5972] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  536.098911][ T5972] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  536.109526][ T5972] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  536.124363][ T5972] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  536.134420][ T5972] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.147732][ T5972] usb 6-1: config 0 descriptor??
[  536.256437][ T5864] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  536.268110][ T5864] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  536.281685][ T5864] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  536.291918][ T5864] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  536.302616][ T5864] usb 3-1: config 0 descriptor??
[  536.412651][ T5901] usb 4-1: USB disconnect, device number 72
[  536.597686][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  536.673837][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  536.731108][ T5864] plantronics 0003:047F:FFFF.0060: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  536.814226][ T5972] usbhid 6-1:0.0: can't add hid device: -71
[  536.821881][ T5972] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  536.840919][ T5972] usb 6-1: USB disconnect, device number 17
[  536.914804][ T5901] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  536.984922][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[  537.065176][ T5901] usb 4-1: Using ep0 maxpacket: 16
[  537.072263][ T5901] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  537.081373][ T5901] usb 4-1: config 0 has no interface number 0
[  537.091085][ T5901] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x1 has an invalid bInterval 172, changing to 11
[  537.102775][ T5901] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x1 has invalid maxpacket 50254, setting to 1024
[  537.119538][ T5901] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  537.130044][ T5901] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  537.134786][    T0] NOHZ tick-stop error: local softirq work is pending, handler #142!!!
[  537.140524][ T5901] usb 4-1: Product: syz
[  537.151337][ T5901] usb 4-1: SerialNumber: syz
[  537.164324][ T5901] usb 4-1: config 0 descriptor??
[  537.171126][T15196] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  537.188353][ T5901] usbhid 4-1:0.8: couldn't find an input interrupt endpoint
[  537.192246][T15201] program syz.4.3358 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  537.394562][T15196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  537.403492][T15196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  537.412746][T15206] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0020:7d01 with DS=0xe
[  537.475327][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  537.516946][    T0] NOHZ tick-stop error: local softirq work is pending, handler #300!!!
[  537.529925][ T5972] usb 3-1: USB disconnect, device number 85
[  537.572125][T15214] netlink: 'syz.5.3363': attribute type 2 has an invalid length.
[  537.770574][T15227] FAULT_INJECTION: forcing a failure.
[  537.770574][T15227] name failslab, interval 1, probability 0, space 0, times 0
[  537.784364][T15227] CPU: 1 UID: 0 PID: 15227 Comm: syz.5.3366 Not tainted syzkaller #0 PREEMPT(full) 
[  537.784394][T15227] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  537.784407][T15227] Call Trace:
[  537.784415][T15227]  <TASK>
[  537.784424][T15227]  dump_stack_lvl+0x189/0x250
[  537.784460][T15227]  ? __pfx____ratelimit+0x10/0x10
[  537.784486][T15227]  ? __pfx_dump_stack_lvl+0x10/0x10
[  537.784519][T15227]  ? __pfx__printk+0x10/0x10
[  537.784551][T15227]  ? __pfx___might_resched+0x10/0x10
[  537.784574][T15227]  ? lock_acquire+0x5f/0x360
[  537.784593][T15227]  should_fail_ex+0x414/0x560
[  537.784623][T15227]  should_failslab+0xa8/0x100
[  537.784644][T15227]  __kmalloc_noprof+0xcb/0x4b0
[  537.784672][T15227]  ? kfree+0x4d/0x440
[  537.784708][T15227]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  537.784739][T15227]  tomoyo_realpath_from_path+0xe3/0x5d0
[  537.784771][T15227]  ? tomoyo_mount_permission+0x27a/0x970
[  537.784796][T15227]  tomoyo_mount_permission+0x377/0x970
[  537.784823][T15227]  ? tomoyo_mount_permission+0x27a/0x970
[  537.784849][T15227]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  537.784902][T15227]  security_sb_mount+0xec/0x350
[  537.784930][T15227]  path_mount+0xbc/0xfe0
[  537.784953][T15227]  ? user_path_at+0x44/0x60
[  537.784980][T15227]  ? kmem_cache_free+0x18f/0x400
[  537.785013][T15227]  __se_sys_mount+0x317/0x410
[  537.785040][T15227]  ? __pfx___se_sys_mount+0x10/0x10
[  537.785066][T15227]  ? rcu_is_watching+0x15/0xb0
[  537.785089][T15227]  ? __x64_sys_mount+0x20/0xc0
[  537.785113][T15227]  do_syscall_64+0xfa/0xfa0
[  537.785141][T15227]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.785160][T15227]  ? clear_bhb_loop+0x60/0xb0
[  537.785203][T15227]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  537.785223][T15227] RIP: 0033:0x7f338ff8ebe9
[  537.785241][T15227] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  537.785259][T15227] RSP: 002b:00007f3390ee0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  537.785280][T15227] RAX: ffffffffffffffda RBX: 00007f33901c5fa0 RCX: 00007f338ff8ebe9
[  537.785295][T15227] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  537.785306][T15227] RBP: 00007f3390ee0090 R08: 0000000000000000 R09: 0000000000000000
[  537.785315][T15227] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000001
[  537.785325][T15227] R13: 00007f33901c6038 R14: 00007f33901c5fa0 R15: 00007ffdefe10b98
[  537.785343][T15227]  </TASK>
[  538.038223][T15227] ERROR: Out of memory at tomoyo_realpath_from_path.
[  538.104071][T15232] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  538.170893][T15236] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  538.237452][T15240] input: syz0 as /devices/virtual/input/input117
[  538.271232][T15243] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  538.684043][T15264] FAULT_INJECTION: forcing a failure.
[  538.684043][T15264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  538.716379][T15264] CPU: 0 UID: 0 PID: 15264 Comm: syz.5.3382 Not tainted syzkaller #0 PREEMPT(full) 
[  538.716408][T15264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  538.716422][T15264] Call Trace:
[  538.716431][T15264]  <TASK>
[  538.716440][T15264]  dump_stack_lvl+0x189/0x250
[  538.716477][T15264]  ? __pfx____ratelimit+0x10/0x10
[  538.716504][T15264]  ? __pfx_dump_stack_lvl+0x10/0x10
[  538.716535][T15264]  ? __pfx__printk+0x10/0x10
[  538.716562][T15264]  ? __might_fault+0xb0/0x130
[  538.716597][T15264]  ? rcu_is_watching+0x15/0xb0
[  538.716622][T15264]  should_fail_ex+0x414/0x560
[  538.716653][T15264]  _copy_from_iter+0x1de/0x1790
[  538.716675][T15264]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  538.716715][T15264]  ? kmem_cache_alloc_node_noprof+0x203/0x390
[  538.716748][T15264]  ? tcp_leave_memory_pressure+0xea/0x100
[  538.716771][T15264]  ? __pfx__copy_from_iter+0x10/0x10
[  538.716795][T15264]  ? __sk_mem_schedule+0x7f/0xf0
[  538.716818][T15264]  tcp_sendmsg_locked+0x1e9d/0x5620
[  538.716868][T15264]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  538.716890][T15264]  ? rcu_is_watching+0x15/0xb0
[  538.716913][T15264]  ? __local_bh_enable_ip+0x12d/0x1c0
[  538.716940][T15264]  tcp_sendmsg+0x2f/0x50
[  538.716963][T15264]  __sock_sendmsg+0xe5/0x270
[  538.716985][T15264]  sock_write_iter+0x258/0x330
[  538.717007][T15264]  ? __pfx_sock_write_iter+0x10/0x10
[  538.717032][T15264]  ? bpf_lsm_file_permission+0x9/0x20
[  538.717059][T15264]  ? security_file_permission+0x75/0x290
[  538.717084][T15264]  vfs_write+0x5c9/0xb30
[  538.717106][T15264]  ? __pfx_sock_write_iter+0x10/0x10
[  538.717128][T15264]  ? __pfx_vfs_write+0x10/0x10
[  538.717151][T15264]  ? __fget_files+0x2a/0x420
[  538.717192][T15264]  ksys_write+0x145/0x250
[  538.717214][T15264]  ? __pfx_ksys_write+0x10/0x10
[  538.717236][T15264]  ? rcu_is_watching+0x15/0xb0
[  538.717260][T15264]  do_syscall_64+0xfa/0xfa0
[  538.717288][T15264]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.717318][T15264]  ? clear_bhb_loop+0x60/0xb0
[  538.717340][T15264]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  538.717361][T15264] RIP: 0033:0x7f338ff8ebe9
[  538.717378][T15264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  538.717397][T15264] RSP: 002b:00007f3390ee0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  538.717420][T15264] RAX: ffffffffffffffda RBX: 00007f33901c5fa0 RCX: 00007f338ff8ebe9
[  538.717434][T15264] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  538.717448][T15264] RBP: 00007f3390ee0090 R08: 0000000000000000 R09: 0000000000000000
[  538.717461][T15264] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  538.717473][T15264] R13: 00007f33901c6038 R14: 00007f33901c5fa0 R15: 00007ffdefe10b98
[  538.717495][T15264]  </TASK>
[  538.722006][T15268] FAULT_INJECTION: forcing a failure.
[  538.722006][T15268] name failslab, interval 1, probability 0, space 0, times 0
[  539.040257][T15268] CPU: 0 UID: 0 PID: 15268 Comm: syz.2.3383 Not tainted syzkaller #0 PREEMPT(full) 
[  539.040297][T15268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  539.040311][T15268] Call Trace:
[  539.040319][T15268]  <TASK>
[  539.040328][T15268]  dump_stack_lvl+0x189/0x250
[  539.040364][T15268]  ? __pfx____ratelimit+0x10/0x10
[  539.040391][T15268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.040421][T15268]  ? __pfx__printk+0x10/0x10
[  539.040449][T15268]  ? read_seqbegin+0x1ac/0x250
[  539.040482][T15268]  ? __pfx___might_resched+0x10/0x10
[  539.040505][T15268]  ? lock_acquire+0x5f/0x360
[  539.040524][T15268]  should_fail_ex+0x414/0x560
[  539.040554][T15268]  should_failslab+0xa8/0x100
[  539.040574][T15268]  __kmalloc_noprof+0xcb/0x4b0
[  539.040604][T15268]  ? tomoyo_encode+0x28b/0x550
[  539.040634][T15268]  tomoyo_encode+0x28b/0x550
[  539.040662][T15268]  tomoyo_realpath_from_path+0x58d/0x5d0
[  539.040697][T15268]  ? tomoyo_mount_permission+0x27a/0x970
[  539.040723][T15268]  tomoyo_mount_permission+0x377/0x970
[  539.040751][T15268]  ? tomoyo_mount_permission+0x27a/0x970
[  539.040776][T15268]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  539.040830][T15268]  security_sb_mount+0xec/0x350
[  539.040859][T15268]  path_mount+0xbc/0xfe0
[  539.040880][T15268]  ? user_path_at+0x44/0x60
[  539.040906][T15268]  ? kmem_cache_free+0x18f/0x400
[  539.040940][T15268]  __se_sys_mount+0x317/0x410
[  539.040967][T15268]  ? __pfx___se_sys_mount+0x10/0x10
[  539.040993][T15268]  ? rcu_is_watching+0x15/0xb0
[  539.041015][T15268]  ? __x64_sys_mount+0x20/0xc0
[  539.041040][T15268]  do_syscall_64+0xfa/0xfa0
[  539.041069][T15268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.041089][T15268]  ? clear_bhb_loop+0x60/0xb0
[  539.041112][T15268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  539.041131][T15268] RIP: 0033:0x7faabf58ebe9
[  539.041149][T15268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  539.041169][T15268] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  539.041192][T15268] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  539.041208][T15268] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  539.041223][T15268] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  539.041245][T15268] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000001
[  539.041258][T15268] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  539.041289][T15268]  </TASK>
[  539.041403][T15268] ERROR: Out of memory at tomoyo_realpath_from_path.
[  539.351539][T15274] vxfs: WRONG superblock magic 00000000 at 1
[  539.357862][T15274] vxfs: WRONG superblock magic 00000000 at 8
[  539.363958][T15274] vxfs: can't find superblock.
[  539.398242][T15273] block nbd2: shutting down sockets
[  539.436830][T15277] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  539.572396][   T44] usb 4-1: USB disconnect, device number 73
[  540.387907][T15307] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  540.415426][T15309] FAULT_INJECTION: forcing a failure.
[  540.415426][T15309] name failslab, interval 1, probability 0, space 0, times 0
[  540.453926][T15309] CPU: 1 UID: 0 PID: 15309 Comm: syz.2.3400 Not tainted syzkaller #0 PREEMPT(full) 
[  540.453956][T15309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  540.453970][T15309] Call Trace:
[  540.453978][T15309]  <TASK>
[  540.453988][T15309]  dump_stack_lvl+0x189/0x250
[  540.454023][T15309]  ? __pfx____ratelimit+0x10/0x10
[  540.454050][T15309]  ? __pfx_dump_stack_lvl+0x10/0x10
[  540.454080][T15309]  ? __pfx__printk+0x10/0x10
[  540.454109][T15309]  ? __pfx___might_resched+0x10/0x10
[  540.454132][T15309]  ? lock_acquire+0x5f/0x360
[  540.454153][T15309]  should_fail_ex+0x414/0x560
[  540.454182][T15309]  should_failslab+0xa8/0x100
[  540.454203][T15309]  kmem_cache_alloc_noprof+0x73/0x390
[  540.454231][T15309]  ? getname_kernel+0x5a/0x2f0
[  540.454259][T15309]  getname_kernel+0x5a/0x2f0
[  540.454293][T15309]  kern_path+0x1d/0x50
[  540.454320][T15309]  tomoyo_mount_permission+0x776/0x970
[  540.454350][T15309]  ? tomoyo_mount_permission+0x27a/0x970
[  540.454376][T15309]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  540.454429][T15309]  security_sb_mount+0xec/0x350
[  540.454465][T15309]  path_mount+0xbc/0xfe0
[  540.454486][T15309]  ? user_path_at+0x44/0x60
[  540.454511][T15309]  ? kmem_cache_free+0x18f/0x400
[  540.454545][T15309]  __se_sys_mount+0x317/0x410
[  540.454570][T15309]  ? __pfx___se_sys_mount+0x10/0x10
[  540.454599][T15309]  ? rcu_is_watching+0x15/0xb0
[  540.454620][T15309]  ? __x64_sys_mount+0x20/0xc0
[  540.454643][T15309]  do_syscall_64+0xfa/0xfa0
[  540.454678][T15309]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.454699][T15309]  ? clear_bhb_loop+0x60/0xb0
[  540.454722][T15309]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  540.454741][T15309] RIP: 0033:0x7faabf58ebe9
[  540.454758][T15309] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  540.454784][T15309] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  540.454806][T15309] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  540.454820][T15309] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  540.454834][T15309] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  540.454847][T15309] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  540.454860][T15309] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  540.454883][T15309]  </TASK>
[  541.047996][T15324] kAFS: No cell specified
[  541.245718][ T5972] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  541.304754][ T5908] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  541.333980][   T10] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  541.426357][ T5972] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  541.446897][ T5972] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  541.457553][ T5972] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.480790][ T5972] usb 4-1: config 0 descriptor??
[  541.507206][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  541.517754][   T10] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 3
[  541.527616][ T5908] usb 5-1: Using ep0 maxpacket: 16
[  541.538052][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  541.552277][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  541.562348][   T10] usb 6-1: New USB device found, idVendor=0489, idProduct=e057, bcdDevice= 0.00
[  541.572671][ T5908] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  541.587672][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.597413][ T5908] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  541.607799][   T10] usb 6-1: config 0 descriptor??
[  541.618706][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.634739][ T5908] usb 5-1: config 0 descriptor??
[  541.708353][ T5972] usbhid 4-1:0.0: can't add hid device: -71
[  541.714768][ T5972] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  541.725667][ T5972] usb 4-1: USB disconnect, device number 74
[  542.032324][   T10] Bluetooth: Can't get state to change to load ram patch err
[  542.040215][   T10] Bluetooth: Loading patch file failed
[  542.046105][   T10] ath3k 6-1:0.0: probe with driver ath3k failed with error -71
[  542.066702][   T10] usb 6-1: USB disconnect, device number 18
[  542.124078][T15336] FAULT_INJECTION: forcing a failure.
[  542.124078][T15336] name failslab, interval 1, probability 0, space 0, times 0
[  542.140882][T15336] CPU: 0 UID: 0 PID: 15336 Comm: syz.2.3410 Not tainted syzkaller #0 PREEMPT(full) 
[  542.140912][T15336] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  542.140928][T15336] Call Trace:
[  542.140936][T15336]  <TASK>
[  542.140945][T15336]  dump_stack_lvl+0x189/0x250
[  542.140979][T15336]  ? __pfx____ratelimit+0x10/0x10
[  542.141002][T15336]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.141029][T15336]  ? __pfx__printk+0x10/0x10
[  542.141055][T15336]  ? fs_reclaim_acquire+0x7d/0x100
[  542.141072][T15336]  ? rcu_is_watching+0x15/0xb0
[  542.141091][T15336]  ? __pfx___might_resched+0x10/0x10
[  542.141109][T15336]  ? lock_acquire+0x5f/0x360
[  542.141127][T15336]  should_fail_ex+0x414/0x560
[  542.141152][T15336]  should_failslab+0xa8/0x100
[  542.141171][T15336]  kmem_cache_alloc_node_noprof+0x76/0x390
[  542.141198][T15336]  ? __alloc_skb+0x112/0x2d0
[  542.141223][T15336]  __alloc_skb+0x112/0x2d0
[  542.141248][T15336]  tcp_stream_alloc_skb+0x3d/0x340
[  542.141381][T15336]  tcp_sendmsg_locked+0xf38/0x5620
[  542.141436][T15336]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  542.141460][T15336]  ? rcu_is_watching+0x15/0xb0
[  542.141485][T15336]  ? __local_bh_enable_ip+0x12d/0x1c0
[  542.141514][T15336]  tcp_sendmsg+0x2f/0x50
[  542.141537][T15336]  __sock_sendmsg+0xe5/0x270
[  542.141563][T15336]  sock_write_iter+0x258/0x330
[  542.141586][T15336]  ? __pfx_sock_write_iter+0x10/0x10
[  542.141614][T15336]  ? bpf_lsm_file_permission+0x9/0x20
[  542.141642][T15336]  ? security_file_permission+0x75/0x290
[  542.141668][T15336]  vfs_write+0x5c9/0xb30
[  542.141690][T15336]  ? __pfx_sock_write_iter+0x10/0x10
[  542.141711][T15336]  ? __pfx_vfs_write+0x10/0x10
[  542.141734][T15336]  ? __fget_files+0x2a/0x420
[  542.141762][T15336]  ksys_write+0x145/0x250
[  542.141784][T15336]  ? __pfx_ksys_write+0x10/0x10
[  542.141807][T15336]  ? rcu_is_watching+0x15/0xb0
[  542.141832][T15336]  do_syscall_64+0xfa/0xfa0
[  542.141861][T15336]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.141881][T15336]  ? clear_bhb_loop+0x60/0xb0
[  542.141904][T15336]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.141924][T15336] RIP: 0033:0x7faabf58ebe9
[  542.141945][T15336] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.141963][T15336] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  542.141988][T15336] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  542.142005][T15336] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  542.142018][T15336] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  542.142031][T15336] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  542.142043][T15336] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  542.142067][T15336]  </TASK>
[  542.447822][ T5908] usbhid 5-1:0.0: can't add hid device: -71
[  542.454107][ T5908] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  542.464977][ T5908] usb 5-1: USB disconnect, device number 16
[  542.688903][T15338] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:0040:7d01 with DS=0xe
[  542.936727][T15363] FAULT_INJECTION: forcing a failure.
[  542.936727][T15363] name failslab, interval 1, probability 0, space 0, times 0
[  542.957122][T15363] CPU: 1 UID: 0 PID: 15363 Comm: syz.4.3418 Not tainted syzkaller #0 PREEMPT(full) 
[  542.957153][T15363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  542.957167][T15363] Call Trace:
[  542.957175][T15363]  <TASK>
[  542.957185][T15363]  dump_stack_lvl+0x189/0x250
[  542.957222][T15363]  ? __pfx____ratelimit+0x10/0x10
[  542.957248][T15363]  ? __pfx_dump_stack_lvl+0x10/0x10
[  542.957278][T15363]  ? __pfx__printk+0x10/0x10
[  542.957308][T15363]  ? __pfx___might_resched+0x10/0x10
[  542.957330][T15363]  ? lock_acquire+0x5f/0x360
[  542.957351][T15363]  should_fail_ex+0x414/0x560
[  542.957382][T15363]  should_failslab+0xa8/0x100
[  542.957403][T15363]  __kmalloc_noprof+0xcb/0x4b0
[  542.957433][T15363]  ? kfree+0x4d/0x440
[  542.957459][T15363]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  542.957490][T15363]  tomoyo_realpath_from_path+0xe3/0x5d0
[  542.957519][T15363]  ? kern_path+0x3f/0x50
[  542.957545][T15363]  ? kmem_cache_free+0x18f/0x400
[  542.957579][T15363]  tomoyo_mount_permission+0x8d8/0x970
[  542.957608][T15363]  ? tomoyo_mount_permission+0x27a/0x970
[  542.957634][T15363]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  542.957688][T15363]  security_sb_mount+0xec/0x350
[  542.957717][T15363]  path_mount+0xbc/0xfe0
[  542.957740][T15363]  ? user_path_at+0x44/0x60
[  542.957767][T15363]  ? kmem_cache_free+0x18f/0x400
[  542.957799][T15363]  __se_sys_mount+0x317/0x410
[  542.957826][T15363]  ? __pfx___se_sys_mount+0x10/0x10
[  542.957850][T15363]  ? rcu_is_watching+0x15/0xb0
[  542.957872][T15363]  ? __x64_sys_mount+0x20/0xc0
[  542.957895][T15363]  do_syscall_64+0xfa/0xfa0
[  542.957932][T15363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.957952][T15363]  ? clear_bhb_loop+0x60/0xb0
[  542.957974][T15363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  542.957994][T15363] RIP: 0033:0x7fe09ab8ebe9
[  542.958013][T15363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  542.958031][T15363] RSP: 002b:00007fe09ba0a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  542.958053][T15363] RAX: ffffffffffffffda RBX: 00007fe09adc5fa0 RCX: 00007fe09ab8ebe9
[  542.958069][T15363] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  542.958084][T15363] RBP: 00007fe09ba0a090 R08: 0000000000000000 R09: 0000000000000000
[  542.958097][T15363] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  542.958110][T15363] R13: 00007fe09adc6038 R14: 00007fe09adc5fa0 R15: 00007ffe60e82618
[  542.958134][T15363]  </TASK>
[  542.958144][T15363] ERROR: Out of memory at tomoyo_realpath_from_path.
[  543.217543][T15361] kAFS: No cell specified
[  543.584788][   T44] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  543.589865][T15382] FAULT_INJECTION: forcing a failure.
[  543.589865][T15382] name failslab, interval 1, probability 0, space 0, times 0
[  543.605704][T15382] CPU: 1 UID: 0 PID: 15382 Comm: syz.3.3425 Not tainted syzkaller #0 PREEMPT(full) 
[  543.605733][T15382] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  543.605747][T15382] Call Trace:
[  543.605755][T15382]  <TASK>
[  543.605764][T15382]  dump_stack_lvl+0x189/0x250
[  543.605798][T15382]  ? __pfx____ratelimit+0x10/0x10
[  543.605824][T15382]  ? __pfx_dump_stack_lvl+0x10/0x10
[  543.605856][T15382]  ? __pfx__printk+0x10/0x10
[  543.605885][T15382]  ? fs_reclaim_acquire+0x7d/0x100
[  543.605907][T15382]  ? rcu_is_watching+0x15/0xb0
[  543.605930][T15382]  ? __pfx___might_resched+0x10/0x10
[  543.605960][T15382]  ? lock_acquire+0x5f/0x360
[  543.605981][T15382]  should_fail_ex+0x414/0x560
[  543.606011][T15382]  should_failslab+0xa8/0x100
[  543.606032][T15382]  __kmalloc_cache_noprof+0x70/0x3a0
[  543.606062][T15382]  ? affs_init_fs_context+0x54/0x3b0
[  543.606088][T15382]  affs_init_fs_context+0x54/0x3b0
[  543.606113][T15382]  alloc_fs_context+0x64e/0x7d0
[  543.606143][T15382]  do_new_mount+0x16f/0xa30
[  543.606171][T15382]  ? ns_capable+0x8a/0xf0
[  543.606194][T15382]  ? __pfx_do_new_mount+0x10/0x10
[  543.606216][T15382]  ? path_mount+0x61c/0xfe0
[  543.606237][T15382]  ? user_path_at+0x44/0x60
[  543.606270][T15382]  __se_sys_mount+0x317/0x410
[  543.606298][T15382]  ? __pfx___se_sys_mount+0x10/0x10
[  543.606324][T15382]  ? rcu_is_watching+0x15/0xb0
[  543.606345][T15382]  ? __x64_sys_mount+0x20/0xc0
[  543.606369][T15382]  do_syscall_64+0xfa/0xfa0
[  543.606396][T15382]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.606416][T15382]  ? clear_bhb_loop+0x60/0xb0
[  543.606439][T15382]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  543.606459][T15382] RIP: 0033:0x7f35f378ebe9
[  543.606476][T15382] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  543.606494][T15382] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  543.606516][T15382] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  543.606532][T15382] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  543.606547][T15382] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  543.606559][T15382] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  543.606573][T15382] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  543.606596][T15382]  </TASK>
[  543.918660][T15385] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  543.925923][T15384] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  543.934402][T15385] VFS: Can't find a romfs filesystem on dev rnullb0.
[  543.934402][T15385] 
[  543.945319][T15384] VFS: Can't find a romfs filesystem on dev rnullb0.
[  543.945319][T15384] 
[  543.976470][   T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  543.987648][   T44] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  543.999002][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.008950][   T44] usb 5-1: config 0 descriptor??
[  544.162801][T15389] Can't find a SQUASHFS superblock on rnullb0
[  544.221816][   T44] usbhid 5-1:0.0: can't add hid device: -71
[  544.229699][   T44] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  544.241891][   T44] usb 5-1: USB disconnect, device number 17
[  544.328113][T15397] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  544.392922][   T30] audit: type=1326 audit(33312.336:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15400 comm="syz.3.3433" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f35f378ebe9 code=0x0
[  544.674696][   T10] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  544.766322][   T44] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  544.851809][   T10] usb 6-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  544.872843][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.878814][T15414] FAULT_INJECTION: forcing a failure.
[  544.878814][T15414] name failslab, interval 1, probability 0, space 0, times 0
[  544.890238][   T10] usb 6-1: Product: syz
[  544.896456][T15414] CPU: 1 UID: 0 PID: 15414 Comm: syz.2.3438 Not tainted syzkaller #0 PREEMPT(full) 
[  544.896490][T15414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  544.896506][T15414] Call Trace:
[  544.896516][T15414]  <TASK>
[  544.896528][T15414]  dump_stack_lvl+0x189/0x250
[  544.896570][T15414]  ? __pfx____ratelimit+0x10/0x10
[  544.896601][T15414]  ? __pfx_dump_stack_lvl+0x10/0x10
[  544.896634][T15414]  ? __pfx__printk+0x10/0x10
[  544.896668][T15414]  ? ktime_get+0x3e/0x1f0
[  544.896696][T15414]  ? rcu_is_watching+0x15/0xb0
[  544.896722][T15414]  ? ktime_get+0x3e/0x1f0
[  544.896751][T15414]  should_fail_ex+0x414/0x560
[  544.896786][T15414]  should_failslab+0xa8/0x100
[  544.896808][T15414]  kmem_cache_alloc_node_noprof+0x76/0x390
[  544.896844][T15414]  ? __alloc_skb+0x112/0x2d0
[  544.896883][T15414]  ? __release_sock+0x1c5/0x350
[  544.896906][T15414]  __alloc_skb+0x112/0x2d0
[  544.896938][T15414]  tcp_stream_alloc_skb+0x3d/0x340
[  544.896966][T15414]  tcp_write_xmit+0xeec/0x67f0
[  544.897023][T15414]  __tcp_push_pending_frames+0x97/0x360
[  544.897060][T15414]  tcp_rcv_established+0xf12/0x1eb0
[  544.897093][T15414]  ? __pfx_tcp_rcv_established+0x10/0x10
[  544.897119][T15414]  ? ip6_dst_check+0x5e3/0x7e0
[  544.897140][T15414]  ? __pfx_ip6_dst_check+0x10/0x10
[  544.897163][T15414]  tcp_v6_do_rcv+0xa9d/0x13f0
[  544.897201][T15414]  ? __pfx_tcp_v6_do_rcv+0x10/0x10
[  544.897231][T15414]  __release_sock+0x1c5/0x350
[  544.897257][T15414]  release_sock+0x5f/0x1f0
[  544.897288][T15414]  sk_stream_wait_memory+0x724/0xf70
[  544.897324][T15414]  ? __pfx_sk_stream_wait_memory+0x10/0x10
[  544.897348][T15414]  ? __pfx_woken_wake_function+0x10/0x10
[  544.897387][T15414]  ? __tcp_push_pending_frames+0xd2/0x360
[  544.897419][T15414]  ? tcp_push+0x40f/0x660
[  544.897443][T15414]  tcp_sendmsg_locked+0x2147/0x5620
[  544.897497][T15414]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  544.897522][T15414]  ? rcu_is_watching+0x15/0xb0
[  544.897547][T15414]  ? __local_bh_enable_ip+0x12d/0x1c0
[  544.897580][T15414]  tcp_sendmsg+0x2f/0x50
[  544.897605][T15414]  __sock_sendmsg+0xe5/0x270
[  544.897633][T15414]  sock_write_iter+0x258/0x330
[  544.897657][T15414]  ? __pfx_sock_write_iter+0x10/0x10
[  544.897686][T15414]  ? bpf_lsm_file_permission+0x9/0x20
[  544.897716][T15414]  ? security_file_permission+0x75/0x290
[  544.897744][T15414]  vfs_write+0x5c9/0xb30
[  544.897768][T15414]  ? __pfx_sock_write_iter+0x10/0x10
[  544.897788][T15414]  ? __pfx_vfs_write+0x10/0x10
[  544.897810][T15414]  ? __fget_files+0x2a/0x420
[  544.897837][T15414]  ksys_write+0x145/0x250
[  544.897865][T15414]  ? __pfx_ksys_write+0x10/0x10
[  544.897890][T15414]  ? rcu_is_watching+0x15/0xb0
[  544.897916][T15414]  do_syscall_64+0xfa/0xfa0
[  544.897950][T15414]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.897974][T15414]  ? clear_bhb_loop+0x60/0xb0
[  544.897997][T15414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.898019][T15414] RIP: 0033:0x7faabf58ebe9
[  544.898041][T15414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.898061][T15414] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  544.898086][T15414] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  544.898102][T15414] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  544.898117][T15414] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  544.898132][T15414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  544.898147][T15414] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  544.898174][T15414]  </TASK>
[  544.947303][   T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  545.216364][   T10] usb 6-1: Manufacturer: syz
[  545.340674][   T44] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  545.354367][   T44] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  545.364270][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.374250][   T44] usb 5-1: config 0 descriptor??
[  545.391435][   T10] usb 6-1: SerialNumber: syz
[  545.412633][   T10] usb 6-1: config 0 descriptor??
[  545.626013][   T10] usb 6-1: f81604_read: reg: 105 failed: -EREMOTEIO
[  545.633528][   T10] f81604 6-1:0.0: Setting termination of CH#0 failed: -EREMOTEIO
[  545.644718][   T10] f81604 6-1:0.0: probe with driver f81604 failed with error -121
[  545.666879][T15423] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0000:02d8:7d01 with DS=0xe
[  545.793546][   T44] plantronics 0003:047F:FFFF.0061: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  545.987935][T15427] kAFS: No cell specified
[  546.660967][ T5901] usb 5-1: USB disconnect, device number 18
[  546.793202][T15434] FAULT_INJECTION: forcing a failure.
[  546.793202][T15434] name failslab, interval 1, probability 0, space 0, times 0
[  546.810730][T15434] CPU: 0 UID: 0 PID: 15434 Comm: syz.2.3445 Not tainted syzkaller #0 PREEMPT(full) 
[  546.810760][T15434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  546.810774][T15434] Call Trace:
[  546.810782][T15434]  <TASK>
[  546.810791][T15434]  dump_stack_lvl+0x189/0x250
[  546.810827][T15434]  ? __pfx____ratelimit+0x10/0x10
[  546.810854][T15434]  ? __pfx_dump_stack_lvl+0x10/0x10
[  546.810892][T15434]  ? __pfx__printk+0x10/0x10
[  546.810922][T15434]  ? fs_reclaim_acquire+0x7d/0x100
[  546.810943][T15434]  ? rcu_is_watching+0x15/0xb0
[  546.810966][T15434]  ? __pfx___might_resched+0x10/0x10
[  546.810987][T15434]  ? lock_acquire+0x5f/0x360
[  546.811030][T15434]  should_fail_ex+0x414/0x560
[  546.811061][T15434]  should_failslab+0xa8/0x100
[  546.811081][T15434]  __kmalloc_cache_noprof+0x70/0x3a0
[  546.811112][T15434]  ? affs_init_fs_context+0x54/0x3b0
[  546.811139][T15434]  affs_init_fs_context+0x54/0x3b0
[  546.811164][T15434]  alloc_fs_context+0x64e/0x7d0
[  546.811193][T15434]  do_new_mount+0x16f/0xa30
[  546.811219][T15434]  ? ns_capable+0x8a/0xf0
[  546.811240][T15434]  ? __pfx_do_new_mount+0x10/0x10
[  546.811263][T15434]  ? path_mount+0x61c/0xfe0
[  546.811284][T15434]  ? user_path_at+0x44/0x60
[  546.811317][T15434]  __se_sys_mount+0x317/0x410
[  546.811344][T15434]  ? __pfx___se_sys_mount+0x10/0x10
[  546.811367][T15434]  ? rcu_is_watching+0x15/0xb0
[  546.811389][T15434]  ? __x64_sys_mount+0x20/0xc0
[  546.811413][T15434]  do_syscall_64+0xfa/0xfa0
[  546.811442][T15434]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.811463][T15434]  ? clear_bhb_loop+0x60/0xb0
[  546.811485][T15434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.811505][T15434] RIP: 0033:0x7faabf58ebe9
[  546.811524][T15434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.811543][T15434] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  546.811566][T15434] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  546.811582][T15434] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  546.811598][T15434] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  546.811610][T15434] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  546.811624][T15434] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  546.811647][T15434]  </TASK>
[  547.246705][T15440] input: syz0 as /devices/virtual/input/input119
[  547.375980][ T5901] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  547.398781][   T10] usb 6-1: USB disconnect, device number 19
[  547.424314][T15444] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  547.547620][ T5901] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  547.564809][ T5901] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  547.581372][ T5901] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.596373][ T5901] usb 3-1: config 0 descriptor??
[  547.847913][ T5901] usbhid 3-1:0.0: can't add hid device: -71
[  547.895385][ T5901] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  547.948890][ T5901] usb 3-1: USB disconnect, device number 86
[  548.564785][ T5908] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  549.018496][ T5908] usb 6-1: Using ep0 maxpacket: 16
[  549.025679][ T5908] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  549.034250][ T5908] usb 6-1: config 0 has no interface number 0
[  549.091542][ T5908] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x1 has an invalid bInterval 172, changing to 11
[  549.133896][ T5908] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x1 has invalid maxpacket 50254, setting to 1024
[  549.162043][ T5908] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  549.172896][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  549.181702][ T5908] usb 6-1: Product: syz
[  549.189095][ T5908] usb 6-1: SerialNumber: syz
[  549.197558][ T5908] usb 6-1: config 0 descriptor??
[  549.203820][T15455] kAFS: No cell specified
[  549.222129][T15453] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  549.257302][ T5908] usbhid 6-1:0.8: couldn't find an input interrupt endpoint
[  549.444850][    T9] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  549.514840][ T5901] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  549.559685][T15453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  549.569919][T15453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  549.625096][    T9] usb 3-1: Using ep0 maxpacket: 16
[  549.640510][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  549.655136][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  549.666279][ T5901] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  549.667731][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  549.693166][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  549.695125][ T5901] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  549.703098][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.728100][    T9] usb 3-1: config 0 descriptor??
[  549.742466][ T5901] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.758848][ T5901] usb 5-1: config 0 descriptor??
[  555.164973][ T5868] Bluetooth: hci1: command 0x0406 tx timeout
[  555.896732][ T5901] usbhid 5-1:0.0: can't add hid device: -32
[  555.902876][ T5901] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  555.951303][    T9] usbhid 3-1:0.0: can't add hid device: -32
[  555.992965][ T5901] usb 5-1: USB disconnect, device number 19
[  556.024111][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -32
[  556.047546][ T5908] usb 6-1: USB disconnect, device number 20
[  556.087642][T15471] FAULT_INJECTION: forcing a failure.
[  556.087642][T15471] name failslab, interval 1, probability 0, space 0, times 0
[  556.113699][T15471] CPU: 1 UID: 0 PID: 15471 Comm: syz.3.3460 Not tainted syzkaller #0 PREEMPT(full) 
[  556.113730][T15471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  556.113771][T15471] Call Trace:
[  556.113779][T15471]  <TASK>
[  556.113787][T15471]  dump_stack_lvl+0x189/0x250
[  556.113825][T15471]  ? __pfx____ratelimit+0x10/0x10
[  556.113851][T15471]  ? __pfx_dump_stack_lvl+0x10/0x10
[  556.113882][T15471]  ? __pfx__printk+0x10/0x10
[  556.113912][T15471]  ? __pfx___might_resched+0x10/0x10
[  556.113935][T15471]  ? lock_acquire+0x5f/0x360
[  556.113956][T15471]  should_fail_ex+0x414/0x560
[  556.113986][T15471]  should_failslab+0xa8/0x100
[  556.114007][T15471]  kmem_cache_alloc_noprof+0x73/0x390
[  556.114045][T15471]  ? getname_kernel+0x5a/0x2f0
[  556.114073][T15471]  getname_kernel+0x5a/0x2f0
[  556.114099][T15471]  kern_path+0x1d/0x50
[  556.114126][T15471]  lookup_bdev+0xc0/0x280
[  556.114153][T15471]  ? __pfx_lookup_bdev+0x10/0x10
[  556.114178][T15471]  ? vfs_parse_fs_string+0x101/0x170
[  556.114202][T15471]  ? kfree+0x4d/0x440
[  556.114231][T15471]  get_tree_bdev_flags+0xb5/0x4d0
[  556.114253][T15471]  ? __pfx_affs_fill_super+0x10/0x10
[  556.114277][T15471]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  556.114305][T15471]  vfs_get_tree+0x8f/0x2b0
[  556.114327][T15471]  do_new_mount+0x2a2/0xa30
[  556.114352][T15471]  ? ns_capable+0x8a/0xf0
[  556.114374][T15471]  ? __pfx_do_new_mount+0x10/0x10
[  556.114395][T15471]  ? path_mount+0x61c/0xfe0
[  556.114416][T15471]  ? user_path_at+0x44/0x60
[  556.114447][T15471]  __se_sys_mount+0x317/0x410
[  556.114473][T15471]  ? __pfx___se_sys_mount+0x10/0x10
[  556.114499][T15471]  ? rcu_is_watching+0x15/0xb0
[  556.114520][T15471]  ? __x64_sys_mount+0x20/0xc0
[  556.114544][T15471]  do_syscall_64+0xfa/0xfa0
[  556.114570][T15471]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.114596][T15471]  ? clear_bhb_loop+0x60/0xb0
[  556.114616][T15471]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  556.114635][T15471] RIP: 0033:0x7f35f378ebe9
[  556.114654][T15471] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  556.114670][T15471] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  556.114692][T15471] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  556.114707][T15471] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  556.114721][T15471] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  556.114733][T15471] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  556.114746][T15471] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  556.114769][T15471]  </TASK>
[  556.410402][T15471] /dev/rnullb0: Can't lookup blockdev
[  556.475794][ T5864] usb 3-1: USB disconnect, device number 87
[  556.501621][T15476] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  556.760604][ T5901] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  556.947610][ T5901] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  556.959777][ T5901] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  556.970382][ T5901] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  556.982132][ T5901] usb 5-1: config 1 has no interface number 0
[  556.988773][ T5901] usb 5-1: too many endpoints for config 1 interface 1 altsetting 1: 32, using maximum allowed: 30
[  557.004284][ T5901] usb 5-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 32
[  557.023300][ T5901] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  557.033588][ T5901] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.043701][ T5901] usb 5-1: Product: syz
[  557.048654][ T5901] usb 5-1: Manufacturer: syz
[  557.053580][ T5901] usb 5-1: SerialNumber: syz
[  557.451482][ T5901] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71
[  557.464108][ T5901] usb 5-1: USB disconnect, device number 20
[  557.520190][T15503] input: syz0 as /devices/virtual/input/input120
[  557.617789][T15499] kAFS: No cell specified
[  557.643383][T15509] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  557.685491][T15511] netlink: 'syz.3.3478': attribute type 4 has an invalid length.
[  557.695516][T15511] /dev/rnullb0: Can't open blockdev
[  557.728311][T15513] /dev/rnullb0: Can't open blockdev
[  557.791495][T15513] overlayfs: missing 'lowerdir'
[  557.864781][ T5908] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  557.940774][T15518] FAULT_INJECTION: forcing a failure.
[  557.940774][T15518] name failslab, interval 1, probability 0, space 0, times 0
[  557.953775][T15518] CPU: 0 UID: 0 PID: 15518 Comm: syz.3.3481 Not tainted syzkaller #0 PREEMPT(full) 
[  557.953805][T15518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  557.953820][T15518] Call Trace:
[  557.953828][T15518]  <TASK>
[  557.953836][T15518]  dump_stack_lvl+0x189/0x250
[  557.953874][T15518]  ? __pfx____ratelimit+0x10/0x10
[  557.953900][T15518]  ? __pfx_dump_stack_lvl+0x10/0x10
[  557.953931][T15518]  ? __pfx__printk+0x10/0x10
[  557.953961][T15518]  ? __pfx___might_resched+0x10/0x10
[  557.953984][T15518]  ? lock_acquire+0x5f/0x360
[  557.954005][T15518]  should_fail_ex+0x414/0x560
[  557.954034][T15518]  ? __pfx_super_s_dev_test+0x10/0x10
[  557.954056][T15518]  should_failslab+0xa8/0x100
[  557.954076][T15518]  __kmalloc_cache_noprof+0x70/0x3a0
[  557.954105][T15518]  ? alloc_super+0x59/0x970
[  557.954135][T15518]  ? __pfx_super_s_dev_test+0x10/0x10
[  557.954156][T15518]  alloc_super+0x59/0x970
[  557.954185][T15518]  ? do_raw_spin_unlock+0x122/0x240
[  557.954213][T15518]  ? __pfx_super_s_dev_test+0x10/0x10
[  557.954234][T15518]  sget_fc+0x329/0xa40
[  557.954264][T15518]  ? __pfx_super_s_dev_set+0x10/0x10
[  557.954285][T15518]  get_tree_bdev_flags+0x203/0x4d0
[  557.954307][T15518]  ? __pfx_affs_fill_super+0x10/0x10
[  557.954332][T15518]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  557.954359][T15518]  vfs_get_tree+0x8f/0x2b0
[  557.954381][T15518]  do_new_mount+0x2a2/0xa30
[  557.954405][T15518]  ? ns_capable+0x8a/0xf0
[  557.954427][T15518]  ? __pfx_do_new_mount+0x10/0x10
[  557.954449][T15518]  ? path_mount+0x61c/0xfe0
[  557.954469][T15518]  ? user_path_at+0x44/0x60
[  557.954502][T15518]  __se_sys_mount+0x317/0x410
[  557.954529][T15518]  ? __pfx___se_sys_mount+0x10/0x10
[  557.954555][T15518]  ? rcu_is_watching+0x15/0xb0
[  557.954582][T15518]  ? __x64_sys_mount+0x20/0xc0
[  557.954605][T15518]  do_syscall_64+0xfa/0xfa0
[  557.954641][T15518]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.954662][T15518]  ? clear_bhb_loop+0x60/0xb0
[  557.954694][T15518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.954715][T15518] RIP: 0033:0x7f35f378ebe9
[  557.954733][T15518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  557.954751][T15518] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  557.954774][T15518] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  557.954790][T15518] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  557.954805][T15518] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  557.954818][T15518] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  557.954832][T15518] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  557.954855][T15518]  </TASK>
[  558.239779][ T5901] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  558.284822][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  558.291445][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.306494][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.316591][ T5908] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  558.330323][ T5908] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  558.340003][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.355719][ T5908] usb 3-1: config 0 descriptor??
[  558.402054][T15528] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  558.429650][ T5901] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  558.443241][ T5901] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  558.476862][ T5901] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  558.488668][ T5901] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.508398][ T5901] usb 6-1: config 0 descriptor??
[  558.519681][ T5901] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  558.764939][ T5908] usbhid 3-1:0.0: can't add hid device: -71
[  558.776649][ T5908] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  558.786390][ T5908] usb 3-1: USB disconnect, device number 88
[  558.863880][T15546] input: syz0 as /devices/virtual/input/input121
[  558.877693][    T9] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  559.036323][    T9] usb 5-1: Using ep0 maxpacket: 8
[  559.042965][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  559.058484][    T9] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x1 has invalid wMaxPacketSize 0
[  559.069614][    T9] usb 5-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  559.084180][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  559.093880][    T9] usb 5-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  559.103510][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.112109][    T9] usb 5-1: Product: syz
[  559.116767][    T9] usb 5-1: Manufacturer: syz
[  559.121540][    T9] usb 5-1: SerialNumber: syz
[  559.128482][    T9] usb 5-1: config 0 descriptor??
[  559.141802][    T9] snd_usb_toneport 5-1:0.0: Line 6 TonePort UX2 found
[  559.341624][    T9] snd_usb_toneport 5-1:0.0: cannot get proper max packet size
[  559.351760][    T9] snd_usb_toneport 5-1:0.0: Line 6 TonePort UX2 now disconnected
[  559.367203][    T9] snd_usb_toneport 5-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  559.541800][    T9] usb 5-1: USB disconnect, device number 21
[  559.599877][T15568] FAULT_INJECTION: forcing a failure.
[  559.599877][T15568] name failslab, interval 1, probability 0, space 0, times 0
[  559.620100][T15568] CPU: 0 UID: 0 PID: 15568 Comm: syz.2.3502 Not tainted syzkaller #0 PREEMPT(full) 
[  559.620131][T15568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  559.620144][T15568] Call Trace:
[  559.620152][T15568]  <TASK>
[  559.620162][T15568]  dump_stack_lvl+0x189/0x250
[  559.620198][T15568]  ? __pfx____ratelimit+0x10/0x10
[  559.620225][T15568]  ? __pfx_dump_stack_lvl+0x10/0x10
[  559.620255][T15568]  ? __pfx__printk+0x10/0x10
[  559.620286][T15568]  ? __pfx___might_resched+0x10/0x10
[  559.620308][T15568]  ? lock_acquire+0x5f/0x360
[  559.620328][T15568]  should_fail_ex+0x414/0x560
[  559.620359][T15568]  should_failslab+0xa8/0x100
[  559.620379][T15568]  __kmalloc_cache_noprof+0x70/0x3a0
[  559.620410][T15568]  ? shrinker_alloc+0x59/0xa80
[  559.620437][T15568]  shrinker_alloc+0x59/0xa80
[  559.620466][T15568]  ? __raw_spin_lock_init+0x45/0x100
[  559.620504][T15568]  ? __raw_spin_lock_init+0x45/0x100
[  559.620534][T15568]  alloc_super+0x6de/0x970
[  559.620566][T15568]  ? __pfx_super_s_dev_test+0x10/0x10
[  559.620587][T15568]  sget_fc+0x329/0xa40
[  559.620618][T15568]  ? __pfx_super_s_dev_set+0x10/0x10
[  559.620640][T15568]  get_tree_bdev_flags+0x203/0x4d0
[  559.620662][T15568]  ? __pfx_affs_fill_super+0x10/0x10
[  559.620687][T15568]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  559.620713][T15568]  vfs_get_tree+0x8f/0x2b0
[  559.620736][T15568]  do_new_mount+0x2a2/0xa30
[  559.620761][T15568]  ? ns_capable+0x8a/0xf0
[  559.620782][T15568]  ? __pfx_do_new_mount+0x10/0x10
[  559.620804][T15568]  ? path_mount+0x61c/0xfe0
[  559.620826][T15568]  ? user_path_at+0x44/0x60
[  559.620860][T15568]  __se_sys_mount+0x317/0x410
[  559.620886][T15568]  ? __pfx___se_sys_mount+0x10/0x10
[  559.620912][T15568]  ? rcu_is_watching+0x15/0xb0
[  559.620934][T15568]  ? __x64_sys_mount+0x20/0xc0
[  559.620958][T15568]  do_syscall_64+0xfa/0xfa0
[  559.620987][T15568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.621005][T15568]  ? clear_bhb_loop+0x60/0xb0
[  559.621027][T15568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.621047][T15568] RIP: 0033:0x7faabf58ebe9
[  559.621065][T15568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.621083][T15568] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  559.621106][T15568] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  559.621121][T15568] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  559.621135][T15568] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  559.621147][T15568] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  559.621160][T15568] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  559.621183][T15568]  </TASK>
[  560.385936][T15581] kAFS: No cell specified
[  560.632102][  T981] usb 6-1: USB disconnect, device number 21
[  560.671499][ T5864] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  560.865800][T15605] FAULT_INJECTION: forcing a failure.
[  560.865800][T15605] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  560.882771][T15605] CPU: 1 UID: 0 PID: 15605 Comm: syz.5.3517 Not tainted syzkaller #0 PREEMPT(full) 
[  560.882801][T15605] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  560.882813][T15605] Call Trace:
[  560.882821][T15605]  <TASK>
[  560.882830][T15605]  dump_stack_lvl+0x189/0x250
[  560.882866][T15605]  ? __pfx____ratelimit+0x10/0x10
[  560.882892][T15605]  ? __pfx_dump_stack_lvl+0x10/0x10
[  560.882922][T15605]  ? __pfx__printk+0x10/0x10
[  560.882947][T15605]  ? __might_fault+0xb0/0x130
[  560.882979][T15605]  ? rcu_is_watching+0x15/0xb0
[  560.883002][T15605]  should_fail_ex+0x414/0x560
[  560.883031][T15605]  _copy_from_iter+0x1de/0x1790
[  560.883052][T15605]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  560.883079][T15605]  ? kmem_cache_alloc_node_noprof+0x203/0x390
[  560.883109][T15605]  ? tcp_leave_memory_pressure+0xea/0x100
[  560.883133][T15605]  ? __pfx__copy_from_iter+0x10/0x10
[  560.883157][T15605]  ? __sk_mem_schedule+0x7f/0xf0
[  560.883178][T15605]  tcp_sendmsg_locked+0x1e9d/0x5620
[  560.883224][T15605]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  560.883245][T15605]  ? rcu_is_watching+0x15/0xb0
[  560.883269][T15605]  ? __local_bh_enable_ip+0x12d/0x1c0
[  560.883298][T15605]  tcp_sendmsg+0x2f/0x50
[  560.883320][T15605]  __sock_sendmsg+0xe5/0x270
[  560.883343][T15605]  sock_write_iter+0x258/0x330
[  560.883366][T15605]  ? __pfx_sock_write_iter+0x10/0x10
[  560.883389][T15605]  ? bpf_lsm_file_permission+0x9/0x20
[  560.883416][T15605]  ? security_file_permission+0x75/0x290
[  560.883441][T15605]  vfs_write+0x5c9/0xb30
[  560.883463][T15605]  ? __pfx_sock_write_iter+0x10/0x10
[  560.883484][T15605]  ? __pfx_vfs_write+0x10/0x10
[  560.883506][T15605]  ? __fget_files+0x2a/0x420
[  560.883535][T15605]  ksys_write+0x145/0x250
[  560.883555][T15605]  ? __pfx_ksys_write+0x10/0x10
[  560.883576][T15605]  ? rcu_is_watching+0x15/0xb0
[  560.883607][T15605]  do_syscall_64+0xfa/0xfa0
[  560.883635][T15605]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.883654][T15605]  ? clear_bhb_loop+0x60/0xb0
[  560.883676][T15605]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  560.883696][T15605] RIP: 0033:0x7f338ff8ebe9
[  560.883714][T15605] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  560.883729][T15605] RSP: 002b:00007f3390ee0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  560.883747][T15605] RAX: ffffffffffffffda RBX: 00007f33901c5fa0 RCX: 00007f338ff8ebe9
[  560.883762][T15605] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  560.883775][T15605] RBP: 00007f3390ee0090 R08: 0000000000000000 R09: 0000000000000000
[  560.883787][T15605] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  560.883798][T15605] R13: 00007f33901c6038 R14: 00007f33901c5fa0 R15: 00007ffdefe10b98
[  560.883821][T15605]  </TASK>
[  561.206814][ T5864] usb 5-1: Using ep0 maxpacket: 16
[  561.221359][ T5864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.232879][ T5864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  561.243849][ T5864] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  561.257635][ T5864] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  561.267010][ T5864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.282530][ T5864] usb 5-1: config 0 descriptor??
[  561.444324][T15614] /dev/rnullb0: Can't open blockdev
[  561.695253][ T5864] usbhid 5-1:0.0: can't add hid device: -71
[  561.701518][ T5864] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  561.714253][ T5864] usb 5-1: USB disconnect, device number 22
[  562.238169][T15635] FAULT_INJECTION: forcing a failure.
[  562.238169][T15635] name failslab, interval 1, probability 0, space 0, times 0
[  562.253924][T15635] CPU: 0 UID: 0 PID: 15635 Comm: syz.2.3524 Not tainted syzkaller #0 PREEMPT(full) 
[  562.253954][T15635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  562.253967][T15635] Call Trace:
[  562.253976][T15635]  <TASK>
[  562.253984][T15635]  dump_stack_lvl+0x189/0x250
[  562.254021][T15635]  ? __pfx____ratelimit+0x10/0x10
[  562.254048][T15635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  562.254078][T15635]  ? __pfx__printk+0x10/0x10
[  562.254110][T15635]  ? __pfx___might_resched+0x10/0x10
[  562.254132][T15635]  ? lock_acquire+0x5f/0x360
[  562.254153][T15635]  should_fail_ex+0x414/0x560
[  562.254183][T15635]  should_failslab+0xa8/0x100
[  562.254204][T15635]  __kmalloc_noprof+0xcb/0x4b0
[  562.254234][T15635]  ? __list_lru_init+0xba/0x5c0
[  562.254260][T15635]  __list_lru_init+0xba/0x5c0
[  562.254282][T15635]  ? __raw_spin_lock_init+0x45/0x100
[  562.254321][T15635]  alloc_super+0x7cb/0x970
[  562.254353][T15635]  ? __pfx_super_s_dev_test+0x10/0x10
[  562.254373][T15635]  sget_fc+0x329/0xa40
[  562.254403][T15635]  ? __pfx_super_s_dev_set+0x10/0x10
[  562.254425][T15635]  get_tree_bdev_flags+0x203/0x4d0
[  562.254446][T15635]  ? __pfx_affs_fill_super+0x10/0x10
[  562.254471][T15635]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  562.254497][T15635]  vfs_get_tree+0x8f/0x2b0
[  562.254519][T15635]  do_new_mount+0x2a2/0xa30
[  562.254544][T15635]  ? ns_capable+0x8a/0xf0
[  562.254578][T15635]  ? __pfx_do_new_mount+0x10/0x10
[  562.254598][T15635]  ? path_mount+0x61c/0xfe0
[  562.254619][T15635]  ? user_path_at+0x44/0x60
[  562.254652][T15635]  __se_sys_mount+0x317/0x410
[  562.254678][T15635]  ? __pfx___se_sys_mount+0x10/0x10
[  562.254703][T15635]  ? rcu_is_watching+0x15/0xb0
[  562.254724][T15635]  ? __x64_sys_mount+0x20/0xc0
[  562.254748][T15635]  do_syscall_64+0xfa/0xfa0
[  562.254776][T15635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.254797][T15635]  ? clear_bhb_loop+0x60/0xb0
[  562.254820][T15635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  562.254839][T15635] RIP: 0033:0x7faabf58ebe9
[  562.254857][T15635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  562.254876][T15635] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  562.254899][T15635] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  562.254915][T15635] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  562.254929][T15635] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  562.254942][T15635] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  562.254955][T15635] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  562.254979][T15635]  </TASK>
[  562.608415][T15638] netlink: 'syz.4.3527': attribute type 1 has an invalid length.
[  562.618268][T15638] netlink: 4464 bytes leftover after parsing attributes in process `syz.4.3527'.
[  562.728942][T15653] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  562.801970][T15657] input: syz0 as /devices/virtual/input/input122
[  562.859305][T15664] /dev/rnullb0: Can't open blockdev
[  562.906816][  T981] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[  563.022783][T15674] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0020:0000:7d01 with DS=0xe
[  563.068037][  T981] usb 6-1: config 0 has an invalid interface number: 200 but max is 0
[  563.079553][  T981] usb 6-1: config 0 has no interface number 0
[  563.087552][  T981] usb 6-1: config 0 interface 200 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[  563.097777][  T981] usb 6-1: config 0 interface 200 has no altsetting 0
[  563.106834][  T981] usb 6-1: New USB device found, idVendor=0b57, idProduct=852a, bcdDevice=6d.39
[  563.123294][  T981] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.131139][T15678] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  563.132119][  T981] usb 6-1: Product: syz
[  563.145459][  T981] usb 6-1: Manufacturer: syz
[  563.151417][T15668] kAFS: No cell specified
[  563.158149][  T981] usb 6-1: SerialNumber: syz
[  563.171592][  T981] usb 6-1: config 0 descriptor??
[  563.301386][T15681] FAULT_INJECTION: forcing a failure.
[  563.301386][T15681] name failslab, interval 1, probability 0, space 0, times 0
[  563.319473][T15681] CPU: 0 UID: 0 PID: 15681 Comm: syz.3.3542 Not tainted syzkaller #0 PREEMPT(full) 
[  563.319505][T15681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  563.319519][T15681] Call Trace:
[  563.319527][T15681]  <TASK>
[  563.319536][T15681]  dump_stack_lvl+0x189/0x250
[  563.319574][T15681]  ? __pfx____ratelimit+0x10/0x10
[  563.319601][T15681]  ? __pfx_dump_stack_lvl+0x10/0x10
[  563.319632][T15681]  ? __pfx__printk+0x10/0x10
[  563.319662][T15681]  ? __pfx___might_resched+0x10/0x10
[  563.319686][T15681]  ? lock_acquire+0x5f/0x360
[  563.319707][T15681]  should_fail_ex+0x414/0x560
[  563.319738][T15681]  should_failslab+0xa8/0x100
[  563.319760][T15681]  __kmalloc_cache_noprof+0x70/0x3a0
[  563.319791][T15681]  ? shrinker_alloc+0x59/0xa80
[  563.319819][T15681]  shrinker_alloc+0x59/0xa80
[  563.319844][T15681]  ? __raw_spin_lock_init+0x45/0x100
[  563.319873][T15681]  ? __raw_spin_lock_init+0x45/0x100
[  563.319903][T15681]  alloc_super+0x6de/0x970
[  563.319935][T15681]  ? __pfx_super_s_dev_test+0x10/0x10
[  563.319957][T15681]  sget_fc+0x329/0xa40
[  563.319987][T15681]  ? __pfx_super_s_dev_set+0x10/0x10
[  563.320008][T15681]  get_tree_bdev_flags+0x203/0x4d0
[  563.320028][T15681]  ? __pfx_affs_fill_super+0x10/0x10
[  563.320052][T15681]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  563.320078][T15681]  vfs_get_tree+0x8f/0x2b0
[  563.320100][T15681]  do_new_mount+0x2a2/0xa30
[  563.320125][T15681]  ? ns_capable+0x8a/0xf0
[  563.320145][T15681]  ? __pfx_do_new_mount+0x10/0x10
[  563.320167][T15681]  ? path_mount+0x61c/0xfe0
[  563.320186][T15681]  ? user_path_at+0x44/0x60
[  563.320220][T15681]  __se_sys_mount+0x317/0x410
[  563.320247][T15681]  ? __pfx___se_sys_mount+0x10/0x10
[  563.320272][T15681]  ? rcu_is_watching+0x15/0xb0
[  563.320292][T15681]  ? __x64_sys_mount+0x20/0xc0
[  563.320316][T15681]  do_syscall_64+0xfa/0xfa0
[  563.320343][T15681]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.320364][T15681]  ? clear_bhb_loop+0x60/0xb0
[  563.320386][T15681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.320405][T15681] RIP: 0033:0x7f35f378ebe9
[  563.320430][T15681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  563.320447][T15681] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  563.320466][T15681] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  563.320478][T15681] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  563.320493][T15681] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  563.320506][T15681] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  563.320518][T15681] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  563.320541][T15681]  </TASK>
[  563.485650][ T5864] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  563.594836][T15691] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  563.678750][  T981] input: Hanwang Art Master III 1308 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.200/input/input123
[  563.699856][  T981] usb 6-1: USB disconnect, device number 22
[  563.834698][ T5864] usb 5-1: Using ep0 maxpacket: 16
[  563.841680][ T5864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  563.854277][ T5864] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  563.869291][ T5864] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  563.882414][ T5864] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  563.894431][ T5864] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.904707][    T9] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  563.911690][ T5864] usb 5-1: config 0 descriptor??
[  564.057637][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  564.077286][    T9] usb 3-1: New USB device found, idVendor=05f3, idProduct=0240, bcdDevice=1b.24
[  564.085693][T15704] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3553'.
[  564.089341][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.107318][    T9] usb 3-1: Product: syz
[  564.111782][    T9] usb 3-1: Manufacturer: syz
[  564.116950][    T9] usb 3-1: SerialNumber: syz
[  564.125797][    T9] usb 3-1: config 0 descriptor??
[  564.145339][    T9] powermate 3-1:0.0: probe with driver powermate failed with error -22
[  564.236384][T15708] input: syz0 as /devices/virtual/input/input124
[  564.357149][T15712] tmpfs: Unknown parameter 'h
'
[  564.369065][T15694] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  564.372410][ T5864] usbhid 5-1:0.0: can't add hid device: -71
[  564.384468][T15694] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  564.417950][ T5864] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  564.452975][ T5864] usb 5-1: USB disconnect, device number 23
[  564.464252][T15714] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  564.564780][T15721] FAULT_INJECTION: forcing a failure.
[  564.564780][T15721] name failslab, interval 1, probability 0, space 0, times 0
[  564.579974][T15721] CPU: 0 UID: 0 PID: 15721 Comm: syz.3.3561 Not tainted syzkaller #0 PREEMPT(full) 
[  564.580003][T15721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  564.580017][T15721] Call Trace:
[  564.580026][T15721]  <TASK>
[  564.580034][T15721]  dump_stack_lvl+0x189/0x250
[  564.580070][T15721]  ? __pfx____ratelimit+0x10/0x10
[  564.580095][T15721]  ? __pfx_dump_stack_lvl+0x10/0x10
[  564.580126][T15721]  ? __pfx__printk+0x10/0x10
[  564.580155][T15721]  ? __pfx___might_resched+0x10/0x10
[  564.580178][T15721]  ? lock_acquire+0x5f/0x360
[  564.580198][T15721]  should_fail_ex+0x414/0x560
[  564.580229][T15721]  should_failslab+0xa8/0x100
[  564.580249][T15721]  kmem_cache_alloc_noprof+0x73/0x390
[  564.580289][T15721]  ? radix_tree_node_alloc+0x7e/0x3a0
[  564.580315][T15721]  radix_tree_node_alloc+0x7e/0x3a0
[  564.580342][T15721]  radix_tree_extend+0x13b/0x550
[  564.580370][T15721]  idr_get_free+0x1c2/0xa70
[  564.580400][T15721]  idr_alloc_u32+0x159/0x2d0
[  564.580427][T15721]  ? __pfx_idr_alloc_u32+0x10/0x10
[  564.580455][T15721]  ? __kasan_kmalloc+0x93/0xb0
[  564.580484][T15721]  idr_alloc+0x6e/0xd0
[  564.580509][T15721]  shrinker_alloc+0x132/0xa80
[  564.580532][T15721]  ? __raw_spin_lock_init+0x45/0x100
[  564.580560][T15721]  ? __raw_spin_lock_init+0x45/0x100
[  564.580589][T15721]  alloc_super+0x6de/0x970
[  564.580620][T15721]  ? __pfx_super_s_dev_test+0x10/0x10
[  564.580640][T15721]  sget_fc+0x329/0xa40
[  564.580671][T15721]  ? __pfx_super_s_dev_set+0x10/0x10
[  564.580693][T15721]  get_tree_bdev_flags+0x203/0x4d0
[  564.580715][T15721]  ? __pfx_affs_fill_super+0x10/0x10
[  564.580738][T15721]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  564.580774][T15721]  vfs_get_tree+0x8f/0x2b0
[  564.580796][T15721]  do_new_mount+0x2a2/0xa30
[  564.580820][T15721]  ? ns_capable+0x8a/0xf0
[  564.580842][T15721]  ? __pfx_do_new_mount+0x10/0x10
[  564.580865][T15721]  ? path_mount+0x61c/0xfe0
[  564.580886][T15721]  ? user_path_at+0x44/0x60
[  564.580919][T15721]  __se_sys_mount+0x317/0x410
[  564.580945][T15721]  ? __pfx___se_sys_mount+0x10/0x10
[  564.580971][T15721]  ? rcu_is_watching+0x15/0xb0
[  564.580993][T15721]  ? __x64_sys_mount+0x20/0xc0
[  564.581017][T15721]  do_syscall_64+0xfa/0xfa0
[  564.581049][T15721]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.581070][T15721]  ? clear_bhb_loop+0x60/0xb0
[  564.581092][T15721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.581112][T15721] RIP: 0033:0x7f35f378ebe9
[  564.581130][T15721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  564.581149][T15721] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  564.581171][T15721] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  564.581187][T15721] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  564.581201][T15721] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  564.581214][T15721] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  564.581226][T15721] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  564.581248][T15721]  </TASK>
[  565.231440][    T9] usb 3-1: USB disconnect, device number 89
[  565.438765][T15743] /dev/rnullb0: Can't open blockdev
[  565.635076][   T10] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  565.812820][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  565.823615][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  565.838565][   T10] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  565.850646][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.853350][T15757] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3574'.
[  565.868544][   T10] usb 4-1: config 0 descriptor??
[  565.880012][   T10] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  565.898643][T15755] kAFS: No cell specified
[  566.146224][   T10] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  566.154752][  T981] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  566.304762][  T981] usb 6-1: Using ep0 maxpacket: 8
[  566.304886][   T10] usb 3-1: Using ep0 maxpacket: 16
[  566.314499][  T981] usb 6-1: config 1 interface 0 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  566.318202][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  566.334238][  T981] usb 6-1: config 1 interface 0 has no altsetting 0
[  566.348720][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  566.349022][  T981] usb 6-1: New USB device found, idVendor=0eef, idProduct=0001, bcdDevice= 0.40
[  566.363753][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  566.368279][  T981] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.383808][   T10] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  566.389588][  T981] usb 6-1: Product: syz
[  566.401171][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.402906][  T981] usb 6-1: Manufacturer: syz
[  566.413203][   T10] usb 3-1: config 0 descriptor??
[  566.415988][  T981] usb 6-1: SerialNumber: syz
[  566.634277][T15759] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  566.641775][T15759] /dev/rnullb0: Can't open blockdev
[  566.658640][  T981] usbhid 6-1:1.0: can't add hid device: -71
[  566.666309][  T981] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  566.678605][  T981] usb 6-1: USB disconnect, device number 23
[  566.797783][   T10] usbhid 3-1:0.0: can't add hid device: -71
[  566.811929][   T10] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  566.823610][   T10] usb 3-1: USB disconnect, device number 90
[  567.198981][T15763] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  567.451876][T15777] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3583'.
[  567.461793][T15778] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  567.556907][T15784] FAULT_INJECTION: forcing a failure.
[  567.556907][T15784] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  567.570513][T15784] CPU: 1 UID: 0 PID: 15784 Comm: syz.5.3586 Not tainted syzkaller #0 PREEMPT(full) 
[  567.570543][T15784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  567.570557][T15784] Call Trace:
[  567.570565][T15784]  <TASK>
[  567.570574][T15784]  dump_stack_lvl+0x189/0x250
[  567.570610][T15784]  ? __pfx____ratelimit+0x10/0x10
[  567.570636][T15784]  ? __pfx_dump_stack_lvl+0x10/0x10
[  567.570667][T15784]  ? __pfx__printk+0x10/0x10
[  567.570693][T15784]  ? __might_fault+0xb0/0x130
[  567.570728][T15784]  ? rcu_is_watching+0x15/0xb0
[  567.570752][T15784]  should_fail_ex+0x414/0x560
[  567.570782][T15784]  _copy_from_iter+0x1de/0x1790
[  567.570807][T15784]  ? tcp_leave_memory_pressure+0xea/0x100
[  567.570831][T15784]  ? __pfx__copy_from_iter+0x10/0x10
[  567.570855][T15784]  ? __sk_mem_schedule+0x7f/0xf0
[  567.570879][T15784]  tcp_sendmsg_locked+0x1e9d/0x5620
[  567.570928][T15784]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  567.570950][T15784]  ? rcu_is_watching+0x15/0xb0
[  567.570974][T15784]  ? __local_bh_enable_ip+0x12d/0x1c0
[  567.571013][T15784]  tcp_sendmsg+0x2f/0x50
[  567.571034][T15784]  __sock_sendmsg+0xe5/0x270
[  567.571058][T15784]  sock_write_iter+0x258/0x330
[  567.571079][T15784]  ? __pfx_sock_write_iter+0x10/0x10
[  567.571105][T15784]  ? bpf_lsm_file_permission+0x9/0x20
[  567.571134][T15784]  ? security_file_permission+0x75/0x290
[  567.571158][T15784]  vfs_write+0x5c9/0xb30
[  567.571181][T15784]  ? __pfx_sock_write_iter+0x10/0x10
[  567.571202][T15784]  ? __pfx_vfs_write+0x10/0x10
[  567.571226][T15784]  ? __fget_files+0x2a/0x420
[  567.571255][T15784]  ksys_write+0x145/0x250
[  567.571276][T15784]  ? __pfx_ksys_write+0x10/0x10
[  567.571298][T15784]  ? rcu_is_watching+0x15/0xb0
[  567.571322][T15784]  do_syscall_64+0xfa/0xfa0
[  567.571350][T15784]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.571370][T15784]  ? clear_bhb_loop+0x60/0xb0
[  567.571393][T15784]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.571412][T15784] RIP: 0033:0x7f338ff8ebe9
[  567.571437][T15784] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.571455][T15784] RSP: 002b:00007f3390ee0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  567.571478][T15784] RAX: ffffffffffffffda RBX: 00007f33901c5fa0 RCX: 00007f338ff8ebe9
[  567.571494][T15784] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  567.571508][T15784] RBP: 00007f3390ee0090 R08: 0000000000000000 R09: 0000000000000000
[  567.571521][T15784] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  567.571533][T15784] R13: 00007f33901c6038 R14: 00007f33901c5fa0 R15: 00007ffdefe10b98
[  567.571557][T15784]  </TASK>
[  567.867384][T15786] FAULT_INJECTION: forcing a failure.
[  567.867384][T15786] name failslab, interval 1, probability 0, space 0, times 0
[  567.881239][T15786] CPU: 0 UID: 0 PID: 15786 Comm: syz.5.3587 Not tainted syzkaller #0 PREEMPT(full) 
[  567.881264][T15786] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  567.881275][T15786] Call Trace:
[  567.881282][T15786]  <TASK>
[  567.881289][T15786]  dump_stack_lvl+0x189/0x250
[  567.881325][T15786]  ? __pfx____ratelimit+0x10/0x10
[  567.881348][T15786]  ? __pfx_dump_stack_lvl+0x10/0x10
[  567.881379][T15786]  ? __pfx__printk+0x10/0x10
[  567.881403][T15786]  ? fs_reclaim_acquire+0x7d/0x100
[  567.881420][T15786]  ? rcu_is_watching+0x15/0xb0
[  567.881438][T15786]  ? __pfx___might_resched+0x10/0x10
[  567.881455][T15786]  ? lock_acquire+0x5f/0x360
[  567.881472][T15786]  should_fail_ex+0x414/0x560
[  567.881496][T15786]  should_failslab+0xa8/0x100
[  567.881512][T15786]  kmem_cache_alloc_noprof+0x73/0x390
[  567.881535][T15786]  ? security_file_alloc+0x34/0x330
[  567.881554][T15786]  security_file_alloc+0x34/0x330
[  567.881574][T15786]  init_file+0x93/0x2f0
[  567.881598][T15786]  alloc_file_pseudo_noaccount+0x15b/0x2c0
[  567.881623][T15786]  ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10
[  567.881655][T15786]  bdev_file_open_by_dev+0x181/0x240
[  567.881677][T15786]  setup_bdev_super+0x5a/0x5b0
[  567.881698][T15786]  get_tree_bdev_flags+0x366/0x4d0
[  567.881719][T15786]  ? __pfx_affs_fill_super+0x10/0x10
[  567.881743][T15786]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  567.881769][T15786]  vfs_get_tree+0x8f/0x2b0
[  567.881788][T15786]  do_new_mount+0x2a2/0xa30
[  567.881808][T15786]  ? ns_capable+0x8a/0xf0
[  567.881826][T15786]  ? __pfx_do_new_mount+0x10/0x10
[  567.881844][T15786]  ? path_mount+0x61c/0xfe0
[  567.881861][T15786]  ? user_path_at+0x44/0x60
[  567.881890][T15786]  __se_sys_mount+0x317/0x410
[  567.881913][T15786]  ? __pfx___se_sys_mount+0x10/0x10
[  567.881944][T15786]  ? rcu_is_watching+0x15/0xb0
[  567.881969][T15786]  ? __x64_sys_mount+0x20/0xc0
[  567.881989][T15786]  do_syscall_64+0xfa/0xfa0
[  567.882015][T15786]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.882032][T15786]  ? clear_bhb_loop+0x60/0xb0
[  567.882050][T15786]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.882067][T15786] RIP: 0033:0x7f338ff8ebe9
[  567.882082][T15786] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.882097][T15786] RSP: 002b:00007f3390ee0038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  567.882115][T15786] RAX: ffffffffffffffda RBX: 00007f33901c5fa0 RCX: 00007f338ff8ebe9
[  567.882128][T15786] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  567.882140][T15786] RBP: 00007f3390ee0090 R08: 0000000000000000 R09: 0000000000000000
[  567.882150][T15786] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  567.882162][T15786] R13: 00007f33901c6038 R14: 00007f33901c5fa0 R15: 00007ffdefe10b98
[  567.882184][T15786]  </TASK>
[  567.882430][T15786] /dev/rnullb0: Can't open blockdev
[  567.984808][  T981] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  568.055045][T15788] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3588'.
[  568.210983][   T10] usb 4-1: USB disconnect, device number 75
[  568.228112][  T981] usb 3-1: config 0 has an invalid interface number: 117 but max is 0
[  568.248591][  T981] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  568.269934][  T981] usb 3-1: config 0 has no interface number 0
[  568.276895][T15790] program syz.5.3590 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  568.277951][  T981] usb 3-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  568.298660][  T981] usb 3-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  568.316314][  T981] usb 3-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  568.327336][  T981] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.346885][  T981] usb 3-1: Product: syz
[  568.351211][  T981] usb 3-1: Manufacturer: syz
[  568.359554][  T981] usb 3-1: SerialNumber: syz
[  568.372125][  T981] usb 3-1: config 0 descriptor??
[  568.460481][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  568.467071][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  568.494092][T15799] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:0041:0000:7d01 with DS=0xe
[  568.584684][  T981] usbtouchscreen 3-1:0.117: probe with driver usbtouchscreen failed with error -71
[  568.612950][  T981] usb 3-1: USB disconnect, device number 91
[  569.024850][ T5908] usb 6-1: new full-speed USB device number 24 using dummy_hcd
[  569.190296][ T5908] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  569.202554][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  569.214699][ T5908] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  569.224019][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.243308][ T5908] usb 6-1: config 0 descriptor??
[  569.250676][T15807] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  569.274989][ T5908] hub 6-1:0.0: USB hub found
[  569.309883][T15816] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3599'.
[  569.469398][ T5908] hub 6-1:0.0: 2 ports detected
[  569.475089][ T5908] hub 6-1:0.0: insufficient power available to use all downstream ports
[  569.542043][T15825] input: syz0 as /devices/virtual/input/input126
[  569.586039][T15820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3601'.
[  569.624278][T15827] FAULT_INJECTION: forcing a failure.
[  569.624278][T15827] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  569.642537][T15827] CPU: 1 UID: 0 PID: 15827 Comm: syz.3.3603 Not tainted syzkaller #0 PREEMPT(full) 
[  569.642575][T15827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  569.642589][T15827] Call Trace:
[  569.642597][T15827]  <TASK>
[  569.642606][T15827]  dump_stack_lvl+0x189/0x250
[  569.642643][T15827]  ? __pfx____ratelimit+0x10/0x10
[  569.642670][T15827]  ? __pfx_dump_stack_lvl+0x10/0x10
[  569.642701][T15827]  ? __pfx__printk+0x10/0x10
[  569.642729][T15827]  ? __might_fault+0xb0/0x130
[  569.642764][T15827]  ? rcu_is_watching+0x15/0xb0
[  569.642788][T15827]  should_fail_ex+0x414/0x560
[  569.642819][T15827]  _copy_from_iter+0x1de/0x1790
[  569.642842][T15827]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  569.642870][T15827]  ? kmem_cache_alloc_node_noprof+0x203/0x390
[  569.642903][T15827]  ? tcp_leave_memory_pressure+0xea/0x100
[  569.642940][T15827]  ? __pfx__copy_from_iter+0x10/0x10
[  569.642965][T15827]  ? __sk_mem_schedule+0x7f/0xf0
[  569.642987][T15827]  tcp_sendmsg_locked+0x1e9d/0x5620
[  569.643038][T15827]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  569.643060][T15827]  ? rcu_is_watching+0x15/0xb0
[  569.643085][T15827]  ? __local_bh_enable_ip+0x12d/0x1c0
[  569.643114][T15827]  tcp_sendmsg+0x2f/0x50
[  569.643136][T15827]  __sock_sendmsg+0xe5/0x270
[  569.643160][T15827]  sock_write_iter+0x258/0x330
[  569.643184][T15827]  ? __pfx_sock_write_iter+0x10/0x10
[  569.643210][T15827]  ? bpf_lsm_file_permission+0x9/0x20
[  569.643238][T15827]  ? security_file_permission+0x75/0x290
[  569.643264][T15827]  vfs_write+0x5c9/0xb30
[  569.643287][T15827]  ? __pfx_sock_write_iter+0x10/0x10
[  569.643308][T15827]  ? __pfx_vfs_write+0x10/0x10
[  569.643333][T15827]  ? __fget_files+0x2a/0x420
[  569.643362][T15827]  ksys_write+0x145/0x250
[  569.643384][T15827]  ? __pfx_ksys_write+0x10/0x10
[  569.643406][T15827]  ? rcu_is_watching+0x15/0xb0
[  569.643430][T15827]  do_syscall_64+0xfa/0xfa0
[  569.643459][T15827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.643479][T15827]  ? clear_bhb_loop+0x60/0xb0
[  569.643502][T15827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  569.643521][T15827] RIP: 0033:0x7f35f378ebe9
[  569.643540][T15827] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  569.643569][T15827] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  569.643593][T15827] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  569.643609][T15827] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  569.643623][T15827] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  569.643635][T15827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  569.643647][T15827] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  569.643671][T15827]  </TASK>
[  569.677104][ T5908] hub 6-1:0.0: hub_hub_status failed (err = -71)
[  570.036165][ T5908] hub 6-1:0.0: config failed, can't get hub status (err -71)
[  570.052749][ T5908] usbhid 6-1:0.0: can't add hid device: -71
[  570.059094][ T5908] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  570.075489][T15833] FAULT_INJECTION: forcing a failure.
[  570.075489][T15833] name failslab, interval 1, probability 0, space 0, times 0
[  570.089593][ T5908] usb 6-1: USB disconnect, device number 24
[  570.090286][T15833] CPU: 1 UID: 0 PID: 15833 Comm: syz.3.3605 Not tainted syzkaller #0 PREEMPT(full) 
[  570.090315][T15833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  570.090331][T15833] Call Trace:
[  570.090341][T15833]  <TASK>
[  570.090351][T15833]  dump_stack_lvl+0x189/0x250
[  570.090394][T15833]  ? __pfx____ratelimit+0x10/0x10
[  570.090424][T15833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  570.090459][T15833]  ? __pfx__printk+0x10/0x10
[  570.090493][T15833]  ? fs_reclaim_acquire+0x7d/0x100
[  570.090518][T15833]  ? rcu_is_watching+0x15/0xb0
[  570.090544][T15833]  ? __pfx___might_resched+0x10/0x10
[  570.090568][T15833]  ? lock_acquire+0x5f/0x360
[  570.090590][T15833]  should_fail_ex+0x414/0x560
[  570.090624][T15833]  should_failslab+0xa8/0x100
[  570.090647][T15833]  kmem_cache_alloc_noprof+0x73/0x390
[  570.090680][T15833]  ? security_file_alloc+0x34/0x330
[  570.090706][T15833]  security_file_alloc+0x34/0x330
[  570.090729][T15833]  init_file+0x93/0x2f0
[  570.090763][T15833]  alloc_file_pseudo_noaccount+0x15b/0x2c0
[  570.090798][T15833]  ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10
[  570.090845][T15833]  bdev_file_open_by_dev+0x181/0x240
[  570.090878][T15833]  setup_bdev_super+0x5a/0x5b0
[  570.090903][T15833]  get_tree_bdev_flags+0x366/0x4d0
[  570.090927][T15833]  ? __pfx_affs_fill_super+0x10/0x10
[  570.090956][T15833]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  570.090986][T15833]  vfs_get_tree+0x8f/0x2b0
[  570.091011][T15833]  do_new_mount+0x2a2/0xa30
[  570.091039][T15833]  ? ns_capable+0x8a/0xf0
[  570.091064][T15833]  ? __pfx_do_new_mount+0x10/0x10
[  570.091090][T15833]  ? path_mount+0x61c/0xfe0
[  570.091113][T15833]  ? user_path_at+0x44/0x60
[  570.091158][T15833]  __se_sys_mount+0x317/0x410
[  570.091189][T15833]  ? __pfx___se_sys_mount+0x10/0x10
[  570.091219][T15833]  ? rcu_is_watching+0x15/0xb0
[  570.091245][T15833]  ? __x64_sys_mount+0x20/0xc0
[  570.091270][T15833]  do_syscall_64+0xfa/0xfa0
[  570.091303][T15833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.091325][T15833]  ? clear_bhb_loop+0x60/0xb0
[  570.091351][T15833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.091374][T15833] RIP: 0033:0x7f35f378ebe9
[  570.091394][T15833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.091414][T15833] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  570.091440][T15833] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  570.091458][T15833] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  570.091475][T15833] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  570.091489][T15833] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  570.091504][T15833] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  570.091531][T15833]  </TASK>
[  570.091673][T15833] /dev/rnullb0: Can't open blockdev
[  570.459404][T15841] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3609'.
[  570.739775][T15850] /dev/rnullb0: Can't open blockdev
[  571.199799][T15857] kAFS: No cell specified
[  571.454939][ T5908] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  571.575563][T15867] input: syz0 as /devices/virtual/input/input127
[  571.614752][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  571.631815][T15465] udevd[15465]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  571.655742][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  571.674949][ T5908] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  571.688516][ T5908] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  571.701852][ T5908] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  571.714418][ T5908] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.731460][ T5908] usb 3-1: config 0 descriptor??
[  572.007870][T15871] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3619'.
[  572.211863][ T5908] usbhid 3-1:0.0: can't add hid device: -71
[  572.235030][ T5908] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  572.261090][ T5908] usb 3-1: USB disconnect, device number 92
[  572.300798][T15877] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  572.372108][T15879] /dev/rnullb0: Can't open blockdev
[  572.379991][T15879] FAULT_INJECTION: forcing a failure.
[  572.379991][T15879] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  572.394161][T15879] CPU: 0 UID: 0 PID: 15879 Comm: syz.3.3622 Not tainted syzkaller #0 PREEMPT(full) 
[  572.394188][T15879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  572.394202][T15879] Call Trace:
[  572.394210][T15879]  <TASK>
[  572.394219][T15879]  dump_stack_lvl+0x189/0x250
[  572.394255][T15879]  ? __pfx____ratelimit+0x10/0x10
[  572.394282][T15879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  572.394313][T15879]  ? __pfx__printk+0x10/0x10
[  572.394346][T15879]  ? rcu_is_watching+0x15/0xb0
[  572.394371][T15879]  should_fail_ex+0x414/0x560
[  572.394402][T15879]  _copy_to_user+0x31/0xb0
[  572.394427][T15879]  simple_read_from_buffer+0xe1/0x170
[  572.394452][T15879]  proc_fail_nth_read+0x1b3/0x220
[  572.394483][T15879]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  572.394519][T15879]  ? rw_verify_area+0x2a6/0x4d0
[  572.394539][T15879]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  572.394569][T15879]  vfs_read+0x200/0xa30
[  572.394586][T15879]  ? fdget_pos+0x247/0x320
[  572.394610][T15879]  ? __pfx___mutex_lock+0x10/0x10
[  572.394641][T15879]  ? __pfx_vfs_read+0x10/0x10
[  572.394673][T15879]  ? __fget_files+0x3a0/0x420
[  572.394697][T15879]  ? __fget_files+0x2a/0x420
[  572.394725][T15879]  ksys_read+0x145/0x250
[  572.394746][T15879]  ? __pfx_ksys_read+0x10/0x10
[  572.394767][T15879]  ? rcu_is_watching+0x15/0xb0
[  572.394791][T15879]  do_syscall_64+0xfa/0xfa0
[  572.394819][T15879]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.394838][T15879]  ? clear_bhb_loop+0x60/0xb0
[  572.394857][T15879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.394877][T15879] RIP: 0033:0x7f35f378d5fc
[  572.394896][T15879] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  572.394913][T15879] RSP: 002b:00007f35f464f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  572.394936][T15879] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378d5fc
[  572.394952][T15879] RDX: 000000000000000f RSI: 00007f35f464f0a0 RDI: 0000000000000003
[  572.394965][T15879] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  572.394977][T15879] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  572.394990][T15879] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  572.395014][T15879]  </TASK>
[  572.620581][    C0] vkms_vblank_simulate: vblank timer overrun
[  572.747475][T15883] /dev/rnullb0: Can't open blockdev
[  572.808326][T15885] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:00d8:0200:7d01 with DS=0xe
[  573.031958][T15891] FAULT_INJECTION: forcing a failure.
[  573.031958][T15891] name failslab, interval 1, probability 0, space 0, times 0
[  573.050205][T15891] CPU: 1 UID: 0 PID: 15891 Comm: syz.3.3628 Not tainted syzkaller #0 PREEMPT(full) 
[  573.050232][T15891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  573.050245][T15891] Call Trace:
[  573.050252][T15891]  <TASK>
[  573.050260][T15891]  dump_stack_lvl+0x189/0x250
[  573.050295][T15891]  ? __pfx____ratelimit+0x10/0x10
[  573.050321][T15891]  ? __pfx_dump_stack_lvl+0x10/0x10
[  573.050352][T15891]  ? __pfx__printk+0x10/0x10
[  573.050382][T15891]  ? fs_reclaim_acquire+0x7d/0x100
[  573.050404][T15891]  ? rcu_is_watching+0x15/0xb0
[  573.050427][T15891]  ? __pfx___might_resched+0x10/0x10
[  573.050448][T15891]  ? lock_acquire+0x5f/0x360
[  573.050469][T15891]  should_fail_ex+0x414/0x560
[  573.050498][T15891]  should_failslab+0xa8/0x100
[  573.050518][T15891]  kmem_cache_alloc_noprof+0x73/0x390
[  573.050547][T15891]  ? security_file_alloc+0x34/0x330
[  573.050569][T15891]  security_file_alloc+0x34/0x330
[  573.050598][T15891]  init_file+0x93/0x2f0
[  573.050625][T15891]  alloc_file_pseudo_noaccount+0x15b/0x2c0
[  573.050652][T15891]  ? __pfx_alloc_file_pseudo_noaccount+0x10/0x10
[  573.050687][T15891]  bdev_file_open_by_dev+0x181/0x240
[  573.050714][T15891]  setup_bdev_super+0x5a/0x5b0
[  573.050735][T15891]  get_tree_bdev_flags+0x366/0x4d0
[  573.050757][T15891]  ? __pfx_affs_fill_super+0x10/0x10
[  573.050782][T15891]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  573.050809][T15891]  vfs_get_tree+0x8f/0x2b0
[  573.050831][T15891]  do_new_mount+0x2a2/0xa30
[  573.050857][T15891]  ? ns_capable+0x8a/0xf0
[  573.050878][T15891]  ? __pfx_do_new_mount+0x10/0x10
[  573.050899][T15891]  ? path_mount+0x61c/0xfe0
[  573.050920][T15891]  ? user_path_at+0x44/0x60
[  573.050954][T15891]  __se_sys_mount+0x317/0x410
[  573.050980][T15891]  ? __pfx___se_sys_mount+0x10/0x10
[  573.051005][T15891]  ? rcu_is_watching+0x15/0xb0
[  573.051026][T15891]  ? __x64_sys_mount+0x20/0xc0
[  573.051049][T15891]  do_syscall_64+0xfa/0xfa0
[  573.051076][T15891]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.051096][T15891]  ? clear_bhb_loop+0x60/0xb0
[  573.051118][T15891]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  573.051137][T15891] RIP: 0033:0x7f35f378ebe9
[  573.051175][T15891] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  573.051193][T15891] RSP: 002b:00007f35f464f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  573.051215][T15891] RAX: ffffffffffffffda RBX: 00007f35f39c5fa0 RCX: 00007f35f378ebe9
[  573.051229][T15891] RDX: 0000200000000040 RSI: 00002000000000c0 RDI: 0000200000000080
[  573.051244][T15891] RBP: 00007f35f464f090 R08: 0000000000000000 R09: 0000000000000000
[  573.051258][T15891] R10: 0000000000a0c00e R11: 0000000000000246 R12: 0000000000000002
[  573.051271][T15891] R13: 00007f35f39c6038 R14: 00007f35f39c5fa0 R15: 00007ffda6dbd4f8
[  573.051299][T15891]  </TASK>
[  573.051359][T15891] /dev/rnullb0: Can't open blockdev
[  573.474767][ T5908] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[  573.574991][T15903] /dev/rnullb0: Can't open blockdev
[  573.635454][ T5908] usb 3-1: Using ep0 maxpacket: 16
[  573.643305][ T5908] usb 3-1: config 0 has an invalid interface number: 227 but max is 0
[  573.651775][ T5908] usb 3-1: config 0 has no interface number 0
[  573.658029][ T5908] usb 3-1: config 0 interface 227 has no altsetting 0
[  573.669099][ T5908] usb 3-1: New USB device found, idVendor=05ac, idProduct=0264, bcdDevice=28.6b
[  573.679794][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.687913][ T5908] usb 3-1: Product: syz
[  573.692860][ T5908] usb 3-1: Manufacturer: syz
[  573.697671][ T5908] usb 3-1: SerialNumber: syz
[  573.704869][ T5908] usb 3-1: config 0 descriptor??
[  573.712685][ T5908] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.227/input/input128
[  574.045437][    T9] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  574.165738][ T5220] bcm5974 3-1:0.227: could not read from device
[  574.172949][ T5220] bcm5974 3-1:0.227: could not read from device
[  574.181304][ T5908] usb 3-1: USB disconnect, device number 93
[  574.182283][ T5220] bcm5974 3-1:0.227: could not read from device
[  574.217468][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  574.238883][T15909] input: syz0 as /devices/virtual/input/input129
[  574.243827][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  574.263701][    T9] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  574.283719][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.300208][    T9] usb 4-1: config 0 descriptor??
[  574.310694][    T9] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  574.539010][T15911] kAFS: No cell specified
[  574.784706][ T5908] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  574.794180][T15913] FAULT_INJECTION: forcing a failure.
[  574.794180][T15913] name failslab, interval 1, probability 0, space 0, times 0
[  574.807442][T15913] CPU: 1 UID: 0 PID: 15913 Comm: syz.2.3637 Not tainted syzkaller #0 PREEMPT(full) 
[  574.807470][T15913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  574.807484][T15913] Call Trace:
[  574.807492][T15913]  <TASK>
[  574.807501][T15913]  dump_stack_lvl+0x189/0x250
[  574.807536][T15913]  ? __pfx____ratelimit+0x10/0x10
[  574.807563][T15913]  ? __pfx_dump_stack_lvl+0x10/0x10
[  574.807594][T15913]  ? __pfx__printk+0x10/0x10
[  574.807624][T15913]  ? fs_reclaim_acquire+0x7d/0x100
[  574.807645][T15913]  ? rcu_is_watching+0x15/0xb0
[  574.807668][T15913]  ? __pfx___might_resched+0x10/0x10
[  574.807690][T15913]  ? lock_acquire+0x5f/0x360
[  574.807711][T15913]  should_fail_ex+0x414/0x560
[  574.807741][T15913]  should_failslab+0xa8/0x100
[  574.807761][T15913]  kmem_cache_alloc_node_noprof+0x76/0x390
[  574.807792][T15913]  ? __alloc_skb+0x112/0x2d0
[  574.807822][T15913]  __alloc_skb+0x112/0x2d0
[  574.807850][T15913]  tcp_stream_alloc_skb+0x3d/0x340
[  574.807874][T15913]  tcp_write_xmit+0xeec/0x67f0
[  574.807927][T15913]  tcp_sendmsg_locked+0x2b9f/0x5620
[  574.807975][T15913]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  574.807997][T15913]  ? rcu_is_watching+0x15/0xb0
[  574.808020][T15913]  ? __local_bh_enable_ip+0x12d/0x1c0
[  574.808050][T15913]  tcp_sendmsg+0x2f/0x50
[  574.808072][T15913]  __sock_sendmsg+0xe5/0x270
[  574.808095][T15913]  sock_write_iter+0x258/0x330
[  574.808117][T15913]  ? __pfx_sock_write_iter+0x10/0x10
[  574.808152][T15913]  ? bpf_lsm_file_permission+0x9/0x20
[  574.808181][T15913]  ? security_file_permission+0x75/0x290
[  574.808206][T15913]  vfs_write+0x5c9/0xb30
[  574.808229][T15913]  ? __pfx_sock_write_iter+0x10/0x10
[  574.808249][T15913]  ? __pfx_vfs_write+0x10/0x10
[  574.808274][T15913]  ? __fget_files+0x2a/0x420
[  574.808303][T15913]  ksys_write+0x145/0x250
[  574.808324][T15913]  ? __pfx_ksys_write+0x10/0x10
[  574.808345][T15913]  ? rcu_is_watching+0x15/0xb0
[  574.808369][T15913]  do_syscall_64+0xfa/0xfa0
[  574.808398][T15913]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.808419][T15913]  ? clear_bhb_loop+0x60/0xb0
[  574.808440][T15913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  574.808461][T15913] RIP: 0033:0x7faabf58ebe9
[  574.808479][T15913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  574.808498][T15913] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  574.808520][T15913] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  574.808536][T15913] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  574.808549][T15913] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  574.808561][T15913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  574.808574][T15913] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  574.808597][T15913]  </TASK>
[  574.934686][ T5908] usb 5-1: Using ep0 maxpacket: 16
[  575.123929][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.138109][ T5908] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.149154][ T5908] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  575.163870][ T5908] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  575.173775][ T5908] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.184383][ T5908] usb 5-1: config 0 descriptor??
[  575.535507][ T5908] usbhid 5-1:0.0: can't add hid device: -71
[  575.549621][ T5908] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  575.561423][ T5908] usb 5-1: USB disconnect, device number 24
[  576.082459][T15919] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  576.167911][T15925] tipc: Enabling of bearer <udp:s> rejected, already enabled
[  576.477884][T15922] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3639'.
[  576.635618][   T10] usb 4-1: USB disconnect, device number 76
[  576.921769][T15943] kAFS: No cell specified
[  577.143014][T15960] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  577.165286][   T44] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[  577.337957][   T44] usb 3-1: Using ep0 maxpacket: 16
[  577.357369][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  577.381563][   T44] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.391954][   T44] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  577.405972][   T44] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  577.417161][   T44] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.435339][   T44] usb 3-1: config 0 descriptor??
[  577.755692][T15970] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3661'.
[  577.888024][   T44] usbhid 3-1:0.0: can't add hid device: -71
[  577.904734][   T44] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  577.914353][   T44] usb 3-1: USB disconnect, device number 94
[  578.365925][ T5908] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  578.480419][T15986] binder: 15981:15986 ioctl 40101288 200000000080 returned -22
[  578.511842][T15986] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3673'.
[  578.526636][ T5908] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  578.532423][T15986] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3673'.
[  578.544723][ T5908] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  578.566528][ T5908] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  578.576184][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.584395][ T5908] usb 4-1: Product: syz
[  578.590962][ T5908] usb 4-1: Manufacturer: syz
[  578.596090][ T5908] usb 4-1: SerialNumber: syz
[  578.615149][ T5908] usb 4-1: config 0 descriptor??
[  578.681386][T15995] FAULT_INJECTION: forcing a failure.
[  578.681386][T15995] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  578.701864][T15995] CPU: 1 UID: 0 PID: 15995 Comm: syz.2.3668 Not tainted syzkaller #0 PREEMPT(full) 
[  578.701895][T15995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  578.701909][T15995] Call Trace:
[  578.701917][T15995]  <TASK>
[  578.701927][T15995]  dump_stack_lvl+0x189/0x250
[  578.701962][T15995]  ? __pfx____ratelimit+0x10/0x10
[  578.701989][T15995]  ? __pfx_dump_stack_lvl+0x10/0x10
[  578.702026][T15995]  ? __pfx__printk+0x10/0x10
[  578.702054][T15995]  ? __might_fault+0xb0/0x130
[  578.702089][T15995]  ? rcu_is_watching+0x15/0xb0
[  578.702113][T15995]  should_fail_ex+0x414/0x560
[  578.702144][T15995]  _copy_from_iter+0x1de/0x1790
[  578.702167][T15995]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  578.702195][T15995]  ? kmem_cache_alloc_node_noprof+0x203/0x390
[  578.702227][T15995]  ? tcp_leave_memory_pressure+0xea/0x100
[  578.702250][T15995]  ? __pfx__copy_from_iter+0x10/0x10
[  578.702274][T15995]  ? __sk_mem_schedule+0x7f/0xf0
[  578.702297][T15995]  tcp_sendmsg_locked+0x1e9d/0x5620
[  578.702347][T15995]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  578.702370][T15995]  ? rcu_is_watching+0x15/0xb0
[  578.702394][T15995]  ? __local_bh_enable_ip+0x12d/0x1c0
[  578.702423][T15995]  tcp_sendmsg+0x2f/0x50
[  578.702446][T15995]  __sock_sendmsg+0xe5/0x270
[  578.702470][T15995]  sock_write_iter+0x258/0x330
[  578.702503][T15995]  ? __pfx_sock_write_iter+0x10/0x10
[  578.702529][T15995]  ? bpf_lsm_file_permission+0x9/0x20
[  578.702556][T15995]  ? security_file_permission+0x75/0x290
[  578.702582][T15995]  vfs_write+0x5c9/0xb30
[  578.702604][T15995]  ? __pfx_sock_write_iter+0x10/0x10
[  578.702626][T15995]  ? __pfx_vfs_write+0x10/0x10
[  578.702650][T15995]  ? __fget_files+0x2a/0x420
[  578.702685][T15995]  ksys_write+0x145/0x250
[  578.702707][T15995]  ? __pfx_ksys_write+0x10/0x10
[  578.702730][T15995]  ? rcu_is_watching+0x15/0xb0
[  578.702754][T15995]  do_syscall_64+0xfa/0xfa0
[  578.702783][T15995]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.702803][T15995]  ? clear_bhb_loop+0x60/0xb0
[  578.702826][T15995]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.702851][T15995] RIP: 0033:0x7faabf58ebe9
[  578.702869][T15995] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.702887][T15995] RSP: 002b:00007faac048b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  578.702909][T15995] RAX: ffffffffffffffda RBX: 00007faabf7c5fa0 RCX: 00007faabf58ebe9
[  578.702924][T15995] RDX: 00000000fffffd9d RSI: 0000200000000200 RDI: 0000000000000003
[  578.702937][T15995] RBP: 00007faac048b090 R08: 0000000000000000 R09: 0000000000000000
[  578.702950][T15995] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  578.702962][T15995] R13: 00007faabf7c6038 R14: 00007faabf7c5fa0 R15: 00007fffe25850d8
[  578.702985][T15995]  </TASK>
[  578.828291][T15973] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.995054][T15973] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  579.068761][T15997] input: syz0 as /devices/virtual/input/input130
[  579.208995][T15999] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3670'.
[  579.391783][T16007] ip6_tunnel: non-ECT from fe88:a43d:e1a4:0000:0000:00e8:0300:7d01 with DS=0xe
[  579.418248][T16008] sctp: [Deprecated]: syz.3.3662 (pid 16008) Use of struct sctp_assoc_value in delayed_ack socket option.
[  579.418248][T16008] Use struct sctp_sack_info instead
[  579.502068][T16012] /dev/rnullb0: Can't open blockdev
[  579.608028][T16010] kAFS: No cell specified
[  579.858655][ T5908] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[  579.989186][T16021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3681'.
[  580.028900][ T5908] usb 6-1: Using ep0 maxpacket: 16
[  580.036493][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  580.052571][ T5908] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  580.063166][ T5908] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  580.079760][ T5908] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  580.089450][ T5908] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  580.101584][ T5908] usb 6-1: config 0 descriptor??
[  580.312912][ T5908] usbhid 6-1:0.0: can't add hid device: -71
[  580.322835][ T5908] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  580.333571][ T5908] usb 6-1: USB disconnect, device number 25
[  580.907155][   T44] wlan1 speed is unknown, defaulting to 1000
[  580.914027][   T44] syz0: Port: 1 Link DOWN
[  580.933572][ T5901] wlan1 speed is unknown, defaulting to 1000
[  580.970457][T16033] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  580.990432][T16033] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  581.043457][T16033] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  581.064673][T16033] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  581.127157][T16033] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  581.142250][   T44] usb 4-1: USB disconnect, device number 77
[  581.170719][T16033] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  581.543016][T16047] netlink: 'syz.2.3687': attribute type 46 has an invalid length.
[  581.962666][T16082] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  581.969448][T16082] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  581.984834][T16082] vhci_hcd vhci_hcd.0: Device attached
[  582.035753][   T30] audit: type=1326 audit(33349.976:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.062120][   T30] audit: type=1326 audit(33349.976:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.087031][   T30] audit: type=1326 audit(33349.976:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.114050][   T30] audit: type=1326 audit(33349.976:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.164739][   T30] audit: type=1326 audit(33349.976:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.199807][   T30] audit: type=1326 audit(33349.976:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.218743][T16090] kAFS: No cell specified
[  582.256983][   T30] audit: type=1326 audit(33349.976:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.280033][   T30] audit: type=1326 audit(33349.976:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.303339][   T30] audit: type=1326 audit(33349.976:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.305868][  T981] usb 38-1: SetAddress Request (2) to port 0
[  582.333432][   T30] audit: type=1326 audit(33349.976:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16081 comm="syz.2.3693" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7faabf58ebe9 code=0x50000
[  582.356683][  T981] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd
[  582.494674][   T44] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  582.677809][   T44] usb 5-1: Using ep0 maxpacket: 16
[  582.692806][   T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.801310][   T44] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.847019][   T44] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  582.866312][   T44] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  582.876094][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.905166][   T44] usb 5-1: config 0 descriptor??
[  583.085940][T16116] input: syz0 as /devices/virtual/input/input131
[  583.121779][   T44] usbhid 5-1:0.0: can't add hid device: -71
[  583.137699][   T44] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  583.190135][   T44] usb 5-1: USB disconnect, device number 25
[  583.262057][T16122] netlink: 25 bytes leftover after parsing attributes in process `syz.5.3703'.
[  583.403975][T16132] IPv6: NLM_F_CREATE should be specified when creating new route
[  583.479748][T16133] fuse: Unknown parameter 'f¨'
[  583.717845][ T5867] block nbd4: Receive control failed (result -107)
[  583.775827][T16152] ------------[ cut here ]------------
[  583.781686][T16152] WARNING: fs/buffer.c:1125 at bdev_getblk+0x580/0x660, CPU#1: syz.4.3707/16152
[  583.791069][T16152] Modules linked in:
[  583.795308][T16152] CPU: 1 UID: 0 PID: 16152 Comm: syz.4.3707 Not tainted syzkaller #0 PREEMPT(full) 
[  583.806680][T16152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  583.817154][T16152] RIP: 0010:bdev_getblk+0x580/0x660
[  583.822728][T16152] Code: 26 fb ff ff e8 b1 77 78 ff 48 c7 c7 60 21 ba 8b 48 c7 c6 ae 71 ce 8d 4c 89 fa 4c 89 e9 e8 d8 4e df fe eb bd e8 91 77 78 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[  583.842749][T16152] RSP: 0018:ffffc90003d6f6b0 EFLAGS: 00010283
[  583.848988][T16152] RAX: ffffffff8248573f RBX: ffff88802301d098 RCX: 0000000000080000
[  583.857171][T16152] RDX: ffffc9000c8db000 RSI: 0000000000000f78 RDI: 0000000000000f79
[  583.865217][T16152] RBP: 0000000000000200 R08: 0000000000000001 R09: 0000000000000000
[  583.873223][T16152] R10: 0000000000000406 R11: 0000000000000002 R12: ffff88802301d9f0
[  583.881343][T16152] R13: ffff88802301d080 R14: 0000000000000200 R15: 1ffff11004603a13
[  583.889389][T16152] FS:  00007fe09b9e96c0(0000) GS:ffff8881258c4000(0000) knlGS:0000000000000000
[  583.898411][T16152] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  583.905082][T16152] CR2: 000055f3b7314950 CR3: 0000000036232000 CR4: 00000000003526f0
[  583.913358][T16152] Call Trace:
[  583.916891][T16152]  <TASK>
[  583.919867][T16152]  ? blk_cgroup_bio_start+0x59d/0x640
[  583.925346][T16152]  ? lock_release+0x4b/0x3e0
[  583.929982][T16152]  ? blkg_tryget+0x20/0x250
[  583.934658][T16152]  ? blkg_tryget+0x20/0x250
[  583.939387][T16152]  __bread_gfp+0x89/0x3c0
[  583.943791][T16152]  udf_read_tagged+0xad/0xe00
[  583.948593][T16152]  ? submit_bio_noacct_nocheck+0x938/0xb50
[  583.954551][T16152]  ? bio_associate_blkg+0x6d/0x230
[  583.959934][T16152]  udf_check_anchor_block+0x99/0x550
[  583.965354][T16152]  ? udf_get_last_block+0x286/0x360
[  583.970604][T16152]  ? __pfx_udf_check_anchor_block+0x10/0x10
[  583.976610][T16152]  ? __bread_gfp+0x340/0x3c0
[  583.981260][T16152]  udf_load_vrs+0x6e3/0xf20
[  583.985871][T16152]  ? __pfx_udf_load_vrs+0x10/0x10
[  583.991208][T16152]  ? udf_get_last_session+0x100/0x200
[  583.996838][T16152]  ? __pfx_udf_get_last_session+0x10/0x10
[  584.002960][T16152]  ? __raw_spin_lock_init+0x45/0x100
[  584.008433][T16152]  udf_fill_super+0x5ad/0x17a0
[  584.013245][T16152]  ? __pfx_udf_fill_super+0x10/0x10
[  584.018552][T16152]  ? set_blocksize+0x21e/0x500
[  584.023389][T16152]  ? sb_set_blocksize+0x104/0x180
[  584.028521][T16152]  ? setup_bdev_super+0x4c1/0x5b0
[  584.033613][T16152]  get_tree_bdev_flags+0x40b/0x4d0
[  584.038829][T16152]  ? __pfx_udf_fill_super+0x10/0x10
[  584.044070][T16152]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  584.049809][T16152]  vfs_get_tree+0x8f/0x2b0
[  584.054359][T16152]  do_new_mount+0x2a2/0xa30
[  584.058983][T16152]  ? ns_capable+0x8a/0xf0
[  584.063367][T16152]  ? __pfx_do_new_mount+0x10/0x10
[  584.068556][T16152]  ? path_mount+0x61c/0xfe0
[  584.073120][T16152]  ? user_path_at+0x44/0x60
[  584.077850][T16152]  __se_sys_mount+0x317/0x410
[  584.082587][T16152]  ? __pfx___se_sys_mount+0x10/0x10
[  584.087900][T16152]  ? rcu_is_watching+0x15/0xb0
[  584.092988][T16152]  ? __x64_sys_mount+0x20/0xc0
[  584.097833][T16152]  do_syscall_64+0xfa/0xfa0
[  584.102387][T16152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.108558][T16152]  ? clear_bhb_loop+0x60/0xb0
[  584.113282][T16152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.119269][T16152] RIP: 0033:0x7fe09ab8ebe9
[  584.123829][T16152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.143705][T16152] RSP: 002b:00007fe09b9e9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  584.152305][T16152] RAX: ffffffffffffffda RBX: 00007fe09adc6090 RCX: 00007fe09ab8ebe9
[  584.160360][T16152] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[  584.168496][T16152] RBP: 00007fe09ac11e19 R08: 0000000000000000 R09: 0000000000000000
[  584.176607][T16152] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[  584.184665][T16152] R13: 00007fe09adc6128 R14: 00007fe09adc6090 R15: 00007ffe60e82618
[  584.193204][T16152]  </TASK>
[  584.196507][T16152] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  584.203830][T16152] CPU: 1 UID: 0 PID: 16152 Comm: syz.4.3707 Not tainted syzkaller #0 PREEMPT(full) 
[  584.213237][T16152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  584.223414][T16152] Call Trace:
[  584.226735][T16152]  <TASK>
[  584.229765][T16152]  dump_stack_lvl+0x99/0x250
[  584.234386][T16152]  ? __asan_memcpy+0x40/0x70
[  584.238991][T16152]  ? __pfx_dump_stack_lvl+0x10/0x10
[  584.244218][T16152]  ? __pfx__printk+0x10/0x10
[  584.248827][T16152]  vpanic+0x281/0x750
[  584.253002][T16152]  ? __pfx__printk+0x10/0x10
[  584.257621][T16152]  ? __pfx_vpanic+0x10/0x10
[  584.262242][T16152]  ? is_bpf_text_address+0x292/0x2b0
[  584.267743][T16152]  ? is_bpf_text_address+0x26/0x2b0
[  584.272966][T16152]  panic+0xb9/0xc0
[  584.276707][T16152]  ? __pfx_panic+0x10/0x10
[  584.281142][T16152]  __warn+0x334/0x4c0
[  584.285233][T16152]  ? bdev_getblk+0x580/0x660
[  584.289848][T16152]  ? bdev_getblk+0x580/0x660
[  584.294489][T16152]  report_bug+0x2be/0x4f0
[  584.298856][T16152]  ? bdev_getblk+0x580/0x660
[  584.303484][T16152]  ? bdev_getblk+0x580/0x660
[  584.308336][T16152]  ? bdev_getblk+0x582/0x660
[  584.313057][T16152]  handle_bug+0x84/0x160
[  584.317328][T16152]  exc_invalid_op+0x1a/0x50
[  584.321855][T16152]  asm_exc_invalid_op+0x1a/0x20
[  584.326904][T16152] RIP: 0010:bdev_getblk+0x580/0x660
[  584.332128][T16152] Code: 26 fb ff ff e8 b1 77 78 ff 48 c7 c7 60 21 ba 8b 48 c7 c6 ae 71 ce 8d 4c 89 fa 4c 89 e9 e8 d8 4e df fe eb bd e8 91 77 78 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[  584.351847][T16152] RSP: 0018:ffffc90003d6f6b0 EFLAGS: 00010283
[  584.358114][T16152] RAX: ffffffff8248573f RBX: ffff88802301d098 RCX: 0000000000080000
[  584.366099][T16152] RDX: ffffc9000c8db000 RSI: 0000000000000f78 RDI: 0000000000000f79
[  584.374217][T16152] RBP: 0000000000000200 R08: 0000000000000001 R09: 0000000000000000
[  584.382320][T16152] R10: 0000000000000406 R11: 0000000000000002 R12: ffff88802301d9f0
[  584.390609][T16152] R13: ffff88802301d080 R14: 0000000000000200 R15: 1ffff11004603a13
[  584.398708][T16152]  ? bdev_getblk+0x57f/0x660
[  584.403346][T16152]  ? blk_cgroup_bio_start+0x59d/0x640
[  584.408739][T16152]  ? lock_release+0x4b/0x3e0
[  584.413581][T16152]  ? blkg_tryget+0x20/0x250
[  584.418135][T16152]  ? blkg_tryget+0x20/0x250
[  584.422763][T16152]  __bread_gfp+0x89/0x3c0
[  584.427128][T16152]  udf_read_tagged+0xad/0xe00
[  584.431822][T16152]  ? submit_bio_noacct_nocheck+0x938/0xb50
[  584.437730][T16152]  ? bio_associate_blkg+0x6d/0x230
[  584.442948][T16152]  udf_check_anchor_block+0x99/0x550
[  584.448267][T16152]  ? udf_get_last_block+0x286/0x360
[  584.453495][T16152]  ? __pfx_udf_check_anchor_block+0x10/0x10
[  584.459498][T16152]  ? __bread_gfp+0x340/0x3c0
[  584.464373][T16152]  udf_load_vrs+0x6e3/0xf20
[  584.468909][T16152]  ? __pfx_udf_load_vrs+0x10/0x10
[  584.474064][T16152]  ? udf_get_last_session+0x100/0x200
[  584.479471][T16152]  ? __pfx_udf_get_last_session+0x10/0x10
[  584.485210][T16152]  ? __raw_spin_lock_init+0x45/0x100
[  584.490624][T16152]  udf_fill_super+0x5ad/0x17a0
[  584.495491][T16152]  ? __pfx_udf_fill_super+0x10/0x10
[  584.500722][T16152]  ? set_blocksize+0x21e/0x500
[  584.505533][T16152]  ? sb_set_blocksize+0x104/0x180
[  584.510847][T16152]  ? setup_bdev_super+0x4c1/0x5b0
[  584.515885][T16152]  get_tree_bdev_flags+0x40b/0x4d0
[  584.521023][T16152]  ? __pfx_udf_fill_super+0x10/0x10
[  584.526237][T16152]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  584.531893][T16152]  vfs_get_tree+0x8f/0x2b0
[  584.536324][T16152]  do_new_mount+0x2a2/0xa30
[  584.540843][T16152]  ? ns_capable+0x8a/0xf0
[  584.545312][T16152]  ? __pfx_do_new_mount+0x10/0x10
[  584.550346][T16152]  ? path_mount+0x61c/0xfe0
[  584.554948][T16152]  ? user_path_at+0x44/0x60
[  584.559474][T16152]  __se_sys_mount+0x317/0x410
[  584.564256][T16152]  ? __pfx___se_sys_mount+0x10/0x10
[  584.569472][T16152]  ? rcu_is_watching+0x15/0xb0
[  584.574391][T16152]  ? __x64_sys_mount+0x20/0xc0
[  584.579294][T16152]  do_syscall_64+0xfa/0xfa0
[  584.584072][T16152]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.590232][T16152]  ? clear_bhb_loop+0x60/0xb0
[  584.595020][T16152]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  584.601026][T16152] RIP: 0033:0x7fe09ab8ebe9
[  584.605650][T16152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  584.625643][T16152] RSP: 002b:00007fe09b9e9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  584.634162][T16152] RAX: ffffffffffffffda RBX: 00007fe09adc6090 RCX: 00007fe09ab8ebe9
[  584.642344][T16152] RDX: 0000200000000080 RSI: 0000200000004a00 RDI: 0000200000000000
[  584.650325][T16152] RBP: 00007fe09ac11e19 R08: 0000000000000000 R09: 0000000000000000
[  584.658395][T16152] R10: 0000000002008087 R11: 0000000000000246 R12: 0000000000000000
[  584.666479][T16152] R13: 00007fe09adc6128 R14: 00007fe09adc6090 R15: 00007ffe60e82618
[  584.674550][T16152]  </TASK>
[  584.691728][T16152] Kernel Offset: disabled
[  584.696373][T16152] Rebooting in 86400 seconds..