last executing test programs:

3.681579526s ago: executing program 2 (id=436):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x204801, 0x0) (rerun: 32)
ioctl$RTC_ALM_READ(r1, 0x40187013, 0x0) (async)
ioctl$RTC_AIE_OFF(r1, 0x7002)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000940), 0xffffffffffffffff) (async)
ioctl$RTC_UIE_OFF(r1, 0x7004) (async)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
accept4$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed}, &(0x7f00000000c0)=0xe, 0x80800)
sendmsg$TIPC_CMD_GET_LINKS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000080)={0x24, r2, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {}, {0x8, 0x11, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x20000014}, 0x0)

3.615466859s ago: executing program 2 (id=437):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_vmresume={0x130, 0x18}, @enable_nested={0x12c, 0x18}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x68})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x1ff, 0x80000001, 0x5, 0x5, 0x491, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x8000, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5396, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0xc, 0x463f, 0x7fffffff, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x169001, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

2.658407528s ago: executing program 2 (id=450):
creat(&(0x7f0000000000)='./file0\x00', 0x182)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.587842131s ago: executing program 2 (id=454):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000001e0009002abd7000ffdbdf2502000000080001"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
r1 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000380)={0x0, <r2=>0x0})
r3 = syz_clone(0x3080000, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r3, 0x12)
landlock_restrict_self(0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4)
sendmsg$IEEE802154_LLSEC_LIST_KEY(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x24030000, 0x0, 0x4050000}, 0x4008040)
r5 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r6=>0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000480)={0x110000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x10}, &(0x7f00000001c0)=""/217, 0xd9, &(0x7f00000002c0)=""/140, &(0x7f0000000400)=[r1, 0x0, r2, r3, r5, r6], 0x6, {r7}}, 0x58)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000500), r4)

2.502565195s ago: executing program 2 (id=458):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
statx(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x2000, 0x800, 0x0)
read$FUSE(r0, &(0x7f0000008340)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004300)="00e7a0633e8438bafa888b9b02144af32e296a0a01dc194d649b6fa26d6d5e63bac4a04baeeb8aacb22c6eec461b67db6a737737c6d2687acb00572f92e3fdb5d0cb2f11121c557a943020200755bcab77b39c406b733239e2bb1175b9322ba39dc7d67da8f77aed1714dae2e6c24c3ea96be9d151c6ab7b3c54bbe507b8b2461fb4be8dc90042184af6d48f8ace16abb5e3fc943cf61cdb75624a259bdb5f7829b9775820f85f2d1a6ee6c6c2af4fd41ab8a41ecb2612abf13cd2c6f9f3e6db505e4bbe68cc000cf5fa6d5636191a4b366ab59af52132a3f9678d4ed1bd577bacffb3b52850804005eebf3dfa4763168ff30490a11acdbbf4c3312a45f30139f6b72b1e7cdec185006bb30e0e8fa88da2cefc718cae7e9830f7ca101e4e23c6bd16bfacf4a9927fb13af4b79c86ab999beda4ad396abdda354a42fb4ef21d6749175dc21a0cf9191aa4f90d274b50370a580ad8dcd166d2b06c0d8b071973c3fde30f7e2bc371a51ca5866bf8b24eaac75bf482dd4436b214ff62d32e20df223b0b680ede28b3a49e66e330a8a3ecace0db9855d235d5ff23765e742d1a739c2ac8743f4c62664a3b347279da55a1a5b16e1e2828b584a013577d50f890e3894d9e8d6bfccdfb2b70221f12a7fac24b7a8818edce72b65f622c77bf1312771a2c0d805ec9a25c536c91868762032255be78903b77b2c1a773a03996fabba69214e76f5df6df0375b592692a2c3c86c75a3be56fe598ddaea0b9901d20db7e43e128e04e5509283f833c24c625887288459db5727210ba9a301fb8c934dd1d8dca68039fe5b2e1a8d7cdfc6d875e5851098100c3cd42544ed90bb55b58d20a501fabbc485d148c615a3b070fa0520da2ed68ee115a4411d5418b47f3d95616096f67a7a36d68f1e8df82eca8ef96fb4a96b3422fe046a37ea5f5967513a559bd770fecab7228b0692f439765c9e9c6ea4fc608e0b27f9b49064dd2f9ac06f83f6d87ebc61fa3a29bb5ed39641245ce8cf43770df32a84838802b0827ca5a40e2003915e2ed108a005637bb028d29bd2cfd28a1bd55e67ed1b6b7b72163c27c4b0e36d1b134d6dfdb165a66fb46498fc04bb8053b84098af5b18758631d1318d625a6fa4d3ce5a4d3a90e10c6363a26b5ae96c2d56f87ad21a6118af6847d041f88f852ddc3f250c088ef5cb31198f3ac81cff9a5bab26ed56c09f8416188974e08349f7da28fc754b98c1ac4ea0060ac1e1b1c49f7dbadbc59254b265dc418cab9ac14e2bbecc4c3103543e37984efb1f61315e10d2b422732217d3a9b0cfe4561f3765d3bda60be239e02bdc164dd631582e8c87dd8fa60d63dcf9e7f3dadc4ce5e4433a42425b8ee8cb8a2defab0bf9b6109c90b5655b79b18c06884f2670a985d454e08e54de69f645cb0cbb70620bd988ee717c310ae77b4abe81c01c6e7f47268ee20bc30b9062830917705682eba2c5ef966b877f33294aa5f8b29d3dd5ed92302087f34fa18d19a005de05f925e3e93c8c0f24507ff20cd23d9ae5452c32ff58c78ccdb1ab32c98edfaa6d2c3971934ca8f849ac360c286566eb72b0793f12cef84bd282368d533247ee750f18aeda484167f3d680e4aaa3aa0694441d4ff6a71531f1a30f87eeb71afd04c5d686e1f86f27586f4e2c8ff77c09612ba1af9b3fb93efd31af42f8e0498f35d07c662b743a08f2839cad8f95b90cbb4fc0ed2ca45dd093a549cde4c6ff08ce09a2cbc6f9f78b6f96643357f92f8f403202742057731fd3e343a87c0affe803cfdbddb8c2694ab63f2dc35da705624747e30a943000fc82c40f10e1975d2e2ec15aefd531b6dbc053606b054dc976f44d5b5a5f37e9c08532ce16cf8bca55ab6c814ceb855ab50b8b52620f8645a9dc25fcb732080d84bf39c3ebb235b4d96da527b64ec4b72f69e91d16a4efcaf76f2e1f968ca68a06f60b01ec7becc9ffd7877c0992cb0f80fb3daabc039513896bd7697843be06aba53e7761e11e075c61ef2d897d4d9f90041c14283746feeb3f0d456ba4be27843350fe43e7c1110b4439489139f6dae01c43f23ec71f08d3042663c65e059d368e4e2c6e49de45bf078d3182a1bc1208bc59379e705aa3309579947409f2a8b3d79099c8619f916e7a6fa333d2312a274247156b8c25cbcfcc59ef13339c700f56a8691dff39bd4338789001872c0d90929037dc0ad99b380a6ba73f331f73f9274f4c2bf5233d7482edf37bf6ffed4f2c0ee44a1d57cae0d644f25591dc03bf837571a82d0c31b61be7ff85a5b3843e8f96a50eaa43f5c137ecfc4e4530d08a2afa4ba02fcc50117a4ad0d5862302017639344c82749f673dbd650e49b35302d0acbab45c0973198291bb42b4cfcd3b0c252074341ea8eca19e122cd234da6d41bf5eedb706e16c17687ed8b84db67130796d26b94eac83bbcd785b603242bd6252c155711efd7dd22cc54e1eaf6d910d0f22c701f3d4da0314dd2829c6ee13bbcbd126558b47b8066bf0766c792a012315bd29bfeda8f28a2c1f4e638b701758e19a0e5bd5b4f19048b00a877d956292e345f8a3a8367892f955bcb5e50ca145ec5e2c9309e25941bd277e393aaad38f9b72a42514b27da6856223c37a1fc1327fa760551d3fdeb0b222ab180b16c9eea138cf4f327e88fdfee293c5b6b007028eb796a60772148282dcd17ffc1c90ed8b6540ede933545ed5a5301d6ff39734444ff3d85cda4ac3befa5083a4685e9e231eba4a91a35f4f7f48fd5ac2447c64c010e2a9f8e80691c95460e1995444466ec5f3cd71fe509a26ff0b7f3254bc8c3255e903834e841b37c70b267fb33deb0d1ed4ea84a869453ba508fc255b12cf847103d5195046c930ae4a75c956f22fcfe4186d547686b54bd7a534940d5d62216994eac0e8ed3bd2bd59354e6b9c6b5b10511d54a8b928040f1e13c4a423b0cf519fc6e9673df5c48c0778c7edb8fa8d8ace77463a77d2d6313160e1ee72742953e433b670400d59c93464fd91520847db238610ed0c289fc55647881a7d6257cf28090c75a6f19df079cfd35742a74a5ab270314f7c8039c20ff0f3f543d029b75a741b5dc6425241ac2ffabf1f96288e6d4ba34da09fb6049c2c8753fbd41fdb4bc68c57bf374ef4feb0df00c41319debb26afba2ff39e1799a1c2137f4e920ee5b02d93789b6b0c853e8143dae5b08ee85da2ea7c31803610ce797293ea95c16ade6dae2afb008e59d8b9505737f008b5227df5f1e4eb5d707f502698a17ead9b1f5ec09dff34248ff2fb153dc6df4812e39754a4baa42e1d8b77fbddef3ca091701ac28ae5fd422dbd8db5b122d3965383abc37a52d2fca5ce56eba974dba3d059cefe40e3c35c9daa8ae31198214303c1dcb90d58fc983ccfd504fa43925636f94b128d44e8aa5cd3ecfabd50a84062d03f7508a0575ab65ecc749d3ef566fdbc529a8139b7a7fb3a9bd784df52cddc6f2699044ba47615163fbbe19f3d88d38a8b71fe52b2611ca74341429d1cef1a7e350545be29d2caa560e60352cab074c298c44ca2c07f9795ce52f10aa3e2fcdef371f24e309b19e52218881f25a4674527edbe3b3bd0b9b536d810c6f9500c0c81bcfd9a440dd91c1d35c52758d2b2ae1a8497bb394c4f09d3947cf777727b0d1daf5ac4fe4fa3c247a791702cb84b96321b7fec81bf549d4eb5d6dafe019b26187417c68b064e4308908535a3e77b6cd3e28caaf12d726f15590b7958e40134d045a38cbb689131a7e85532f1c63dd4bac9e4d00645cd7b2b71704563f3738b92044a8153f6ba717800ab7cb238175c376d7add2c5ec38e4c856f1ab9c3ee33f6ca6d576ae908dd290e4bae23470182e253765e04e8eb02a791c4396a511ef467879a9e2818b8a4b1b0b39a6c44e816e3ebf6e3be93929dfcb38d5dad7d20b60215447674d0608b8b02331ac20e57083cb9b4449fecbb149441aea0ad82f00a82d87d743fc80d410922bc20923516885440f43c9f32beb81ce148def6140952583a7825c2d2fe012d52d30ef66d32a8a0864ac5c1737e2506228d41ff0515ee80be4cf012927dde0fd2a07cac68eff8c4437f2844d4df07936fd8753e5909f962c5c767f8719cc295bdfa8a16f3f36ff56e34d7b14b6b8c46d5af248b04a9c5396f84990e23d145670950bce5f5638e5e2cea37c371a4483729338f1305cbb32fa1c05dd9d21d2a69e5fa3abe9a2dad2237be20b4088393c04aa66cf13718de4bffac72f641a8c017a1d5568fa15a6a06e4dc833874ec95af6f115bdadf15179bfc8c4e3e64f26f1299e282c4ab397340934efc1e601afc630fe195e8ae7d8da1310568cab4f2fad085d0ec39710d8b7c812b3fd55c6f50925bcfc90fbcb35b8daa0f1e1f69d82fae2034039f7ad6921694ed48a55a68bc541e6d86f1e33c261a92d48b50eb58a03d8e31b2f6564a4ddc3ee988d0dc47b4b610a9a9dcb87571b5c1edb3362df0ec3d58872157e0f7247dfa8100b4478b705702a5620c9201010f40232327550db333e845dbecd6aadbd0a94c064862b1100b6dd45ece811b8c0275e3753e11b4bcd8bc5ed7668e72afa5bc5cc17b4c313273755f532ecfdefdf2d5c47999453a3b7c158d98332f0bd3a820cfb2c8c3bcd43197e7395a032cec6e41662079f2f654965aebc393e22b5c8516d9b8ad01e33ee481a4ac46a2df304dadeaa9e5274d340aaebe14dcea315fe1279f1a41a5c7aa8c94bf4b3d48757503171f53488e01210145e62c0de7c39737848dbdb1b207d4d33b8de180b020e8a76b1b521905e5e3ce97292f8558fb68efdee774681bfffcf1dc3eef35f660dd1659a32950de2d50e762313beee330d9c2a9fe8ce5e4e61ddd86378d3551335f6ef62053d3b248a8c33a11abdf3f3aa1975a15f4a6957a13d5b12a44d0f2b52b9a2d996e98c630c0f2abca80c7ae89efcf81ae284a0d19582cb1319d207077e5657d245533181ed6e07e0f7647123fc46c37bd75b4f4d181112b4a08acdcf445332cb9dde69a0923dd9244dd2ecd818b19588939922e3b2d8dd9d9fed95fa55b0e4564b38aca2c4d24eebc634664400177fbdeaeb278bb1d8eb11baf4be5c87d4f8d9a855bfa75df4c51fb4eec87a27c59df9a47d82523b08022a1c0fb22ff6f93c3d2cc22a4111a6ec5be428cba33617be65739c2240248f3a02d01ddf2d6aca9e537a2296b16d082d2b868504371dd5e41898885b03ebfaca73b40e8924ece83c1c80de6ce14943e1199c6f81bf359f44c3ed5ae3c6eacb730b1039f0b6555347bd566dfff45a7a2176420ab2b40916a73b66a3ad07af6e1ac5597393d203fa1ad34d4564af956a0a3e2997e27a4e5eff67dd89cce8875d995e00c1858234f149f6ad4cac2b8056966f726df57b8c4ee8f22f23097ba1471b1f1036e3a499400fccdb75b56eb13e9eca1407d5bff4b075b06d00fcbfcafc28431eb33156232e73c6577e3eca437330c494ede57b9609e1f40634918dea767338b5542197410cdc000143ace89ca0b7bf645b3267f74767d7c7fce05d2f59c137204e56bfa711f66903c511f681cf7a1b4f9fc0f42b7c438ff8957e1059375321df5b0c5c884f46d94c21686e1300582d34928bc398653118f79bfeea2e7cfbbf31a7718f4aab50fae57db94203d43e060365c9a7455241be03d82dffc3783d0f6aa170c0866eb0dad07485831526922d8348a7a16e2e9903a2ac93c58c6dce83127fab17703ec004a519ae5675baffb31bf4b52f9ca992a84017a44d68dc693abd829947342f277fdcbc87168bcc03c32b8b1e81a1915af2517c464af07d52b79d1b0e53164c82ba049f81e92ed1dc20a88fd72e9ce7aa4b22a7cc57dc5527d14f62bc29cfc9d57ed26fd523cac39ac00ba12d3a49d694709924275fc0793d56acf9558818dc9eb210749fa5307d45886b879257d627cee0542b51c2ce6ce134100efb47c92456ece5b73cdc051f570810a8d534222649eb56cf73a377162b753de6c282bcd4a25dda21dd10901bd8dfe8fd4ba8a70811c39707beded23dd60f23e2933372e3a6bce099899b07f0a4c4956fd98e956a8649622c77717de099463c0c6c9389ab4a1ae10f8ddd086d876af2943ee0b6b402ae5f89e09922e8c510ec0caa0a83e366e916400bfec88a52ab457037a35ddc6a8e2289c33684a5915c37bf5d227cbc65a737b52bdcb4fbbb7b4e7f965db116b46044d0870846c730dce12e120b1fe6dd5798ced24cad72c59a3f44de4978b8bc05a1dbeb766be6e2abf6ef46c67a58a370e54e92d89e5f44525e82b94a388d8d0cb20c3469a258c1633c9dddb6854aee255f93f59435ff317622f6899250aa185c207644275278580c5d32401741fe264a2e03b80f442ed58fd0704ebac923ac6a5abb7f0c695252f82e3fbcf2b99d721589a8fe3fad4d5926aee3d7bfafb6739e525faae3d25b12841fa2cc61dddc44d36acb9a8b72d60ecdd9c8cf04f9bac341b5e0f9bc59042db8126324888b07afe72b18cce36d61eec975b6b4ef5dc4a16ac14440cf770599bd4db630bd110eb63a03a80cd95c16d314a4de60cc5115bf0754cb7ab84a827ecefafa96069c721a5979f227fdc2467b4cd1975dafb5b28e1d6f3c1c3a2816ad831dd98c1378a03798c128f176426eaa0e361571e758d54bf4ec2c988355f016e16d6cd5cf97bb4891ab33f5623b7e796af313cc7a9e2f9510cd2bead1ea5dd080d9de1f595b2629ebccf69a0feaed3963ae8a6c89edd66fbf6e566379898185828925f8669668d6bddff961b08aaedbbe7fc196931a887ec740da6bcdab8f826a34aa2aa1e406a258558f3baf022a64222df4d6ee8726c79ba3dd6e11a19e4b4bb49b4a8cd99c189e6392f08ad731e415b65d0ccb919dca46efe9f79e21437111ab09e926d3038182044ae047bf1cc92e2d2644c528985719667a1a8abaf65d0f211172ea789b2fa016e1a88325d1ed706239da4dbb9e2079e3598b4ae5885667587ba1e0921c9ba55d7a3be4c47bc2f2f3547ce9efe32e5a22855f761bd4cbe1cd9337eda4bd7d82a918084d7e116b656104ca87e64b1b8c62323c3c296c5b5b98051feb607b872edf9f789744aff710c4b7279711182bcac6b76c05f5cd982f52f451e7e29046550e012e01d8cdd3e305427030f4247488c9136303084c12175c5c781cdd08aede5a356ea0ccdd05a460be3c7b4bfd62c3ce9ab68e285a36c1546d0b18edad71f69f5bedb340772e1bbb035514b085067259e39f59dc292a12557350c66904b253efee29a5eb7a6920f583c899dc46a1d3e2af2db3a3d1a0e8d1f98722a16c6cc1e401058d60c8c436d8f1166ba53bdde5810f9d0288528affd486c266546a864c92af3df8abd451cc1e0d6bfea534865cea9d49b3ea5e390fa823118df8a61e31022f5fbb8ceee870bf2e60890263c4d14e24d053d0fddf665ff80a66fa00a5957f8a30fe82a4b82cf2f6b4d49def98f66bfcdaa0aef13314e950ca9f3849b1edf3b82eaf74a0dbcf45c3dba9bd2d853281a78484f1efaf4150da1207ec3cb61fbcbf759f8182b7052b28d7164b73197b0a440759fe9d5ddf827f1897a174e82fb968a9a07c61bee44bc1f7f9ee5c6de04c02d57735c5fab741b36aec7c8642e56cba932a08b8e8a9d3eb066a4ee7cbf22e5abbd4346de59eca1f24ad9f7f9ff7621e5f30dd08f4cddda8e80e496908109f5212a72bab1378d1237def07bdda4178719975346c68405de15153031fb17535894e5e3c1de6fdd507333f0226b78ba7cae509cfb48d6735ede9392650bf85ac1db919b1e9fe0a823119d8253204dbb2f7a8f524be6d419f3a45c5051a7a88ef0bd41586d90c11a894d647f03895f671a6e19f1c70e32668653aba8366a3d372522f49844081a9637db080663ab02f4a8af502955d5411461b62f85308c91852f8fb9f0bdddd500b4a133791d3a2f91a82dc4b09f5ad2196a9172ab0cd3fafe7266e9f6d159110d99ca8da8a34b17be17a04ad4509a9fffab1e45e10f10e0cf9cfbd9c761ad044064c07e473fdc626289cfb88b13a11455c069b70aa02426d9119ac878a14c9483be9c0d5bcbb5fa76c8d06531f59c7cf7c26372e750e2f332418ca769e5e7fbeb3ada7bb58b573a0635e2e3ad9a53ddb809ea01086a3fa993ad57e89da6f9c5e61bd0f8ba69212a386b2aa1ae17520d7fb989dbe14021885eb50fa3048aebd42c861a09a308b660d382c0480ead8a52a1e14927c7c77957f94bb59ccfd557f8c4a7af23360a298a603d20ebc386db041d8c306b3e32b0bff541bdec5ff75c3b40950815cf9f89d48a382f67e44c409d046c01fb1262aca0df6f5238a3c3c09977261494f7361ba326815d6e23f49e4d6d4b54665081067332265fff59cf54af9da0db9d19bc611cbcb6e6f3f1e2e1ffb6cdd6253578d78d06a2ff5f9250f1994c5749e3ce49231fbd63bba28e948f9150933e3ae31299babaa41043b181a100882e613b4b4b8f49ceeb742d22f860853a9b917f5a323a8a1fb1f3363a7be4407fba44b408f259b5db79a055b92ce3d7a0649cc59f4afa2b1f69959d5c6f5eef1fa7987a47bee4491f685c52e9db1ee1a231ab5a4bae1019c97868a409dd0d57b32525394a233023c4a7ac429808bbcb57a34b41883202744c3bdebc0a637773273f19c2be6e806bef7fc1002846db762ee4e16867773808c5477987d5851d5b1641d070feabc203cb3d7943ffb206272fcac1bccb616352d85975f5a22c0f247548535ad9fb83fb2be17689453f10691143c060cd964df63c3c70e7b1cfc7e2b468015f327f9869353477bfeeed330b03ddd9e4e0a2441182244da283d7a59d2b2b20e6de3e3a47c26aeef4944c1190bba674523a6c3c4ed6bac53b9edffcb0e9fb19d8bf36949d03ef6a7e59eb903a00d9614f642d1932c766421906f5b177963c71e881453560e3ffcec792e8dc46b1832a8fcb2ab2268a9c1fb648d1c6fa1c8cbd50d5a2d8264fbc6c063e6daac5519d362da389dcd3d12c8039f991de91e728abf5bab95c3aef66dd8cc36c60e73cb10afb02eff6df20ff12c59b142b07fc48fe94612de80b8b958f78256fd7cf3c6f79a83867f3bb5f70da392957badadecefdf7b6e4ebd39ff945397c7d302ca0a5a3918d8abb893cd9cdd680916a50fe19699ff0476ad82e6ba46523f26ccc5eb65313c1df1077c8876d2b73bf86ba311862d12b0c557a92ef827197121512e87f817167d4b17c7e225a48b3f8fbbf4187438e0e9b78e905cdbeb72e80dfb37ec0104f5186b39b4ff34f0cdf4b74dc915acd3f98874cd6a67308d0ad9697121ac477550b1affe004f433705933f9647522be65cb5a7471120ec942aeb956f195be0c1783102cf7d842f2968222ae1a7fa6513f200d3fa85d71724956ed697f0673ee3b40a4d46ba4850439ec125b708ed52b52b9f72906477d520c90a9f5dd49a7a33a328137a183f439895532b78ae451a8c3db789bc862fbc37241d523027e1a008629c969380f6eb55f9cf3f0675bca6851f00df6aaf90de9f62d5c179945ef81d1073850301f97e379ea415d830e3f3751cf83e2dba541cb6cdd89e6b674f2c53e329e5f3dd418d534ada6469a5b3bca5b7cfbdfdd6df4abaf77d4520d0311e801145c91b52586a56086e663841b702f52cef9fff8cfb7b33dfa125688ba6b4fadd1dca8defaf4259ca85323b23d3bbb45933562c25af3e8d7bc6ad4a50ae974f8d207994b3bd74a6812ab6a40fcaf96bb4e17bd20d742b14c72226caef3e0f5c56c4930071e9f9a894f18650fbb785c6f707605c86b634c9722c8690cf3a954f68d7c2db3a257339ade67a41259f6f878dd0ab7876deffa77f6f00819282a8f4c4da84c6cf4f335cd0410770a2b1a1fbb3f85f4489eeceb78bbfddb2d1866c57b41f6ed179a0bc3750a486403d23473f2feef43ebc5af1018d9c20089e277d77fb9c34f425c8f8af4c49864b57572fa8c232e61ef37194251a1ddc2f73ffecd57e638751cb72bcb2c40d22540166ca1e8588f24b010c9fbd962e3a2c23a7e93f131df61b8703ce326ed80cc87912d3c6aaa27574bbe8d65bcaecd660c31cead132a44b1d0e4a53cacc0b82a263c4e7783944af0af08ea9e68e8e25ed9111cfef841f1b2fd24164f9097f70efe09b1109e5cb91fe68a2760381fd63a7fd422dd578a60661abc9ee3a5db1c2cde2fb21f2040f1ed3fc27b99e254256949d0560e8b98fa028fca50768caa951a87bf8969af498d50a9ee773c9caa7d9f7d8e1955506013f198cda316d79b177e59f233b98f727afd2494fc18642f0015adab756ea6742690c7d00f28655b915ce4eb8b3ba2e8559ba23e1ff1ccc9f79ae2df85f924459c56715dec78ef4592352eb1a850cd65ecd36e1a9121e888586b7b2fa84da920b8cf44480433e61ab076b10171c0537524bb170a4b99b0b0c437418a665b7ef909652b6483b20362e557c1480c2a2a0efa221fc59054a48122b52d38245f9bd026001635be5b155f5c766a59306fbde231fa72b4d74449a2fe8fb969496ee26af5881adaafb4189b439877ab8f78709cfd32c10ea576a010bfc137b7a4aae137ea3d29070ce3bc8dbe6655e967115ca3461ad9d28b9cf8af07441e68a54ec5e889846f3978f07ba51f7d5af5da78c5c675dc5d0c1a4a399ff4247203573a46fb903eaf7bc886e6cbd3126fa4a3fe3bb13bbdfea7da871f6563aa750f6ad7895b34b2809563dcf5ed30f1c60cef4138aa49d4f55e396534ed10cf4d857723a2b442f47d79de162c30ec6c4daf939b4c88649494e3682d1da81b4a5928d8e18a16c46707a685305e592589acb484e28e9d5af89c44b6e563d125ec97c0155410527406d94b90bc9576a662db99da1cb82b04d610d02187ce08f22ea0e8fd31919d53fa6aaf980e31ca7f8610e695a41919c24136a8406c62d5f15fca365892a2b54ece17664b5247583ad60d863f283f3c288946139575dcaedc978762e85f534e56334ef0221c34ffae054ddf79339b8f08701e9699b11041df8f518dd33203363c8098fbefb01555bcc2542422777b38d8dff11b15aadb0c251ce2c5b32f8735b3cb784f2e5731b48feb5a0e791a1106abdea0f7d1f087737cbe7fdf523fa14c9be2a2987511004c5b7ac1814ef6961db16799698242452c469a07c30e4a1f73193c74a41bdd88aef50035e4648bc9dfa276951798420a45e4085932bdb9381af3cc4678bd962af616549e4020d2c9fd25e2117a6d8934fde2218273d7833d60ea492e251417a27e7fb32012a940a6b6487af4b64958bf05f1b1107732149d227eeda5ca5a43cf583dc297d66072a1acd75e93a7caefd36a0d581e21d5cb08654c4ecef46ebac5391546e0b7d2a6418548d8f816446bcf237f676e873e6bae9107234abe5ab24c53ea472ad10653cef068fd9f4e729fc0d526e489f8df13af5575f1e70e0ec22899728b0659d70fc2dd509d9df3ec170638f89e540f4d3f02aa9b1b1819f84da596e0d7b45a5818061728f8eeccd2bea0f460dd7e18cb95f2364c50e351f0690e184eb63ebbb14a0b4b2117e44f3b2b3", 0x2000, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x130, 0x0, 0x2, {0x0, 0x0, 0x0, '\x00', {0x7ff, 0x7ff, 0xae3, 0x10, r2, 0x0, 0x5fff, '\x00', 0x6, 0x81, 0x1, 0x3, {0x4, 0x6}, {0x4000000000006, 0xb}, {0x2000002, 0x9}, {0x1000000000, 0xa00}, 0x2, 0x871, 0x4, 0x7}}}})
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x2810901}}, 0x50)
r3 = syz_usb_connect$hid(0x3, 0x36, &(0x7f00000001c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x8, 0xb43, 0x3, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xff, 0x70, 0x1, "", [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x1, 0x1, 0x7, {0x9, 0x21, 0xff7f, 0x77, 0x1, {0x22, 0xfb1}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0x1, 0x2}}}}}]}}]}}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r4, 0x0, 0x1, &(0x7f0000000840), 0x4)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$lan78xx(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000004600)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x7, "270a81bb"}]}}, 0x0}, 0x0)

2.486321836s ago: executing program 3 (id=460):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_vmresume={0x130, 0x18}, @enable_nested={0x12c, 0x18}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x68})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x1ff, 0x80000001, 0x5, 0x5, 0x491, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x8000, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5396, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0xc, 0x463f, 0x7fffffff, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x169001, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.566537992s ago: executing program 3 (id=464):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8000}, 0x4)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r3=>0x0})
sendmsg(r1, &(0x7f0000000000)={&(0x7f0000000040)=@xdp={0x2c, 0x8, r3, 0x33, 0x10000000}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000240)="007413000b30e90000002d3922ff85e2fdaca2611e6d8fd5086d7a4b8f857acbb1f83a", 0x23}], 0x1}, 0x40011)

1.511623934s ago: executing program 3 (id=465):
creat(&(0x7f0000000000)='./file0\x00', 0x182)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.448591638s ago: executing program 3 (id=466):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c1)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
request_key(&(0x7f0000000000)='user\x00', &(0x7f0000000040)={'syz', 0x2}, 0x0, 0xfffffffffffffffe)
keyctl$set_reqkey_keyring(0xe, 0x2)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$evdev(r2, &(0x7f0000000100)=[{{}, 0x11, 0xf, 0x8}], 0x18)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="5953fdffffff0000df256b00000008000300", @ANYRES32=0x0, @ANYBLOB="10001d80060000800500090009000000"], 0x2c}, 0x1, 0x0, 0x0, 0x8441}, 0x4000000)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000300)={&(0x7f0000000180), 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x44, r1, 0x4, 0x70bd27, 0x7ff, {{}, {@void, @void}}, [@NL80211_ATTR_BSS_SELECT={0x30, 0xe3, 0x0, 0x1, {0x2c, 0x0, [@NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x8}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x3}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x2, 0x7}}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x8}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44800}, 0x4040000)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = epoll_create(0x3)
epoll_wait(r5, &(0x7f0000000000)=[{}], 0x1, 0x1ff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x2000, 0x1a8)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)
fchdir(r6)
newfstatat(0xffffffffffffff9c, &(0x7f0000003200)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x1000)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x3ff, 0x2, 0x5}, 0x1c)
r7 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'ip6gre0\x00', <r8=>0x0})
sendto$packet(r7, &(0x7f00000003c0)='\t\x00\x00\x00', 0x4, 0x24042801, &(0x7f0000000c80)={0x11, 0x8100, r8, 0x1, 0x9, 0x6, @broadcast}, 0x14)
sendmsg$IPCTNL_MSG_EXP_DELETE(r4, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="900000000202010400000000000000000a0000047c0002800c00028005000100000000002c00018014000300fe8000000000000000000000000000bb140004"], 0x90}, 0x1, 0x0, 0x0, 0x20008044}, 0x40)

1.332687563s ago: executing program 1 (id=467):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@acquire={0x16c, 0x17, 0x1, 0x0, 0x0, {{@in6=@dev={0xfe, 0x80, '\x00', 0x41}}, @in=@dev={0xac, 0x14, 0x14, 0x26}, {@in=@remote, @in6=@dev={0xfe, 0x80, '\x00', 0x16}, 0x4e21, 0x0, 0x4e20, 0x0, 0x0, 0x0, 0x56befe125658cb64}, {{@in6=@private2, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x80, 0x20, 0x3a, 0x0, 0xee00}, {0x0, 0x0, 0x10001}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2}, 0xfffffff9}, [@tmpl={0x44, 0x5, [{{@in=@broadcast, 0x4d3, 0x3c}, 0x2, @in6=@loopback, 0x0, 0x2, 0x0, 0xac, 0x3, 0x1, 0x9}]}]}, 0x16c}, 0x1, 0x0, 0x0, 0x24004000}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000a380)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f00000006c0)={0x50, 0x0, r3, {0x7, 0x1f, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x80}}, 0x50)
write$FUSE_DIRENT(r0, &(0x7f0000000200)={0xd8, 0xfffffffffffffffe, r3, [{0x4, 0x3e1142f2, 0x5, 0x4, 'fuse\x00'}, {0x1, 0x3, 0x3, 0xfff, '.>.'}, {0x2, 0x80, 0x0, 0x6}, {0x3, 0x110, 0xb, 0x401, '[\x9b)/\'-!$$)&'}, {0x5, 0x9, 0xa, 0x5, '/dev/fuse\x00'}, {0x4, 0x8, 0x1, 0x6, '\x00'}]}, 0xd8)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x200002, 0x0)
r4 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
write(r4, &(0x7f0000000040)="1c0000001a009b8a070000003b9b701f40000400000000120000000000", 0x1d)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r5, {0x7, 0x29, 0x1000, 0xffffffff85000014, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}}, 0x50)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000140), 0x82084, 0x0)
ioctl$TCSETSF2(r7, 0x402c542d, &(0x7f0000000200)={0xd0f, 0x200, 0x4, 0xadeb, 0x6, "ff0000000000f5ff00", 0x4000000, 0xfffeffff})
r8 = socket$key(0xf, 0x3, 0x2)
ioctl$NILFS_IOCTL_CHANGE_CPMODE(r8, 0x40106e80, &(0x7f0000000300)={0x7})
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000001280)=0xff)
syz_fuse_handle_req(r0, &(0x7f00000067c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
r9 = gettid()
setpgid(r9, 0x0)
getdents(r6, &(0x7f0000000700)=""/90, 0x20000)

1.175400432s ago: executing program 1 (id=468):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x8000}, 0x4)
r1 = socket(0x11, 0x3, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x80)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0xc0d8, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000080)={0x2832, 0x0, 0x2}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000280)='/proc/cpuinfo\x00', 0x0, 0x0)
write$cgroup_netprio_ifpriomap(r4, &(0x7f0000000180)={'ip6tnl0', 0x32, 0x35}, 0xa)
r6 = syz_open_dev$loop(&(0x7f00000001c0), 0x5, 0x89841)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r5, 0xffc, {0x2a00, 0x80010000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x14, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d09000000000000008dd4992861ac100000000000000000000000000000000000008000", "90be6cd8006000000000000000000000000000000000000300000000008000", [0xb, 0x10]}})
r7 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x2)
fcntl$setlease(r7, 0x400, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
flock(r4, 0x5)
landlock_restrict_self(0xffffffffffffffff, 0x0)
ioctl(r4, 0x4, &(0x7f0000000440)="1ca4765343276473621db9fec8b0f166d0f4a8aeae4ef0638367c5db91ddbd7dae963d5ab56285016f80bc7e563db05a6f4811df465a5ec5ef7b703d7f03558f0fc83939ea064dd8cb4e183dd4abe073d6090df6883c")
link(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00')
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r8=>0x0})
sendmsg(r1, &(0x7f0000000000)={&(0x7f0000000040)=@xdp={0x2c, 0x8, r8, 0x33}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000240)="007413000b30e90000002d3922ff85e2fdaca2611e6d8fd5086d7a4b8f857acbb1f83a", 0x23}], 0x1}, 0x40011)

1.175027462s ago: executing program 1 (id=469):
r0 = socket(0x10, 0x3, 0x0)
close(0x3)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000e80)=ANY=[@ANYBLOB="14000000100001"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x10)
recvmmsg(r1, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000880)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}], 0x7, &(0x7f0000000600)=""/191, 0xbf, 0xa1}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001400)=ANY=[@ANYBLOB="14000000520001f6"], 0x14}, 0x1, 0x0, 0x0, 0x404c000}, 0x40)

1.174547012s ago: executing program 1 (id=470):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@nested_vmresume={0x130, 0x18}, @enable_nested={0x12c, 0x18}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x50})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5396, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0xc, 0x463f, 0x4, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$NLBL_MGMT_C_LISTDEF(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0xc084)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1.043974728s ago: executing program 1 (id=471):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@nested_amd_vmsave={0x183, 0x18, 0x1}, @nested_vmresume={0x130, 0x18}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x50})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x1ff, 0x80000001, 0x5, 0x5, 0x491, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x8000, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5396, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0xc, 0x463f, 0x7fffffff, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000300)={0x7, 0x8, 0x4, 0x100, 0x1, 0x0, [{0x80, 0x1, 0xffffffff80000000, '\x00', 0x1100}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

843.581028ms ago: executing program 3 (id=472):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@nested_vmresume={0x130, 0x18}, @enable_nested={0x12c, 0x18}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x50})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5396, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0xc, 0x463f, 0x4, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_CAP_PTP_KVM(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300))
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x28400, 0x0)

776.629161ms ago: executing program 3 (id=473):
syz_clone3(&(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0}}, 0x58)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x6, &(0x7f0000000380)='\a', 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1fc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x93c, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x144, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x1}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x32}, 0x0, @in6=@empty, 0x3502}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3, 0x1, 0x0, 0x7}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x2b}, 0x2, @in=@empty, 0x3500}, {{@in=@broadcast, 0x0, 0x32}, 0x20, @in6=@mcast1, 0x0, 0x4}]}]}, 0x1fc}}, 0x14000)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
r3 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\x03\x00l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\xea\xe8\x015\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz\xc213\x9b\x87\xd5\x99\r\xa2P\x03\x1cl\x0f\xcb)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af', 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
syz_clone3(&(0x7f00000001c0)={0x100001200, &(0x7f0000000040), 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
mprotect(&(0x7f000085f000/0x1000)=nil, 0x1000, 0x3000001)
ioctl$UDMABUF_CREATE(r5, 0x40187542, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000000)=0x8, 0xae)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f000000b840)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12141, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
pipe(&(0x7f00000000c0))
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r6 = gettid()
r7 = getpid()
rt_tgsigqueueinfo(r7, r6, 0x5, &(0x7f0000000280)={0x0, 0xa4, 0x6})
signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)

722.038294ms ago: executing program 32 (id=473):
syz_clone3(&(0x7f0000000080)={0x11, 0x0, 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0}}, 0x58)
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x6, &(0x7f0000000380)='\a', 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@updpolicy={0x1fc, 0x19, 0x1, 0x0, 0x0, {{@in6=@private2, @in6=@empty, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x20, 0x8}, {0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x93c, 0x1d}, {0x0, 0x0, 0x0, 0x2dd}}, [@tmpl={0x144, 0x5, [{{@in=@dev={0xac, 0x14, 0x14, 0x3b}, 0x0, 0x2b}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x1}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x32}, 0x0, @in6=@empty, 0x3502}, {{@in6=@loopback, 0x0, 0x3c}, 0x2, @in=@remote, 0x0, 0x1, 0x3, 0x1, 0x0, 0x7}, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x2b}, 0x2, @in=@empty, 0x3500}, {{@in=@broadcast, 0x0, 0x32}, 0x20, @in6=@mcast1, 0x0, 0x4}]}]}, 0x1fc}}, 0x14000)
r2 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
write$selinux_attr(r2, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
r3 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\x03\x00l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\xea\xe8\x015\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz\xc213\x9b\x87\xd5\x99\r\xa2P\x03\x1cl\x0f\xcb)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af', 0x0)
r4 = userfaultfd(0x801)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
syz_clone3(&(0x7f00000001c0)={0x100001200, &(0x7f0000000040), 0x0, 0x0, {0x11}, 0x0, 0x0, 0x0, 0x0}, 0x58)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
mprotect(&(0x7f000085f000/0x1000)=nil, 0x1000, 0x3000001)
ioctl$UDMABUF_CREATE(r5, 0x40187542, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000000)=0x8, 0xae)
sendmmsg$inet6(r0, &(0x7f00000002c0)=[{{&(0x7f0000000400)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xfffffffd}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f000000b840)=[{{0x0, 0x0, 0x0}, 0x7}], 0x1, 0x12141, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
pipe(&(0x7f00000000c0))
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r6 = gettid()
r7 = getpid()
rt_tgsigqueueinfo(r7, r6, 0x5, &(0x7f0000000280)={0x0, 0xa4, 0x6})
signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)

619.570919ms ago: executing program 0 (id=475):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8000, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x4, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x4007f, 0xffffffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0xa8a9, 0x20000077, 0x8e, 0xd50, 0x7, 0x5, 0xfffffefd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x96, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff804, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x1ff, 0x80000001, 0x5, 0x5, 0x491, 0x7, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x8000, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x8000, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0x5396, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x32d, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x2, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x8, 0x463f, 0x7fffffff, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x169001, 0x0)
ioctl$FS_IOC_FIEMAP(r4, 0xc020660b, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000000000000800000000000000040000000001000001000000000000000900000100000000070000000000000081ffffffffffffff00000000000000000000000000000000081a00"/88])
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_int(r5, 0x1, 0x20, &(0x7f0000000100), &(0x7f0000000140)=0x4)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0x0, 0x40000000000180, 0x2, 0x80000000, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x0, 0x5, 0x4, 0x8], 0x25000, 0x304})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)

421.878539ms ago: executing program 2 (id=476):
syz_usb_connect$uac3(0x0, 0x80, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000200000020392a8c3f40000102030109026e000301fa8001230b0002010130400904000000010130000a2401060a0076570000090401000001023000090401010101023000090501091000081d040a25250e000000040900090402000001023000090402010101023000090582090004e7800e0a652508000000020700"], 0x0)

338.427253ms ago: executing program 0 (id=477):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000100)={0x2a, 0x6, 0x0, {0x1, 0x4, 0x1, 0x0, '\xa9'}}, 0x2a)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r2 = dup(r1)
bind$inet6(r2, 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000180)={0x50, 0x0, r3, {0x7, 0x29, 0x1000, 0xffffffff85000014, 0x5, 0x7, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800}}, 0x50)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
r5 = socket$inet6_icmp(0xa, 0x2, 0x3a)
getsockopt$IP_VS_SO_GET_VERSION(r5, 0x0, 0x480, &(0x7f0000000040), &(0x7f00000000c0)=0x40)
pwritev(r4, &(0x7f0000000500)=[{&(0x7f0000000000)='0', 0x1}, {&(0x7f00000002c0)='2', 0x1}], 0x2, 0x0, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x4b)
syz_fuse_handle_req(r0, &(0x7f00000042c0), 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006380)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f00000067c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00", 0x2000, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="780000000000000002000000000000040000000000000000000000000000000004"], 0x0, 0x0, 0x0, 0x0})
ioctl$FIGETBSZ(r6, 0x2, &(0x7f0000000140))
getdents(r6, &(0x7f0000000700)=""/90, 0x20000)

135.654423ms ago: executing program 0 (id=478):
r0 = socket(0x10, 0x2, 0x3)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'syztnl1\x00', &(0x7f0000000000)={'syztnl1\x00', <r1=>0x0, 0x29, 0x0, 0xb, 0x0, 0x8a, @private1, @empty, 0x40, 0x40, 0xfffffffc, 0xdc60}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f00000005c0)={'syztnl1\x00', &(0x7f0000000540)={'ip6gre0\x00', r1, 0x0, 0x0, 0x0, 0x0, 0xd, @private2, @loopback, 0x40, 0x7800, 0xfffffffc}})

135.373354ms ago: executing program 0 (id=479):
r0 = socket(0x10, 0x3, 0x0)
close(0x3)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000e80)=ANY=[@ANYBLOB="14000000100001"], 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x10)
recvmmsg(r1, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000880)=""/85, 0x55}, {&(0x7f0000000fc0)=""/4096, 0x1000}, {&(0x7f0000000400)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000200)=""/77, 0x4d}, {&(0x7f00000007c0)=""/154, 0x9a}, {0x0}], 0x8, &(0x7f0000000600)=""/191, 0xbf, 0xa1}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000001400)=ANY=[@ANYBLOB="14000000520001f6"], 0x14}, 0x1, 0x0, 0x0, 0x404c000}, 0x40)

109.518385ms ago: executing program 0 (id=480):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=ANY=[@ANYBLOB="200000001e0009002abd7000ffdbdf2502000000080001"], 0x20}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
r1 = getpid()
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000380)={0x0, <r2=>0x0})
r3 = syz_clone(0x3080000, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r3, 0x12)
landlock_restrict_self(0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010300000ae6f72087a003"], 0x3c}}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000000), r4)
sendmsg$IEEE802154_LLSEC_LIST_KEY(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x24030000, 0x0, 0x4050000}, 0x4008040)
r5 = getpid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=<r6=>0x0)
r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000440)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
syz_clone3(&(0x7f0000000480)={0x110000000, &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0), {0x10}, &(0x7f00000001c0)=""/217, 0xd9, &(0x7f00000002c0)=""/140, &(0x7f0000000400)=[r1, 0x0, r2, r3, r5, r6], 0x6, {r7}}, 0x58)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000500), r4)

26.111169ms ago: executing program 4 (id=474):
creat(&(0x7f0000000000)='./file0\x00', 0x182)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x3000, 0x0, 0x1})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 2)

17.367769ms ago: executing program 0 (id=481):
r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = openat$selinux_policy(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000a, 0x12, r1, 0x0)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1)
sendmsg$BATADV_CMD_SET_HARDIF(r2, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x2c, r3, 0x200, 0x70bd2d, 0x25dfdbff, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x7fff}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
sendmsg$IPCTNL_MSG_CT_DELETE(0xffffffffffffffff, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000dc0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c00000000d330a181cca6b94273e3560f000200000007"], 0x1c}, 0x1, 0x0, 0x0, 0x8811}, 0x4)
write$selinux_load(r0, &(0x7f0000000000)=ANY=[], 0x6000)

0s ago: executing program 1 (id=482):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@nested_vmresume={0x130, 0x18}, @enable_nested={0x12c, 0x18}, @nested_amd_stgi={0x17e, 0x10}, @nested_amd_stgi={0x17e, 0x10}], 0x50})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x3a, [0xfffffff8, 0x8, 0x5, 0x10009, 0x8, 0x155f, 0x6, 0x2, 0x25cd, 0x1, 0xb4, 0xa, 0xb2b9, 0x6, 0x8, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x1000, 0x1, 0x0, 0xd, 0x4, 0x12a0, 0x8004, 0x1, 0x7, 0x6, 0x7, 0x81, 0x8a, 0x79, 0x2, 0x10001, 0x5, 0x91, 0x100004, 0x4, 0x16, 0x0, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x9, 0xf9a2, 0xffffff81, 0xff, 0x2, 0x2, 0x2, 0x2, 0x7, 0x4, 0x7, 0x4, 0x14007f, 0xfff7ffff, 0x9212], [0x9, 0x16e, 0x6, 0x9, 0x4, 0xc66, 0x40a8a9, 0x20000077, 0x8e, 0xd50, 0xa, 0x5, 0xfffffffd, 0x80a, 0x4, 0x5, 0x1000, 0x0, 0x200b395, 0x400000, 0x80000000, 0x4, 0x19, 0x7, 0x1, 0x3, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0x4c2336d3, 0x95, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x1, 0x2, 0x5, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1ce, 0x1, 0x80000004, 0x80000001, 0x6, 0x2, 0x9, 0x95, 0x80000000, 0x4, 0xfffffff9, 0x40000003, 0x1000, 0xfffff806, 0x5], [0x2, 0x8, 0xffff, 0xc, 0x2, 0x2e6bf784, 0x80000001, 0x5, 0x5, 0x411, 0x5, 0x200006, 0x8, 0x400, 0xfffffffe, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x5, 0x89, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x7, 0x401, 0x3e55, 0x5, 0xd3, 0x8, 0x3437, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x80, 0x9d26, 0x10000, 0x1, 0x2, 0x2, 0x6, 0x8000, 0x0, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0x3, 0x5, 0x1], [0xa772, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x8000007, 0x1e, 0x9, 0x81, 0x3, 0x9d86, 0x9, 0xfffffff7, 0x8, 0x7, 0xa000, 0x936, 0x6, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xffffffff, 0x7fffffff, 0x9, 0xc, 0x2, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x0, 0x6, 0xf, 0xe, 0x5337, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0xc, 0x463f, 0x4, 0xdab, 0x8003, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680))
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
pwrite64(r0, &(0x7f00000002c0)="c82e4bc7642f6ab5321826", 0xb, 0x1)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x20000000002)
ioctl$KVM_CAP_PTP_KVM(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000300))
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_GET_LAPIC(r5, 0x8400ae8e, &(0x7f0000000880))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r6 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r7 = dup(r6)
ppoll(&(0x7f00000001c0)=[{r4, 0x200}, {r6, 0x80}, {r5, 0x84c0}], 0x3, &(0x7f0000000380)={0x0, 0x3938700}, &(0x7f00000003c0)={[0x30000]}, 0x8)
r8 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r8, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_tx_ring(r8, 0x107, 0xd, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r9, 0x5420, &(0x7f0000000000)={0x0, 0x4, 0x0, 0x0, 0x0, "9e4d2236078f0080000004ff98023dffffffff"})
setsockopt$inet_tcp_TLS_RX(r7, 0x11a, 0x2, &(0x7f0000000400)=@ccm_128={{0x303}, "f69c93124630d80a", "886aee893be93f4760cedf6cd94471d6", "d559121d", "00d1c58d87aebc00"}, 0x28)
ioctl$NILFS_IOCTL_RESIZE(r9, 0x40086e8b, &(0x7f0000000140)=0x2)
r10 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r6, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

ass=ieee802154_socket permissive=1
[   38.959749][   T36] audit: type=1400 audit(1774549243.840:155): avc:  denied  { setopt } for  pid=534 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[   38.960102][  T535] cgroup: none used incorrectly
[   38.993824][   T36] audit: type=1400 audit(1774549243.900:156): avc:  denied  { create } for  pid=534 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   39.013493][   T36] audit: type=1400 audit(1774549243.900:157): avc:  denied  { bind } for  pid=534 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   39.034733][   T36] audit: type=1400 audit(1774549243.900:158): avc:  denied  { listen } for  pid=534 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   39.055216][   T36] audit: type=1400 audit(1774549243.900:159): avc:  denied  { connect } for  pid=534 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   39.075087][   T36] audit: type=1400 audit(1774549243.900:160): avc:  denied  { write } for  pid=534 comm="syz.1.64" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[   39.210676][  T546] overlayfs: conflicting options: metacopy=on,redirect_dir=follow
[   39.240157][   T36] audit: type=1400 audit(1774549244.140:161): avc:  denied  { unmount } for  pid=292 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=filesystem permissive=1
[   39.864710][  T567] FAULT_INJECTION: forcing a failure.
[   39.864710][  T567] name failslab, interval 1, probability 0, space 0, times 0
[   39.896122][  T567] CPU: 0 UID: 0 PID: 567 Comm: syz.3.74 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   39.896211][  T567] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   39.896222][  T567] Call Trace:
[   39.896228][  T567]  <TASK>
[   39.896237][  T567]  __dump_stack+0x21/0x30
[   39.896270][  T567]  dump_stack_lvl+0x140/0x1c0
[   39.896290][  T567]  ? __cfi_dump_stack_lvl+0x10/0x10
[   39.896312][  T567]  dump_stack+0x19/0x20
[   39.896332][  T567]  should_fail_ex+0x3d7/0x530
[   39.896354][  T567]  should_failslab+0xac/0x100
[   39.896373][  T567]  kmem_cache_alloc_node_noprof+0x45/0x420
[   39.896472][  T567]  ? dup_task_struct+0xc1/0xd80
[   39.896491][  T567]  ? kasan_save_alloc_info+0x40/0x50
[   39.896513][  T567]  ? __kasan_kmalloc+0x96/0xb0
[   39.896529][  T567]  ? __kmalloc_cache_noprof+0x23c/0x470
[   39.896554][  T567]  dup_task_struct+0xc1/0xd80
[   39.896572][  T567]  ? __kasan_check_write+0x18/0x20
[   39.896594][  T567]  ? _raw_spin_lock_irq+0x93/0x120
[   39.896620][  T567]  ? copy_process+0x32a0/0x32a0
[   39.896640][  T567]  ? __kasan_check_write+0x18/0x20
[   39.896664][  T567]  copy_process+0x55a/0x32a0
[   39.896686][  T567]  ? __cfi_copy_process+0x10/0x10
[   39.896705][  T567]  ? __kmalloc_cache_noprof+0x23c/0x470
[   39.896737][  T567]  ? __kasan_check_write+0x18/0x20
[   39.896760][  T567]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   39.896786][  T567]  vhost_task_create+0x1f7/0x400
[   39.896808][  T567]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   39.896828][  T567]  ? __cfi_vhost_task_create+0x10/0x10
[   39.896845][  T567]  ? __cfi_vhost_task_fn+0x10/0x10
[   39.896860][  T567]  ? __kasan_check_write+0x18/0x20
[   39.896879][  T567]  ? mutex_lock+0x97/0x1d0
[   39.896894][  T567]  ? __cfi_mutex_lock+0x10/0x10
[   39.896910][  T567]  ? kernel_text_address+0xa9/0xe0
[   39.896932][  T567]  kvm_mmu_post_init_vm+0x161/0x300
[   39.896961][  T567]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   39.896984][  T567]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   39.897003][  T567]  ? kstrtoull+0x13b/0x1e0
[   39.897022][  T567]  ? kstrtouint+0x78/0xf0
[   39.897039][  T567]  ? ioctl_has_perm+0x1bc/0x500
[   39.897061][  T567]  ? __asan_memcpy+0x5a/0x80
[   39.897080][  T567]  ? ioctl_has_perm+0x408/0x500
[   39.897101][  T567]  ? has_cap_mac_admin+0xd0/0xd0
[   39.897122][  T567]  ? __kasan_check_write+0x18/0x20
[   39.897143][  T567]  ? mutex_lock_killable+0x97/0x1d0
[   39.897204][  T567]  ? __cfi_mutex_lock_killable+0x10/0x10
[   39.897223][  T567]  ? proc_fail_nth_write+0x184/0x220
[   39.897245][  T567]  kvm_vcpu_ioctl+0xa48/0x1000
[   39.897269][  T567]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   39.897291][  T567]  ? __cfi_vfs_write+0x10/0x10
[   39.897313][  T567]  ? __kasan_check_write+0x18/0x20
[   39.897332][  T567]  ? mutex_unlock+0x90/0x240
[   39.897360][  T567]  ? __cfi_mutex_unlock+0x10/0x10
[   39.897376][  T567]  ? __fget_files+0x2c5/0x340
[   39.897393][  T567]  ? __fget_files+0x2c5/0x340
[   39.897408][  T567]  ? bpf_lsm_file_ioctl+0xd/0x20
[   39.897428][  T567]  ? security_file_ioctl+0x3e/0x110
[   39.897449][  T567]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   39.897473][  T567]  __se_sys_ioctl+0x132/0x1b0
[   39.897490][  T567]  __x64_sys_ioctl+0x7f/0xa0
[   39.897506][  T567]  x64_sys_call+0x1878/0x2ee0
[   39.897530][  T567]  do_syscall_64+0x57/0xf0
[   39.897553][  T567]  ? clear_bhb_loop+0x50/0xa0
[   39.897576][  T567]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   39.897598][  T567] RIP: 0033:0x7f26f239c799
[   39.897613][  T567] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   39.897626][  T567] RSP: 002b:00007f26f319e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   39.897645][  T567] RAX: ffffffffffffffda RBX: 00007f26f2615fa0 RCX: 00007f26f239c799
[   39.897656][  T567] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000b
[   39.897666][  T567] RBP: 00007f26f319e090 R08: 0000000000000000 R09: 0000000000000000
[   39.897678][  T567] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   39.897688][  T567] R13: 00007f26f2616038 R14: 00007f26f2615fa0 R15: 00007ffdbfbc56a8
[   39.897701][  T567]  </TASK>
[   40.368710][  T573] fuse: Unknown parameter '0x0000000000000003'
[   40.462329][  T585] veth1_macvtap: left promiscuous mode
[   40.468201][  T585] macsec0: entered promiscuous mode
[   40.475218][  T585] veth1_macvtap: entered promiscuous mode
[   40.481429][  T585] macsec0: left promiscuous mode
[   40.484186][  T587] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   40.502218][  T587] SELinux: failed to load policy
[   40.555186][   T36] audit: type=1400 audit(1774549245.450:162): avc:  denied  { getopt } for  pid=593 comm="syz.1.83" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   40.792484][  T608] fuse: Unknown parameter '0x0000000000000003'
[   41.048942][  T615] FAULT_INJECTION: forcing a failure.
[   41.048942][  T615] name failslab, interval 1, probability 0, space 0, times 0
[   41.062180][  T615] CPU: 0 UID: 0 PID: 615 Comm: syz.3.90 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   41.062211][  T615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   41.062222][  T615] Call Trace:
[   41.062228][  T615]  <TASK>
[   41.062236][  T615]  __dump_stack+0x21/0x30
[   41.062266][  T615]  dump_stack_lvl+0x140/0x1c0
[   41.062290][  T615]  ? __cfi_dump_stack_lvl+0x10/0x10
[   41.062315][  T615]  dump_stack+0x19/0x20
[   41.062337][  T615]  should_fail_ex+0x3d7/0x530
[   41.062363][  T615]  should_failslab+0xac/0x100
[   41.062383][  T615]  __kmalloc_cache_node_noprof+0x46/0x430
[   41.062410][  T615]  ? kasan_save_track+0x4f/0x80
[   41.062448][  T615]  ? __get_vm_area_node+0x14d/0x3d0
[   41.062472][  T615]  ? __kasan_slab_alloc+0x73/0x90
[   41.062489][  T615]  ? kmem_cache_alloc_node_noprof+0x1ca/0x420
[   41.062514][  T615]  ? dup_task_struct+0xc1/0xd80
[   41.062538][  T615]  __get_vm_area_node+0x14d/0x3d0
[   41.062560][  T615]  __vmalloc_node_range_noprof+0x30e/0x1480
[   41.062584][  T615]  ? copy_process+0x55a/0x32a0
[   41.062608][  T615]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   41.062632][  T615]  ? kasan_save_alloc_info+0x40/0x50
[   41.062655][  T615]  ? __kasan_slab_alloc+0x73/0x90
[   41.062673][  T615]  ? arch_dup_task_struct+0x5b/0xe0
[   41.062698][  T615]  ? __asan_memcpy+0x5a/0x80
[   41.062723][  T615]  dup_task_struct+0x5d6/0xd80
[   41.062743][  T615]  ? copy_process+0x55a/0x32a0
[   41.062764][  T615]  ? _raw_spin_lock_irq+0x93/0x120
[   41.062789][  T615]  ? copy_process+0x32a0/0x32a0
[   41.062811][  T615]  ? __kasan_check_write+0x18/0x20
[   41.062834][  T615]  copy_process+0x55a/0x32a0
[   41.062859][  T615]  ? __cfi_copy_process+0x10/0x10
[   41.062878][  T615]  ? __kmalloc_cache_noprof+0x23c/0x470
[   41.062904][  T615]  ? __kasan_check_write+0x18/0x20
[   41.062927][  T615]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   41.062949][  T615]  vhost_task_create+0x1f7/0x400
[   41.062967][  T615]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   41.062988][  T615]  ? __cfi_vhost_task_create+0x10/0x10
[   41.063007][  T615]  ? __cfi_vhost_task_fn+0x10/0x10
[   41.063024][  T615]  ? __kasan_check_write+0x18/0x20
[   41.063047][  T615]  ? mutex_lock+0x97/0x1d0
[   41.063065][  T615]  ? __cfi_mutex_lock+0x10/0x10
[   41.063082][  T615]  ? kernel_text_address+0xa9/0xe0
[   41.063107][  T615]  kvm_mmu_post_init_vm+0x161/0x300
[   41.063131][  T615]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   41.063156][  T615]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   41.063182][  T615]  ? kstrtoull+0x13b/0x1e0
[   41.063204][  T615]  ? kstrtouint+0x78/0xf0
[   41.063224][  T615]  ? ioctl_has_perm+0x1bc/0x500
[   41.063248][  T615]  ? __asan_memcpy+0x5a/0x80
[   41.063271][  T615]  ? ioctl_has_perm+0x408/0x500
[   41.063293][  T615]  ? has_cap_mac_admin+0xd0/0xd0
[   41.063315][  T615]  ? __kasan_check_write+0x18/0x20
[   41.063339][  T615]  ? mutex_lock_killable+0x97/0x1d0
[   41.063358][  T615]  ? __cfi_mutex_lock_killable+0x10/0x10
[   41.063377][  T615]  ? proc_fail_nth_write+0x184/0x220
[   41.063401][  T615]  kvm_vcpu_ioctl+0xa48/0x1000
[   41.063435][  T615]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   41.063461][  T615]  ? __cfi_vfs_write+0x10/0x10
[   41.063486][  T615]  ? __kasan_check_write+0x18/0x20
[   41.063510][  T615]  ? mutex_unlock+0x90/0x240
[   41.063527][  T615]  ? __cfi_mutex_unlock+0x10/0x10
[   41.063543][  T615]  ? __fget_files+0x2c5/0x340
[   41.063564][  T615]  ? __fget_files+0x2c5/0x340
[   41.063581][  T615]  ? bpf_lsm_file_ioctl+0xd/0x20
[   41.063602][  T615]  ? security_file_ioctl+0x3e/0x110
[   41.063624][  T615]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   41.063649][  T615]  __se_sys_ioctl+0x132/0x1b0
[   41.063668][  T615]  __x64_sys_ioctl+0x7f/0xa0
[   41.063686][  T615]  x64_sys_call+0x1878/0x2ee0
[   41.063713][  T615]  do_syscall_64+0x57/0xf0
[   41.063739][  T615]  ? clear_bhb_loop+0x50/0xa0
[   41.063766][  T615]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   41.063790][  T615] RIP: 0033:0x7f26f239c799
[   41.063808][  T615] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   41.063825][  T615] RSP: 002b:00007f26f319e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   41.063846][  T615] RAX: ffffffffffffffda RBX: 00007f26f2615fa0 RCX: 00007f26f239c799
[   41.063862][  T615] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   41.063874][  T615] RBP: 00007f26f319e090 R08: 0000000000000000 R09: 0000000000000000
[   41.063886][  T615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   41.063898][  T615] R13: 00007f26f2616038 R14: 00007f26f2615fa0 R15: 00007ffdbfbc56a8
[   41.063915][  T615]  </TASK>
[   41.911993][  T636] kvm: MONITOR instruction emulated as NOP!
[   43.104017][  T686] Zero length message leads to an empty skb
[   43.162799][   T45] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   43.333749][   T45] usb 2-1: unable to get BOS descriptor or descriptor too short
[   43.344369][   T45] usb 2-1: New USB device found, idVendor=041e, idProduct=30df, bcdDevice= 0.40
[   43.354203][   T45] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   43.363814][   T45] usb 2-1: Product: 㮝þ놄뱯䲿襳ᡚ苎㈟쯉繃ꅐ⛯꫚⬷뽑ꕡ䕐솖滔䣚챸ૐ꼈騠゙常⷟১흆䅙➄ޘ뫒燗广ᣭ䚼孙鐻塬坆ᐜꊟ瀺銡嵂㓣﯇鿲ឞ割⹪ᇄ❣・἞㙯➱啨褑瘸븉
[   43.388086][   T45] usb 2-1: Manufacturer: 花읰ﱳ枋餇궟绲腢഼﹅晇諶ꌌϞ᜘㽝ྵ仯ㄓક沒龗鱴፥Ứ赘ᆤ齰롩㑏
[   43.403322][   T45] usb 2-1: SerialNumber: ᐁ
[   43.610896][   T45] usb 2-1: 1:1 : bogus bTerminalLink 8
[   43.620546][   T45] usb 2-1: 3:0: failed to get current value for ch 0 (-71)
[   43.629025][   T45] usb 2-1: unit 13 not found!
[   43.642313][   T45] usb 2-1: USB disconnect, device number 4
[   43.668521][  T428] udevd[428]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   44.154338][   T36] kauditd_printk_skb: 10 callbacks suppressed
[   44.154359][   T36] audit: type=1400 audit(1774549249.060:173): avc:  denied  { map } for  pid=736 comm="syz.1.130" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=10981 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   44.192223][  T387] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   44.194167][   T36] audit: type=1400 audit(1774549249.090:174): avc:  denied  { read write } for  pid=736 comm="syz.1.130" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=10981 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[   44.283956][  T741] bridge0: port 3(erspan0) entered blocking state
[   44.290829][  T741] bridge0: port 3(erspan0) entered disabled state
[   44.297808][  T741] erspan0: entered allmulticast mode
[   44.303901][  T741] erspan0: entered promiscuous mode
[   44.309432][  T741] bridge0: port 3(erspan0) entered blocking state
[   44.316041][  T741] bridge0: port 3(erspan0) entered forwarding state
[   44.323595][  T742] erspan0: left allmulticast mode
[   44.328738][  T742] erspan0: left promiscuous mode
[   44.334810][   T36] audit: type=1400 audit(1774549249.240:175): avc:  denied  { setopt } for  pid=740 comm="syz.0.131" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   44.354777][  T742] bridge0: port 3(erspan0) entered disabled state
[   44.383287][  T387] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[   44.391709][  T387] usb 3-1: config 0 has no interface number 0
[   44.399527][  T387] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   44.424539][  T387] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   44.434374][  T387] usb 3-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[   44.443924][  T387] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   44.453807][  T387] usb 3-1: config 0 descriptor??
[   44.512217][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   44.662164][    T9] usb 2-1: Using ep0 maxpacket: 32
[   44.672196][    T9] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[   44.681097][    T9] usb 2-1: config 0 has no interface number 0
[   44.688057][    T9] usb 2-1: config 0 interface 184 has no altsetting 0
[   44.698734][    T9] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   44.708491][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   44.717006][    T9] usb 2-1: Product: syz
[   44.721471][    T9] usb 2-1: Manufacturer: syz
[   44.726452][    T9] usb 2-1: SerialNumber: syz
[   44.732684][    T9] usb 2-1: config 0 descriptor??
[   44.739300][    T9] smsc75xx v1.0.0
[   44.863194][  T387] prodikeys 0003:041E:2801.0002: item fetching failed at offset 4/7
[   44.871562][  T387] prodikeys 0003:041E:2801.0002: hid parse failed
[   44.880872][  T387] prodikeys 0003:041E:2801.0002: probe with driver prodikeys failed with error -22
[   45.063734][   T70] usb 3-1: USB disconnect, device number 5
[   45.402253][   T45] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   45.563794][   T45] usb 4-1: unable to get BOS descriptor or descriptor too short
[   45.579477][   T45] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 37, changing to 7
[   45.592290][   T45] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 64, changing to 7
[   45.608946][   T45] usb 4-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice= 0.40
[   45.619734][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   45.628938][   T45] usb 4-1: Product: syz
[   45.633376][   T45] usb 4-1: Manufacturer: syz
[   45.638187][   T45] usb 4-1: SerialNumber: syz
[   45.853930][  T762] SELinux:  policydb string length -1627389944 does not match expected length 8
[   45.863448][  T308] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   45.871239][  T762] SELinux: failed to load policy
[   45.877933][  T762] tipc: Started in network mode
[   45.883551][  T762] tipc: Node identity ac14140f, cluster identity 4711
[   45.891045][  T762] tipc: New replicast peer: 255.0.0.255
[   45.897509][  T762] tipc: Enabled bearer <udp:syz2>, priority 10
[   45.908159][   T45] usb 4-1: Can't get UAC3 power state for id 10
[   45.917325][   T45] usb 4-1: 2:0: failed to get current value for ch 0 (-71)
[   45.927512][   T45] usb 4-1: 2:0: cannot get min/max values for control 2 (id 2)
[   45.949307][   T45] usb 4-1: USB disconnect, device number 5
[   45.970591][  T427] udevd[427]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   46.032222][  T308] usb 3-1: Using ep0 maxpacket: 32
[   46.038956][  T308] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[   46.050879][  T308] usb 3-1: config 0 interface 0 has no altsetting 0
[   46.058510][  T308] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[   46.068685][  T308] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   46.079082][  T308] usb 3-1: config 0 descriptor??
[   46.892176][   T45] tipc: Node number set to 2886997007
[   47.190144][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[   47.201448][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[   47.211414][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[   47.221853][    T9] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[   47.232621][    T9] usb 2-1: USB disconnect, device number 5
[   47.390314][  T797] fuse: Invalid rootmode
[   47.395641][   T36] audit: type=1400 audit(1774549252.300:176): avc:  denied  { block_suspend } for  pid=796 comm="syz.3.151" capability=36  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   47.438768][   T36] audit: type=1400 audit(1774549252.340:177): avc:  denied  { read append } for  pid=800 comm="syz.3.152" name="snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   47.463295][   T36] audit: type=1400 audit(1774549252.340:178): avc:  denied  { open } for  pid=800 comm="syz.3.152" path="/dev/snapshot" dev="devtmpfs" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[   47.792218][  T307] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[   47.943746][  T307] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   47.955056][  T307] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   47.966751][  T307] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   47.978051][  T307] usb 4-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[   47.987694][  T307] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   48.001073][  T307] usb 4-1: config 0 descriptor??
[   48.517282][  T825] netlink: 'syz.1.161': attribute type 7 has an invalid length.
[   48.526093][  T825] netlink: 20 bytes leftover after parsing attributes in process `syz.1.161'.
[   48.620270][  T308] usbhid 3-1:0.0: can't add hid device: -71
[   48.629667][  T308] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[   48.642295][  T308] usb 3-1: USB disconnect, device number 6
[   48.726524][   T36] audit: type=1400 audit(1774549253.630:179): avc:  denied  { nlmsg_write } for  pid=828 comm="syz.2.162" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[   48.765516][   T31] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   48.793003][  T835] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   48.802846][  T835] SELinux: failed to load policy
[   48.922200][   T31] usb 2-1: Using ep0 maxpacket: 8
[   48.928442][   T31] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   48.938678][   T31] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   48.953604][   T31] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000c, bcdDevice= 0.40
[   48.963157][   T31] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   48.972186][   T31] usb 2-1: Product: syz
[   48.976628][   T31] usb 2-1: Manufacturer: syz
[   48.981434][   T31] usb 2-1: SerialNumber: syz
[   49.186216][   T36] audit: type=1326 audit(1774549254.090:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.210788][   T36] audit: type=1326 audit(1774549254.090:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.237480][   T36] audit: type=1326 audit(1774549254.090:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f26f235cfce code=0x7ffc0000
[   49.238731][  T861] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   49.262069][   T36] audit: type=1326 audit(1774549254.090:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f26f235cfce code=0x7ffc0000
[   49.274248][  T861] SELinux: failed to load policy
[   49.295858][   T36] audit: type=1326 audit(1774549254.090:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.302460][   T31] usb 2-1: MIDIStreaming interface descriptor not found
[   49.343731][   T36] audit: type=1326 audit(1774549254.090:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.353404][   T31] usb 2-1: USB disconnect, device number 6
[   49.367768][   T36] audit: type=1326 audit(1774549254.090:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.398190][   T36] audit: type=1326 audit(1774549254.090:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.421958][   T36] audit: type=1326 audit(1774549254.090:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.425318][  T770] udevd[770]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   49.445915][   T36] audit: type=1326 audit(1774549254.090:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=856 comm="syz.3.173" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f26f239c799 code=0x7ffc0000
[   49.901112][  T891] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[   49.925025][  T891] SELinux: failed to load policy
[   49.955351][  T894] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   49.964594][  T894] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   50.030933][  T898] capability: warning: `syz.1.186' uses deprecated v2 capabilities in a way that may be insecure
[   50.432916][  T912] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:146
[   50.433098][  T912] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:146
[   50.542242][   T70] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   50.694475][  T925] SELinux: failed to load policy
[   50.713512][   T70] usb 2-1: unable to get BOS descriptor or descriptor too short
[   50.722647][   T70] usb 2-1: config 1 has an invalid descriptor of length 231, skipping remainder of the config
[   50.742262][   T70] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[   50.762017][   T70] usb 2-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice= 0.40
[   50.776310][   T70] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   50.793989][   T70] usb 2-1: Product: syz
[   50.800483][   T70] usb 2-1: Manufacturer: syz
[   50.809582][   T70] usb 2-1: SerialNumber: syz
[   51.022575][   T70] usb 2-1: 0:1 : does not exist
[   51.038093][   T70] usb 2-1: BAAD GENERIC IO: no channels?
[   51.046579][   T70] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[   51.068264][   T70] usb 2-1: USB disconnect, device number 7
[   51.088177][  T425] udevd[425]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   51.587691][  T952] SELinux: failed to load policy
[   52.343424][  T991] SELinux: failed to load policy
[   52.467916][  T998] netlink: 'syz.3.215': attribute type 21 has an invalid length.
[   53.123806][  T307] usb 4-1: string descriptor 0 read error: -32
[   53.205020][ T1019] SELinux: failed to load policy
[   53.362523][ T1027] /dev/nullb0: Can't lookup blockdev
[   53.392185][    T9] usb 1-1: new low-speed USB device number 6 using dummy_hcd
[   53.591497][ T1035] FAULT_INJECTION: forcing a failure.
[   53.591497][ T1035] name failslab, interval 1, probability 0, space 0, times 0
[   53.606404][    T9] usb 1-1: device descriptor read/64, error -71
[   53.632191][ T1035] CPU: 1 UID: 0 PID: 1035 Comm: syz.3.227 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   53.632286][ T1035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   53.632300][ T1035] Call Trace:
[   53.632309][ T1035]  <TASK>
[   53.632319][ T1035]  __dump_stack+0x21/0x30
[   53.632394][ T1035]  dump_stack_lvl+0x140/0x1c0
[   53.632417][ T1035]  ? __cfi_dump_stack_lvl+0x10/0x10
[   53.632442][ T1035]  ? __cfi_avc_has_perm+0x10/0x10
[   53.632469][ T1035]  ? kasan_save_alloc_info+0x40/0x50
[   53.632499][ T1035]  dump_stack+0x19/0x20
[   53.632523][ T1035]  should_fail_ex+0x3d7/0x530
[   53.632547][ T1035]  should_failslab+0xac/0x100
[   53.632568][ T1035]  __kmalloc_cache_noprof+0x41/0x470
[   53.632593][ T1035]  ? vhost_task_create+0x12c/0x400
[   53.632615][ T1035]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   53.632638][ T1035]  vhost_task_create+0x12c/0x400
[   53.632655][ T1035]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   53.632678][ T1035]  ? __cfi_vhost_task_create+0x10/0x10
[   53.632697][ T1035]  ? __cfi_vhost_task_fn+0x10/0x10
[   53.632715][ T1035]  ? __kasan_check_write+0x18/0x20
[   53.632739][ T1035]  ? mutex_lock+0x97/0x1d0
[   53.632760][ T1035]  ? __cfi_mutex_lock+0x10/0x10
[   53.632777][ T1035]  ? kernel_text_address+0xa9/0xe0
[   53.632803][ T1035]  kvm_mmu_post_init_vm+0x161/0x300
[   53.632831][ T1035]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   53.632858][ T1035]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   53.632882][ T1035]  ? kstrtoull+0x13b/0x1e0
[   53.632903][ T1035]  ? kstrtouint+0x78/0xf0
[   53.632925][ T1035]  ? ioctl_has_perm+0x1bc/0x500
[   53.632947][ T1035]  ? __asan_memcpy+0x5a/0x80
[   53.632971][ T1035]  ? ioctl_has_perm+0x408/0x500
[   53.632994][ T1035]  ? has_cap_mac_admin+0xd0/0xd0
[   53.633016][ T1035]  ? __kasan_check_write+0x18/0x20
[   53.633041][ T1035]  ? mutex_lock_killable+0x97/0x1d0
[   53.633060][ T1035]  ? __cfi_mutex_lock_killable+0x10/0x10
[   53.633080][ T1035]  ? proc_fail_nth_write+0x184/0x220
[   53.633104][ T1035]  kvm_vcpu_ioctl+0xa48/0x1000
[   53.633128][ T1035]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   53.633151][ T1035]  ? __cfi_vfs_write+0x10/0x10
[   53.633178][ T1035]  ? __kasan_check_write+0x18/0x20
[   53.633201][ T1035]  ? mutex_unlock+0x90/0x240
[   53.633221][ T1035]  ? __cfi_mutex_unlock+0x10/0x10
[   53.633235][ T1035]  ? __fget_files+0x2c5/0x340
[   53.633252][ T1035]  ? __fget_files+0x2c5/0x340
[   53.633267][ T1035]  ? bpf_lsm_file_ioctl+0xd/0x20
[   53.633283][ T1035]  ? security_file_ioctl+0x3e/0x110
[   53.633304][ T1035]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   53.633329][ T1035]  __se_sys_ioctl+0x132/0x1b0
[   53.633356][ T1035]  __x64_sys_ioctl+0x7f/0xa0
[   53.633375][ T1035]  x64_sys_call+0x1878/0x2ee0
[   53.633403][ T1035]  do_syscall_64+0x57/0xf0
[   53.633427][ T1035]  ? clear_bhb_loop+0x50/0xa0
[   53.633455][ T1035]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   53.633482][ T1035] RIP: 0033:0x7f26f239c799
[   53.633504][ T1035] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   53.633522][ T1035] RSP: 002b:00007f26f319e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   53.633547][ T1035] RAX: ffffffffffffffda RBX: 00007f26f2615fa0 RCX: 00007f26f239c799
[   53.633563][ T1035] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   53.633576][ T1035] RBP: 00007f26f319e090 R08: 0000000000000000 R09: 0000000000000000
[   53.633588][ T1035] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   53.633602][ T1035] R13: 00007f26f2616038 R14: 00007f26f2615fa0 R15: 00007ffdbfbc56a8
[   53.633619][ T1035]  </TASK>
[   53.952181][    T9] usb 1-1: device descriptor read/64, error -71
[   54.252983][ T1048] SELinux: failed to load policy
[   54.272237][    T9] usb 1-1: new low-speed USB device number 7 using dummy_hcd
[   54.275393][   T36] kauditd_printk_skb: 20 callbacks suppressed
[   54.275413][   T36] audit: type=1400 audit(1774549259.180:210): avc:  denied  { connect } for  pid=1049 comm="syz.2.232" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[   54.343799][ T1050] loop2: detected capacity change from 0 to 7
[   54.412207][    T9] usb 1-1: device descriptor read/64, error -71
[   54.494757][   T36] audit: type=1400 audit(1774549259.400:211): avc:  denied  { getopt } for  pid=1057 comm="syz.1.234" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[   54.652210][    T9] usb 1-1: device descriptor read/64, error -71
[   54.742161][   T70] usb 2-1: new full-speed USB device number 8 using dummy_hcd
[   54.762527][    T9] usb usb1-port1: attempt power cycle
[   54.893737][   T70] usb 2-1: unable to get BOS descriptor or descriptor too short
[   54.903020][   T70] usb 2-1: not running at top speed; connect to a high speed hub
[   54.912268][   T70] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   54.924407][   T70] usb 2-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[   54.936498][   T70] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 288, setting to 64
[   54.950415][   T70] usb 2-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice= 0.40
[   54.960200][   T70] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   54.969010][   T70] usb 2-1: Product: syz
[   54.973403][   T70] usb 2-1: Manufacturer: syz
[   54.978313][   T70] usb 2-1: SerialNumber: syz
[   54.995034][ T1058] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[   55.022147][  T308] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   55.102231][    T9] usb 1-1: new low-speed USB device number 8 using dummy_hcd
[   55.123202][    T9] usb 1-1: device descriptor read/8, error -71
[   55.173302][  T308] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   55.183830][  T308] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   55.193578][  T308] usb 3-1: config 1 has no interface number 1
[   55.199791][  T308] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[   55.213695][  T308] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x6 has an invalid bInterval 0, changing to 7
[   55.228696][  T308] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   55.229345][   T70] usb 2-1: USB disconnect, device number 8
[   55.240275][  T308] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   55.261678][  T441] udevd[441]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   55.272177][  T308] usb 3-1: Product: syz
[   55.281740][  T308] usb 3-1: Manufacturer: syz
[   55.282746][    T9] usb 1-1: device descriptor read/8, error -71
[   55.286885][  T308] usb 3-1: SerialNumber: syz
[   55.303498][ T1066] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[   55.525933][  T308] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[   55.532838][    T9] usb 1-1: new low-speed USB device number 9 using dummy_hcd
[   55.534254][  T308] usb 3-1: 2:1 : no or invalid class specific endpoint descriptor
[   55.562498][  T308] usb 3-1: USB disconnect, device number 7
[   55.563721][    T9] usb 1-1: device descriptor read/8, error -71
[   55.679249][ T1079] SELinux: failed to load policy
[   55.713539][ T1081] FAULT_INJECTION: forcing a failure.
[   55.713539][ T1081] name failslab, interval 1, probability 0, space 0, times 0
[   55.726252][ T1081] CPU: 0 UID: 0 PID: 1081 Comm: syz.3.241 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   55.726276][ T1081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   55.726284][ T1081] Call Trace:
[   55.726288][ T1081]  <TASK>
[   55.726293][ T1081]  __dump_stack+0x21/0x30
[   55.726312][ T1081]  dump_stack_lvl+0x140/0x1c0
[   55.726324][ T1081]  ? __cfi_dump_stack_lvl+0x10/0x10
[   55.726338][ T1081]  dump_stack+0x19/0x20
[   55.726349][ T1081]  should_fail_ex+0x3d7/0x530
[   55.726367][ T1081]  should_failslab+0xac/0x100
[   55.726377][ T1081]  kmem_cache_alloc_node_noprof+0x45/0x420
[   55.726392][ T1081]  ? dup_task_struct+0xc1/0xd80
[   55.726404][ T1081]  ? kasan_save_alloc_info+0x40/0x50
[   55.726417][ T1081]  ? __kasan_kmalloc+0x96/0xb0
[   55.726426][ T1081]  ? __kmalloc_cache_noprof+0x23c/0x470
[   55.726439][ T1081]  dup_task_struct+0xc1/0xd80
[   55.726450][ T1081]  ? __kasan_check_write+0x18/0x20
[   55.726462][ T1081]  ? _raw_spin_lock_irq+0x93/0x120
[   55.726476][ T1081]  ? copy_process+0x32a0/0x32a0
[   55.726486][ T1081]  ? __kasan_check_write+0x18/0x20
[   55.726499][ T1081]  copy_process+0x55a/0x32a0
[   55.726511][ T1081]  ? __cfi_copy_process+0x10/0x10
[   55.726522][ T1081]  ? __kmalloc_cache_noprof+0x23c/0x470
[   55.726534][ T1081]  ? __kasan_check_write+0x18/0x20
[   55.726547][ T1081]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   55.726559][ T1081]  vhost_task_create+0x1f7/0x400
[   55.726568][ T1081]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   55.726579][ T1081]  ? __cfi_vhost_task_create+0x10/0x10
[   55.726589][ T1081]  ? __cfi_vhost_task_fn+0x10/0x10
[   55.726597][ T1081]  ? __kasan_check_write+0x18/0x20
[   55.726609][ T1081]  ? mutex_lock+0x97/0x1d0
[   55.726618][ T1081]  ? __cfi_mutex_lock+0x10/0x10
[   55.726626][ T1081]  ? kernel_text_address+0xa9/0xe0
[   55.726639][ T1081]  kvm_mmu_post_init_vm+0x161/0x300
[   55.726652][ T1081]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   55.726666][ T1081]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   55.726677][ T1081]  ? kstrtoull+0x13b/0x1e0
[   55.726689][ T1081]  ? kstrtouint+0x78/0xf0
[   55.726699][ T1081]  ? ioctl_has_perm+0x1bc/0x500
[   55.726713][ T1081]  ? __asan_memcpy+0x5a/0x80
[   55.726725][ T1081]  ? ioctl_has_perm+0x408/0x500
[   55.726735][ T1081]  ? has_cap_mac_admin+0xd0/0xd0
[   55.726746][ T1081]  ? __kasan_check_write+0x18/0x20
[   55.726758][ T1081]  ? mutex_lock_killable+0x97/0x1d0
[   55.726767][ T1081]  ? __cfi_mutex_lock_killable+0x10/0x10
[   55.726777][ T1081]  ? proc_fail_nth_write+0x184/0x220
[   55.726790][ T1081]  kvm_vcpu_ioctl+0xa48/0x1000
[   55.726805][ T1081]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   55.726818][ T1081]  ? __cfi_vfs_write+0x10/0x10
[   55.726831][ T1081]  ? __kasan_check_write+0x18/0x20
[   55.726843][ T1081]  ? mutex_unlock+0x90/0x240
[   55.726852][ T1081]  ? __cfi_mutex_unlock+0x10/0x10
[   55.726860][ T1081]  ? __fget_files+0x2c5/0x340
[   55.726870][ T1081]  ? __fget_files+0x2c5/0x340
[   55.726879][ T1081]  ? bpf_lsm_file_ioctl+0xd/0x20
[   55.726890][ T1081]  ? security_file_ioctl+0x3e/0x110
[   55.726903][ T1081]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   55.726916][ T1081]  __se_sys_ioctl+0x132/0x1b0
[   55.726927][ T1081]  __x64_sys_ioctl+0x7f/0xa0
[   55.726936][ T1081]  x64_sys_call+0x1878/0x2ee0
[   55.726949][ T1081]  do_syscall_64+0x57/0xf0
[   55.726962][ T1081]  ? clear_bhb_loop+0x50/0xa0
[   55.726976][ T1081]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   55.726990][ T1081] RIP: 0033:0x7f26f239c799
[   55.727001][ T1081] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   55.727011][ T1081] RSP: 002b:00007f26f319e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   55.727024][ T1081] RAX: ffffffffffffffda RBX: 00007f26f2615fa0 RCX: 00007f26f239c799
[   55.727032][ T1081] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   55.727039][ T1081] RBP: 00007f26f319e090 R08: 0000000000000000 R09: 0000000000000000
[   55.727046][ T1081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   55.727053][ T1081] R13: 00007f26f2616038 R14: 00007f26f2615fa0 R15: 00007ffdbfbc56a8
[   55.727062][ T1081]  </TASK>
[   55.727952][    T9] usb 1-1: device descriptor read/8, error -71
[   56.068809][   T36] audit: type=1400 audit(1774549260.970:212): avc:  denied  { create } for  pid=1087 comm="syz.2.243" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[   56.180499][    T9] usb usb1-port1: unable to enumerate USB device
[   56.872193][   T36] audit: type=1400 audit(1774549261.770:213): avc:  denied  { create } for  pid=1114 comm="syz.1.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   56.903916][ T1115] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   56.925747][   T36] audit: type=1400 audit(1774549261.770:214): avc:  denied  { setopt } for  pid=1114 comm="syz.1.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   56.955779][   T36] audit: type=1400 audit(1774549261.770:215): avc:  denied  { setopt } for  pid=1114 comm="syz.1.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   56.986339][   T36] audit: type=1400 audit(1774549261.860:216): avc:  denied  { ioctl } for  pid=1114 comm="syz.1.251" path="socket:[19098]" dev="sockfs" ino=19098 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   57.019453][   T36] audit: type=1400 audit(1774549261.860:217): avc:  denied  { bind } for  pid=1114 comm="syz.1.251" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[   57.032877][ T1121] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[   57.056784][ T1121] syz.1.252 uses obsolete (PF_INET,SOCK_PACKET)
[   57.113862][ T1123] FAULT_INJECTION: forcing a failure.
[   57.113862][ T1123] name failslab, interval 1, probability 0, space 0, times 0
[   57.126793][ T1123] CPU: 1 UID: 0 PID: 1123 Comm: syz.3.253 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   57.126823][ T1123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   57.126835][ T1123] Call Trace:
[   57.126842][ T1123]  <TASK>
[   57.126849][ T1123]  __dump_stack+0x21/0x30
[   57.126876][ T1123]  dump_stack_lvl+0x140/0x1c0
[   57.126896][ T1123]  ? __cfi_dump_stack_lvl+0x10/0x10
[   57.126918][ T1123]  dump_stack+0x19/0x20
[   57.126937][ T1123]  should_fail_ex+0x3d7/0x530
[   57.126959][ T1123]  should_failslab+0xac/0x100
[   57.126975][ T1123]  kmem_cache_alloc_noprof+0x42/0x410
[   57.127011][ T1123]  ? skb_clone+0x229/0x460
[   57.127035][ T1123]  skb_clone+0x229/0x460
[   57.127056][ T1123]  dev_queue_xmit_nit+0x1ad/0xae0
[   57.127085][ T1123]  dev_hard_start_xmit+0x187/0x760
[   57.127105][ T1123]  __dev_queue_xmit+0x1905/0x3690
[   57.127126][ T1123]  ? __dev_queue_xmit+0x267/0x3690
[   57.127146][ T1123]  ? kasan_save_track+0x4f/0x80
[   57.127172][ T1123]  ? kasan_save_alloc_info+0x40/0x50
[   57.127196][ T1123]  ? __kasan_slab_alloc+0x73/0x90
[   57.127213][ T1123]  ? kmem_cache_alloc_noprof+0x1bf/0x410
[   57.127237][ T1123]  ? skb_clone+0x229/0x460
[   57.127255][ T1123]  ? br_flood+0x4ed/0x730
[   57.127274][ T1123]  ? br_dev_xmit+0xc9e/0x11d0
[   57.127290][ T1123]  ? dev_hard_start_xmit+0x21b/0x760
[   57.127306][ T1123]  ? __dev_queue_xmit+0x1905/0x3690
[   57.127323][ T1123]  ? __cfi___dev_queue_xmit+0x10/0x10
[   57.127339][ T1123]  ? __x64_sys_sendmsg+0x1fb/0x2d0
[   57.127360][ T1123]  ? x64_sys_call+0x2a4c/0x2ee0
[   57.127385][ T1123]  ? do_syscall_64+0x57/0xf0
[   57.127408][ T1123]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   57.127437][ T1123]  br_dev_queue_push_xmit+0x55c/0x700
[   57.127458][ T1123]  ? __cfi_br_dev_queue_push_xmit+0x10/0x10
[   57.127479][ T1123]  ? __skb_clone+0x47a/0x7a0
[   57.127500][ T1123]  __br_forward+0x25c/0x390
[   57.127520][ T1123]  br_flood+0x50e/0x730
[   57.127540][ T1123]  br_dev_xmit+0xc9e/0x11d0
[   57.127559][ T1123]  ? __cfi_br_dev_xmit+0x10/0x10
[   57.127577][ T1123]  ? __cfi_packet_rcv_fanout+0x10/0x10
[   57.127603][ T1123]  ? dev_queue_xmit_nit+0x91a/0xae0
[   57.127630][ T1123]  dev_hard_start_xmit+0x21b/0x760
[   57.127653][ T1123]  __dev_queue_xmit+0x1905/0x3690
[   57.127673][ T1123]  ? __dev_queue_xmit+0x267/0x3690
[   57.127693][ T1123]  ? __kasan_check_write+0x18/0x20
[   57.127719][ T1123]  ? kasan_save_track+0x3e/0x80
[   57.127747][ T1123]  ? __cfi___dev_queue_xmit+0x10/0x10
[   57.127766][ T1123]  ? __kasan_check_write+0x18/0x20
[   57.127791][ T1123]  ? _copy_from_iter+0x218/0x1510
[   57.127818][ T1123]  ? __virt_addr_valid+0x2a6/0x380
[   57.127842][ T1123]  ? packet_parse_headers+0x7de/0xaf0
[   57.127867][ T1123]  ? packet_parse_headers+0x7ef/0xaf0
[   57.127909][ T1123]  ? __cfi_sock_alloc_send_pskb+0x10/0x10
[   57.127933][ T1123]  ? skb_setup_tx_timestamp+0x210/0x210
[   57.127958][ T1123]  packet_xmit+0x75/0x380
[   57.127982][ T1123]  packet_sendmsg+0x4485/0x5740
[   57.128014][ T1123]  ? __asan_memcpy+0x5a/0x80
[   57.128038][ T1123]  ? avc_has_perm+0x155/0x240
[   57.128069][ T1123]  ? selinux_socket_sendmsg+0x281/0x380
[   57.128100][ T1123]  ? __cfi_selinux_socket_sendmsg+0x10/0x10
[   57.128126][ T1123]  ? is_bpf_text_address+0x17b/0x1a0
[   57.128153][ T1123]  ? kernel_text_address+0xa9/0xe0
[   57.128178][ T1123]  ? __cfi_packet_sendmsg+0x10/0x10
[   57.128201][ T1123]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[   57.128225][ T1123]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[   57.128252][ T1123]  ? security_socket_sendmsg+0x3d/0x100
[   57.128270][ T1123]  ? __cfi_packet_sendmsg+0x10/0x10
[   57.128293][ T1123]  ____sys_sendmsg+0xa8f/0xae0
[   57.128317][ T1123]  ? __import_iovec+0x5ad/0x7c0
[   57.128335][ T1123]  ? __sys_sendmsg_sock+0x50/0x50
[   57.128359][ T1123]  ? import_iovec+0x80/0xb0
[   57.128378][ T1123]  ___sys_sendmsg+0x2a6/0x370
[   57.128401][ T1123]  ? __sys_sendmsg+0x2a0/0x2a0
[   57.128425][ T1123]  ? proc_fail_nth_write+0x184/0x220
[   57.128448][ T1123]  ? __cfi_proc_fail_nth_write+0x10/0x10
[   57.128479][ T1123]  __x64_sys_sendmsg+0x1fb/0x2d0
[   57.128502][ T1123]  ? fput+0x1a4/0x240
[   57.128520][ T1123]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[   57.128540][ T1123]  ? ksys_write+0x1f3/0x260
[   57.128561][ T1123]  ? __kasan_check_read+0x15/0x20
[   57.128582][ T1123]  x64_sys_call+0x2a4c/0x2ee0
[   57.128603][ T1123]  do_syscall_64+0x57/0xf0
[   57.128622][ T1123]  ? clear_bhb_loop+0x50/0xa0
[   57.128645][ T1123]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   57.128665][ T1123] RIP: 0033:0x7f26f239c799
[   57.128680][ T1123] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   57.128694][ T1123] RSP: 002b:00007f26f319e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   57.128712][ T1123] RAX: ffffffffffffffda RBX: 00007f26f2615fa0 RCX: 00007f26f239c799
[   57.128724][ T1123] RDX: 0000000000040011 RSI: 0000200000000000 RDI: 0000000000000004
[   57.128736][ T1123] RBP: 00007f26f319e090 R08: 0000000000000000 R09: 0000000000000000
[   57.128747][ T1123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   57.128757][ T1123] R13: 00007f26f2616038 R14: 00007f26f2615fa0 R15: 00007ffdbfbc56a8
[   57.128771][ T1123]  </TASK>
[   57.678267][   T36] audit: type=1400 audit(1774549261.940:218): avc:  denied  { mounton } for  pid=1120 comm="syz.1.252" path="/53/file0" dev="incremental-fs" ino=289 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[   57.846128][ T1129] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   57.865067][ T1129] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   57.873394][   T36] audit: type=1400 audit(1774549261.960:219): avc:  denied  { read } for  pid=1120 comm="syz.1.252" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[   58.003452][ T1131] FAULT_INJECTION: forcing a failure.
[   58.003452][ T1131] name failslab, interval 1, probability 0, space 0, times 0
[   58.016151][ T1131] CPU: 1 UID: 0 PID: 1131 Comm: syz.1.256 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   58.016186][ T1131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   58.016197][ T1131] Call Trace:
[   58.016205][ T1131]  <TASK>
[   58.016214][ T1131]  __dump_stack+0x21/0x30
[   58.016242][ T1131]  dump_stack_lvl+0x140/0x1c0
[   58.016257][ T1131]  ? __cfi_dump_stack_lvl+0x10/0x10
[   58.016271][ T1131]  dump_stack+0x19/0x20
[   58.016282][ T1131]  should_fail_ex+0x3d7/0x530
[   58.016295][ T1131]  should_failslab+0xac/0x100
[   58.016306][ T1131]  __kmalloc_cache_node_noprof+0x46/0x430
[   58.016321][ T1131]  ? kasan_save_track+0x4f/0x80
[   58.016335][ T1131]  ? __get_vm_area_node+0x14d/0x3d0
[   58.016347][ T1131]  ? __kasan_slab_alloc+0x73/0x90
[   58.016356][ T1131]  ? kmem_cache_alloc_node_noprof+0x1ca/0x420
[   58.016369][ T1131]  ? dup_task_struct+0xc1/0xd80
[   58.016382][ T1131]  __get_vm_area_node+0x14d/0x3d0
[   58.016393][ T1131]  __vmalloc_node_range_noprof+0x30e/0x1480
[   58.016405][ T1131]  ? copy_process+0x55a/0x32a0
[   58.016418][ T1131]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   58.016430][ T1131]  ? kasan_save_alloc_info+0x40/0x50
[   58.016442][ T1131]  ? __kasan_slab_alloc+0x73/0x90
[   58.016451][ T1131]  ? arch_dup_task_struct+0x5b/0xe0
[   58.016464][ T1131]  ? __asan_memcpy+0x5a/0x80
[   58.016476][ T1131]  dup_task_struct+0x5d6/0xd80
[   58.016487][ T1131]  ? copy_process+0x55a/0x32a0
[   58.016497][ T1131]  ? _raw_spin_lock_irq+0x93/0x120
[   58.016510][ T1131]  ? copy_process+0x32a0/0x32a0
[   58.016521][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.016533][ T1131]  copy_process+0x55a/0x32a0
[   58.016545][ T1131]  ? __cfi_copy_process+0x10/0x10
[   58.016555][ T1131]  ? __kmalloc_cache_noprof+0x23c/0x470
[   58.016568][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.016580][ T1131]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   58.016591][ T1131]  vhost_task_create+0x1f7/0x400
[   58.016601][ T1131]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   58.016612][ T1131]  ? __cfi_vhost_task_create+0x10/0x10
[   58.016622][ T1131]  ? __cfi_vhost_task_fn+0x10/0x10
[   58.016631][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.016643][ T1131]  ? mutex_lock+0x97/0x1d0
[   58.016652][ T1131]  ? __cfi_mutex_lock+0x10/0x10
[   58.016661][ T1131]  ? kernel_text_address+0xa9/0xe0
[   58.016673][ T1131]  kvm_mmu_post_init_vm+0x161/0x300
[   58.016687][ T1131]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   58.016701][ T1131]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   58.016712][ T1131]  ? kstrtoull+0x13b/0x1e0
[   58.016724][ T1131]  ? kstrtouint+0x78/0xf0
[   58.016735][ T1131]  ? ioctl_has_perm+0x1bc/0x500
[   58.016748][ T1131]  ? __asan_memcpy+0x5a/0x80
[   58.016760][ T1131]  ? ioctl_has_perm+0x408/0x500
[   58.016771][ T1131]  ? has_cap_mac_admin+0xd0/0xd0
[   58.016829][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.016841][ T1131]  ? mutex_lock_killable+0x97/0x1d0
[   58.016851][ T1131]  ? __cfi_mutex_lock_killable+0x10/0x10
[   58.016861][ T1131]  ? proc_fail_nth_write+0x184/0x220
[   58.016874][ T1131]  kvm_vcpu_ioctl+0xa48/0x1000
[   58.016889][ T1131]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   58.016902][ T1131]  ? __cfi_vfs_write+0x10/0x10
[   58.016916][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.016928][ T1131]  ? mutex_unlock+0x90/0x240
[   58.016936][ T1131]  ? __cfi_mutex_unlock+0x10/0x10
[   58.016945][ T1131]  ? __fget_files+0x2c5/0x340
[   58.016956][ T1131]  ? __fget_files+0x2c5/0x340
[   58.016965][ T1131]  ? bpf_lsm_file_ioctl+0xd/0x20
[   58.016976][ T1131]  ? security_file_ioctl+0x3e/0x110
[   58.016988][ T1131]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   58.017001][ T1131]  __se_sys_ioctl+0x132/0x1b0
[   58.017011][ T1131]  __x64_sys_ioctl+0x7f/0xa0
[   58.017023][ T1131]  x64_sys_call+0x1878/0x2ee0
[   58.017039][ T1131]  do_syscall_64+0x57/0xf0
[   58.017051][ T1131]  ? clear_bhb_loop+0x50/0xa0
[   58.017066][ T1131]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   58.017079][ T1131] RIP: 0033:0x7f713a19c799
[   58.017090][ T1131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   58.017099][ T1131] RSP: 002b:00007f7138bf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   58.017112][ T1131] RAX: ffffffffffffffda RBX: 00007f713a415fa0 RCX: 00007f713a19c799
[   58.017121][ T1131] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   58.017127][ T1131] RBP: 00007f7138bf7090 R08: 0000000000000000 R09: 0000000000000000
[   58.017134][ T1131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.017141][ T1131] R13: 00007f713a416038 R14: 00007f713a415fa0 R15: 00007fffddbaa768
[   58.017149][ T1131]  </TASK>
[   58.017219][ T1131] warn_alloc: 1 callbacks suppressed
[   58.017230][ T1131] syz.1.256: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz1,mems_allowed=0
[   58.498820][ T1131] CPU: 0 UID: 0 PID: 1131 Comm: syz.1.256 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   58.498854][ T1131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   58.498866][ T1131] Call Trace:
[   58.498872][ T1131]  <TASK>
[   58.498880][ T1131]  __dump_stack+0x21/0x30
[   58.498907][ T1131]  dump_stack_lvl+0x140/0x1c0
[   58.498925][ T1131]  ? __cfi_dump_stack_lvl+0x10/0x10
[   58.498945][ T1131]  ? _raw_spin_unlock_irqrestore+0x4a/0x70
[   58.498967][ T1131]  dump_stack+0x19/0x20
[   58.498984][ T1131]  warn_alloc+0x1e7/0x2c0
[   58.499001][ T1131]  ? __kasan_kmalloc+0x28/0xb0
[   58.499017][ T1131]  ? __cfi_warn_alloc+0x10/0x10
[   58.499034][ T1131]  ? kasan_save_track+0x4f/0x80
[   58.499054][ T1131]  ? dup_task_struct+0xc1/0xd80
[   58.499072][ T1131]  ? __get_vm_area_node+0x3bd/0x3d0
[   58.499092][ T1131]  __vmalloc_node_range_noprof+0x333/0x1480
[   58.499119][ T1131]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   58.499140][ T1131]  ? kasan_save_alloc_info+0x40/0x50
[   58.499163][ T1131]  ? __kasan_slab_alloc+0x73/0x90
[   58.499179][ T1131]  ? arch_dup_task_struct+0x5b/0xe0
[   58.499203][ T1131]  ? __asan_memcpy+0x5a/0x80
[   58.499226][ T1131]  dup_task_struct+0x5d6/0xd80
[   58.499245][ T1131]  ? copy_process+0x55a/0x32a0
[   58.499264][ T1131]  ? _raw_spin_lock_irq+0x93/0x120
[   58.499285][ T1131]  ? copy_process+0x32a0/0x32a0
[   58.499304][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.499327][ T1131]  copy_process+0x55a/0x32a0
[   58.499349][ T1131]  ? __cfi_copy_process+0x10/0x10
[   58.499369][ T1131]  ? __kmalloc_cache_noprof+0x23c/0x470
[   58.499392][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.499413][ T1131]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   58.499431][ T1131]  vhost_task_create+0x1f7/0x400
[   58.499448][ T1131]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   58.499468][ T1131]  ? __cfi_vhost_task_create+0x10/0x10
[   58.499486][ T1131]  ? __cfi_vhost_task_fn+0x10/0x10
[   58.499502][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.499524][ T1131]  ? mutex_lock+0x97/0x1d0
[   58.499541][ T1131]  ? __cfi_mutex_lock+0x10/0x10
[   58.499558][ T1131]  ? kernel_text_address+0xa9/0xe0
[   58.499581][ T1131]  kvm_mmu_post_init_vm+0x161/0x300
[   58.499605][ T1131]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   58.499629][ T1131]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   58.499651][ T1131]  ? kstrtoull+0x13b/0x1e0
[   58.499672][ T1131]  ? kstrtouint+0x78/0xf0
[   58.499692][ T1131]  ? ioctl_has_perm+0x1bc/0x500
[   58.499715][ T1131]  ? __asan_memcpy+0x5a/0x80
[   58.499737][ T1131]  ? ioctl_has_perm+0x408/0x500
[   58.499768][ T1131]  ? has_cap_mac_admin+0xd0/0xd0
[   58.499790][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.499811][ T1131]  ? mutex_lock_killable+0x97/0x1d0
[   58.499830][ T1131]  ? __cfi_mutex_lock_killable+0x10/0x10
[   58.499852][ T1131]  ? proc_fail_nth_write+0x184/0x220
[   58.499876][ T1131]  kvm_vcpu_ioctl+0xa48/0x1000
[   58.499902][ T1131]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   58.499925][ T1131]  ? __cfi_vfs_write+0x10/0x10
[   58.499947][ T1131]  ? __kasan_check_write+0x18/0x20
[   58.499969][ T1131]  ? mutex_unlock+0x90/0x240
[   58.499986][ T1131]  ? __cfi_mutex_unlock+0x10/0x10
[   58.500002][ T1131]  ? __fget_files+0x2c5/0x340
[   58.500020][ T1131]  ? __fget_files+0x2c5/0x340
[   58.500037][ T1131]  ? bpf_lsm_file_ioctl+0xd/0x20
[   58.500057][ T1131]  ? security_file_ioctl+0x3e/0x110
[   58.500078][ T1131]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   58.500102][ T1131]  __se_sys_ioctl+0x132/0x1b0
[   58.500121][ T1131]  __x64_sys_ioctl+0x7f/0xa0
[   58.500138][ T1131]  x64_sys_call+0x1878/0x2ee0
[   58.500162][ T1131]  do_syscall_64+0x57/0xf0
[   58.500186][ T1131]  ? clear_bhb_loop+0x50/0xa0
[   58.500211][ T1131]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   58.500235][ T1131] RIP: 0033:0x7f713a19c799
[   58.500252][ T1131] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   58.500268][ T1131] RSP: 002b:00007f7138bf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   58.500290][ T1131] RAX: ffffffffffffffda RBX: 00007f713a415fa0 RCX: 00007f713a19c799
[   58.500305][ T1131] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   58.500318][ T1131] RBP: 00007f7138bf7090 R08: 0000000000000000 R09: 0000000000000000
[   58.500331][ T1131] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   58.500343][ T1131] R13: 00007f713a416038 R14: 00007f713a415fa0 R15: 00007fffddbaa768
[   58.500360][ T1131]  </TASK>
[   58.500412][ T1131] Mem-Info:
[   58.944277][ T1131] active_anon:6185 inactive_anon:1 isolated_anon:0
[   58.944277][ T1131]  active_file:16438 inactive_file:2296 isolated_file:0
[   58.944277][ T1131]  unevictable:0 dirty:175 writeback:0
[   58.944277][ T1131]  slab_reclaimable:6563 slab_unreclaimable:70359
[   58.944277][ T1131]  mapped:25922 shmem:165 pagetables:856
[   58.944277][ T1131]  sec_pagetables:3 bounce:0
[   58.944277][ T1131]  kernel_misc_reclaimable:0
[   58.944277][ T1131]  free:1528373 free_pcp:4109 free_cma:0
[   58.994294][ T1131] Node 0 active_anon:24740kB inactive_anon:4kB active_file:65752kB inactive_file:9184kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:103688kB dirty:700kB writeback:0kB shmem:660kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4548kB pagetables:3424kB sec_pagetables:12kB all_unreclaimable? no
[   59.030568][ T1131] DMA32 free:2950100kB boost:0kB min:19080kB low:23848kB high:28616kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2963376kB mlocked:0kB bounce:0kB free_pcp:13276kB local_pcp:5772kB free_cma:0kB
[   59.061586][ T1131] lowmem_reserve[]: 0 3921 3921
[   59.067393][ T1131] Normal free:3164064kB boost:0kB min:25972kB low:32464kB high:38956kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24740kB inactive_anon:4kB active_file:65752kB inactive_file:9184kB unevictable:0kB writepending:700kB present:5242880kB managed:4015864kB mlocked:0kB bounce:0kB free_pcp:2992kB local_pcp:72kB free_cma:0kB
[   59.099345][ T1131] lowmem_reserve[]: 0 0 0
[   59.103965][ T1131] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (M) 717*4096kB (M) = 2950100kB
[   59.120027][ T1131] Normal: 434*4kB (UME) 727*8kB (UME) 704*16kB (UME) 413*32kB (UME) 322*64kB (UME) 34*128kB (UME) 8*256kB (UME) 4*512kB (ME) 2*1024kB (M) 4*2048kB (UM) 755*4096kB (ME) = 3163808kB
[   59.138225][ T1131] 18896 total pagecache pages
[   59.142967][ T1131] 1 pages in swap cache
[   59.147414][ T1131] Free swap  = 124472kB
[   59.151660][ T1131] Total swap = 124996kB
[   59.155980][ T1131] 2097051 pages RAM
[   59.159834][ T1131] 0 pages HighMem/MovableOnly
[   59.164888][ T1131] 352241 pages reserved
[   59.169101][ T1131] 0 pages cma reserved
[   59.175596][ T1131] Memory allocations:
[   59.179774][ T1131]          0 B        0 init/main.c:1477 func:do_initcalls
[   59.187576][ T1131]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[   59.192966][ T1157] FAULT_INJECTION: forcing a failure.
[   59.192966][ T1157] name failslab, interval 1, probability 0, space 0, times 0
[   59.196196][ T1131]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[   59.208370][ T1157] CPU: 0 UID: 0 PID: 1157 Comm: syz.2.264 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   59.208399][ T1157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   59.208411][ T1157] Call Trace:
[   59.208418][ T1157]  <TASK>
[   59.208426][ T1157]  __dump_stack+0x21/0x30
[   59.208456][ T1157]  dump_stack_lvl+0x140/0x1c0
[   59.208478][ T1157]  ? __cfi_dump_stack_lvl+0x10/0x10
[   59.208500][ T1157]  dump_stack+0x19/0x20
[   59.208521][ T1157]  should_fail_ex+0x3d7/0x530
[   59.208542][ T1157]  should_failslab+0xac/0x100
[   59.208560][ T1157]  kmem_cache_alloc_noprof+0x42/0x410
[   59.208583][ T1157]  ? skb_clone+0x229/0x460
[   59.208607][ T1157]  skb_clone+0x229/0x460
[   59.208626][ T1157]  dev_queue_xmit_nit+0x1ad/0xae0
[   59.208652][ T1157]  dev_hard_start_xmit+0x187/0x760
[   59.208672][ T1157]  __dev_queue_xmit+0x1905/0x3690
[   59.208690][ T1157]  ? __dev_queue_xmit+0x267/0x3690
[   59.208709][ T1157]  ? kasan_save_track+0x4f/0x80
[   59.208733][ T1157]  ? kasan_save_alloc_info+0x40/0x50
[   59.208753][ T1157]  ? __kasan_slab_alloc+0x73/0x90
[   59.208768][ T1157]  ? kmem_cache_alloc_noprof+0x1bf/0x410
[   59.208791][ T1157]  ? skb_clone+0x229/0x460
[   59.208810][ T1157]  ? br_flood+0x4ed/0x730
[   59.208828][ T1157]  ? br_dev_xmit+0xc9e/0x11d0
[   59.208844][ T1157]  ? dev_hard_start_xmit+0x21b/0x760
[   59.208859][ T1157]  ? __dev_queue_xmit+0x1905/0x3690
[   59.208876][ T1157]  ? __cfi___dev_queue_xmit+0x10/0x10
[   59.208894][ T1157]  ? __x64_sys_sendmsg+0x1fb/0x2d0
[   59.208923][ T1157]  ? x64_sys_call+0x2a4c/0x2ee0
[   59.208946][ T1157]  ? do_syscall_64+0x57/0xf0
[   59.208969][ T1157]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   59.208998][ T1157]  br_dev_queue_push_xmit+0x55c/0x700
[   59.209020][ T1157]  ? __cfi_br_dev_queue_push_xmit+0x10/0x10
[   59.209042][ T1157]  ? __skb_clone+0x47a/0x7a0
[   59.209062][ T1157]  __br_forward+0x25c/0x390
[   59.209082][ T1157]  br_flood+0x50e/0x730
[   59.209104][ T1157]  br_dev_xmit+0xc9e/0x11d0
[   59.209122][ T1157]  ? __cfi_br_dev_xmit+0x10/0x10
[   59.209139][ T1157]  ? __cfi_packet_rcv+0x10/0x10
[   59.209159][ T1157]  ? dev_queue_xmit_nit+0x91a/0xae0
[   59.209184][ T1157]  dev_hard_start_xmit+0x21b/0x760
[   59.209204][ T1157]  __dev_queue_xmit+0x1905/0x3690
[   59.209222][ T1157]  ? __dev_queue_xmit+0x267/0x3690
[   59.209239][ T1157]  ? __kasan_check_write+0x18/0x20
[   59.209262][ T1157]  ? kasan_save_track+0x3e/0x80
[   59.209286][ T1157]  ? __cfi___dev_queue_xmit+0x10/0x10
[   59.209304][ T1157]  ? __kasan_check_write+0x18/0x20
[   59.209325][ T1157]  ? _copy_from_iter+0x218/0x1510
[   59.209349][ T1157]  ? __virt_addr_valid+0x2a6/0x380
[   59.209368][ T1157]  ? packet_parse_headers+0x7de/0xaf0
[   59.209390][ T1157]  ? packet_parse_headers+0x7ef/0xaf0
[   59.209412][ T1157]  ? __cfi_sock_alloc_send_pskb+0x10/0x10
[   59.209435][ T1157]  ? skb_setup_tx_timestamp+0x210/0x210
[   59.209457][ T1157]  packet_xmit+0x75/0x380
[   59.209478][ T1157]  packet_sendmsg+0x4485/0x5740
[   59.209498][ T1157]  ? __asan_memcpy+0x5a/0x80
[   59.209521][ T1157]  ? avc_has_perm+0x155/0x240
[   59.209546][ T1157]  ? selinux_socket_sendmsg+0x281/0x380
[   59.209571][ T1157]  ? __cfi_selinux_socket_sendmsg+0x10/0x10
[   59.209596][ T1157]  ? is_bpf_text_address+0x17b/0x1a0
[   59.209619][ T1157]  ? kernel_text_address+0xa9/0xe0
[   59.209640][ T1157]  ? __cfi_packet_sendmsg+0x10/0x10
[   59.209660][ T1157]  ? __cfi_stack_trace_consume_entry+0x10/0x10
[   59.209679][ T1157]  ? bpf_lsm_socket_sendmsg+0xd/0x20
[   59.209704][ T1157]  ? security_socket_sendmsg+0x3d/0x100
[   59.209721][ T1157]  ? __cfi_packet_sendmsg+0x10/0x10
[   59.209741][ T1157]  ____sys_sendmsg+0xa8f/0xae0
[   59.209762][ T1157]  ? __import_iovec+0x5ad/0x7c0
[   59.209778][ T1157]  ? __sys_sendmsg_sock+0x50/0x50
[   59.209800][ T1157]  ? import_iovec+0x80/0xb0
[   59.209817][ T1157]  ___sys_sendmsg+0x2a6/0x370
[   59.209839][ T1157]  ? __sys_sendmsg+0x2a0/0x2a0
[   59.209860][ T1157]  ? proc_fail_nth_write+0x184/0x220
[   59.209881][ T1157]  ? __cfi_proc_fail_nth_write+0x10/0x10
[   59.209907][ T1157]  __x64_sys_sendmsg+0x1fb/0x2d0
[   59.209933][ T1157]  ? fput+0x1a4/0x240
[   59.209951][ T1157]  ? __cfi___x64_sys_sendmsg+0x10/0x10
[   59.209972][ T1157]  ? ksys_write+0x1f3/0x260
[   59.209996][ T1157]  ? __kasan_check_read+0x15/0x20
[   59.210018][ T1157]  x64_sys_call+0x2a4c/0x2ee0
[   59.210040][ T1157]  do_syscall_64+0x57/0xf0
[   59.210061][ T1157]  ? clear_bhb_loop+0x50/0xa0
[   59.210085][ T1157]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   59.210120][ T1157] RIP: 0033:0x7fcf3439c799
[   59.210137][ T1157] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   59.210153][ T1157] RSP: 002b:00007fcf32df7028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   59.210173][ T1157] RAX: ffffffffffffffda RBX: 00007fcf34615fa0 RCX: 00007fcf3439c799
[   59.210187][ T1157] RDX: 0000000000040011 RSI: 0000200000000000 RDI: 0000000000000004
[   59.210200][ T1157] RBP: 00007fcf32df7090 R08: 0000000000000000 R09: 0000000000000000
[   59.210211][ T1157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   59.210222][ T1157] R13: 00007fcf34616038 R14: 00007fcf34615fa0 R15: 00007ffe62974d28
[   59.210238][ T1157]  </TASK>
[   59.721010][ T1131]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[   59.729209][ T1131]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[   59.737244][ T1131]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[   59.745937][ T1131]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[   59.753936][ T1131]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[   59.763736][ T1131]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[   59.771660][ T1131]          0 B        0 init/initramfs.c:101 func:find_link
[   59.794979][ T1162] SELinux: failed to load policy
[   59.923830][   T36] kauditd_printk_skb: 7 callbacks suppressed
[   59.923850][   T36] audit: type=1326 audit(1774549264.830:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1169 comm="syz.2.270" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcf3439c799 code=0x0
[   60.002459][ T1184] FAULT_INJECTION: forcing a failure.
[   60.002459][ T1184] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   60.072179][ T1184] CPU: 0 UID: 0 PID: 1184 Comm: syz.2.274 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   60.072222][ T1184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   60.072235][ T1184] Call Trace:
[   60.072245][ T1184]  <TASK>
[   60.072256][ T1184]  __dump_stack+0x21/0x30
[   60.072287][ T1184]  dump_stack_lvl+0x140/0x1c0
[   60.072310][ T1184]  ? __cfi_dump_stack_lvl+0x10/0x10
[   60.072332][ T1184]  ? check_stack_object+0x12b/0x150
[   60.072358][ T1184]  dump_stack+0x19/0x20
[   60.072378][ T1184]  should_fail_ex+0x3d7/0x530
[   60.072402][ T1184]  should_fail+0xf/0x20
[   60.072421][ T1184]  should_fail_usercopy+0x1e/0x30
[   60.072443][ T1184]  _copy_to_user+0x24/0xa0
[   60.072468][ T1184]  simple_read_from_buffer+0xed/0x160
[   60.072490][ T1184]  proc_fail_nth_read+0x1aa/0x220
[   60.072514][ T1184]  ? __cfi_proc_fail_nth_read+0x10/0x10
[   60.072534][ T1184]  ? bpf_lsm_file_permission+0xd/0x20
[   60.072554][ T1184]  ? __cfi_proc_fail_nth_read+0x10/0x10
[   60.072574][ T1184]  vfs_read+0x289/0xcb0
[   60.072598][ T1184]  ? __cfi_vfs_read+0x10/0x10
[   60.072619][ T1184]  ? __kasan_check_write+0x18/0x20
[   60.072643][ T1184]  ? mutex_lock+0x97/0x1d0
[   60.072661][ T1184]  ? __cfi_mutex_lock+0x10/0x10
[   60.072677][ T1184]  ? __fget_files+0x2c5/0x340
[   60.072696][ T1184]  ksys_read+0x145/0x260
[   60.072718][ T1184]  ? __cfi_ksys_read+0x10/0x10
[   60.072741][ T1184]  ? __kasan_check_read+0x15/0x20
[   60.072764][ T1184]  __x64_sys_read+0x7f/0x90
[   60.072787][ T1184]  x64_sys_call+0x2638/0x2ee0
[   60.072810][ T1184]  do_syscall_64+0x57/0xf0
[   60.072842][ T1184]  ? clear_bhb_loop+0x50/0xa0
[   60.072867][ T1184]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   60.072891][ T1184] RIP: 0033:0x7fcf3435cfce
[   60.072909][ T1184] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   60.072925][ T1184] RSP: 002b:00007fcf32df6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   60.072950][ T1184] RAX: ffffffffffffffda RBX: 00007fcf32df76c0 RCX: 00007fcf3435cfce
[   60.072964][ T1184] RDX: 000000000000000f RSI: 00007fcf32df70a0 RDI: 0000000000000006
[   60.072976][ T1184] RBP: 00007fcf32df7090 R08: 0000000000000000 R09: 0000000000000000
[   60.072989][ T1184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[   60.073000][ T1184] R13: 00007fcf34616038 R14: 00007fcf34615fa0 R15: 00007ffe62974d28
[   60.073015][ T1184]  </TASK>
[   60.572163][  T308] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   60.732148][  T308] usb 3-1: Using ep0 maxpacket: 32
[   60.743080][  T308] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   60.760891][  T308] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   60.795739][  T308] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   60.813867][  T308] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[   60.825457][  T308] usb 3-1: Product: syz
[   60.829765][  T308] usb 3-1: Manufacturer: syz
[   60.830607][ T1192] SELinux: failed to load policy
[   60.859793][  T308] hub 3-1:4.0: USB hub found
[   61.063685][   T36] audit: type=1400 audit(1774549265.970:228): avc:  denied  { ioctl } for  pid=1189 comm="syz.2.276" path="/dev/rnullb0" dev="devtmpfs" ino=31 ioctlcmd=0x125f scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   61.067164][ T1190] usb usb7: usbfs: process 1190 (syz.2.276) did not claim interface 63 before use
[   61.102867][   T36] audit: type=1400 audit(1774549265.970:229): avc:  denied  { write } for  pid=1189 comm="syz.2.276" name="001" dev="devtmpfs" ino=114 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[   61.135171][   T36] audit: type=1400 audit(1774549266.030:230): avc:  denied  { create } for  pid=1189 comm="syz.2.276" name="file2" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.156147][   T36] audit: type=1400 audit(1774549266.040:231): avc:  denied  { read } for  pid=1189 comm="syz.2.276" name="file2" dev="tmpfs" ino=367 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.178857][  T308] hub 3-1:4.0: config failed, hub has too many ports! (err -19)
[   61.179183][   T36] audit: type=1400 audit(1774549266.040:232): avc:  denied  { open } for  pid=1189 comm="syz.2.276" path="/67/file2" dev="tmpfs" ino=367 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.260969][   T36] audit: type=1400 audit(1774549266.070:233): avc:  denied  { ioctl } for  pid=1189 comm="syz.2.276" path="/67/file2" dev="tmpfs" ino=367 ioctlcmd=0x4c06 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   61.872365][  T307] usb 3-1: USB disconnect, device number 8
[   62.022628][ T1225] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.037126][   T36] audit: type=1400 audit(1774549266.940:234): avc:  denied  { unlink } for  pid=290 comm="syz-executor" name="file2" dev="tmpfs" ino=367 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   62.037865][ T1225] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.098967][ T1227] SELinux: failed to load policy
[   62.112712][ T1225] netlink: 'syz.3.287': attribute type 40 has an invalid length.
[   62.472160][   T10] usb 1-1: new low-speed USB device number 10 using dummy_hcd
[   62.644572][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[   62.672819][   T36] audit: type=1400 audit(1774549267.580:235): avc:  denied  { connect } for  pid=1249 comm="syz.3.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   62.697704][ T1250] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   62.707272][ T1250] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   62.718304][   T36] audit: type=1400 audit(1774549267.600:236): avc:  denied  { setopt } for  pid=1249 comm="syz.3.296" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[   62.802144][   T10] usb 1-1: new low-speed USB device number 11 using dummy_hcd
[   62.972156][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[   62.977643][   T10] usb usb1-port1: attempt power cycle
[   63.185273][ T1256] SELinux: failed to load policy
[   63.251506][ T1264] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.260165][ T1264] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.332306][   T10] usb 1-1: new low-speed USB device number 12 using dummy_hcd
[   63.335550][ T1269] rust_binder: Write failure EINVAL in pid:212
[   63.372615][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[   63.417973][ T1266] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   63.448398][ T1266] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   63.512135][   T10] usb 1-1: new low-speed USB device number 13 using dummy_hcd
[   63.542620][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[   63.548191][   T10] usb usb1-port1: unable to enumerate USB device
[   65.212022][   T36] kauditd_printk_skb: 4 callbacks suppressed
[   65.212040][   T36] audit: type=1400 audit(1774549270.110:241): avc:  denied  { name_bind } for  pid=1298 comm="syz.1.311" src=20000 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=udp_socket permissive=1
[   65.246376][   T36] audit: type=1400 audit(1774549270.150:242): avc:  denied  { set_context_mgr } for  pid=1298 comm="syz.1.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   65.247073][ T1299] rust_binder: Failure in copy_transaction_data: BR_FAILED_REPLY { source: EINVAL }
[   65.268198][   T36] audit: type=1400 audit(1774549270.150:243): avc:  denied  { map } for  pid=1298 comm="syz.1.311" path="/dev/binderfs/binder0" dev="binder" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[   65.301908][   T36] audit: type=1400 audit(1774549270.150:244): avc:  denied  { call } for  pid=1298 comm="syz.1.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1
[   65.322180][ T1299] rust_binder: Transaction failed: BR_FAILED_REPLY { source: EINVAL } my_pid:225
[   65.330162][   T36] audit: type=1400 audit(1774549270.230:245): avc:  denied  { bind } for  pid=1298 comm="syz.1.311" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[   65.348595][ T1302] =======================================================
[   65.348595][ T1302] WARNING: The mand mount option has been deprecated and
[   65.348595][ T1302]          and is ignored by this kernel. Remove the mand
[   65.348595][ T1302]          option from the mount to silence this warning.
[   65.348595][ T1302] =======================================================
[   65.409799][   T36] audit: type=1400 audit(1774549270.300:246): avc:  denied  { mount } for  pid=1300 comm="syz.0.312" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=filesystem permissive=1
[   65.433495][   T36] audit: type=1400 audit(1774549270.300:247): avc:  denied  { mounton } for  pid=1300 comm="syz.0.312" path="/69/file0" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[   65.457798][   T36] audit: type=1400 audit(1774549270.300:248): avc:  denied  { mount } for  pid=1300 comm="syz.0.312" name="/" dev="overlay" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[   65.483721][   T36] audit: type=1400 audit(1774549270.300:249): avc:  denied  { search } for  pid=1300 comm="syz.0.312" name="/" dev="tracefs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tracefs_t tclass=dir permissive=1
[   66.058787][   T36] audit: type=1400 audit(1774549270.960:250): avc:  denied  { write } for  pid=1317 comm="syz.1.315" name="file0" dev="tmpfs" ino=393 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[   67.469976][ T1362] batadv_slave_0: entered promiscuous mode
[   67.504317][ T1360] batadv_slave_0: left promiscuous mode
[   67.766989][ T1370] process 'syz.3.331' launched './file0' with NULL argv: empty string added
[   68.205728][ T1384] SELinux:  policydb magic number 0x2c1 does not match expected magic number 0xf97cff8c
[   68.237612][ T1384] SELinux: failed to load policy
[   68.421428][ T1389] SELinux: ebitmap: empty map
[   68.439745][ T1389] SELinux: failed to load policy
[   68.873329][ T1409] FAULT_INJECTION: forcing a failure.
[   68.873329][ T1409] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[   68.902235][ T1409] CPU: 0 UID: 0 PID: 1409 Comm: syz.3.345 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   68.902283][ T1409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   68.902297][ T1409] Call Trace:
[   68.902307][ T1409]  <TASK>
[   68.902322][ T1409]  __dump_stack+0x21/0x30
[   68.902354][ T1409]  dump_stack_lvl+0x140/0x1c0
[   68.902379][ T1409]  ? __cfi_dump_stack_lvl+0x10/0x10
[   68.902405][ T1409]  dump_stack+0x19/0x20
[   68.902427][ T1409]  should_fail_ex+0x3d7/0x530
[   68.902454][ T1409]  should_fail_alloc_page+0xec/0x110
[   68.902475][ T1409]  __alloc_pages_noprof+0x1c0/0x7e0
[   68.902499][ T1409]  ? __cfi___alloc_pages_noprof+0x10/0x10
[   68.902521][ T1409]  ? kasan_save_track+0x4f/0x80
[   68.902549][ T1409]  ? kasan_save_alloc_info+0x40/0x50
[   68.902570][ T1409]  ? kmem_cache_alloc_noprof+0x1bf/0x410
[   68.902597][ T1409]  ? security_inode_alloc+0x51/0x230
[   68.902625][ T1409]  ? inode_init_always_gfp+0x756/0x9e0
[   68.902643][ T1409]  ? new_inode+0x25/0x1e0
[   68.902661][ T1409]  ? proc_pident_instantiate+0x6d/0x2c0
[   68.902682][ T1409]  ? __x64_sys_openat+0x13a/0x170
[   68.902703][ T1409]  ? x64_sys_call+0xe69/0x2ee0
[   68.902729][ T1409]  ? do_syscall_64+0x57/0xf0
[   68.902759][ T1409]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   68.902790][ T1409]  fuse_readdir+0x3258/0x4ef0
[   68.902821][ T1409]  ? avc_has_perm_noaudit+0x28a/0x360
[   68.902849][ T1409]  ? __cfi_avc_has_perm+0x10/0x10
[   68.902874][ T1409]  ? kasan_save_alloc_info+0x40/0x50
[   68.902902][ T1409]  ? __cfi_fuse_readdir+0x10/0x10
[   68.902924][ T1409]  ? selinux_file_open+0x46c/0x630
[   68.902951][ T1409]  ? __cfi_selinux_file_open+0x10/0x10
[   68.902977][ T1409]  ? is_bpf_text_address+0x17b/0x1a0
[   68.903008][ T1409]  ? _parse_integer+0x2e/0x40
[   68.903034][ T1409]  ? kstrtoull+0xc0/0x1e0
[   68.903055][ T1409]  ? kstrtouint+0x78/0xf0
[   68.903079][ T1409]  ? __kasan_check_write+0x18/0x20
[   68.903104][ T1409]  ? rwsem_read_trylock+0x274/0x5b0
[   68.903137][ T1409]  ? downgrade_write+0x460/0x460
[   68.903161][ T1409]  ? __cfi_selinux_file_permission+0x10/0x10
[   68.903184][ T1409]  ? vfs_write+0x9a4/0xf90
[   68.903208][ T1409]  ? down_read_killable+0x7f/0x100
[   68.903230][ T1409]  ? __cfi_down_read_killable+0x10/0x10
[   68.903250][ T1409]  ? mutex_lock+0x97/0x1d0
[   68.903265][ T1409]  ? __cfi_mutex_lock+0x10/0x10
[   68.903284][ T1409]  ? bpf_lsm_file_permission+0xd/0x20
[   68.903306][ T1409]  iterate_dir+0x203/0x5e0
[   68.903326][ T1409]  __se_sys_getdents+0xf6/0x250
[   68.903344][ T1409]  ? fput+0x1a4/0x240
[   68.903362][ T1409]  ? __x64_sys_getdents+0xa0/0xa0
[   68.903381][ T1409]  ? ksys_write+0x1f3/0x260
[   68.903404][ T1409]  ? __cfi_filldir+0x10/0x10
[   68.903423][ T1409]  ? __cfi_ksys_write+0x10/0x10
[   68.903447][ T1409]  ? __kasan_check_read+0x15/0x20
[   68.903473][ T1409]  __x64_sys_getdents+0x7f/0xa0
[   68.903491][ T1409]  x64_sys_call+0x26e0/0x2ee0
[   68.903517][ T1409]  do_syscall_64+0x57/0xf0
[   68.903540][ T1409]  ? clear_bhb_loop+0x50/0xa0
[   68.903566][ T1409]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   68.903591][ T1409] RIP: 0033:0x7f26f239c799
[   68.903611][ T1409] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   68.903628][ T1409] RSP: 002b:00007f26f319e028 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   68.903653][ T1409] RAX: ffffffffffffffda RBX: 00007f26f2615fa0 RCX: 00007f26f239c799
[   68.903667][ T1409] RDX: 0000000000020000 RSI: 0000200000000700 RDI: 0000000000000004
[   68.903682][ T1409] RBP: 00007f26f319e090 R08: 0000000000000000 R09: 0000000000000000
[   68.903697][ T1409] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   68.903709][ T1409] R13: 00007f26f2616038 R14: 00007f26f2615fa0 R15: 00007ffdbfbc56a8
[   68.903727][ T1409]  </TASK>
[   69.480532][ T1421] FAULT_INJECTION: forcing a failure.
[   69.480532][ T1421] name failslab, interval 1, probability 0, space 0, times 0
[   69.493210][ T1421] CPU: 0 UID: 0 PID: 1421 Comm: syz.1.349 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   69.493248][ T1421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   69.493261][ T1421] Call Trace:
[   69.493268][ T1421]  <TASK>
[   69.493276][ T1421]  __dump_stack+0x21/0x30
[   69.493305][ T1421]  dump_stack_lvl+0x140/0x1c0
[   69.493327][ T1421]  ? __cfi_dump_stack_lvl+0x10/0x10
[   69.493352][ T1421]  dump_stack+0x19/0x20
[   69.493373][ T1421]  should_fail_ex+0x3d7/0x530
[   69.493396][ T1421]  should_failslab+0xac/0x100
[   69.493415][ T1421]  kmem_cache_alloc_node_noprof+0x45/0x420
[   69.493445][ T1421]  ? dup_task_struct+0xc1/0xd80
[   69.493466][ T1421]  ? kasan_save_alloc_info+0x40/0x50
[   69.493488][ T1421]  ? __kasan_kmalloc+0x96/0xb0
[   69.493506][ T1421]  ? __kmalloc_cache_noprof+0x23c/0x470
[   69.493530][ T1421]  dup_task_struct+0xc1/0xd80
[   69.493553][ T1421]  ? __kasan_check_write+0x18/0x20
[   69.493576][ T1421]  ? _raw_spin_lock_irq+0x93/0x120
[   69.493598][ T1421]  ? copy_process+0x32a0/0x32a0
[   69.493615][ T1421]  ? __kasan_check_write+0x18/0x20
[   69.493636][ T1421]  copy_process+0x55a/0x32a0
[   69.493660][ T1421]  ? __cfi_copy_process+0x10/0x10
[   69.493680][ T1421]  ? __kmalloc_cache_noprof+0x23c/0x470
[   69.493705][ T1421]  ? __kasan_check_write+0x18/0x20
[   69.493726][ T1421]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   69.493746][ T1421]  vhost_task_create+0x1f7/0x400
[   69.493761][ T1421]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   69.493778][ T1421]  ? __cfi_vhost_task_create+0x10/0x10
[   69.493793][ T1421]  ? __cfi_vhost_task_fn+0x10/0x10
[   69.493807][ T1421]  ? __kasan_check_write+0x18/0x20
[   69.493826][ T1421]  ? mutex_lock+0x97/0x1d0
[   69.493841][ T1421]  ? __cfi_mutex_lock+0x10/0x10
[   69.493863][ T1421]  ? kernel_text_address+0xa9/0xe0
[   69.493883][ T1421]  kvm_mmu_post_init_vm+0x161/0x300
[   69.493904][ T1421]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   69.493926][ T1421]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   69.493944][ T1421]  ? kstrtoull+0x13b/0x1e0
[   69.493962][ T1421]  ? kstrtouint+0x78/0xf0
[   69.493979][ T1421]  ? ioctl_has_perm+0x1bc/0x500
[   69.494000][ T1421]  ? __asan_memcpy+0x5a/0x80
[   69.494019][ T1421]  ? ioctl_has_perm+0x408/0x500
[   69.494037][ T1421]  ? has_cap_mac_admin+0xd0/0xd0
[   69.494055][ T1421]  ? __kasan_check_write+0x18/0x20
[   69.494074][ T1421]  ? mutex_lock_killable+0x97/0x1d0
[   69.494090][ T1421]  ? __cfi_mutex_lock_killable+0x10/0x10
[   69.494105][ T1421]  ? proc_fail_nth_write+0x184/0x220
[   69.494125][ T1421]  kvm_vcpu_ioctl+0xa48/0x1000
[   69.494148][ T1421]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   69.494169][ T1421]  ? __cfi_vfs_write+0x10/0x10
[   69.494190][ T1421]  ? __kasan_check_write+0x18/0x20
[   69.494209][ T1421]  ? mutex_unlock+0x90/0x240
[   69.494224][ T1421]  ? __cfi_mutex_unlock+0x10/0x10
[   69.494238][ T1421]  ? __fget_files+0x2c5/0x340
[   69.494254][ T1421]  ? __fget_files+0x2c5/0x340
[   69.494268][ T1421]  ? bpf_lsm_file_ioctl+0xd/0x20
[   69.494285][ T1421]  ? security_file_ioctl+0x3e/0x110
[   69.494303][ T1421]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   69.494324][ T1421]  __se_sys_ioctl+0x132/0x1b0
[   69.494339][ T1421]  __x64_sys_ioctl+0x7f/0xa0
[   69.494353][ T1421]  x64_sys_call+0x1878/0x2ee0
[   69.494375][ T1421]  do_syscall_64+0x57/0xf0
[   69.494393][ T1421]  ? clear_bhb_loop+0x50/0xa0
[   69.494415][ T1421]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   69.494434][ T1421] RIP: 0033:0x7f713a19c799
[   69.494450][ T1421] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   69.494464][ T1421] RSP: 002b:00007f7138bf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   69.494482][ T1421] RAX: ffffffffffffffda RBX: 00007f713a415fa0 RCX: 00007f713a19c799
[   69.494495][ T1421] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   69.494505][ T1421] RBP: 00007f7138bf7090 R08: 0000000000000000 R09: 0000000000000000
[   69.494516][ T1421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   69.494526][ T1421] R13: 00007f713a416038 R14: 00007f713a415fa0 R15: 00007fffddbaa768
[   69.494540][ T1421]  </TASK>
[   69.975047][ T1431] loop2: detected capacity change from 0 to 7
[   70.242152][   T31] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[   70.253406][ T1440] SELinux: ebitmap: empty map
[   70.259709][ T1440] SELinux: failed to load policy
[   70.412173][   T31] usb 3-1: Using ep0 maxpacket: 32
[   70.426028][   T31] usb 3-1: config 1 has an invalid descriptor of length 142, skipping remainder of the config
[   70.438039][   T31] usb 3-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping
[   70.457809][   T31] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   70.480595][   T31] usb 3-1: New USB device found, idVendor=1430, idProduct=474b, bcdDevice= 0.40
[   70.492617][   T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   70.501295][   T31] usb 3-1: Product: syz
[   70.513311][   T31] usb 3-1: Manufacturer: syz
[   70.518004][   T31] usb 3-1: SerialNumber: syz
[   70.744735][   T36] kauditd_printk_skb: 10 callbacks suppressed
[   70.744795][   T36] audit: type=1400 audit(1774549275.650:261): avc:  denied  { accept } for  pid=1436 comm="syz.2.355" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   70.784847][   T31] usb 3-1: USB disconnect, device number 9
[   70.992360][ T1467] FAULT_INJECTION: forcing a failure.
[   70.992360][ T1467] name failslab, interval 1, probability 0, space 0, times 0
[   71.018491][ T1469] FAULT_INJECTION: forcing a failure.
[   71.018491][ T1469] name failslab, interval 1, probability 0, space 0, times 0
[   71.033943][ T1469] CPU: 0 UID: 0 PID: 1469 Comm: syz.1.364 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   71.033983][ T1469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   71.033996][ T1469] Call Trace:
[   71.034005][ T1469]  <TASK>
[   71.034013][ T1469]  __dump_stack+0x21/0x30
[   71.034047][ T1469]  dump_stack_lvl+0x140/0x1c0
[   71.034071][ T1469]  ? __cfi_dump_stack_lvl+0x10/0x10
[   71.034098][ T1469]  dump_stack+0x19/0x20
[   71.034121][ T1469]  should_fail_ex+0x3d7/0x530
[   71.034146][ T1469]  should_failslab+0xac/0x100
[   71.034166][ T1469]  __kmalloc_cache_node_noprof+0x46/0x430
[   71.034194][ T1469]  ? kasan_save_track+0x4f/0x80
[   71.034220][ T1469]  ? __get_vm_area_node+0x14d/0x3d0
[   71.034245][ T1469]  ? __kasan_slab_alloc+0x73/0x90
[   71.034262][ T1469]  ? kmem_cache_alloc_node_noprof+0x1ca/0x420
[   71.034288][ T1469]  ? dup_task_struct+0xc1/0xd80
[   71.034311][ T1469]  __get_vm_area_node+0x14d/0x3d0
[   71.034334][ T1469]  __vmalloc_node_range_noprof+0x30e/0x1480
[   71.034357][ T1469]  ? copy_process+0x55a/0x32a0
[   71.034383][ T1469]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   71.034406][ T1469]  ? kasan_save_alloc_info+0x40/0x50
[   71.034430][ T1469]  ? __kasan_slab_alloc+0x73/0x90
[   71.034448][ T1469]  ? arch_dup_task_struct+0x5b/0xe0
[   71.034474][ T1469]  ? __asan_memcpy+0x5a/0x80
[   71.034498][ T1469]  dup_task_struct+0x5d6/0xd80
[   71.034519][ T1469]  ? copy_process+0x55a/0x32a0
[   71.034540][ T1469]  ? _raw_spin_lock_irq+0x93/0x120
[   71.034566][ T1469]  ? copy_process+0x32a0/0x32a0
[   71.034586][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.034612][ T1469]  copy_process+0x55a/0x32a0
[   71.034636][ T1469]  ? __cfi_copy_process+0x10/0x10
[   71.034657][ T1469]  ? __kmalloc_cache_noprof+0x23c/0x470
[   71.034683][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.034717][ T1469]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   71.034738][ T1469]  vhost_task_create+0x1f7/0x400
[   71.034758][ T1469]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   71.034780][ T1469]  ? __cfi_vhost_task_create+0x10/0x10
[   71.034800][ T1469]  ? __cfi_vhost_task_fn+0x10/0x10
[   71.034817][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.034840][ T1469]  ? mutex_lock+0x97/0x1d0
[   71.034859][ T1469]  ? __cfi_mutex_lock+0x10/0x10
[   71.034876][ T1469]  ? kernel_text_address+0xa9/0xe0
[   71.034901][ T1469]  kvm_mmu_post_init_vm+0x161/0x300
[   71.034925][ T1469]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   71.034947][ T1469]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   71.034970][ T1469]  ? kstrtoull+0x13b/0x1e0
[   71.034992][ T1469]  ? kstrtouint+0x78/0xf0
[   71.035013][ T1469]  ? ioctl_has_perm+0x1bc/0x500
[   71.035037][ T1469]  ? __asan_memcpy+0x5a/0x80
[   71.035062][ T1469]  ? ioctl_has_perm+0x408/0x500
[   71.035083][ T1469]  ? has_cap_mac_admin+0xd0/0xd0
[   71.035106][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.035130][ T1469]  ? mutex_lock_killable+0x97/0x1d0
[   71.035150][ T1469]  ? __cfi_mutex_lock_killable+0x10/0x10
[   71.035168][ T1469]  ? proc_fail_nth_write+0x184/0x220
[   71.035194][ T1469]  kvm_vcpu_ioctl+0xa48/0x1000
[   71.035222][ T1469]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   71.035250][ T1469]  ? __cfi_vfs_write+0x10/0x10
[   71.035276][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.035299][ T1469]  ? mutex_unlock+0x90/0x240
[   71.035316][ T1469]  ? __cfi_mutex_unlock+0x10/0x10
[   71.035335][ T1469]  ? __fget_files+0x2c5/0x340
[   71.035353][ T1469]  ? __fget_files+0x2c5/0x340
[   71.035373][ T1469]  ? bpf_lsm_file_ioctl+0xd/0x20
[   71.035394][ T1469]  ? security_file_ioctl+0x3e/0x110
[   71.035416][ T1469]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   71.035441][ T1469]  __se_sys_ioctl+0x132/0x1b0
[   71.035461][ T1469]  __x64_sys_ioctl+0x7f/0xa0
[   71.035478][ T1469]  x64_sys_call+0x1878/0x2ee0
[   71.035504][ T1469]  do_syscall_64+0x57/0xf0
[   71.035528][ T1469]  ? clear_bhb_loop+0x50/0xa0
[   71.035555][ T1469]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   71.035577][ T1469] RIP: 0033:0x7f713a19c799
[   71.035593][ T1469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   71.035607][ T1469] RSP: 002b:00007f7138bf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.035626][ T1469] RAX: ffffffffffffffda RBX: 00007f713a415fa0 RCX: 00007f713a19c799
[   71.035639][ T1469] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   71.035650][ T1469] RBP: 00007f7138bf7090 R08: 0000000000000000 R09: 0000000000000000
[   71.035660][ T1469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.035669][ T1469] R13: 00007f713a416038 R14: 00007f713a415fa0 R15: 00007fffddbaa768
[   71.035683][ T1469]  </TASK>
[   71.035692][ T1469] syz.1.364: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[   71.072157][ T1467] CPU: 1 UID: 0 PID: 1467 Comm: syz.0.363 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   71.072195][ T1467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   71.072207][ T1467] Call Trace:
[   71.072217][ T1467]  <TASK>
[   71.072227][ T1467]  __dump_stack+0x21/0x30
[   71.072257][ T1467]  dump_stack_lvl+0x140/0x1c0
[   71.072279][ T1467]  ? __cfi_dump_stack_lvl+0x10/0x10
[   71.072302][ T1467]  ? gfp_to_alloc_flags_cma+0x1c0/0x1c0
[   71.072326][ T1467]  ? _raw_spin_trylock+0xb5/0x140
[   71.072349][ T1467]  ? __cfi__raw_spin_trylock+0x10/0x10
[   71.072371][ T1467]  dump_stack+0x19/0x20
[   71.072391][ T1467]  should_fail_ex+0x3d7/0x530
[   71.072414][ T1467]  should_failslab+0xac/0x100
[   71.072431][ T1467]  kmem_cache_alloc_noprof+0x42/0x410
[   71.072454][ T1467]  ? fuse_request_alloc+0x43/0x1f0
[   71.072480][ T1467]  fuse_request_alloc+0x43/0x1f0
[   71.072504][ T1467]  ? fuse_get_req+0x440/0xaf0
[   71.072527][ T1467]  fuse_get_req+0x459/0xaf0
[   71.072551][ T1467]  ? fuse_request_alloc+0x1f0/0x1f0
[   71.072575][ T1467]  ? unwind_get_return_address+0x51/0x90
[   71.072596][ T1467]  ? __alloc_pages_noprof+0x7e0/0x7e0
[   71.072615][ T1467]  ? static_key_count+0x45/0x70
[   71.072633][ T1467]  __fuse_simple_request+0x293/0x1b10
[   71.072659][ T1467]  ? __cfi___fuse_simple_request+0x10/0x10
[   71.072684][ T1467]  ? __alloc_pages_noprof+0x35f/0x7e0
[   71.072704][ T1467]  ? __kasan_check_write+0x18/0x20
[   71.072725][ T1467]  ? mutex_lock+0x97/0x1d0
[   71.072741][ T1467]  ? __cfi_mutex_lock+0x10/0x10
[   71.072756][ T1467]  ? new_inode+0x25/0x1e0
[   71.072775][ T1467]  ? proc_pident_instantiate+0x6d/0x2c0
[   71.072793][ T1467]  ? __x64_sys_openat+0x13a/0x170
[   71.072812][ T1467]  ? x64_sys_call+0xe69/0x2ee0
[   71.072834][ T1467]  ? do_syscall_64+0x57/0xf0
[   71.072856][ T1467]  ? entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   71.072884][ T1467]  fuse_readdir+0x3615/0x4ef0
[   71.072909][ T1467]  ? avc_has_perm_noaudit+0x28a/0x360
[   71.072934][ T1467]  ? __cfi_avc_has_perm+0x10/0x10
[   71.072955][ T1467]  ? kasan_save_alloc_info+0x40/0x50
[   71.072977][ T1467]  ? __cfi_fuse_readdir+0x10/0x10
[   71.073004][ T1467]  ? selinux_file_open+0x46c/0x630
[   71.073026][ T1467]  ? __cfi_selinux_file_open+0x10/0x10
[   71.073050][ T1467]  ? is_bpf_text_address+0x17b/0x1a0
[   71.073076][ T1467]  ? _parse_integer+0x2e/0x40
[   71.073095][ T1467]  ? kstrtoull+0xc0/0x1e0
[   71.073113][ T1467]  ? kstrtouint+0x78/0xf0
[   71.073134][ T1467]  ? __kasan_check_write+0x18/0x20
[   71.073156][ T1467]  ? rwsem_read_trylock+0x274/0x5b0
[   71.073181][ T1467]  ? downgrade_write+0x460/0x460
[   71.073202][ T1467]  ? __cfi_selinux_file_permission+0x10/0x10
[   71.073223][ T1467]  ? vfs_write+0x9a4/0xf90
[   71.073244][ T1467]  ? down_read_killable+0x7f/0x100
[   71.073262][ T1467]  ? __cfi_down_read_killable+0x10/0x10
[   71.073281][ T1467]  ? mutex_lock+0x97/0x1d0
[   71.073296][ T1467]  ? __cfi_mutex_lock+0x10/0x10
[   71.073312][ T1467]  ? bpf_lsm_file_permission+0xd/0x20
[   71.073330][ T1467]  iterate_dir+0x203/0x5e0
[   71.073344][ T1467]  __se_sys_getdents+0xf6/0x250
[   71.073359][ T1467]  ? fput+0x1a4/0x240
[   71.073375][ T1467]  ? __x64_sys_getdents+0xa0/0xa0
[   71.073390][ T1467]  ? ksys_write+0x1f3/0x260
[   71.073410][ T1467]  ? __cfi_filldir+0x10/0x10
[   71.073428][ T1467]  ? __cfi_ksys_write+0x10/0x10
[   71.073451][ T1467]  ? __kasan_check_read+0x15/0x20
[   71.073473][ T1467]  __x64_sys_getdents+0x7f/0xa0
[   71.073490][ T1467]  x64_sys_call+0x26e0/0x2ee0
[   71.073513][ T1467]  do_syscall_64+0x57/0xf0
[   71.073534][ T1467]  ? clear_bhb_loop+0x50/0xa0
[   71.073556][ T1467]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   71.073578][ T1467] RIP: 0033:0x7f2d74f9c799
[   71.073594][ T1467] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   71.073609][ T1467] RSP: 002b:00007f2d75d9f028 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   71.073630][ T1467] RAX: ffffffffffffffda RBX: 00007f2d75216090 RCX: 00007f2d74f9c799
[   71.073643][ T1467] RDX: 0000000000020000 RSI: 0000200000000700 RDI: 0000000000000004
[   71.073655][ T1467] RBP: 00007f2d75d9f090 R08: 0000000000000000 R09: 0000000000000000
[   71.073667][ T1467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.073677][ T1467] R13: 00007f2d75216128 R14: 00007f2d75216090 R15: 00007ffde1b79798
[   71.073693][ T1467]  </TASK>
[   71.552144][   T31] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[   71.553126][ T1469] ,cpuset=
[   71.713250][   T31] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   71.714195][ T1469] syz1
[   71.724940][   T31] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   71.729987][ T1469] ,mems_allowed=0
[   71.737871][   T31] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   71.983317][ T1469] 
[   71.985665][ T1469] CPU: 1 UID: 0 PID: 1469 Comm: syz.1.364 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   71.985695][ T1469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   71.985708][ T1469] Call Trace:
[   71.985715][ T1469]  <TASK>
[   71.985726][ T1469]  __dump_stack+0x21/0x30
[   71.985759][ T1469]  dump_stack_lvl+0x140/0x1c0
[   71.985782][ T1469]  ? __cfi_dump_stack_lvl+0x10/0x10
[   71.985808][ T1469]  dump_stack+0x19/0x20
[   71.985829][ T1469]  warn_alloc+0x1e7/0x2c0
[   71.985852][ T1469]  ? __kasan_kmalloc+0x28/0xb0
[   71.985871][ T1469]  ? __cfi_warn_alloc+0x10/0x10
[   71.985891][ T1469]  ? kasan_save_track+0x4f/0x80
[   71.985918][ T1469]  ? dup_task_struct+0xc1/0xd80
[   71.985939][ T1469]  ? __get_vm_area_node+0x3bd/0x3d0
[   71.985969][ T1469]  __vmalloc_node_range_noprof+0x333/0x1480
[   71.985996][ T1469]  ? __cfi___vmalloc_node_range_noprof+0x10/0x10
[   71.986019][ T1469]  ? kasan_save_alloc_info+0x40/0x50
[   71.986043][ T1469]  ? __kasan_slab_alloc+0x73/0x90
[   71.986062][ T1469]  ? arch_dup_task_struct+0x5b/0xe0
[   71.986087][ T1469]  ? __asan_memcpy+0x5a/0x80
[   71.986111][ T1469]  dup_task_struct+0x5d6/0xd80
[   71.986132][ T1469]  ? copy_process+0x55a/0x32a0
[   71.986152][ T1469]  ? _raw_spin_lock_irq+0x93/0x120
[   71.986179][ T1469]  ? copy_process+0x32a0/0x32a0
[   71.986199][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.986225][ T1469]  copy_process+0x55a/0x32a0
[   71.986248][ T1469]  ? __cfi_copy_process+0x10/0x10
[   71.986269][ T1469]  ? __kmalloc_cache_noprof+0x23c/0x470
[   71.986295][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.986319][ T1469]  ? __cfi_kvm_nx_huge_page_recovery_worker+0x10/0x10
[   71.986340][ T1469]  vhost_task_create+0x1f7/0x400
[   71.986358][ T1469]  ? __cfi_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[   71.986380][ T1469]  ? __cfi_vhost_task_create+0x10/0x10
[   71.986399][ T1469]  ? __cfi_vhost_task_fn+0x10/0x10
[   71.986417][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.986439][ T1469]  ? mutex_lock+0x97/0x1d0
[   71.986455][ T1469]  ? __cfi_mutex_lock+0x10/0x10
[   71.986473][ T1469]  ? kernel_text_address+0xa9/0xe0
[   71.986497][ T1469]  kvm_mmu_post_init_vm+0x161/0x300
[   71.986523][ T1469]  kvm_arch_vcpu_ioctl_run+0xf3/0x1bd0
[   71.986547][ T1469]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   71.986571][ T1469]  ? kstrtoull+0x13b/0x1e0
[   71.986615][ T1469]  ? kstrtouint+0x78/0xf0
[   71.986635][ T1469]  ? ioctl_has_perm+0x1bc/0x500
[   71.986661][ T1469]  ? __asan_memcpy+0x5a/0x80
[   71.986735][ T1469]  ? ioctl_has_perm+0x408/0x500
[   71.986759][ T1469]  ? has_cap_mac_admin+0xd0/0xd0
[   71.986780][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.986804][ T1469]  ? mutex_lock_killable+0x97/0x1d0
[   71.986823][ T1469]  ? __cfi_mutex_lock_killable+0x10/0x10
[   71.986843][ T1469]  ? proc_fail_nth_write+0x184/0x220
[   71.986867][ T1469]  kvm_vcpu_ioctl+0xa48/0x1000
[   71.986896][ T1469]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   71.986921][ T1469]  ? __cfi_vfs_write+0x10/0x10
[   71.986955][ T1469]  ? __kasan_check_write+0x18/0x20
[   71.986978][ T1469]  ? mutex_unlock+0x90/0x240
[   71.986996][ T1469]  ? __cfi_mutex_unlock+0x10/0x10
[   71.987013][ T1469]  ? __fget_files+0x2c5/0x340
[   71.987034][ T1469]  ? __fget_files+0x2c5/0x340
[   71.987052][ T1469]  ? bpf_lsm_file_ioctl+0xd/0x20
[   71.987074][ T1469]  ? security_file_ioctl+0x3e/0x110
[   71.987096][ T1469]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   71.987122][ T1469]  __se_sys_ioctl+0x132/0x1b0
[   71.987141][ T1469]  __x64_sys_ioctl+0x7f/0xa0
[   71.987158][ T1469]  x64_sys_call+0x1878/0x2ee0
[   71.987185][ T1469]  do_syscall_64+0x57/0xf0
[   71.987216][ T1469]  ? clear_bhb_loop+0x50/0xa0
[   71.987243][ T1469]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   71.987268][ T1469] RIP: 0033:0x7f713a19c799
[   71.987289][ T1469] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   71.987307][ T1469] RSP: 002b:00007f7138bf7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   71.987330][ T1469] RAX: ffffffffffffffda RBX: 00007f713a415fa0 RCX: 00007f713a19c799
[   71.987345][ T1469] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 000000000000000c
[   71.987359][ T1469] RBP: 00007f7138bf7090 R08: 0000000000000000 R09: 0000000000000000
[   71.987371][ T1469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   71.987383][ T1469] R13: 00007f713a416038 R14: 00007f713a415fa0 R15: 00007fffddbaa768
[   71.987401][ T1469]  </TASK>
[   71.987410][ T1469] Mem-Info:
[   72.426301][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   72.436639][   T31] hub 3-1:4.0: USB hub found
[   72.441914][ T1469] active_anon:6171 inactive_anon:1 isolated_anon:0
[   72.441914][ T1469]  active_file:16784 inactive_file:2300 isolated_file:0
[   72.441914][ T1469]  unevictable:0 dirty:810 writeback:0
[   72.441914][ T1469]  slab_reclaimable:6491 slab_unreclaimable:70356
[   72.441914][ T1469]  mapped:25245 shmem:164 pagetables:873
[   72.441914][ T1469]  sec_pagetables:6 bounce:0
[   72.441914][ T1469]  kernel_misc_reclaimable:0
[   72.441914][ T1469]  free:1528124 free_pcp:4143 free_cma:0
[   72.487762][ T1469] Node 0 active_anon:24760kB inactive_anon:4kB active_file:67136kB inactive_file:9200kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:100996kB dirty:3240kB writeback:0kB shmem:664kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:4448kB pagetables:3524kB sec_pagetables:0kB all_unreclaimable? no
[   72.520615][ T1469] DMA32 free:2950100kB boost:0kB min:19080kB low:23848kB high:28616kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3145324kB managed:2963376kB mlocked:0kB bounce:0kB free_pcp:13276kB local_pcp:5772kB free_cma:0kB
[   72.568882][ T1469] lowmem_reserve[]: 0 3921 3921
[   72.574536][ T1469] Normal free:3163044kB boost:0kB min:25972kB low:32464kB high:38956kB reserved_highatomic:0KB free_highatomic:0KB active_anon:24660kB inactive_anon:4kB active_file:67136kB inactive_file:9200kB unevictable:0kB writepending:3240kB present:5242880kB managed:4015864kB mlocked:0kB bounce:0kB free_pcp:3776kB local_pcp:2608kB free_cma:0kB
[   72.606974][ T1469] lowmem_reserve[]: 0 0 0
[   72.611546][ T1469] DMA32: 3*4kB (M) 1*8kB (M) 2*16kB (M) 3*32kB (M) 3*64kB (M) 3*128kB (M) 3*256kB (M) 3*512kB (M) 4*1024kB (UM) 3*2048kB (M) 717*4096kB (M) = 2950100kB
[   72.631520][ T1469] Normal: 2*4kB (UE) 386*8kB (U) 606*16kB (UME) 447*32kB (UME) 351*64kB (UME) 42*128kB (UME) 12*256kB (UME) 5*512kB (ME) 3*1024kB (ME) 5*2048kB (UME) 754*4096kB (M) = 3162264kB
[   72.655368][   T31] hub 3-1:4.0: 4 ports detected
[   72.660338][   T31] usb 3-1: selecting invalid altsetting 1
[   72.666412][   T31] hub 3-1:4.0: Using single TT (err -22)
[   72.673170][   T31] hub 3-1:4.0: insufficient power available to use all downstream ports
[   72.682579][ T1469] 19247 total pagecache pages
[   72.696254][ T1469] 1 pages in swap cache
[   72.700462][ T1469] Free swap  = 124448kB
[   72.704732][ T1469] Total swap = 124996kB
[   72.709079][ T1469] 2097051 pages RAM
[   72.712993][ T1469] 0 pages HighMem/MovableOnly
[   72.717990][ T1469] 352241 pages reserved
[   72.722470][ T1469] 0 pages cma reserved
[   72.737364][ T1469] Memory allocations:
[   72.741415][ T1469]          0 B        0 init/main.c:1477 func:do_initcalls
[   72.748857][ T1469]          0 B        0 init/do_mounts.c:186 func:mount_root_generic
[   72.757167][ T1469]          0 B        0 init/do_mounts.c:158 func:do_mount_root
[   72.765384][ T1469]          0 B        0 init/do_mounts.c:352 func:mount_nodev_root
[   72.782618][ T1469]          0 B        0 init/do_mounts_rd.c:241 func:rd_load_image
[   72.790686][ T1469]          0 B        0 init/do_mounts_rd.c:72 func:identify_ramdisk_image
[   72.799514][ T1469]          0 B        0 init/initramfs.c:507 func:unpack_to_rootfs
[   72.816647][ T1469]          0 B        0 init/initramfs.c:508 func:unpack_to_rootfs
[   72.824848][ T1469]          0 B        0 init/initramfs.c:509 func:unpack_to_rootfs
[   72.833072][ T1469]          0 B        0 init/initramfs.c:101 func:find_link
[   73.082122][   T31] usb 3-1: USB disconnect, device number 10
[   73.162152][  T307] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   73.343248][  T307] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.372196][  T307] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.382000][  T307] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   73.400083][  T307] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   73.409354][  T307] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   73.427803][  T307] usb 2-1: config 0 descriptor??
[   73.578471][ T1494] SELinux: ebitmap: empty map
[   73.584835][ T1494] SELinux: failed to load policy
[   73.727509][ T1503] Invalid logical block size (68)
[   73.831193][   T36] audit: type=1400 audit(1774549278.730:262): avc:  denied  { read } for  pid=1507 comm="syz.3.377" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[   73.859890][  T307] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving
[   73.919940][  T307] plantronics 0003:047F:FFFF.0003: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   73.932479][ T1506] FAULT_INJECTION: forcing a failure.
[   73.932479][ T1506] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   73.956537][ T1506] CPU: 0 UID: 0 PID: 1506 Comm: syz.2.376 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   73.956572][ T1506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   73.956584][ T1506] Call Trace:
[   73.956591][ T1506]  <TASK>
[   73.956599][ T1506]  __dump_stack+0x21/0x30
[   73.956629][ T1506]  dump_stack_lvl+0x140/0x1c0
[   73.956651][ T1506]  ? __cfi_dump_stack_lvl+0x10/0x10
[   73.956674][ T1506]  ? check_stack_object+0x12b/0x150
[   73.956701][ T1506]  dump_stack+0x19/0x20
[   73.956721][ T1506]  should_fail_ex+0x3d7/0x530
[   73.956744][ T1506]  should_fail+0xf/0x20
[   73.956771][ T1506]  should_fail_usercopy+0x1e/0x30
[   73.956793][ T1506]  _copy_to_user+0x24/0xa0
[   73.956818][ T1506]  simple_read_from_buffer+0xed/0x160
[   73.956840][ T1506]  proc_fail_nth_read+0x1aa/0x220
[   73.956862][ T1506]  ? __cfi_proc_fail_nth_read+0x10/0x10
[   73.956882][ T1506]  ? rwsem_read_trylock+0x274/0x5b0
[   73.956909][ T1506]  ? bpf_lsm_file_permission+0xd/0x20
[   73.956929][ T1506]  ? __cfi_proc_fail_nth_read+0x10/0x10
[   73.956950][ T1506]  vfs_read+0x289/0xcb0
[   73.956972][ T1506]  ? __cfi_atime_needs_update+0x10/0x10
[   73.956995][ T1506]  ? __cfi_vfs_read+0x10/0x10
[   73.957016][ T1506]  ? __kasan_check_write+0x18/0x20
[   73.957041][ T1506]  ? mutex_lock+0x97/0x1d0
[   73.957060][ T1506]  ? __cfi_mutex_lock+0x10/0x10
[   73.957077][ T1506]  ? __fget_files+0x2c5/0x340
[   73.957096][ T1506]  ksys_read+0x145/0x260
[   73.957117][ T1506]  ? xfd_validate_state+0x68/0x140
[   73.957140][ T1506]  ? __cfi_ksys_read+0x10/0x10
[   73.957163][ T1506]  ? __kasan_check_write+0x18/0x20
[   73.957186][ T1506]  ? fpregs_restore_userregs+0x11c/0x260
[   73.957206][ T1506]  __x64_sys_read+0x7f/0x90
[   73.957229][ T1506]  x64_sys_call+0x2638/0x2ee0
[   73.957254][ T1506]  do_syscall_64+0x57/0xf0
[   73.957276][ T1506]  ? clear_bhb_loop+0x50/0xa0
[   73.957303][ T1506]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   73.957325][ T1506] RIP: 0033:0x7fcf3435cfce
[   73.957343][ T1506] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[   73.957359][ T1506] RSP: 002b:00007fcf32df6fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   73.957381][ T1506] RAX: ffffffffffffffda RBX: 00007fcf32df76c0 RCX: 00007fcf3435cfce
[   73.957396][ T1506] RDX: 000000000000000f RSI: 00007fcf32df70a0 RDI: 0000000000000005
[   73.957408][ T1506] RBP: 00007fcf32df7090 R08: 0000000000000000 R09: 0000000000000000
[   73.957419][ T1506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   73.957430][ T1506] R13: 00007fcf34616038 R14: 00007fcf34615fa0 R15: 00007ffe62974d28
[   73.957446][ T1506]  </TASK>
[   74.356392][ T1530] SELinux:  policydb magic number 0x6c65732f does not match expected magic number 0xf97cff8c
[   74.375537][ T1530] SELinux: failed to load policy
[   74.415103][ T1531] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   74.521787][ T1531] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   74.632882][ T1531] SELinux:  policydb magic number 0x76007039 does not match expected magic number 0xf97cff8c
[   74.643220][ T1531] SELinux: failed to load policy
[   75.212290][    C1] plantronics 0003:047F:FFFF.0003: usb_submit_urb(ctrl) failed: -1
[   75.402764][   T36] audit: type=1326 audit(1774549280.310:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1543 comm="syz.0.388" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2d74f9c799 code=0x0
[   75.455348][ T1547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.388'.
[   75.832057][ T1553] netlink: 44 bytes leftover after parsing attributes in process `syz.1.391'.
[   75.841124][   T31] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[   75.849371][ T1553] netlink: 43 bytes leftover after parsing attributes in process `syz.1.391'.
[   75.858605][ T1553] netlink: 'syz.1.391': attribute type 5 has an invalid length.
[   75.866789][ T1553] netlink: 43 bytes leftover after parsing attributes in process `syz.1.391'.
[   75.982675][   T70] usb 2-1: USB disconnect, device number 9
[   76.002762][   T31] usb 3-1: Using ep0 maxpacket: 8
[   76.009188][   T31] usb 3-1: unable to get BOS descriptor or descriptor too short
[   76.025885][   T31] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 53, changing to 7
[   76.045381][   T31] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   76.054777][   T31] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.066187][   T31] usb 3-1: Product: syz
[   76.075182][   T31] usb 3-1: Manufacturer: syz
[   76.087081][   T31] usb 3-1: SerialNumber: syz
[   76.370528][   T36] audit: type=1400 audit(1774549281.270:264): avc:  denied  { mount } for  pid=1562 comm="syz.0.394" name="/" dev="configfs" ino=2459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1
[   76.418950][   T36] audit: type=1400 audit(1774549281.300:265): avc:  denied  { search } for  pid=1562 comm="syz.0.394" name="/" dev="configfs" ino=2459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   76.470086][   T36] audit: type=1400 audit(1774549281.300:266): avc:  denied  { read } for  pid=1562 comm="syz.0.394" name="/" dev="configfs" ino=2459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   76.539698][   T36] audit: type=1400 audit(1774549281.300:267): avc:  denied  { open } for  pid=1562 comm="syz.0.394" path="/" dev="configfs" ino=2459 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1
[   78.056637][ T1586] SELinux: ebitmap: empty map
[   78.063114][ T1586] SELinux: failed to load policy
[   78.237150][   T31] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[   78.257909][   T31] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[   78.279771][   T31] usb 3-1: USB disconnect, device number 11
[   78.281136][   T36] audit: type=1400 audit(1774549283.180:268): avc:  denied  { mount } for  pid=1599 comm="syz.1.404" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   78.312874][ T1600] TCP: TCP_TX_DELAY enabled
[   78.340977][  T425] udevd[425]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   78.403085][   T36] audit: type=1400 audit(1774549283.300:269): avc:  denied  { unmount } for  pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1
[   78.872837][ T1621] SELinux: ebitmap: empty map
[   78.883512][ T1621] SELinux: failed to load policy
[   79.047274][ T1634] netlink: 'syz.1.416': attribute type 27 has an invalid length.
[   79.071552][ T1634] bridge0: port 2(bridge_slave_1) entered disabled state
[   79.079220][ T1634] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.407066][ T1658] netlink: 204 bytes leftover after parsing attributes in process `syz.1.425'.
[   79.532241][   T70] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[   79.616660][   T36] audit: type=1400 audit(1774549284.520:270): avc:  denied  { unlink } for  pid=1665 comm="syz.3.428" name="#1" dev="tmpfs" ino=598 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[   79.642631][ T1666] SELinux:  Context system_u:object_r:zero_device_t:s0 is not valid (left unmapped).
[   79.649754][ T1667] capability: warning: `syz.1.427' uses 32-bit capabilities (legacy support in use)
[   79.652892][   T36] audit: type=1400 audit(1774549284.560:271): avc:  denied  { relabelto } for  pid=1665 comm="syz.3.428" name="kvm" dev="devtmpfs" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 trawcon="system_u:object_r:zero_device_t:s0"
[   79.663550][ T1667] SELinux:  policydb magic number 0x19980330 does not match expected magic number 0xf97cff8c
[   79.698865][ T1667] SELinux: failed to load policy
[   79.714549][   T36] audit: type=1400 audit(1774549284.560:272): avc:  denied  { associate } for  pid=1665 comm="syz.3.428" name="kvm" dev="devtmpfs" ino=13 scontext=system_u:object_r:unlabeled_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 srawcon="system_u:object_r:zero_device_t:s0"
[   79.742329][   T36] audit: type=1400 audit(1774549284.610:273): avc:  denied  { append } for  pid=1665 comm="syz.3.428" name="rnullb0" dev="devtmpfs" ino=31 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[   79.766263][   T70] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   79.776112][   T70] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[   79.785955][   T70] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   79.807203][   T70] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   79.816627][   T70] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.824812][   T70] usb 1-1: Product: syz
[   79.831976][   T70] usb 1-1: Manufacturer: syz
[   79.841185][   T70] usb 1-1: SerialNumber: syz
[   79.856416][   T70] hub 1-1:1.0: bad descriptor, ignoring hub
[   79.872338][   T70] hub 1-1:1.0: probe with driver hub failed with error -5
[   80.057345][   T70] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 14 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[   80.342288][  T387] usb 1-1: USB disconnect, device number 14
[   80.349492][  T387] usblp0: removed
[   81.110634][ T1740] netlink: 4 bytes leftover after parsing attributes in process `syz.2.454'.
[   81.693475][  T308] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[   81.812158][   T31] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[   81.876534][  T308] usb 3-1: Using ep0 maxpacket: 8
[   81.899520][  T308] usb 3-1: config 1 interface 0 has no altsetting 0
[   81.927741][  T308] usb 3-1: string descriptor 0 read error: -22
[   81.946668][  T308] usb 3-1: New USB device found, idVendor=0b43, idProduct=0003, bcdDevice= 0.40
[   81.970843][  T308] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.986023][   T31] usb 1-1: unable to get BOS descriptor or descriptor too short
[   82.007463][   T31] usb 1-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[   82.026951][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.058972][   T31] usb 1-1: Product: syz
[   82.071753][   T31] usb 1-1: Manufacturer: syz
[   82.089514][   T31] usb 1-1: SerialNumber: syz
[   82.256684][ T1780] netlink: 'syz.3.466': attribute type 29 has an invalid length.
[   82.334773][ T1781] netlink: 64 bytes leftover after parsing attributes in process `syz.3.466'.
[   82.423519][   T36] kauditd_printk_skb: 14 callbacks suppressed
[   82.423538][   T36] audit: type=1400 audit(1774549287.330:288): avc:  denied  { ioctl } for  pid=1782 comm="syz.1.467" path="socket:[30584]" dev="sockfs" ino=30584 ioctlcmd=0x6e80 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[   82.504824][   T31] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[   82.514888][  T308] smartjoyplus 0003:0B43:0003.0004: invalid report_size -1149171161
[   82.524899][  T308] smartjoyplus 0003:0B43:0003.0004: item 0 4 1 7 parsing failed
[   82.536322][   T31] usb 1-1: USB disconnect, device number 15
[   82.555889][  T441] udevd[441]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[   82.558502][  T308] smartjoyplus 0003:0B43:0003.0004: parse failed
[   82.580464][  T308] smartjoyplus 0003:0B43:0003.0004: probe with driver smartjoyplus failed with error -22
[   82.720431][   T70] usb 3-1: USB disconnect, device number 12
[   82.866303][  T415] bridge_slave_1: left allmulticast mode
[   82.872433][  T415] bridge_slave_1: left promiscuous mode
[   82.878156][  T415] bridge0: port 2(bridge_slave_1) entered disabled state
[   82.886669][  T415] bridge_slave_0: left allmulticast mode
[   82.892522][  T415] bridge_slave_0: left promiscuous mode
[   82.898425][  T415] bridge0: port 1(bridge_slave_0) entered disabled state
[   82.915142][   T70] usb 4-1: USB disconnect, device number 6
[   83.074177][  T415] tipc: Disabling bearer <udp:syz2>
[   83.084332][  T415] tipc: Left network mode
[   83.092357][  T415] veth1_macvtap: left promiscuous mode
[   83.108567][  T415] veth0_vlan: left promiscuous mode
[   83.115454][   T36] audit: type=1400 audit(1774549288.020:289): avc:  denied  { mounton } for  pid=1801 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1
[   83.268463][ T1801] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.283691][ T1801] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.300668][ T1801] bridge_slave_0: entered allmulticast mode
[   83.307858][ T1801] bridge_slave_0: entered promiscuous mode
[   83.315404][ T1801] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.322825][ T1801] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.330146][ T1801] bridge_slave_1: entered allmulticast mode
[   83.336973][ T1801] bridge_slave_1: entered promiscuous mode
[   83.366270][   T36] audit: type=1400 audit(1774549288.270:290): avc:  denied  { getopt } for  pid=1809 comm="syz.0.477" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[   83.409096][   T36] audit: type=1400 audit(1774549288.270:291): avc:  denied  { audit_control } for  pid=1809 comm="syz.0.477" capability=30  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   83.470544][ T1801] bridge0: port 2(bridge_slave_1) entered blocking state
[   83.477677][ T1801] bridge0: port 2(bridge_slave_1) entered forwarding state
[   83.485043][ T1801] bridge0: port 1(bridge_slave_0) entered blocking state
[   83.492136][ T1801] bridge0: port 1(bridge_slave_0) entered forwarding state
[   83.562344][  T308] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[   83.589340][ T1801] veth0_vlan: entered promiscuous mode
[   83.592205][ T1817] netlink: 4 bytes leftover after parsing attributes in process `syz.0.480'.
[   83.602817][ T1801] veth1_macvtap: entered promiscuous mode
[   83.629256][   T36] audit: type=1400 audit(1774549288.530:292): avc:  denied  { mounton } for  pid=1801 comm="syz-executor" path="/root/syzkaller.fPtyct/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[   83.705051][ T1822] FAULT_INJECTION: forcing a failure.
[   83.705051][ T1822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   83.719081][ T1822] CPU: 1 UID: 0 PID: 1822 Comm: syz.4.474 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   83.719110][ T1822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   83.719123][ T1822] Call Trace:
[   83.719129][ T1822]  <TASK>
[   83.719136][ T1822]  __dump_stack+0x21/0x30
[   83.719166][ T1822]  dump_stack_lvl+0x140/0x1c0
[   83.719187][ T1822]  ? __cfi_dump_stack_lvl+0x10/0x10
[   83.719210][ T1822]  ? __kasan_check_read+0x15/0x20
[   83.719235][ T1822]  dump_stack+0x19/0x20
[   83.719256][ T1822]  should_fail_ex+0x3d7/0x530
[   83.719280][ T1822]  should_fail+0xf/0x20
[   83.719299][ T1822]  should_fail_usercopy+0x1e/0x30
[   83.719321][ T1822]  __kvm_read_guest_page+0x177/0x210
[   83.719340][ T1822]  kvm_vcpu_read_guest_page+0x31a/0x400
[   83.719359][ T1822]  kvm_fetch_guest_virt+0x146/0x190
[   83.719385][ T1822]  ? __cfi_kvm_fetch_guest_virt+0x10/0x10
[   83.719409][ T1822]  __do_insn_fetch_bytes+0x341/0x760
[   83.719428][ T1822]  ? x86_decode_insn+0x5180/0x5180
[   83.719454][ T1822]  ? __kasan_check_write+0x18/0x20
[   83.719476][ T1822]  ? handle_changed_spte+0x70a/0x12c0
[   83.719499][ T1822]  x86_decode_insn+0x333/0x5180
[   83.719526][ T1822]  ? kvm_tdp_mmu_map+0x7c3/0x11f0
[   83.719547][ T1822]  ? __cfi_x86_decode_insn+0x10/0x10
[   83.719572][ T1822]  ? __kasan_check_write+0x18/0x20
[   83.719594][ T1822]  ? vmx_read_guest_seg_ar+0x1c8/0x350
[   83.719614][ T1822]  ? __asan_memset+0x39/0x50
[   83.719636][ T1822]  ? init_decode_cache+0x7c/0x90
[   83.719653][ T1822]  ? init_emulate_ctxt+0x421/0x560
[   83.719673][ T1822]  ? kvm_inject_realmode_interrupt+0x2e0/0x2e0
[   83.719694][ T1822]  x86_decode_emulated_instruction+0x66/0x180
[   83.719714][ T1822]  x86_emulate_instruction+0x2d9/0x1a30
[   83.719734][ T1822]  ? kvm_mmu_do_page_fault+0x4f3/0x660
[   83.719756][ T1822]  handle_ud+0x199/0x330
[   83.719773][ T1822]  ? __cfi_handle_ud+0x10/0x10
[   83.719798][ T1822]  ? unwind_get_return_address+0x51/0x90
[   83.719820][ T1822]  ? __cfi_rcu_note_context_switch+0x10/0x10
[   83.719843][ T1822]  ? clear_bhb_loop+0x50/0xa0
[   83.719869][ T1822]  ? clear_bhb_loop+0x50/0xa0
[   83.719891][ T1822]  ? clear_bhb_loop+0x50/0xa0
[   83.719914][ T1822]  ? clear_bhb_loop+0x50/0xa0
[   83.719936][ T1822]  ? clear_bhb_loop+0x12/0xa0
[   83.719960][ T1822]  handle_exception_nmi+0x194/0xe60
[   83.719979][ T1822]  ? __cfi_handle_exception_nmi+0x10/0x10
[   83.719996][ T1822]  vmx_handle_exit+0x12c0/0x1b10
[   83.720019][ T1822]  ? kvm_deliver_exception_payload+0xd7/0x200
[   83.720040][ T1822]  ? __cfi_vmx_vcpu_run+0x10/0x10
[   83.720072][ T1822]  ? vmx_handle_exit_irqoff+0x401/0x780
[   83.720096][ T1822]  vcpu_run+0x49f7/0x7840
[   83.720128][ T1822]  ? signal_pending+0xc0/0xc0
[   83.720149][ T1822]  ? __kasan_check_write+0x18/0x20
[   83.720171][ T1822]  ? xfd_validate_state+0x68/0x140
[   83.720194][ T1822]  ? fpu_swap_kvm_fpstate+0x92/0x5e0
[   83.720213][ T1822]  ? __kasan_check_write+0x18/0x20
[   83.720235][ T1822]  ? fpregs_mark_activate+0x68/0x160
[   83.720255][ T1822]  ? fpu_swap_kvm_fpstate+0x44c/0x5e0
[   83.720273][ T1822]  ? fpu_swap_kvm_fpstate+0x92/0x5e0
[   83.720293][ T1822]  kvm_arch_vcpu_ioctl_run+0x1167/0x1bd0
[   83.720317][ T1822]  ? __cfi_kvm_arch_vcpu_ioctl_run+0x10/0x10
[   83.720339][ T1822]  ? kstrtoull+0x13b/0x1e0
[   83.720359][ T1822]  ? kstrtouint+0x78/0xf0
[   83.720378][ T1822]  ? ioctl_has_perm+0x1bc/0x500
[   83.720401][ T1822]  ? __asan_memcpy+0x5a/0x80
[   83.720423][ T1822]  ? ioctl_has_perm+0x408/0x500
[   83.720444][ T1822]  ? has_cap_mac_admin+0xd0/0xd0
[   83.720466][ T1822]  ? __kasan_check_write+0x18/0x20
[   83.720488][ T1822]  ? mutex_lock_killable+0x97/0x1d0
[   83.720508][ T1822]  ? __cfi_mutex_lock_killable+0x10/0x10
[   83.720526][ T1822]  ? proc_fail_nth_write+0x184/0x220
[   83.720548][ T1822]  ? __cfi_proc_fail_nth_write+0x10/0x10
[   83.720569][ T1822]  kvm_vcpu_ioctl+0xa48/0x1000
[   83.720594][ T1822]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   83.720618][ T1822]  ? __cfi_vfs_write+0x10/0x10
[   83.720642][ T1822]  ? __kasan_check_write+0x18/0x20
[   83.720664][ T1822]  ? mutex_unlock+0x90/0x240
[   83.720681][ T1822]  ? __cfi_mutex_unlock+0x10/0x10
[   83.720697][ T1822]  ? __fget_files+0x2c5/0x340
[   83.720716][ T1822]  ? __fget_files+0x2c5/0x340
[   83.720733][ T1822]  ? bpf_lsm_file_ioctl+0xd/0x20
[   83.720751][ T1822]  ? security_file_ioctl+0x3e/0x110
[   83.720772][ T1822]  ? __cfi_kvm_vcpu_ioctl+0x10/0x10
[   83.720798][ T1822]  __se_sys_ioctl+0x132/0x1b0
[   83.720815][ T1822]  __x64_sys_ioctl+0x7f/0xa0
[   83.720831][ T1822]  x64_sys_call+0x1878/0x2ee0
[   83.720853][ T1822]  do_syscall_64+0x57/0xf0
[   83.720873][ T1822]  ? clear_bhb_loop+0x50/0xa0
[   83.720893][ T1822]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   83.720912][ T1822] RIP: 0033:0x7f8c6e39c799
[   83.720926][ T1822] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   83.720941][ T1822] RSP: 002b:00007f8c6f204028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[   83.720961][ T1822] RAX: ffffffffffffffda RBX: 00007f8c6e615fa0 RCX: 00007f8c6e39c799
[   83.720974][ T1822] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[   83.720984][ T1822] RBP: 00007f8c6f204090 R08: 0000000000000000 R09: 0000000000000000
[   83.720994][ T1822] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.721004][ T1822] R13: 00007f8c6e616038 R14: 00007f8c6e615fa0 R15: 00007ffe0b747e18
[   83.721017][ T1822]  </TASK>
[   83.734367][ T1823] ------------[ cut here ]------------
[   83.772710][  T308] usb 3-1: Using ep0 maxpacket: 32
[   83.774071][ T1823] WARNING: CPU: 0 PID: 1823 at mm/page_alloc.c:5268 __alloc_pages_noprof+0x109/0x7e0
[   83.780116][  T308] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   83.783053][ T1823] Modules linked in:
[   83.783089][ T1823] CPU: 0 UID: 0 PID: 1823 Comm: syz.0.481 Not tainted syzkaller #0 e5e4876e63e0994bd4350cd5f958f668e2098f7e
[   83.788580][  T308] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[   83.793637][ T1823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   83.800964][  T308] usb 3-1: New USB device found, idVendor=2a39, idProduct=3f8c, bcdDevice= 0.40
[   83.804713][ T1823] RIP: 0010:__alloc_pages_noprof+0x109/0x7e0
[   83.804896][ T1823] Code: 00 0f 1f 44 00 00 83 fb 0b 72 28 b8 00 20 00 00 23 44 24 40 75 1d 80 3d 0a 7f 0b 06 00 0f 85 c2 00 00 00 c6 05 fd 7e 0b 06 01 <0f> 0b 31 c0 e9 b4 00 00 00 83 fb 0a 0f 87 a9 00 00 00 44 8b 64 24
[   83.804913][ T1823] RSP: 0018:ffffc9000120f560 EFLAGS: 00010246
[   83.812111][  T308] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.816241][ T1823] RAX: 0000000000000000 RBX: 0000000000000015 RCX: 0000000000000000
[   83.823756][  T308] usb 3-1: Product: syz
[   83.826566][ T1823] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffc9000120f618
[   84.290760][  T308] usb 3-1: Manufacturer: syz
[   84.297843][ T1823] RBP: ffffc9000120f6a0 R08: ffffc9000120f617 R09: 0000000000000000
[   84.297872][ T1823] R10: ffffc9000120f600 R11: fffff52000241ec3 R12: ffffc9000120f5a0
[   84.297885][ T1823] R13: dffffc0000000000 R14: 1ffff92000241eb0 R15: 0000000000000000
[   84.297899][ T1823] FS:  00007f2d75dc06c0(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000
[   84.297917][ T1823] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.297928][ T1823] CR2: 0000200000005000 CR3: 000000012150c000 CR4: 00000000003526b0
[   84.297947][ T1823] Call Trace:
[   84.309639][  T308] usb 3-1: SerialNumber: syz
[   84.317560][ T1823]  <TASK>
[   84.451098][ T1823]  ? vfs_write+0x3c5/0xf90
[   84.455619][ T1823]  ? ksys_write+0x145/0x260
[   84.460232][ T1823]  ? x64_sys_call+0x271c/0x2ee0
[   84.465270][ T1823]  ? __cfi___alloc_pages_noprof+0x10/0x10
[   84.471013][ T1823]  ? hashtab_init+0xdb/0x1f0
[   84.475665][ T1823]  ___kmalloc_large_node+0x81/0x210
[   84.480894][ T1823]  ? hashtab_init+0xdb/0x1f0
[   84.485570][ T1823]  __kmalloc_large_node_noprof+0x1e/0xd0
[   84.491318][ T1823]  ? hashtab_init+0xdb/0x1f0
[   84.495990][ T1823]  __kmalloc_noprof+0x326/0x500
[   84.500860][ T1823]  ? kasan_save_alloc_info+0x40/0x50
[   84.506221][ T1823]  hashtab_init+0xdb/0x1f0
[   84.510661][ T1823]  ? common_read+0x175/0x490
[   84.515352][ T1823]  symtab_init+0x44/0x70
[   84.519735][ T1823]  common_read+0x1e6/0x490
[   84.524434][ T1823]  ? hashtab_init+0xdb/0x1f0
[   84.529308][ T1823]  ? __cfi_common_read+0x10/0x10
[   84.534513][ T1823]  ? hashtab_init+0x105/0x1f0
[   84.539233][ T1823]  policydb_read+0xab8/0x28b0
[   84.543025][  T308] usb 3-1: USB disconnect, device number 13
[   84.544111][ T1823]  ? __kasan_kmalloc+0x96/0xb0
[   84.554787][ T1823]  ? __cfi_policydb_read+0x10/0x10
[   84.560027][ T1823]  ? security_load_policy+0x130/0x12d0
[   84.565667][ T1823]  security_load_policy+0x16a/0x12d0
[   84.571116][ T1823]  ? irqentry_exit+0x4a/0x60
[   84.575766][ T1823]  ? asm_exc_page_fault+0x2b/0x30
[   84.580809][ T1823]  ? __cfi_security_load_policy+0x10/0x10
[   84.586585][ T1823]  ? rep_movs_alternative+0x4a/0xa0
[   84.591885][ T1823]  sel_write_load+0x2a7/0x5f0
[   84.596651][ T1823]  ? __cfi_futex_wake+0x10/0x10
[   84.601701][ T1823]  ? handle_mm_fault+0x171c/0x1bf0
[   84.606917][ T1823]  ? __cfi_sel_write_load+0x10/0x10
[   84.612300][ T1823]  ? bpf_lsm_file_permission+0xd/0x20
[   84.618738][ T1823]  ? __cfi_sel_write_load+0x10/0x10
[   84.624019][ T1823]  vfs_write+0x3c5/0xf90
[   84.628288][ T1823]  ? __cfi_vfs_write+0x10/0x10
[   84.633395][ T1823]  ? __kasan_check_write+0x18/0x20
[   84.638541][ T1823]  ? mutex_lock+0x97/0x1d0
[   84.643019][ T1823]  ? __cfi_mutex_lock+0x10/0x10
[   84.647966][ T1823]  ? __fget_files+0x2c5/0x340
[   84.652695][ T1823]  ksys_write+0x145/0x260
[   84.657148][ T1823]  ? xfd_validate_state+0x68/0x140
[   84.662337][ T1823]  ? __cfi_ksys_write+0x10/0x10
[   84.667210][ T1823]  ? __kasan_check_write+0x18/0x20
[   84.672668][ T1823]  ? fpregs_restore_userregs+0x11c/0x260
[   84.678705][ T1823]  __x64_sys_write+0x7f/0x90
[   84.683749][ T1823]  x64_sys_call+0x271c/0x2ee0
[   84.688572][ T1823]  do_syscall_64+0x57/0xf0
[   84.693154][ T1823]  ? clear_bhb_loop+0x50/0xa0
[   84.698045][ T1823]  entry_SYSCALL_64_after_hwframe+0x76/0x7e
[   84.704285][ T1823] RIP: 0033:0x7f2d74f9c799
[   84.708811][ T1823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   84.728655][ T1823] RSP: 002b:00007f2d75dc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   84.737144][ T1823] RAX: ffffffffffffffda RBX: 00007f2d75215fa0 RCX: 00007f2d74f9c799
[   84.745169][ T1823] RDX: 0000000000006000 RSI: 0000200000000000 RDI: 0000000000000003
[   84.753238][ T1823] RBP: 00007f2d75032c99 R08: 0000000000000000 R09: 0000000000000000
[   84.761229][ T1823] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   84.769589][ T1823] R13: 00007f2d75216038 R14: 00007f2d75215fa0 R15: 00007ffde1b79798
[   84.777651][ T1823]  </TASK>
[   84.780668][ T1823] ---[ end trace 0000000000000000 ]---
[   84.786599][ T1823] SELinux: failed to load policy