last executing test programs:

7m6.899261659s ago: executing program 2 (id=163):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r1, 0xc01064ac, &(0x7f0000000280)={0x1, 0x0, 0x0})
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmsg(r0, &(0x7f00000031c0)={0x0, 0x0, 0x0}, 0x2000)
recvmmsg(r0, &(0x7f0000003200)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f0000000580)=""/237, 0xed}, {&(0x7f0000000500)=""/74, 0x4a}, {&(0x7f0000000780)=""/230, 0xe6}, {&(0x7f00000006c0)=""/137, 0x89}, {&(0x7f0000001840)=""/4097, 0x1001}], 0x5}, 0x70000}, {{0x0, 0x0, 0x0}, 0xfffffffd}, {{0x0, 0x0, 0x0}, 0xfffffff7}], 0x3, 0x40, 0x0)
r2 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000240)={0x0, <r3=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000880)={{{@in=@remote, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in=@local}, 0x0, @in=@multicast2}}, &(0x7f0000000440)=0xe8)
r5 = memfd_create(&(0x7f0000002180)='\t^\x1ax1\xc7\xbe\xa1\xc6F\xfa\x9cq\xb8w&\xdfP\xba\xdf%\x7f\xb7\xac\x952\x8d\xa0\x15\xbc\xf4nS\x11X\x95\xc0~srQ\xeaS\x88\xad\xd1Js\\\xb2\xc5\xed\xe8\x7f\xdc(\x01\xcey\xc7\x15?\n\xad\xe7Z\x9e\xe1K\xfd\xc95f@O}\\\xdd\xca!;\xf38\'D9\xcb\xda\xa1\xc1\v\xb9\xad\xb7}l\xbe\x95p\xd4)\x18x\x17\xab7\x06\x9f\xe3X\v\xf2\xcc\x05\xb4( m\xde\x0f\xf3\xf8\x1b\vW\x00\x90\x01\xfe\x1e<\xabL-3\xe6\x81V\x8d3\x1b\xe4}\xe3\x7f\x06\xce\xe1D\x94&\xac\x88\x95\xff\xda\x14d\xcbx\x93x\x95\xab\xcb@\x8d\xa0\xe4I\xff\x87\x90\xd9\x89O\x98\x90\x86\xff\xcc\xc1\xf5\r\xea\x19c\xba\xa9\"d$\x01h\x0f&/B\xa5\x18%\xc7\x7f\x81X)s\xc8\xc7ex#\xb0\xe4\x1b\xce\x0f\xear,\x8ch=:F$\xe6\x87\xf0AF\xd5\x84c\xd5\xd5(\xb3\xac\x9b\x80\x81y\xf1\a\x0f\x00\x00\x00\x00\xff\xff\xff\xff\xb8~\xaa-', 0xb)
fchmod(r5, 0x1c0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, <r6=>0x0}, &(0x7f00000004c0)=0xc)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000680)={0xb, 0xc, {}, {<r7=>0xffffffffffffffff}, 0x1000, 0x6})
getgroups(0x5, &(0x7f0000000a00)=[0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xee01, 0x0, 0xee00])
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff})
fstat(r9, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
setreuid(0x0, r10)
timerfd_create(0x0, 0x0)
r11 = geteuid()
stat(&(0x7f0000000c40)='./file0\x00', &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000e80)={{0x1, 0x1, 0x18, <r13=>r0, {<r14=>0xffffffffffffffff}}, './file0\x00'})
r15 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r15, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r16=>0x0}, &(0x7f0000cab000)=0xc)
setreuid(0x0, r16)
r17 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r13, &(0x7f0000001240)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r17, 0x117, 0x5, 0x0, 0xf)
r18 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r18, 0x84, 0xc, 0x0, 0x0)
syz_fuse_handle_req(r2, &(0x7f00000032c0)="43dffd8221e6b9e6d84f6e6dbc780f5b01adab6e25ab96dd03e18af09ac07cd3f15d1e039cadd8a6705b21adc529227c44f09ef56fd6949faedf8cb90a83be0a0044ae08f5e4630ff53fd11ed900ac325a09a18e2250afce438919165b29c05abef38f5e16f90cbdd8d9f131a83ad988ca0ef39db70ee3c2879b3f13ca2829c48198b2e84f2cf63fb3c300fbb0f2daf91f8839b5cd59cb581d8b9281782644f77d065333c7f3ea628bde91c8ca13084faf1bcc989ca91e1bd87940b1965637ad5c51296f3d50366ce72b686ec3d1c22b844aac198c048f5dc1fcc19348440c89efce410e5ba85c565a3b27f33d7e720d0d5c77fc1b4b0017b333f7b0043d4a89c2a36ad27872fcb822eec3a37a73beed26c6025e25fed7a8bafd162d40301f2bb8fbd424f8c9ddd97eceae120d93f469221c41413e08def27577835f1325de6c68febabccdd1c6f6477f64cecfed11329649b9a4bfd1112c4469e752e410752c379f7dbe5513c3de9f573b628c02d37e0c6f647503478c9696927a40f3d2d72fe1f4765b817ced4e3b13a042aea77f69346120d0131294344f04a2bd8634b8044e9f9aadee2ce0b90213fafecbee3e0c02850d9745c2947d3eaee26f0a2726ead2284a79a4d72a1fb373c59c66028a8b88b8e3da13e134711f249ba0078d2b399cd188b8ffc3f976e52ef44fb3a4b1c861431c78d71c4d44e685210e6fab8b9dda939a915baee194978e1d08a547f05551cb65e94a693d960dec2f892ab96a59c7d7a29e992a0c4b18eca63bd125fb5a3acd127a8366193bc074a537438ff367926efaf71be5bf57909a2943c685f82906f7f427c2296794ac1e3515ca5b51551294ccda8a78b7e97bb3d6a4caf46b76dae20ea26aecf1c6bf2a47d62309d5c5dc2a730122dcedfcf2b8404069154e1b1f7fe9e531151b9c2ec7cdaac56cb280ade26915b57621897320227cbe3266130def2dbcfe9efb23421c2a56288c49fdff91e32390517f6d572fe08baae3aff1f8c5c501888799b2bbf2868fc58fc70b233ba033060a21e8351f204c92e1874bc1d5865612ca1b160177af6c75f89b2eceb476e36cc17fd923774deb2178fb3ab8a62c373b79c9b90dd83fb35edcf54ca77a3aa23a81d625c1765af35bece4eea374f12ea32988ce47da80ef7fddaeeb287cdb6d22e0bd7477e767e3b5b59d00c3096b16421cfd738b884a2d80100ebbcc70c96d9abee28a836fc1af898848781b14f2f1d9612071e792e017d5ea202472af07066c48c56f946d3d55691872f7e11e6bb10901ce6374761753654882b719da3bb6b7f80b621b93969c98d79f48c9678629e6c6a366f35b72078c335f9eb38bae83d0c27c9b7a7e7fb658fc0b556d6307e76b1de816ffd270d35d811391e66f20477d76d6d4c55b35343744f8fb6d430cb3469b3e70ecd7dda6804be6d6ea5b837582f3831e2afc767b5bb4049db4dc4bbba5013ebd8805e758124862cd630220d00e66997c2cd375a5b6e8687e048b554e846ff2f54a5d176281872680c02c2df0f19c9f6dfc3b29349330a50f2e44f5b28a7024a3f998f5d68f405277945e9bc6c423b09502a891f07571666086325a14d6d755f076b3f9eb68f4e2104fbdb38c1be6ac395e8dceb23cd0445af184298b6d858486e33aa580e45d7f0466db158797c8595ffd9dbaded95e7188ae0d01fee01f8db88050a960f8e92cb1dc954210a19db01f19c9003dfbf7aa3980c12d196fc1883bc5c154a2c02dc1e780e0642ac3591adbce3f12dae9ac9d3210d055525d9812059c9206faa1e9c4a6ded759c1296824b2910f539cd9e75ef3c6181882137d16c63b54529e07a5b2032f98ffdc0d246e96ed6891923cc23a5b922904a957a718556fb3623b357df48bb9a4be5b59a55727156aa9a94308d2e756478240bb0db3a1e4aca89e2c2f5f74c4a52861730a4a471a4783174f8a7b0b1ec095d7408dddbe6d415cefcd6bbd0ddac1d59496adfd1667d1a654d84de3858540ec56b5a4b4f414df7d4d8febbc6cd7cdf24b6b2afafb6d4b1d5b36815e430ed1f258a3943ce4e748cb3aeee8193ef9787b9bbdc3a91127420033e8406148c6cf871c72c20f97b1fae0d5271b1c1ce887c8996135311da90216beba3225a205eb926d2b92bc8f51e59378226b63b60c4c870c4b68fb2d98322f9ed240318e0e64003f87cdce170e0416dfcf3985117e749be84490199144ba0bab9a12fa1f66367f6bf9f53b6d685d3bee134f5320cbb270821f2e7cdeb1a4e799802e7961cfc55805f7981643fff2112af529dfbd43dabd05333f2bde9e5a27045330cd13501060ce62b2c7d24d029f9660b157de0e3e90a33dd90a0991e3e712d835e9c198300f590388a247747e3327dbfecea3b2b231ddf35511b0303d13107e35fbebb1cd807dbc8fcef3936322ad9c88f8f2a1aa98b67b54293e8d793841ab55489f70548c527312b320c4212e6927ca51b106795ba3021efc6e247fac1da66b760ea11112361fe6bb15584f83fb1b3a378b7e1b73293685f1ba2c0bc36cd694f411c40d4b672bd8217c7e42922788fff20d245175a1dd38ece8e10f4112d7797205d3ac8d0ba9cdcbde53995ccbd85cfa7a00cb6042c414d009ad7b38259ab08164f02005cd1b31331871b79f898344d557392887826d1b4ba753528eeb11531da5d55b5cd0834a056732f1f92fa90533fcab50ec6ef3d149b43ade94dc589a0dea0712e8e84b562f7abcf41e1d90cdc1a366578c69fe5ab0b7b21d287730aee625ea35f3eceba6f7f55dd8dc3f40ddaabf90da2ef48706d7e93a177a7137179416b23781d84459129780ea6805ac6963236046e823ff70291af16a7507b70a50d6f1f2d01047b612104da2cd3c0863d84edb945d7e6119e1296076aab97c797d455d707316bd736ad902f846b254f0d2ee893fa9082bd5e949be7f757a68ea48b8ddac6de764edcf9ee2c2e4692ef4965a8d9b46ef40daeb75e16a5716fefdfe006692388cd480a322ef40f45b91fd678eb1772d5036165fcb4aa15671c9b4d3e4bc39680f4f3c335aab69325e2497659c197143a0619cdb4a213e9c9342a3259a332bbbe6632e3eb11276cda82bacbbd89d78940716c735e01ea48d9e4b092f9069be5d8301149eafaac4481da10f6b2affa83a272b1684954f84dc306f0df1fbcff0a891a64fd925ebdaadda228ff6a25543dabfb24f62a47a68fc413b962afc53709fecaba1b89d982592510686ae038923d0c3665867424e61b34b72044e8a1b5c111a0e2f0d758c82234742746b1feff527ef6ae7b1f7523b39f2089d8f434216911c1bdef5ad6aede89c45ba9c4e32384f6f06605cf41e8fdf8bd5a502376ca0d266d6fcf043c46465725035897d1cd9bb6f12c63acf2eb2adcaef850f2b9cfcdf58295792dd0ddcc8df71bcc2f83532db45473b241469ec7c09d8969c3848a77ced6e2d7a2ee37d0a75f03c1e2565946d80fa3437ec2d4b9b6859ad11abf8a245af3949dfa698be2d10e3216068b9f040ca9e4cbcf20139af5971beb540855c78bd71307eb78649b48635a3099c4cbc5e9c62ef03130380b606753079feb53d2b2516e1c91f9899858c0efc3a9154dfda9e475b596bbbc09dc3ffedab99387d0fbb695d4ec41b2aa0f3291cc3de654a509920e518478d07f35b5ed68b1e5671cd6c487d7e32e1ba41e65b6bc0f0892b39918d45f9e718e0f4a0a796908e41024997261970a996ebcbe8eeaef3deccca1e337fb82650b96f1de1ecce7ae6ee8ff078e27c9f3dc8746502bac273996b45050a2e13a0515c825731cab9759fa4a31a3f3316d907d74e56aafd6ef12ad48f97bdc859a25b983a940873ef3d85b79e2042009d56262c21a62c65c13cc22325f37cc698142a47ee30f7c5b7051ca121ff8f06d2a6675c3497d4f0d65bceb1c9fdda5a4d7b9ff523ddf6295b3d3dc708a2c2caa1a1168ad029e2b330081676494441ed4bc1e7c32638d1963d8da34fb162dbb3e50a042f03de3ed36a17aa4173a43ad2eef29e49f85a10001a1893ce0edcf7e8fa0a04223be116eb5579e06131307fbbab21f99adefc7c7d866713612917e53345e2920daa31fb2655991ab112c5aff08e5cbe0a49373eec3c380f3adde42c628d2db2d2ddb6605657ed6adb157e5a5f9473f17902666e9f4a06b6b0fd6121e923c00b3f451f9deb6607a7d8f413209f8f0bf796b7d92b5000a65ecaa6f56dbab89d67c0fdade53dfc6c595e720e33083b6d84d9daec95b275edd8bf037e1cd35976220710cea1b387af3a4f7c6747cb2be61054d83d706b8d0fa3762eb66b07d47b5e1dff98cd334880a3d135889df6028dcf612639838fc5dc01b9bcf97e8accf259a6f1371cf2f6a64694907b01286fd70c3ddf5d4ffd88ab9d07ba30156b50a579e7fd7e90b30ab764502daa3fe7ec0e0e85d942574665542e1d8c57466084cab9931f6b0a79b717bcf33bc85e418db09d53aa6e31e8d1efd297c0ce2f0c3e5277e9ab3d605ab01a9e598b7705127bd4bbb9c5391536e17643dba981c7d8dec655acbbe8c2d95f3b90e1ea8eee66e30bd9eb34e5c7337cf449aa218b39391039a2e3629fc8d943de7228e9d97525e00856d7dedf99b3b7e35ae84febf1afa77935f93fdca758260e581dc50eac2f74abd2a55e42985a282753de69bc9b5ea532bd5eaa833bde5db8e4330eeb7fc4aa301499b1080bbc70cd3841f278893a4d29baf008539f44cb88ff27ac38bf169ff63a48d6e9fcd3f7134868942082d3cfd63440d5b34d2658575c6604948b63e6f09b9cc4f4a8ebf1477e6cf2f075e0890398dfafbbf6874f7cca7762cd4491226c8ee0cbf10148065b676d56177b444c91dfa131e8419bff7c30453bfba01dffdd9c7044bb3d7a7344e9ac368260ff1d80f7f69bdc246bafc1d7740b283d72f9d76034a838664941739db9f8cfc234497518841d2f0b1dcd96a55b6fd07bc896cf44eb1aa08c05125319500c153c025392db348d3e35f1a021bf7067a94b852399f33760ad7cf15edcbf567fe6f8d0f080ea18c5fc2eff62d0ff47f1895b2a699dc97438d5d33b85bb828a287ba5376111f1124696450828ca2cab4f2580c4a8d20395dc9e051431a44803a6c80c188dc2fd4b17779c84833262c5d0dbebadbadf2b0c7e451edb35fccd8b1d6f9b60df450d9b349127f16c9418b4f48fe7776e5865bf18324bbb6350358771e05810837c128017e7e3f8ee4deff7e85740eb1c58cfbffe80e6c9469c83ea765166f1c378c49aeed56f4831d7941756756a4c0d2b05d039f22289bfdedf64cc5189c13db36b809fb3b11d60fd67d88256104fe4e6c8c3f24e17dd0c9f2e66299fddba1b0db8ef297bfb3c1fb0aca4c81128b8d70e4ca16da3751667e4fc68f12f822a4c7846ae202287dc2deebea9e46e4ddbdcc96c1efd8c30aaf3ab7a20d32bc36b630b802c1400af171af8e46b649ea18640b8e8cff2df4afcec83b37b9640d4283edecb437283f62c238ac20d1253f881c360675c8dafd1c5acd711cc816b3990e0783ed58fba247b931a2fdb769c344590f3debfa3404d98bfa4d50a2c7dca34a129486d12b77717436378e1bf30f7f707bec4e86914bbdb0c36b584176a2a0fc25099a5724ca73e20a303877f01b44de25f14898e97c16090b0438607cc56f350a50bb48c2f7971058955413110e3ab2ecb943671a1fbb779c86abdf0fd9b5de0c487faab33ea17593de56a61cabddc97b77efdab66f66e81095ce22728104538ce05e87d910e25d83f5908912ea17c02acaceee6866bc950caa8b679a7a29651f54e894d09aafd419907eaf14ef3593aa8f79bcda105c16a3348f081a1a0f4191bed760d27d1eb1eabf31a25e2c6f7c231162bf1ee755508e2e041f40a24e801ae782d58bbaf3396ab1f0255dd95a32eaaed76ab63f6a93716a458571cd4965782062456e8497662eb4f2530ad427307a4be250b18cba8bb8b661faacc4985b90509dc6006983e0e6ffc855f0318e4efed5c18ea9127dd3bee2e21f71b619392effb491ab6882df5a8653816ef43c44bb56423e7d7ebddc23b11c7228a206728404bab1e5599ea0468c0531430e8b7b5b084867b92fc30b4dd285bbbc7bc80545c526dd21baf28461521b35891751e713e9f3edaa01bcd03b7a3255a1af0df2f6d2d4ca298a4ccc7b7a32a0d89f6877d1ab840d765e6b69d6fff308ace090e67f3972016c9de257217d81002a959780365bc5a1a833e38cf1b13e54aa70c127008e0364e78cba344c68bc5b041e600b26dcc76ba8866a2df11ccf22e1948f9afaed601775a7a10a21b8209f6f8a2154f4051f904a0e535fa1567e66604d58151d2e831a80244ef337d997972a24d0de52161968c31cc44151f3b7df19994f95c2dc2ecd20f0dbbf76ac9a5bd2b60f28770af9e89684f47d2cbb392b6e123e5ee932277da5eee2e403b1dd1f71a812825ed29b5bfd930a621baecd8be3f40ab074f55f6d222d01dd4b764a75d70159ee068e5e104937b3fd88a9c297fae84c5c47cf32b6e5412215758f9d5353ec61eaac3a39eed9e4f1d9432759428a8e7d74c05146473c17d3ff482d960fb47aba0c6e5f043870c385f2fcffaff3913ef9247094d3aec28a817782924a414ec230fbf1df7c7bcb9421b6dec7d056c53d837f600f71a7f6486a73ce6fcbe41227283a2a749a4a27d1ce444ea0c04aa97edbb303cb75f20d58b04e0ed308dc92dfc98b367fed91f1e574dd113bf8e83968b4fbb5d4eba523b6562f03422915a863dc2a349a36e4fc8b944d29cc320c292c2b8748e940587d2dfb13321f0e43ff9552a8aadb82e8fa607a9baa75ac79d419f3b2d2ec98abb58173f151d3f4cdbd7242f9864674088f9000b0b02d85cc2be04a78edbb100978dc170e83ec3b318c373cf7a299fda035932d55c68201c5f56a5ee5ff66fc1f487885485558689c4115f9c87d08b90f670f2311c1cde9528b8c8fffc1853c35e37347e7450825291ae3160d0e64828da08f5abcf1c4e7ebf04cb537cec6a995f61860ad311178a8f63da5551ae41cf80651b23173b17868d4a30da773ac8606d80a38efc1dfb0fae040ff021ed97d1e25f0e5b20f4d37a34d63f6da0939e4c52ebc19b145dd96fd06a973ebd87d30843b8dd4574bd2651aaa380ed707a4b1bc8cad95b6055a5ba1964a711f8c68798a66d07d9c69a0757e8157aa6fd72de6130d3963a275420cd6aeb4e845c8fc555bc879c2c5f519b31e66fd0805c5b503a4f95b5f776d5a8968723b08b183e7a3b69e6d5933b9cd079943ca861639da07a38f28872107a391737e17fcbdb89ac2e9b252daa0e722d44c804bc67ecdcc75db2c78ec7e981c43b063e56a868e2f95757da760d09107a02011573f5dcc312b67dec294d04c9f284bc85237617208b5737ae7e1b3c48a54033763a275b6612b591fda50fa6f09c13ce38ebf7c0687d506da5e0d25df61d35229d9756fa6f2883f98a7786844498e76758e5fe8a975a5a0694062f88916245c2a8a18d3fb5a2526dc95f1a2b707b68731d272294ba1eee98e5ae1e466d5950510620d84eb025a86e3272e8c7f728d084e5ad2e0efb4bfd808820684ee6e2a464f63b09e2ab49179021ea8d6182e2f5b7243274ca00c9a00208da889339f66a294adc251aac43020e489808b52c800f73e966320e1ccc2f213f9c431a6b41d758d71cacfaa5136786b26443c84ebf091cec3454cb541c4f57b2d399c9c2dd87fa0ae5e5841ae291e5194b5f4cccc392c674e5ed1f7c9d160fafc186b524e651db6274836d87e27fdec0030470c2d16a529313c1f7e6f60926832ec22c8586c5cb9637e810132bdc87a2245423e048aee354fe673d4298028bef3647a2d3c358ec32ac61ebf431b9bc8c9fda41a01cf2a89dfef33c818422b888ed765543f708b2a4f89e5d5d1b8c6f3b73aa3c427c075561f742c6e58108087c8d92dc9a725ca6c4524dc1ac479de8422334c62756b20efb35f891b5b48dcf6e665e4a88d38d993811a3ef161b926adc643add39f40fcfd15cd5eba145ea7016225fa3bd846924ee9064a4ec7efc03b77ac3973b38acc2a75b793cbffacfef23dfc494637fa679ec6d91b01c8e6be40daa496e725965abab96fd23ff554b78baac86fb1c4658ce6fd6488bbff7d6089722d200ef3c1d335a2d4f0c19b57da50c6a12779e079a6f0efaff9dbf44a9d0b44a1844f0c08c03213fa0ca096b83b6feb02d649de349c4564ada2b50f816efb53d3a1095577fdd10a8c482774c69683aa7db22e6e05068e2c459594f36151f5e989467f256c5419e9bb807daad88324f0ed1a159779ea5ecb8f1b1ee697b937f0312d77581d9b58cc3dde51c074e32ef71abc6296d185bb08975ad340821572f8892cfc6f046abc05ba55d0e04b37719fbaaa7368a4516f0a9aa851149b41ce2fee956cb8d094ed21c9e60f0eafe842320c8aa79e09ca3feb13e2486d68af1d9b14046775837caab61389179bc9074bf953e8364dc82b087d0b0aa6701639410c361b37b2cb94235a1e46457ef1816a4da3d3d42c695f4500727f51f813c30094f326136a72387a363c653b90e9c5ca34e14db2277ba97e907c4baad9b519c015dfcfa2830a9bea9446957c96708c5b03cf35ef6e633e25293154b64f72b296c3e189ef45133e37ba4bc404f585c994e20c519eeb7215c7986abcc32b6342a56a332b2e9085af3a354f6344af1f46bc9c6a6e59acd6e0b62eeaed216d6c3dad1c9b24ce31b16b559a3c6f63256c1aa44a5ded5c6cea3eaa35fb803799a74efebc337ec243ee0a70e327090061a5130aa75db84c82834cda01fde4aa78dd340a858e6f0002cef98d8f643f3d813a5f95737fbc81905f270db4e504fad0c266dd9fa72787774ab540c5cbc51f051717ab670661e37e451a8d29946d1e354f2d09067727976ef893c50c943e6efef70600fcde496e0dc2010f53513e2e125f3a906edbc87348723652de72ac310f9140b488858194081fe1894f1cf284ea06f9fe8823de29a131a8d0fa29f2f01e29c37947eb5b6a68fc141dd7a417b84f92911e46764b5d97bbb439c1951b538b66d32db8408cf9633ccb13d7e80472c60e0aaa803d73b3d1aab7eb42670261e7f3efd82adec992d3383f879b2fd152c47751f43d90dd02b8c1041865c6693b002ccc3fdbc649063c2e3cd5f00e45ef981add133bc4d5006a2dec1907d05fa51f6c0c3b2541f0f5d18879f224da477fcfa6ad481ea07c1b960b0b2cc81ac5e5460833f6883a2a803bd8b9cfeb7e1ce9ba46e5478a0c632ac403223c471f937bce1d916f15911ec59139287ed8eeec9bd7ae0491150145bef18a6cb712ec68d9e7299b23e44702163b738aa36dd9192c5738d25ceaa3bd445fac333ba7956271867b6147a26c080a92f086a943797bfb03e12a687c7dfeb5dc91765a5a4cdfa892055cc5ff842872d9412a54b60d3ff5189526e90d77e31ff40f275f6a6d649ae342690e69b62cd2270fdfd11ca72d51d49a9aa3b9a4ce0eb6016fe9d35f24d6d89e0c44008f2fc884de889c83128994ae52d22672f6f4e98beb6872155342e4feded7798daa2e81e74ad40af3f4f1bd014d0918c65a0022a73cee043e843d7cdbda4af7a5fbfcd905c4a5311858425f8c8506f03a070c6e7e36499ce6e47e8e8edd518ca54248f5ae10ed343a3bca1c58f22816ed749111848ac6a7e3082c7dc637338810d192d61e1898119c17d7399c5e072adb1bde8960f0b4406f22f82e437ee449535c973b897a296cd014b397b0a38477bed9f366f326c5834d81e86af209e22746b5dc0c87dda0c9ab986af1f7dc95bb91b80760e51fa3f8c7523e3f865949bf6e8f0beb2fe588766c5cf24e91dd40f13247efde13cfe0d9fb1f973b7ba813d29f151f26faca1f478deb17746969ac42ba5becc77449184a219e6604fb71808a76fff0582656ff305a29d618e2f98957b6f15df02c9f362671f656e9b0f11523f78ffcd35ad6c479340fd701e43dde8888830eb5aa09dd1af77193427c58b4d2b6831d489cab1c49ab3cc406996be08d417a52b3239a29e51489d0d978552d5d68de6a72a9fe7ceb823a87ec14638f42289cfd28d11935503c620d1d41d0448f64f5ac0a521ab09fbe8c1ca26528b67e55c6775b4ebba6707c638071b542029a08dd9f94901ba5ae622a1dc008f6ab07388c74cd86f494b3b61472421b93008a02a3de32d47fb301d1e08e957858a634632bd36b975311300bdede78ca0314f35d3a4272deaa793443671aab1ca60080508ddaebc8611479846d93a979b63f9bd6d2cec6089e9dce5761837e9a226a8df25a1ff4575da659adbeb4b95b5c07f31dd3d375000c7042cdaf482b844ba4ded8b59ea2d4cac097d868d6bf9ff071df07a84b839432a6502d811631a55e8f37d9bb7ca923f52d31acee21c2e570d57e276ffc39fe07952dda1646e226817df3a7690111af8802bb7fcfa753c66f6b254e256602fd865a5db87ec199a258c08e9671541a40abb7a7743d0aab8fb6a55bb0aecc257c2bffe0ac368fd973dd68f00ea9ff141f56c388b68e97e3f74c7ecbd8db6282d61f1620db9d5e0e9022cddb95d13d4f3398b02234ca0ec2045ca1f980fa675cd5b0cfe154cf668f2c4e7ad3cd50a13599942db6b63bd20cb50ecd47362c8a52c9693ab001ef6f9b861f71d153de33b3d5bc97552095a119d7e3d1d91d0e453fd9efc412b6900d5696ac4d3a3afdb1e744e0d66b6264eac3c3982e33e3e7ec897cf4025e72efdd30294c432c2af46fbfccac8cd7fe939601b325d8f637da13a2f02325775b72f714cc6ec89c6f856028d9242e171430fff7e34bb56583a44c5bf8640136bb56c18b8194e7e3b84ceb101ccaa151df4bc13de2672b8701a3b9f0b55cf552e44833a4076043f6d60351efbfa611046a8d10083e913ac1de791ca9029c4255b33e7abc57768ea758c604439c1b7f4292d8ba9feee4a232c131eb8f59e4287eae417c63eacadaf7b00855b6187c313c54d5311bd13ed883b15ce531514f329fe0d3fbdaf3600605c3aaea01475e1cf0c474318b2e86a974853211182388be6935af2b29627e184504e069dc92fb2fdfe18518c759ab9f9a747d608081be2519d27d100769d4187eb1bed3a4fa817d96cc069956f668e82a0ee9ba785e5a6ad439821220241da3cb4047ce6af0968cc336102c5260c451d66032fa60254976fbc66c5c7443881a8e2b12572116b90be99f8216618c0363ff8bf3d08f42b32aced2e57d669c619f05427e4cede5d28e9241061b1914ecee7b66c23d4fe754c3fb1ab17f3689ac94e22adf9acc210547c2156a82311bb2abdcdccec8f1c9e66927c154625cf8bf6338a4254c2c3b019bacabb8ecfc2a90268b968c2dc1e2186cdd72e4bea4f93a2ee73db060f49824c7e92e88b7f317722beed1263dc0206d8ef88e1282d1adfc524f55b27144a0d3bae33334612f861477a93f7c4d3f9d52ec749f58144515d48f5ceb15a30a14bf74db55a489c506371b5eab3c119d0e25417f862ba21f76683a3bf8329d9024e", 0x2000, &(0x7f0000001100)={&(0x7f0000000040)={0x50, 0x0, 0x1, {0x7, 0x2d, 0xd5, 0x108000, 0x9, 0x0, 0x98, 0x9, 0x0, 0x0, 0x1, 0x5}}, &(0x7f00000000c0)={0x18, 0x0, 0xa, {0x9}}, &(0x7f0000000100)={0x18, 0x0, 0x3, {0x10}}, &(0x7f00000001c0)={0x18, 0x0, 0x2, {0x622}}, &(0x7f0000000200)={0x18, 0x0, 0x3}, &(0x7f00000002c0)={0x28, 0x0, 0x100000000, {{0xfff, 0x6, 0x2, r3}}}, &(0x7f0000000300)={0x60, 0x0, 0x9, {{0xfa, 0x2, 0x7fff, 0x3, 0x4, 0x6, 0x9, 0x2}}}, &(0x7f0000000380)={0x18, 0xfffffffffffffff5, 0x9, {0x1}}, &(0x7f00000011c0)={0x49, 0xffffffffffffffda, 0xc8, {':]^%+!\x00'}}, &(0x7f0000000400)={0x20, 0x0, 0x0, {0x0, 0x2}}, &(0x7f0000000980)={0x78, 0x0, 0x3, {0x3, 0x6, 0x0, {0x3, 0x4, 0x5, 0x2, 0x81, 0x62f, 0x200, 0x10001, 0x3, 0x2000, 0x8001, r4, r6, 0x10000, 0x7}}}, &(0x7f0000000a40)={0x90, 0xffffffffffffffda, 0x2, {0x0, 0x2, 0x5, 0x0, 0x5, 0x7ff, {0x1, 0x5, 0xffffffffffffffff, 0xb, 0x2, 0x9, 0x4, 0x100, 0x54, 0xa000, 0x47, r7, r8, 0x11c, 0x1}}}, &(0x7f0000000b00)=ANY=[@ANYBLOB="080100000000000000000000000000000500000000000000ff0000000000000008000000000000005c2a5bd9272d2e7b03000000000000001c444b0d0000000001000000050200003a000000000000000000000000000000084f0000000000000c000000a22100002c23297d26277e265b7d2d2d000000000700000000000000050000000000000003000000010000005b2d2500000000000500000000000000c4b300000000000000000000f20000000100000000000000ffffffffffffff7f00000000020000000400000000000000060000000000000003000000000400005d2d2800000000000600000000000000defeffffffffffff07000000000000002302004051272d00"], &(0x7f0000000d00)={0x150, 0x0, 0x800, [{{0x4, 0x3, 0x400, 0x1, 0x5, 0x2, {0x5, 0xdd8, 0x7, 0x8000, 0x400, 0x3, 0x567ca80d, 0xfff, 0xc, 0xa000, 0x5, r10, 0x0, 0x3, 0x47}}, {0x0, 0x0, 0x8, 0x1, '\\)+G$$\\/'}}, {{0x3, 0x1, 0x74889b83, 0x80000000, 0x8, 0x1, {0x1, 0x1, 0x3, 0x75, 0x6, 0xc586, 0x1bfd, 0x7fffffff, 0x4e8, 0x2000, 0x10000, r11, r12, 0xf, 0xffffffff}}, {0x3, 0x2, 0x1, 0x4, '.'}}]}, &(0x7f0000000ec0)={0xa0, 0x0, 0xc9, {{0x6, 0x3, 0x7f8d, 0x5, 0x8, 0x0, {0x6, 0x7, 0x8, 0x8, 0x5, 0x9a6, 0x7, 0x7b, 0x4, 0x6000, 0x5, r14, 0xee00, 0x80, 0xb}}, {0x0, 0x6}}}, &(0x7f0000000f80)={0x20, 0x0, 0x1, {0xe1, 0x0, 0xa, 0x3}}, &(0x7f0000000fc0)={0x130, 0x0, 0x8, {0xffffffff, 0x80000001, 0x0, '\x00', {0x800, 0x10001, 0x2, 0x1, r16, 0xee01, 0x8000, '\x00', 0x711, 0x80, 0x1ff, 0x7, {0x3, 0x8001}, {0x8000000000000001, 0xfffffff2}, {0x2, 0x1}, {0xac2, 0x6}, 0x3, 0x7, 0x0, 0x1a7}}}})

7m6.890305873s ago: executing program 2 (id=164):
socket$nl_rdma(0x10, 0x3, 0x14)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000440)='/proc/mdstat\x00', 0x1800, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000000)=""/148, 0x94}], 0x1, 0x20000009, 0x9)

7m6.809387419s ago: executing program 2 (id=165):
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124cdc30d643c235d7359da9e070000004528aa51fa2d9b48e7167b55d05a1b29e5b8e5b773fcce876b3e9fe15e6330b96d4004cb815d14"], 0x200)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x3, 0xa, 0x0, 0xfff, [0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @calipso={0x7, 0x10, {0x3, 0x2, 0x3, 0x7, [0xffffffffffffff04]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x128}}], 0x1, 0x810)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80), 0x0, 0x4d9e, 0x8)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

7m6.653869716s ago: executing program 2 (id=166):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IEEE802154_LIST_IFACE(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x2c, r1, 0x20, 0x70bd2c, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan3\x00'}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x44800)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_SERVICE(r2, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x7c, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x50, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_PE_NAME={0x8}, @IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x77}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0xa}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x77}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@dev={0xfe, 0x80, '\x00', 0x38}}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xff}]}, 0x7c}}, 0x20000801)
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(r0, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x2c, r1, 0x1, 0x70bd26, 0x25dfdbfb, {}, [@IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0xc}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
socket$inet6_sctp(0xa, 0x5, 0x84)
getpeername$l2tp6(0xffffffffffffffff, &(0x7f0000000380)={0xa, 0x0, 0x0, @private1}, &(0x7f00000003c0)=0x20)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r0, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000440)={0x60, r1, 0x400, 0x70bd2a, 0x25dfdbfe, {}, [@IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x1}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0302}}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0x2}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x6}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x80)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000540)={'wpan1\x00'})
r3 = syz_open_dev$video(&(0x7f0000000580), 0xfffffffffffffffd, 0x4e401)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f00000005c0)={{0x1, 0x1, 0x18, <r4=>r3, {0x3}}, './file0\x00'})
sendmsg$NFT_BATCH(r4, &(0x7f0000000a40)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000a00)={&(0x7f0000000640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x2}}, [@NFT_MSG_DELRULE={0x20, 0x8, 0xa, 0x3, 0x0, 0x0, {0x3, 0x0, 0x3}, [@NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELOBJ={0x128, 0x14, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x3}, [@NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_OBJ_USERDATA={0xd9, 0x8, "7dc348f2e02031cd4129306c5c96856e463c5b3f922d892b61151b7a5c5cfe5ad0d84a013c56c872d470b1b09a0f1e7733210b9556f8f3dd3b67775e3245ee372537bf3e0a503596b9f1874552876c50ed351108ffcb31f3a5f49562b6e554705a6af2511030f8762ff4820fc2d8e05c1f33bdd4070d8320a1f15ada2ac4f28f00c47fce23c734cfbcc4f891096db0bca6e5313e8e5838bb58ad0683eb4fbebd2ce1bc09a35e9b37ab231c1afa1b9b83515cf0fe559d763629c569bd9e9f59cdc9709d0dcbd5658a1ad5db4f5b9968a1745d50ae42"}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x1}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELFLOWTABLE={0x28, 0x18, 0xa, 0x201, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELSET={0x38, 0xb, 0xa, 0x401, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x27}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x7}, @NFTA_SET_DESC={0x14, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}]}]}, @NFT_MSG_DELRULE={0x1c0, 0x8, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x5}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x3}, @NFTA_RULE_USERDATA={0xa9, 0x7, 0x1, 0x0, "97582dca95878def5e9c6c7eeba4f143fe9c49f2406775b5fc2b2b22d0cd4b1be9ae9951320e3b32bf9f330b1d3f1ff85d4d6a19a1eed6f04a263c13e4e4fc7c74f68a9d1b846e29d8d5c8d68dcf4d157c59675f30e5da721dc6ae26f7e6a0b22cf7489495d523cafe4495fe17ada909ccb6e8737e67015a8c76ae7800a3d9558f89ad4e354cc5578542e7ef7a569eac9e35293543444b3dad4e5103f5876d0bbe224175d9"}, @NFTA_RULE_USERDATA={0xc8, 0x7, 0x1, 0x0, "571ad34f48cf4ea48848fcd257eaeeb62711ef9af7117a48ec55136e662ccd95f22f501b4680ccb6285ea80467236348fb207a5af68ca40e615b808495f0593f30098b7783487aaf25c8027563407009df783055d869eb4fc3488e9a1b63cfd7aac3255acd04a81a00a7908dbb909012728006a729520ca45c33b886e5f4a25b1752dd0df4c90ab885efe3433f43c0d5fd781a49bc50dc6bdd20bcfab87ef6f9d7dd7506e925b331834dc3fd8210902083945238643b169340ecee7dd1b9fd594a14009a"}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x390}, 0x1, 0x0, 0x0, 0x80}, 0x8000004)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000a80)={'syzkaller1\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000b00)={'wpan0\x00', <r5=>0x0})
sendmsg$IEEE802154_LLSEC_SETPARAMS(r0, &(0x7f0000000c00)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000b40)={0x54, r1, 0x600, 0x70bd2a, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r5}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x5}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_SHORT={0x8, 0x2c, 0x9}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xaaa0}, @IEEE802154_ATTR_SHORT_ADDR={0x6, 0x4, 0xffff}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0202}}]}, 0x54}, 0x1, 0x0, 0x0, 0x6cf9443d0b5b8daa}, 0x1)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000c40), r0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000c80), 0xffffffffffffffff)
read$FUSE(r4, &(0x7f0000000cc0)={0x2020, 0x0, <r6=>0x0, 0x0, 0x0, <r7=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f0000002d00)={0x50, 0x0, r6, {0x7, 0x2d, 0x492, 0x4004000, 0x8001, 0x9, 0x3, 0x3, 0x0, 0x0, 0x4, 0x5}}, 0x50)
openat(0xffffffffffffffff, &(0x7f0000002d80)='./file0\x00', 0x301600, 0x9)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_DISASSOCIATE_REQ(r8, &(0x7f0000002ec0)={&(0x7f0000002dc0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000002e80)={&(0x7f0000002e00)={0x58, r1, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0102}}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x2}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x1}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0x6f}, @IEEE802154_ATTR_COORD_HW_ADDR={0xc, 0x9, {0xaaaaaaaaaaaa0202}}, @IEEE802154_ATTR_REASON={0x5, 0x12, 0xff}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)
socket$inet6(0xa, 0xa, 0x8)
setrlimit(0x9, &(0x7f0000002f00)={0x7fff, 0x5})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$l2tp(&(0x7f0000002f80), r2)
sendmsg$L2TP_CMD_TUNNEL_DELETE(r9, &(0x7f0000003040)={&(0x7f0000002f40)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000003000)={&(0x7f0000002fc0)={0x1c, r10, 0x200, 0x70bd26, 0x25dfdbfd, {}, [@L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc875}, 0x0)
ioprio_set$pid(0x0, r7, 0x2000)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f00000031c0)={&(0x7f0000003080)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000003180)={&(0x7f00000030c0)={0xc0, 0x2, 0x6, 0x0, 0x0, 0x0, {0x5, 0x0, 0x3}, [@IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_DATA={0x6c, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x1}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x7}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x9}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x1}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @mcast1}}, @IPSET_ATTR_IP_TO={0x18, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private2}}, @IPSET_ATTR_NETMASK={0x5}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x40}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x58}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x3}]}, 0xc0}, 0x1, 0x0, 0x0, 0x10}, 0x4004000)

7m6.409355728s ago: executing program 2 (id=169):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r1=>0xffffffffffffffff}, '\x00'})
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000340), 0x4)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
r2 = syz_clone(0x111, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x100809, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x180)
chdir(&(0x7f0000000000)='./file0\x00')
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount$9p_unix(&(0x7f0000000080)='./file1\x00', 0x0, 0x0, 0x2000000, 0x0)
setpgid(r2, r2)
setpgid(0x0, r2)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, &(0x7f0000000180)={0x14, &(0x7f0000000040)={0x40, 0x7, 0xd2, {0xd2, 0xd, "e164af9e1deec9ea49ea3fe7ac3ca0d83a43e0e608f2229b31c10aefc6ae6db960fc2e497cabc6302aa4895838ff98a07653b20c0961946e3559e4d1b050a5ed35ec9bb0e1f5d5e93cb11c86f002610a372987e79b9330795a167779dd13af8887ecaca2071869da92fc57aee90e3003cddba4060b9f1e8565d37b1cba1bdabe51a8d95a3923699f9af9e1dc61d70101a60b56afad5ffba724bd76da57eccb576ac8f509cf29865667e944d6a99333a7ad273ed6e40486d98c50870e7d1d15fda720540fe7fe897d290f1160af80bd2f"}}, &(0x7f00000004c0)={0x0, 0x3, 0xa5, @string={0xa5, 0x3, "b7db31973d011dee5218099871d36b82730c611b63b17256e6449d95350297107ccb5e5fdea89a8a7e368c048f75858b23e339763ceb55248ac6dc54b30e20c2b9565f144e604ea3ae12af69893b4c994b486b382d618ca078846ac773baa1aedd7740630259f55f2514ff93e4fcc03d4d81c328c4d806121688b8248d59a87c87f6f7f7d38fc35cbfc4abe6c23654645f8b913180f04fff626ff20d19995b89fee001"}}}, &(0x7f0000000400)={0x44, &(0x7f00000001c0)={0x40, 0x16, 0x73, "6535407726d9bd4bfc8070a675102fab36122ac36abbddece7beb6efed90e4484ff3db1eeb565e26c487058d8f225f553de89c96dde788e66f223a666607a448b7d2c31aec869649c7014743cbd06ce8b0293920b89dc3c2a6e26ff513eac9fd5479de0996446a26831b6241d5d99760bf0cb7"}, &(0x7f0000000480)={0x0, 0xa, 0x1, 0xff}, &(0x7f0000000240)={0x0, 0x8, 0x1, 0xa}, &(0x7f00000002c0)={0x20, 0x81, 0x2, "5df9"}, &(0x7f0000000300)={0x20, 0x82, 0x1, "b9"}, &(0x7f0000000140)={0x20, 0x83, 0x3, "0300df"}, &(0x7f0000000380)={0x20, 0x84, 0x2, "e205"}, &(0x7f00000003c0)={0x20, 0x85, 0x3, "f5866f"}})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)

7m4.563147138s ago: executing program 2 (id=187):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000580)='/dev/comedi4\x00', 0x80000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x3c, r2, 0x923, 0x0, 0x25dfdbfe, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000080)={0x34, &(0x7f0000000a80)={0x60, 0x15, 0x74, "08006b680fce156f8f08d6717f839a9c023a05f3fe4b0c5fa5c36a436c5fc738d6fa8cefa0c4da722a0b448bc8ebb76c0ff48f5c30423613aeec55c0df554345f5cc03249fc8bea6a660ce06bd8de02895bd5a4030ef60af37acc234ba0a787ad6a55eda29e402771a77657d2a833afa8a04f939"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r3, 0x0, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
write$vga_arbiter(r4, &(0x7f00000000c0)=@other={'trylock', ' ', 'io+mem'}, 0xf)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x40, 0x12, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f00000004c0)={0x34, &(0x7f0000000440)={0x40, 0x11, 0x1, '$'}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000240)={0x20, 0x8, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(0xffffffffffffffff, &(0x7f0000000480)={0x14, &(0x7f00000003c0)={0x0, 0x31, 0x3d, {0x3d, 0x4, "9ac76d575bc08c00a6b39915468e6cbcc66765814cb2f7e0572d9568465ca03034e22a2227fe7c7ce8cc5b848d6e7c674e29cde8f94984ee5b2ca3"}}, &(0x7f00000005c0)={0x0, 0x3, 0xc6, @string={0xc6, 0x3, "d0aef72eddb642738113b4a0cb25b600b8f6c8a82cba147b86d2689546495c0bbb60f3856762aa00f3909234a33a1a30cec3e8506949de125d4068f7b868315a23b08b75846f1a0c1c402580b57e4445a46035621ce08250cd7448a42912d58bafe4af27d9aa06da2dc217f0877d58e0238e649e358c51a1509939b60e68ff8057a1128528c3fc191e7ba7eef5e02309acc00294401fc4adbada7d09a66cf8482b756e5cdca09f7fa02a5c40787a12fe4f309c10c41cdc5bab3fca2d0624854fd4e3ee22"}}}, &(0x7f00000009c0)={0x34, &(0x7f00000007c0)={0x0, 0xe, 0xd8, "9c1564096512c698140758d2e6a36ebf73b18ce1ecb90b5a4d881c21e904e73d63a7282067d068995e7d894af1174486d9366a0d60869f0c22a03fd95655c5448c06b26731e3a9ecfc9b808756078cee7389936b79accb0492294db03be05aafd61a960ddce6be2080ce6deca77feca2a70e8dec912f6ef995712a08327a5d6877e5b301f9ddb383352e6739a00ce4a981de89764c65e4047aad45002586d6202985f216de61b3b2c028c80a6ef9fabe55f78527aa30a0c09d05f10fd5ccb023c227521aaeee385555f0e096e340a142b85a85fbd9b6c6b1"}, &(0x7f00000006c0)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000008c0)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000900)={0xc0, 0xa1, 0x4, 0x800}, &(0x7f0000000940)={0x40, 0xa0, 0x4, 0x6}, &(0x7f0000000980)={0xc0, 0xa2, 0x2f, "aae7b33b6113986cba879b65102416b30ae5b6588a02365abfc636cb3b94f4574d46496245815a26ca53ce51e1ad34"}})
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000dc0)={0x44, &(0x7f0000000b00)={0x40, 0x8, 0x1, "bc"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff1002}]})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_usb_ep_write(r3, 0x7, 0xc9, &(0x7f00000002c0)="2df0ecf12d2ba1d277c2c4a3977e7ab2311582c9e078a6eb17163d4357a6398662bd88a16c983685541dca7a85e7e36dbca7c34895aafd4bc0372fe738074c693fe324d4519d8960a4fb64ae8709f897403ebe38e316650e067e56462f361b8ecda0d3e617c8fe3de2014ef6b109523a986d54bfbca0150103ad492760a007147af65a86b9a3a7470d2ec4fefd40d1ec1d76b12ec563a9c71f8a0d9c25673d1b1dc6749c6c8d7bd978bc57bb39532c67797a87cbe78ae2d6eeba92cbc34df1b6890c56e51af497fea4")
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r6, 0x89f3, &(0x7f00000001c0)="2c0d5335278c746d987719ee42b8ea8e9f64dd7d54132f8562b394862b3c3b3674ad39fc5cfc7400947aa042ee05b7add79265b019e67ca1dd32682089380c998266999601042c016959466c1174a44e3e4c6bb759c763b0")
ioctl$COMEDI_SETRSUBD(r0, 0x6410)

6m50.370448714s ago: executing program 1 (id=243):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
getrandom(&(0x7f0000000000)=""/177, 0xb1, 0x3)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x601, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

6m49.327428027s ago: executing program 32 (id=187):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000580)='/dev/comedi4\x00', 0x80000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
socket$l2tp6(0xa, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x3c, r2, 0x923, 0x0, 0x25dfdbfe, {}, [@L2TP_ATTR_PEER_CONN_ID={0x8, 0xa, 0x1}, @L2TP_ATTR_FD={0x8, 0x17, @udp6}, @L2TP_ATTR_DEBUG={0x8, 0x11, 0x1}, @L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_IP_DADDR={0x8, 0x19, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xf2, 0x30, 0x39, 0x20, 0x2c42, 0x1202, 0x8540, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xc, 0x2, 0x2, 0xc1, 0x7f, 0xc, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f0000000080)={0x34, &(0x7f0000000a80)={0x60, 0x15, 0x74, "08006b680fce156f8f08d6717f839a9c023a05f3fe4b0c5fa5c36a436c5fc738d6fa8cefa0c4da722a0b448bc8ebb76c0ff48f5c30423613aeec55c0df554345f5cc03249fc8bea6a660ce06bd8de02895bd5a4030ef60af37acc234ba0a787ad6a55eda29e402771a77657d2a833afa8a04f939"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r3, 0x0, 0x0)
r4 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x101002, 0x0)
write$vga_arbiter(r4, &(0x7f00000000c0)=@other={'trylock', ' ', 'io+mem'}, 0xf)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000500)={0x44, &(0x7f0000000180)={0x40, 0x12, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$printer(r3, 0x0, &(0x7f00000004c0)={0x34, &(0x7f0000000440)={0x40, 0x11, 0x1, '$'}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000240)={0x20, 0x8, 0x1, "b4"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(0xffffffffffffffff, &(0x7f0000000480)={0x14, &(0x7f00000003c0)={0x0, 0x31, 0x3d, {0x3d, 0x4, "9ac76d575bc08c00a6b39915468e6cbcc66765814cb2f7e0572d9568465ca03034e22a2227fe7c7ce8cc5b848d6e7c674e29cde8f94984ee5b2ca3"}}, &(0x7f00000005c0)={0x0, 0x3, 0xc6, @string={0xc6, 0x3, "d0aef72eddb642738113b4a0cb25b600b8f6c8a82cba147b86d2689546495c0bbb60f3856762aa00f3909234a33a1a30cec3e8506949de125d4068f7b868315a23b08b75846f1a0c1c402580b57e4445a46035621ce08250cd7448a42912d58bafe4af27d9aa06da2dc217f0877d58e0238e649e358c51a1509939b60e68ff8057a1128528c3fc191e7ba7eef5e02309acc00294401fc4adbada7d09a66cf8482b756e5cdca09f7fa02a5c40787a12fe4f309c10c41cdc5bab3fca2d0624854fd4e3ee22"}}}, &(0x7f00000009c0)={0x34, &(0x7f00000007c0)={0x0, 0xe, 0xd8, "9c1564096512c698140758d2e6a36ebf73b18ce1ecb90b5a4d881c21e904e73d63a7282067d068995e7d894af1174486d9366a0d60869f0c22a03fd95655c5448c06b26731e3a9ecfc9b808756078cee7389936b79accb0492294db03be05aafd61a960ddce6be2080ce6deca77feca2a70e8dec912f6ef995712a08327a5d6877e5b301f9ddb383352e6739a00ce4a981de89764c65e4047aad45002586d6202985f216de61b3b2c028c80a6ef9fabe55f78527aa30a0c09d05f10fd5ccb023c227521aaeee385555f0e096e340a142b85a85fbd9b6c6b1"}, &(0x7f00000006c0)={0x0, 0xa, 0x1, 0x7}, &(0x7f00000008c0)={0x0, 0x8, 0x1, 0x8}, &(0x7f0000000900)={0xc0, 0xa1, 0x4, 0x800}, &(0x7f0000000940)={0x40, 0xa0, 0x4, 0x6}, &(0x7f0000000980)={0xc0, 0xa2, 0x2f, "aae7b33b6113986cba879b65102416b30ae5b6588a02365abfc636cb3b94f4574d46496245815a26ca53ce51e1ad34"}})
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000dc0)={0x44, &(0x7f0000000b00)={0x40, 0x8, 0x1, "bc"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r3, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x6, 0x0, 0x7fff1002}]})
close_range(r5, 0xffffffffffffffff, 0x0)
r6 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
syz_usb_ep_write(r3, 0x7, 0xc9, &(0x7f00000002c0)="2df0ecf12d2ba1d277c2c4a3977e7ab2311582c9e078a6eb17163d4357a6398662bd88a16c983685541dca7a85e7e36dbca7c34895aafd4bc0372fe738074c693fe324d4519d8960a4fb64ae8709f897403ebe38e316650e067e56462f361b8ecda0d3e617c8fe3de2014ef6b109523a986d54bfbca0150103ad492760a007147af65a86b9a3a7470d2ec4fefd40d1ec1d76b12ec563a9c71f8a0d9c25673d1b1dc6749c6c8d7bd978bc57bb39532c67797a87cbe78ae2d6eeba92cbc34df1b6890c56e51af497fea4")
ioctl$sock_ifreq(r6, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r6, 0x89f3, &(0x7f00000001c0)="2c0d5335278c746d987719ee42b8ea8e9f64dd7d54132f8562b394862b3c3b3674ad39fc5cfc7400947aa042ee05b7add79265b019e67ca1dd32682089380c998266999601042c016959466c1174a44e3e4c6bb759c763b0")
ioctl$COMEDI_SETRSUBD(r0, 0x6410)

6m49.146490193s ago: executing program 1 (id=246):
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124cdc30d643c235d7359da9e070000004528aa51fa2d9b48e7167b55d05a1b29e5b8e5b773fcce876b3e9fe15e6330b96d4004cb815d14"], 0x200)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x3, 0xa, 0x0, 0xfff, [0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @calipso={0x7, 0x10, {0x3, 0x2, 0x3, 0x7, [0xffffffffffffff04]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x128}}], 0x1, 0x810)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80)=[{&(0x7f0000000780)="42ebe7f5d8dde5f3e9c5c7e7bc09d8d80f373ae4dc85e6cb597bd322663b986ff272399bec41d811a763bcd2cdc221d2ac6cdeeca815ce250ce959444e7f296cb11433530cfccd0c6f450147b46eb5bbe281810c76577aaf554801815d1ee516cc0752832233d7610ce165a593e43cbaa4f52db28e5aead94767ad0d0ccf1cd422fcfd87e848c94a2be6e254d827012967db0758c0fa31fff90c60693957939c8ce4ed025b", 0xa5}, {&(0x7f0000000880)="3ed8269a24bf45844c983ea0eeeb58f212eeac22d35800c1a94b360b7b20a38c4009daad6421963cbcd5621f4aa4892eb9937191078bfbceee60ee759765c992659367fc8bd35cf5d87272d4c4bbccb6fe258a2bc4cf778776b91c3e1da4690fe0506ba67577475dac7b5a6647454b002cdccb192445a0e2b4f79b91acb8cfb6bbbb83081c02ec544d20af0b521d102bedc65eeda06df41d160c2197a51325f28b8a789a6fa17d6eaa40f1e40dab9f427d85943241e191c78e6f552fcbf0050938e7b2511c3ee70e6749e1fe51991654e6aa47561590e8b7acf4f8b5ce", 0xdd}, {&(0x7f0000000540)="b4e007f06d056aa0367c7356f83c", 0xe}, {&(0x7f0000000580)="1ab9a1fec95331b4b1bb5f840b0a198cb5add980a1e5cd402aaabeb7a27d1418376394238ae0a1ca9cc4187957fdca8dfa1151a311e577e1461a2426", 0x3c}, {&(0x7f0000000700)="741f5b18fef5626f948b1919860417488e3e5141e17a3031271340b8ac67e4f5f7a2", 0x22}, {&(0x7f0000000a80)}, {&(0x7f0000000d00)="7cedc13b1cbf2308b2000d3d62b333c7c3b9f321ef7bd8e0e1e323da70d8d595f505397d1fda268139275cca00007c8f8cff1d2a3a", 0x35}, {0x0}], 0x8, 0x4d9e, 0x8)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

6m48.647316979s ago: executing program 1 (id=247):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x601, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) (fail_nth: 1)

6m47.424768669s ago: executing program 1 (id=250):
mknodat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x200, 0x8) (async)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0x40084146, &(0x7f0000000400)=0x3)
r0 = socket$packet(0x11, 0x2, 0x300) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000003c0), 0x8)
close(r1)
fcntl$setstatus(r1, 0x4, 0x2c00) (async)
r2 = gettid()
fcntl$setown(r1, 0x8, r2) (async)
connect$unix(r1, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x2, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000100)='./file1\x00') (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='net_prio.prioidx\x00', 0x275a, 0x0)
quotactl_fd$Q_GETQUOTA(r3, 0xffffffff80000700, 0x0, 0x0) (async)
setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000380)=0x40049, 0x4)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0) (async)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r4, 0x28, 0x0, &(0x7f0000001680)=""/54, &(0x7f0000000000)=0x36)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008800}, 0x4000040) (async)
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
r6 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r6, &(0x7f0000000000)={0x27}, 0x74)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000002c0), 0x100200, 0x0)
ioctl$TIOCGISO7816(r7, 0x80285442, 0x0) (async)
sendmmsg$unix(r6, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0xfdef}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0) (async)
stat(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',obj_user=%,uid<', @ANYRESDEC=0x0, @ANYBLOB=',fowner>', @ANYRESDEC=r8, @ANYBLOB='\x00\x00'])

6m47.152311677s ago: executing program 1 (id=252):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"73b5698c1a93ca52439fb6143bc6ed5cd46e9536d550c3c0b7b7af7cc2007b9f3d7c148e5ff970dd43ceff24fd175683fa5639234fecb7fffd98b04ea45e6e10721874027c9ad774a560e382c1e5f8849338c6ac098b39d0e68353bd0384ed68c24796825bbc7058b4e260e1a6c7e0ce9f9757cf21a89a43ce0ef492ffe3707b80a7e47f91796f6fed1cf35007be07a3665be419239926ad63a6bc3cc693235ea9174ef471b1a0700661936fc511420910d105730a389a191fe43002e0a5fbb5f4a8dda0b86a7bfd99d63c75fbf7406c3fd0e4bec1e42178ceec6cde5b202e506d53f90ea63071911e0d5e762b69432a8e91502375b7c8b96a791f2c2ca095c19e6798177eb371620c7d3a7e3492f37652066650f1d11c7be166fb0dbd5ad6eeadc3d23c59c47fb656642e13af92795705cc2c20d90c1c07bae981599765d37dcf930c0f58e6ae2ba948d2dbac01b9a37e5d22105bf4bc44b0d1eb4972d32d47c0b1581cb16dd88f50bb5f17b615ee895417f894ae2dc01a774f487c646f36f526bce3a86b924b90602ffb3e41eb85c2c9d627f014f7227b4a7f475cfea7681103231bd99e43286a83d2e17c735664d05ac139103844c1ac3f3b766a582b79355a61617d5f488d191807e2356dcf552b2c48d0b9d7b4feaeae9a08ec582741984f77c8a9293c396df24a580ce2bcc17954080816d502a9efc9ead43ab37b5fa38dc3ef9f8ec5fd01d78603db51e3b3009e16ba919592ad1576369a799e702c19423a8f3c6dcd1d67f25bf1b6dae315d81b4bfa6a70354637d7f025ce2d9fb0dcd66cd08b322a4c3e73ed9cfbd5d0a29d7dbd30ddcaa9b1d84c2f2bb18a56e32d59e8ea3da32647ffe467e6260f5f2f01b555e82d6d752d90460037221731b42b0668a5578e1e0b04e877734593baf3304b60e0329523924928107d9f9caffbf7db3ed8a38bec6bc8dc2d010941f72cfb4ac9d02564d7130fedd690e50061bf2617f14495cda99c768fa01c1c3239fa18cdb2308225fa8c5b280c9ae219de4ad5d311c862324723eccba1ea0faa5fcba8f33391eb424fea9d13ae871f9f061b6a90a3fd79c77572b0505d5a9a4bf58470759337fad828de1de60789e3814c98a8a87cb672fb118f46ecb2ac9570dedc6cea26f850218e46eb535e394cd60933822b155aa19be1c664443567513871ca3e6e26904642fbe3b7b89219c99b6a91400415d5af913b0bbd5586ad5f437ecd3533bf39db0ebfa12865df74a380e64edcc5889241f2ec2b84f47513e6b49188baf833887f64aa26c5ed69d00bab6738c2c4576f3918444f3b91fbec2aa155527954fd4e339747301c99c77773dc6e3fecada2e681923d6664ca4dee46faeeeb133d1085f3c28dc314c5d71c818c682e21d5b05b9c15718bec8b234adbcd9ea113abfa01dd5955c36d6b12fee9b71271cf"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m46.508080279s ago: executing program 1 (id=255):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @sint={0x0, 0xfffffffd}}]})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000002c0)={0x0, 0x1}) (fail_nth: 1)

6m46.227431786s ago: executing program 33 (id=255):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x81, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXIT_HYPERCALL(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_CAP_HYPERV_SYNIC2(r2, 0x4068aea3, &(0x7f00000000c0))
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000000)={0x1, 0x0, [{0x0, 0x4, 0x0, 0x0, @sint={0x0, 0xfffffffd}}]})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f00000002c0)={0x0, 0x1}) (fail_nth: 1)

3m27.957646717s ago: executing program 5 (id=1632):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000880), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000008c0)={0x20, r1, 0x101, 0x70bd2a, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x20004040}, 0x8010)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=<r3=>0x0)
sendmsg$NFC_CMD_LLC_SDREQ(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r3}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4040001}, 0x4004000)

3m27.87274218s ago: executing program 5 (id=1633):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) (async)
r2 = syz_open_dev$dri(&(0x7f0000000540), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0xc})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) (async)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000240)={0x7, 0x1fd, 0x101c3c})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6, 0x0, <r5=>0x0}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) (async)
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000000)={0x8, 0x2, 0x7}) (async)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r3, 0xc00464b4, &(0x7f0000000400)={r5})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800}) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f}) (async)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IPVS_CMD_NEW_DAEMON(r8, &(0x7f0000007580)={0x0, 0x0, &(0x7f0000007540)={&(0x7f0000000000)={0x44, r7, 0x1, 0x70bd25, 0x25dfdc00, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_STATE={0x8, 0x1, 0x1}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge_slave_0\x00'}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x1}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0xffe3}]}]}, 0x44}}, 0x20048050) (async)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8}) (async)
close_range(r0, 0xffffffffffffffff, 0x0)

3m27.559100287s ago: executing program 5 (id=1638):
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124cdc30d643c235d7359da9e070000004528aa51fa2d9b48e7167b55d05a1b29e5b8e5b773fcce876b3e9fe15e6330b96d4004cb815d14"], 0x200)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @hopopts={{0xf0, 0x29, 0x36, {0x5e, 0x1a, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x3, 0xa, 0x0, 0xfff, [0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @generic={0x8, 0x71, "c8a110995d439fbfac9716a99c357bcb2d59a850490739734f6b321d19b3754df39cc2dc26cf263cbebbddb9a7f17b6771f74c46623f9e38bd23e6f0a2fd3a9a017f66738394aca44d1a9f0b35d9df0a964360ab0900a5e6fcac1cd41c91c97f6826ff706c41edc4e00205bbb53218ed58"}, @calipso={0x7, 0x10, {0x3, 0x2, 0x3, 0x7, [0xffffffffffffff04]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x188}}], 0x1, 0x810)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80), 0x0, 0x4d9e, 0x8)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3m27.315037757s ago: executing program 5 (id=1643):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000001340), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000000000000000040000001400050003030000000a0000005dc000000000010800020005000a00140006"], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000000000)={0x1})
pselect6(0x40, &(0x7f0000000040)={0x80000000, 0x0, 0x3, 0x2, 0x4, 0x7, 0xffffffffffffff81, 0x9e}, 0xfffffffffffffffe, 0x0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r4, 0x4008af10, &(0x7f0000000040))
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r7 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r7, 0x4c0a, &(0x7f0000001ac0)={r6, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x14a1fd, 0x0, 0x0, 0x1e, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x0, 0x400]}})
r8 = dup(r7)
fcntl$lock(r8, 0x4, 0x0)
write$UHID_INPUT(r8, &(0x7f0000000280)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3dbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d58fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c095b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b288c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c343d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df00", 0x1000}}, 0x1006)
write$P9_RSTATFS(r8, &(0x7f0000000100)={0x43, 0x9, 0x2, {0x8, 0xd, 0x5, 0x8, 0x7, 0x7, 0x1, 0x8000, 0x7ff}}, 0x43)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f000000d000/0x4000)=nil, 0x4000, 0x2000001, 0x40010, r3, 0x15f45000)
capset(&(0x7f00000012c0), 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_PANTHOR_DEV_QUERY_GROUP_PRIORITIES_INFO(r5, 0xc0106440, &(0x7f0000000240)={0x3, 0x8000, &(0x7f0000000200)})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a0500000000000000000073797a30000000002c000000030a010200000000000000000100fffd0900010073797a30000000000900030073797a310000000048000000060a010400000000000000000100000008000b4000000000200004801c0001800a00010072000000000000000c000280080001400000000a0900010073797a3000000000140000001100010000000000000000000000000a0000000000000000"], 0xbc}}, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)

3m26.47813556s ago: executing program 5 (id=1648):
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124cdc30d643c235d7359da9e070000004528aa51fa2d9b48e7167b55d05a1b29e5b8e5b773fcce876b3e9fe15e6330b96d4004cb815d14"], 0x200)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x3, 0xa, 0x0, 0xfff, [0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @calipso={0x7, 0x10, {0x3, 0x2, 0x3, 0x7, [0xffffffffffffff04]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x128}}], 0x1, 0x810)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80)=[{&(0x7f0000000780)="42ebe7f5d8dde5f3e9c5c7e7bc09d8d80f373ae4dc85e6cb597bd322663b986ff272399bec41d811a763bcd2cdc221d2ac6cdeeca815ce250ce959444e7f296cb11433530cfccd0c6f450147b46eb5bbe281810c76577aaf554801815d1ee516cc0752832233d7610ce165a593e43cbaa4f52db28e5aead94767ad0d0ccf1cd422fcfd87e848c94a2be6e254d827012967db0758c0fa31fff90c60693957939c8ce4ed025b", 0xa5}, {&(0x7f0000000540)="b4e007f06d056aa0367c7356f83c", 0xe}, {&(0x7f0000000580)="1ab9a1fec95331b4b1bb5f840b0a198cb5add980a1e5cd402aaabeb7a27d1418376394238ae0a1ca9cc4187957fdca8dfa1151a311e577e1461a2426", 0x3c}, {&(0x7f0000000700)="741f5b18fef5626f948b1919860417488e3e5141e17a3031271340b8ac67e4f5f7a2", 0x22}, {&(0x7f0000000a80)}, {&(0x7f0000000d00)="7cedc13b1cbf2308b2000d3d62b333c7c3b9f321ef7bd8e0e1e323da70d8d595f505397d1fda268139275cca00007c8f8cff1d2a3a", 0x35}, {&(0x7f0000000ac0)="50591ee1c54cb070964417fd1f4ffe5a57c4ff8a3c5c5ce1d3957dfc44e8e17c719084f4e8da23c0e4667eeda56ce5d4d1", 0x31}], 0x7, 0x4d9e, 0x8)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3m26.05922458s ago: executing program 5 (id=1653):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x2000, 0x1})
r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180), 0x12)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101242, 0x0)
writev(r3, &(0x7f0000000080)=[{&(0x7f00000000c0)="5bffd08307d80c79b1cb7b5f0c5b4d719c69c8513f748fbe425a7bc388c9019bef114779f7a10dc03a883d6e16a0a704f74297f381ff1db75098a9b38bb67206a7ff", 0x42}], 0x1)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x200002, 0x0)

3m10.464355977s ago: executing program 34 (id=1653):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x2000, 0x1})
r2 = openat$cgroup_procs(r0, &(0x7f00000001c0)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000180), 0x12)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101242, 0x0)
writev(r3, &(0x7f0000000080)=[{&(0x7f00000000c0)="5bffd08307d80c79b1cb7b5f0c5b4d719c69c8513f748fbe425a7bc388c9019bef114779f7a10dc03a883d6e16a0a704f74297f381ff1db75098a9b38bb67206a7ff", 0x42}], 0x1)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)='./cgroup/syz0\x00', 0x200002, 0x0)

19.255526415s ago: executing program 4 (id=2821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
sendfile(r0, r0, 0x0, 0x2000fb) (fail_nth: 9)

19.241843648s ago: executing program 4 (id=2822):
syz_genetlink_get_family_id$netlbl_mgmt(0x0, 0xffffffffffffffff)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f0000000000)={0x1})
pselect6(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r2, 0x4008af10, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f000000d000/0x4000)=nil, 0x4000, 0x2000001, 0x40010, r1, 0x15f45000)
preadv(r3, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_PANTHOR_DEV_QUERY_GROUP_PRIORITIES_INFO(r3, 0xc0106440, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

18.028499282s ago: executing program 4 (id=2832):
socket$kcm(0x2, 0x3, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, 0xe, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x4800}, 0x24040040)
socket$kcm(0x2, 0x3, 0x2) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
sendmsg$IPSET_CMD_GET_BYNAME(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000480)={0x14, 0xe, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x9}}, 0x14}, 0x1, 0x0, 0x0, 0x4800}, 0x24040040) (async)

17.815068156s ago: executing program 4 (id=2834):
socket$nl_route(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f0000000140)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c0d23266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
getpeername$packet(r0, &(0x7f0000000300)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000340)=0x14)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(r1, &(0x7f0000000480)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="000125bd7000fcdbdf250800000005000500050000000800020005000000080004000100000024000180060005004e22000008000700", @ANYRES32=r5, @ANYBLOB="067b0500075157bf033f37bc439105000000423100"/32], 0x60}, 0x1, 0x0, 0x0, 0x20004000}, 0xc4)
r6 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCCONS(r6, 0x541d)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040)={0x9})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
io_setup(0x1, &(0x7f0000002500)=<r8=>0x0)
close(0x3)
r9 = socket(0x28, 0x801, 0x0)
connect$vsock_stream(r9, &(0x7f0000000880)={0x28, 0x0, 0x0, @local}, 0x10)
shutdown(r9, 0x2)
io_submit(r8, 0x1, &(0x7f0000000000)=[&(0x7f0000002640)={0x4000000, 0x0, 0x0, 0x8, 0x1000, r7, 0x0, 0x0, 0x0, 0x0, 0x2}])
r10 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_HAS_DEVICE_ATTR_vcpu(r10, 0x4018aee3, &(0x7f0000000500)=@attr_pmu_filter={0x0, 0x1, 0x1, &(0x7f00000004c0)={0x401, 0xa3}})
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x3}, {}, {0xeda7, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}]})
pipe(&(0x7f0000000140))
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x9, 0xfffffffffffff2a7, 0x2000000000003ff, 0x2], 0x0, 0x200306})
ioctl$KVM_RUN(r10, 0xae80, 0x0)

17.547044769s ago: executing program 4 (id=2839):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000780)='devpts\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20000a8, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000040)=0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x0, 0xdddd1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000000000088d0450ce0000000000010902240001000000000904000001030000000921000000012205000905810310000000006867ebecdab826f4b77049abc66a2b533f0688d1da4a98db6808ecdaada7344c66cd0ee15d848870de9d2bc9ab17213ad7685a9fb2e90fee3d1637468755bccbba741838c0ed36f9db099caf55b0c27fe7f9ffa7b8fa5a1a60793fa3b2618358bf1ce766d44a48784fa8ad3d7f32e0e6e799facc9d4c"], 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
r4 = syz_usb_connect_ath9k(0x3, 0x5a, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0xcf3, 0x9271, 0x108, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x48}}]}}, 0x0)
syz_usb_ep_write$ath9k_ep2(r4, 0x83, 0x3d, &(0x7f0000000140)=@generic={0x6, 0x2, 0x35, "3d94e93e", "aeceba6ab691ad883e129927828cccac94605c8f19cfd7456b2e787420c7cf883c48030c419996517babd66f3e4a1c458b1c41fc64"})
syz_usb_control_io$hid(r3, &(0x7f0000000b80)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x9}]}}, 0x0}, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454ca, &(0x7f0000000100)=ANY=[@ANYBLOB='.'])
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r6 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
ppoll(&(0x7f00000007c0)=[{r6, 0x40}], 0x1, 0x0, 0x0, 0x0)
write$cgroup_subtree(r5, &(0x7f0000000200)=ANY=[@ANYRESHEX=r6, @ANYRESDEC=r2, @ANYRES16=r0, @ANYRES64=r1, @ANYRESDEC=r3], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r5, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000000c0)={0xffffff20, 0xa})

15.748577222s ago: executing program 4 (id=2843):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000002500010324bd5502ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20004888}, 0x0)
recvmsg(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002640)=[{&(0x7f00000010c0)=""/237, 0xed}, {&(0x7f00000011c0)=""/168, 0xa8}, {&(0x7f00000005c0)=""/122, 0x7a}, {&(0x7f0000001280)=""/41, 0x29}, {&(0x7f0000002740)=""/4097, 0x1001}, {&(0x7f0000002700)=""/36, 0x24}, {&(0x7f0000003dc0)=""/4096, 0x1000}, {&(0x7f0000002440)=""/240, 0xf0}, {&(0x7f0000002540)=""/205, 0xcd}], 0x9}, 0x22120)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
clock_gettime(0xffffffffffffffff, &(0x7f0000000e40)={<r5=>0x0, <r6=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6d706f6c3d62690bbe608ae7a8e257d632a80e6e643a302d4e3a332f", @ANYRESDEC])
recvmmsg$unix(r4, &(0x7f0000000c40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/89, 0x59}, {&(0x7f00000003c0)=""/139, 0x8b}, {&(0x7f0000000300)=""/85, 0x55}, {&(0x7f0000000480)=""/158, 0x9e}], 0x4, &(0x7f00000001c0)}}, {{&(0x7f0000000540), 0x6e, &(0x7f0000000800)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000640)=""/249, 0xf9}, {&(0x7f0000000740)=""/147, 0x93}, {&(0x7f0000000880)=""/85, 0x55}], 0x4, &(0x7f0000000900)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000940)=""/238, 0xee}, {&(0x7f0000000a40)=""/19, 0x13}, {&(0x7f0000000a80)=""/253, 0xfd}], 0x3, &(0x7f0000000bc0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r9=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}}], 0x3, 0x0, &(0x7f0000000d40)={r5, r6+60000000})
r10 = openat$cuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
pipe2(&(0x7f0000000700)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x84800)
splice(r10, 0x0, r11, 0x0, 0x2000, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r4, &(0x7f0000000e00)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="248d288a", @ANYRES16=r2, @ANYBLOB="100029bd7000fedbdf250c00000008000300", @ANYRES32=0x0, @ANYBLOB="0800370003000000"], 0x24}, 0x1, 0x0, 0x0, 0x4018}, 0x4090)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x50000, 0x1000, &(0x7f0000009000/0x1000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000280)="c7442400ca6d0000c744240200800000c7442406000000000f011c24266445cb67440f01c4f30353002e410f093e3e0f01cff3902ef20f1a70a0c463a9cf7cae210026660f380647af", 0x49}], 0x1, 0x11, 0x0, 0x0)
r13 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r13, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSFLAGS1(r13, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r13, &(0x7f00000002c0)=[{&(0x7f0000000040)="00214717000000a8a646381d8fee86d9ca0e6a9c4db5", 0x16}], 0x1, 0xe, 0x200004)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

5.866630974s ago: executing program 0 (id=2893):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x59)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000380)={{0x84, @rand_addr=0x64010104, 0x4e24, 0x3, 'nq\x00', 0x8, 0x5, 0x55}, {@remote, 0x4e22, 0x0, 0x7, 0x12d5c, 0x12d58}}, 0x44)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
sendmsg$sock(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000680)="cc18101d6bec7dadde1d231d7be01e1a3ebed24c1f1b0cacbb731e37f14830d34d9f1234", 0x24}, {&(0x7f00000006c0)="2219a8d1a15d2cc1d9f7e487ed6138173c17bebef35e5c731961e6d1d07d4bc0a9699ac13447f29c363112", 0x2b}, {0x0}], 0x3}, 0x800)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$EXT4_IOC_CLEAR_ES_CACHE(r2, 0x6628)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

5.772253548s ago: executing program 0 (id=2894):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x200, 0x9})
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
ioctl$BLKTRACESTART(r1, 0x40101286, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f00000000c0)={0x1, 0x1, 0x1b, 0x13, 0x178, &(0x7f0000000780)})
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000003b40), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000003c00)={&(0x7f0000003b80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="090300807000ffdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4040000)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000100)={{0x100, 0xfff, 0x0, 0x1}, 'syz1\x00', 0x3a})
ioctl$UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, 0xf)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
ioctl$VT_DISALLOCATE(r0, 0x5608)

5.754220302s ago: executing program 0 (id=2895):
r0 = socket$inet6(0xa, 0x1000080002, 0x100000000000088)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @rand_addr, 0x3}, 0x1c) (async)
ppoll(&(0x7f0000000000)=[{r0, 0x4230}], 0x1, 0x0, 0x0, 0x0) (async, rerun: 32)
r1 = syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0) (rerun: 32)
ioctl$LOOP_SET_FD(r1, 0x80304d65, 0xffffffffffffffff) (async, rerun: 32)
write$binfmt_elf64(r1, &(0x7f0000000780)={{0x7f, 0x45, 0x4c, 0x46, 0xff, 0x10, 0xfc, 0x9, 0xb344, 0x2, 0x3, 0x6, 0x340, 0x40, 0x18a, 0x50d6, 0x0, 0x38, 0x2, 0x0, 0x9, 0x2}, [{0x60000000, 0x7, 0x6, 0x4, 0x0, 0xfffffffffffffff8, 0x0, 0x2e}, {0x6, 0x400, 0x0, 0x3eff, 0x54f, 0x2, 0x4, 0x3}], "6d1d376ee9b54905f1f16acc3abac5a30c3288092e63a6ed5558c265e7739a8624c01ff396f0a0622ce234ab56b3ce0b0303672bf48951a58421bdc325e0b9638c83ce4aa8e0085290f6272c4afcad32e3e18acbdf5dab9bd3aaf8e6a543bcd8b6056365d9cdb2a9342d864cd0354058e9b93cc78341741901bd1c0952c81c1d25af2373ed8aac66d66080c02a9c6067fb6bd1d5fc9d6d63592cfa0aa323189e87b5972a8118c8e1fc7ca9b9613088318d", ['\x00']}, 0x261) (rerun: 32)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000540)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000240)="92583d1abe4245cbe5ffff5b9a35a86dc11881ccf39e88b4d0b00a7fda326f92e47aa89cc8800853e9af83f2d08ba3e7aab0ccf961a6da7ed6cbf0520bb1ec401d1a19ba76ea4145f3f441a028d3d9ab3115bab906b59d8e33b29efbcfb67c1b3382c79be6a1c9006e7f07394ee9ff51672ee7776960b15a4b9c3b0c8f97d0791511f751ea7995bc705faefc56ca9e37b3d7d398535a79dd65054449970943a205370bbaf71793fd305f6aa65cd2030807f7a275957056cc98414ffc3ec63726c1b6bab14cc90f9df57d5a0cba82de42d51c23edba7c36467fbafd3316f98c300f6ba6c7ac3545ca422db34b1baa932bdac3f524bf33ae33257c8e954cb87d0c10db2f9f3ea19cc61d86255ffbe655dfcae446ebaa633aaebbc0aa5a92422c32a35c574ee34c8697fbf142b0e04721e894e7f125c78624c13ad2e86cfc4d388e0acb79468f12de564f8a86aa49c5253bd6fd949108e895edd41981eed0a61b40a64248fbdb253f7243be30cb92f3a7da4a72829dd94f3065ffba40dc", 0x17c}, {&(0x7f00000003c0)="8523d95d3bfd9ab7d1ec9a7db6c50b392a95e4924f9dcaa3e60737a9e20e1bbc4436116962ebffbffce56e8527a1da9e2901b56b44b0bdc4c05bf39d766899f124b8a97ff351f5a0ac2997000009000000fa7243bdab84d05f607df53eb43f92bc2af8e10e746eed32e753eb1a6da8783234863a59cc89efe0f36836086184a7720032bdb7e0c9f30c387b517eac0e31268d3418bc0ea010c398d7a3f29c0100000000000000000000000000000f4207471d1a58f83e59762ca5f308192c41a378d7a60000000000ca5609b5447bd5b5f56858ac1b7f8cb928ff22a7a124a842449c2b2608663698e6e9e4ab805a3d8a5b08e2d3f42ab114729ec0fde62328e84a36a42115fd4c6ad954612e9f13f7e9838c6aa993f098915b9a35972f9fd489c2733086a09f682f3d13283a1a16db271e38d132a107054c388266dc8c915debcfb77bbb9a17db75110222289d2d9b9b869bf00d35c5e4", 0x157}], 0x2, 0x0, 0x0, 0x1f000801}, 0x4040844)

5.625562644s ago: executing program 0 (id=2896):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000001400)=0x1, 0x4)
syz_genetlink_get_family_id$SEG6(0x0, r0)

5.587485529s ago: executing program 0 (id=2897):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007882b740422c0917b7ca010203010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000000180)={0x20, 0x14, 0x1, "b8"}, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$kcm(0x10, 0x2, 0x0)
syz_open_dev$dvb_dvr(&(0x7f0000000040), 0x0, 0x2a400)
r2 = syz_open_dev$dri(&(0x7f0000003cc0), 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_WAIT(r2, 0xc03064ca, &(0x7f0000000180)={0x0, 0x0})
r3 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_REAPURBNDELAY(r3, 0x4008550d, 0x0)
r4 = accept4(r1, 0x0, &(0x7f0000000340), 0x0)
ioctl$sock_bt_bnep_BNEPCONNADD(r4, 0x400442c8, &(0x7f0000000380)={r1, 0x200, 0x3, "60596a2923b7a278bdbc6aae322770691fd199391f2db59348da2632620a8ed53a3ca498038af6beb14f9cd4bd508e17a1074a27d170d1f24939719f327c44ac46674949b8d32ab39a90d1e32f2f3e9ec0b73eaab64da8042527233a0fd974ccd65d6879e37a6cae9072a07909cef05452b3806f86ab88c28f55b53c961159e1aa22579f9baf5255e568755efb9de3a052d47b7549e0428b012af14e848b48f7aee48004423253e01e60f0a6405f3b4540aa5699100293ad5cd616e605340ac41f"})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_DEL(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={0xfffffffffffffefe, 0x3, 0x7, 0x3, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x1}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x2}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x2}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x8}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0x80}, @NFACCT_FLAGS={0x8}, @NFACCT_QUOTA={0xc, 0x6, 0x1, 0x0, 0xffffffffffbffffd}]}, 0x64}, 0x1, 0x0, 0x0, 0x24048881}, 0x88040)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r6, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x14, r7, 0x0, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x805}, 0x24000000)
sendmsg$inet(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="1800000072006bcd9e3f5c444e08cd1f465dfb0000008000", 0x18}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x40044)

5.4835698s ago: executing program 6 (id=2898):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)={0x30, r2, 0x20, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1720}]]}, 0x30}, 0x1, 0x0, 0x0, 0x7040}, 0x20004800)

5.482873017s ago: executing program 3 (id=2899):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000080)=0x1, 0x4)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
r1 = creat(&(0x7f0000001380)='./file0\x00', 0x4)
unshare(0x22020600)
r2 = open_tree(r1, &(0x7f0000000100)='\x00', 0x1901)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_netdev_private(r3, 0x8b2d, &(0x7f0000000000))
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e04, @dev={0xac, 0x14, 0x14, 0x59}}, 0x10)
shutdown(r0, 0x1)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
r4 = userfaultfd(0x801)
ioctl$BTRFS_IOC_DEFRAG(r4, 0x50009402, 0x0)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
ioctl$XFS_IOC_GETVERSION(r2, 0x80087601, &(0x7f0000000200))
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x4, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r5, 0xc04064a0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000380)=[<r6=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000280)={0x0, &(0x7f0000007d40), 0x0, 0x0, 0x8e, 0x0, 0x0, 0x0, r6})
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a936744", 0xd}], 0x1}, 0x84)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$UFFDIO_CONTINUE(r4, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000630000/0x1000)=nil, 0x1000}, 0x1})
recvfrom(r3, &(0x7f0000000100)=""/225, 0xe1, 0x14100, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x40000142, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12014101f2c59620d003b8108ede010263b657879234f211001000090490734dd683ec00"], 0x0)

5.450410398s ago: executing program 6 (id=2900):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r2)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(r2, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0x184, r3, 0x103, 0x70bd2a, 0x25dfdbfd, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x9}}, {0x8, 0xb, 0x8}, {0x6, 0x16, 0x80}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0xfffffffe}, {0x6, 0x16, 0x7}, {0x5, 0x12, 0x1}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x8}, {0xfeff, 0x16, 0x4}, {0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x401}, {0x6, 0x16, 0x5}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x5}, {0x6, 0x16, 0x2}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x2}, {0x6}, {0x5}}]}, 0x184}, 0x1, 0x0, 0x0, 0x35}, 0x4000800)
r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x0, 0x0, [{0xf88e470f, 0xed}]})
r5 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x10000000, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x0, 0x400, 0x80, 0x89, 0x0, 0x8, 0x8d], 0x100000, 0x240046})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000080)=<r8=>0x0)
sendmsg$NFC_CMD_DISABLE_SE(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x4c, r4, 0x400, 0x70bd2d, 0x25dfdbfc, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0xc0}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x1}, @NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r8}]}, 0x4c}}, 0x8043)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)={&(0x7f0000000200)={0x28, r1, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5, 0x20, 0x1}]}, 0x28}, 0x1, 0x0, 0x0, 0x40}, 0x40)

5.313212149s ago: executing program 6 (id=2901):
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000080)="17", 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000210081044e81f782db44b90402000000000000000000000510000c0003", 0x21}], 0x1}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='%9\x00\x00 \x00'], 0x33fe0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x3, 0x8c6, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201500236e47e2082055c2955d4010203010902b408048006a00309047fa69fff2dde700a24010100000000000824050503"], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x2f, &(0x7f0000000100)=ANY=[@ANYRES64=r1]}]})
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000200), 0x106, 0x8}}, 0x20)

2.508013438s ago: executing program 0 (id=2902):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x101041)
r2 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b000111000000090400000195699b000905", @ANYRES32], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$uac1(r2, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000180)={0x0, 0x0, 0x3, 'Yf\''}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r2, 0x0, &(0x7f0000001e40)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000001dc0)={0x20, 0x1, 0x34, "712bab"}, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
write$sndseq(r1, &(0x7f0000000180)=[{0xe, 0x0, 0x0, 0xfd, @tick, {}, {0xe}, @result={0xffffffff, 0x20000}}], 0x1c)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="480000001114010025bd7000fddbdf2508003e000400000008003e00010000000800030000000000080001000100"], 0x48}, 0x1, 0x2000000, 0x0, 0x8051}, 0x4040018)

2.453045131s ago: executing program 3 (id=2903):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x200, 0x9})
r1 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
ioctl$BLKTRACESTART(r1, 0x40101286, 0x0)
ioctl$KDFONTOP_GET(r0, 0x4b72, &(0x7f00000000c0)={0x1, 0x1, 0x1b, 0x13, 0x178, &(0x7f0000000780)})
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000003b40), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LISTALL(0xffffffffffffffff, &(0x7f0000003c40)={0x0, 0x0, &(0x7f0000003c00)={&(0x7f0000003b80)=ANY=[@ANYBLOB="14000000", @ANYRES16=r2, @ANYBLOB="090300807000ffdbdf2504"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4040000)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000100)={{0x100, 0xfff, 0x0, 0x1}, 'syz1\x00', 0x3a})
ioctl$UI_SET_LEDBIT(0xffffffffffffffff, 0x40045569, 0xf)
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
ioctl$VT_DISALLOCATE(r0, 0x5608)

2.412764308s ago: executing program 3 (id=2904):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
madvise(&(0x7f00001c1000/0x3000)=nil, 0x40000, 0x9)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
fsmount(0xffffffffffffffff, 0x0, 0x2)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d50101b080d29558f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae11a973735b36d5b1b63e91c00305d9be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c580263093ca9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6fa94fc488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c766000a5e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1386abdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060fb30e900caab415db6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3c901cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ffffff7f000000007f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca405d8c5f64fdb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb40800000077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e5e2c664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53dc10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fa6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf475bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c02b5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadbb25c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d060000008926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, 0x0)
setpgid(0x0, r3)
r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x101040, 0x0)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
ioctl$RTC_IRQP_SET(r4, 0x4008700c, 0xc68)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)

2.219629889s ago: executing program 6 (id=2905):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY(r0, 0x0, 0x1, &(0x7f0000001400)=0x1, 0x4)
syz_genetlink_get_family_id$SEG6(0x0, r0)

2.196257555s ago: executing program 6 (id=2906):
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124cdc30d643c235d7359da9e070000004528aa51fa2d9b48e7167b55d05a1b29e5b8e5b773fcce876b3e9fe15e6330b96d4004cb815d14"], 0x200)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=[@hoplimit={{0x14, 0x29, 0x34, 0x4}}, @hoplimit={{0x14, 0x29, 0x34, 0xfffffffd}}, @dstopts_2292={{0x18, 0x29, 0x4, {0x4}}}, @hopopts={{0x78, 0x29, 0x36, {0x5e, 0xb, '\x00', [@pad1, @pad1, @padn={0x1, 0x8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x30, {0x3, 0xa, 0x0, 0xfff, [0x966, 0x7, 0xfffffffffffffff7, 0x1, 0x1]}}, @calipso={0x7, 0x10, {0x3, 0x2, 0x3, 0x7, [0xffffffffffffff04]}}, @generic={0x1, 0x8, "2bdb86d1ce6a20c2"}]}}}, @rthdrdstopts={{0x18, 0x29, 0x37, {0x73}}}, @rthdr={{0x18}}, @rthdr_2292={{0x38, 0x29, 0x39, {0x3a, 0x4, 0x2, 0x70, 0x0, [@mcast1, @mcast2]}}}], 0x128}}], 0x1, 0x810)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000300)={{0x1, 0x1, 0x18, r0, {0x4}}, './file0\x00'})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r4 = accept4(r3, 0x0, 0x0, 0x800)
pwritev(0xffffffffffffffff, &(0x7f0000000d80)=[{&(0x7f0000000780)="42ebe7f5d8dde5f3e9c5c7e7bc09d8d80f373ae4dc85e6cb597bd322663b986ff272399bec41d811a763bcd2cdc221d2ac6cdeeca815ce250ce959444e7f296cb11433530cfccd0c6f450147b46eb5bbe281810c76577aaf554801815d1ee516cc0752832233d7610ce165a593e43cbaa4f52db28e5aead94767ad0d0ccf1cd422fcfd87e848c94a2be6e254d827012967db0758c0fa31fff90c60693957939c8ce4ed025b", 0xa5}, {&(0x7f0000000880)="3ed8269a24bf45844c983ea0eeeb58f212eeac22d35800c1a94b360b7b20a38c4009daad6421963cbcd5621f4aa4892eb9937191078bfbceee60ee759765c992659367fc8bd35cf5d87272d4c4bbccb6fe258a2bc4cf778776b91c3e1da4690fe0506ba67577475dac7b5a6647454b002cdccb192445a0e2b4f79b91acb8cfb6bbbb83081c02ec544d20af0b521d102bedc65eeda06df41d160c2197a51325f28b8a789a6fa17d6eaa40f1e40dab9f427d85943241e191c78e6f552fcbf0050938e7b2511c3ee70e6749e1fe51991654e6aa47561590e8b7acf4f8b5ce", 0xdd}, {&(0x7f0000000540)="b4e007f06d056aa0367c7356f83c", 0xe}, {&(0x7f0000000580)="1ab9a1fec95331b4b1bb5f840b0a198cb5add980a1e5cd402aaabeb7a27d1418376394238ae0a1ca9cc4187957fdca8dfa1151a311e577e1461a2426", 0x3c}, {&(0x7f0000000700)="741f5b18fef5626f948b1919860417488e3e5141e17a3031271340b8ac67e4f5f7a2", 0x22}, {&(0x7f0000000a80)}, {&(0x7f0000000d00)="7cedc13b1cbf2308b2000d3d62b333c7c3b9f321ef7bd8e0e1e323da70d8d595f505397d1fda268139275cca00007c8f8cff1d2a3a", 0x35}, {&(0x7f0000000ac0)="50591ee1c54cb070964417fd1f4ffe5a57c4ff8a3c5c5ce1d3957dfc44e8e17c719084f4e8da23c0e4667eeda56ce5d4d1", 0x31}], 0x8, 0x4d9e, 0x8)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb0", 0x49}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.090410501s ago: executing program 3 (id=2907):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0x490420, 0x2}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
fallocate(r2, 0x0, 0x460e, 0x3)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)

2.001099461s ago: executing program 6 (id=2908):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x111, 0x0, 0x0, 0x0, 0x20, 0x4d8, 0xf002, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0x9, [{{0x9, 0x4, 0x0, 0x4, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7, 0x84, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x5, 0x51, 0x5}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000b40)={0x1, @pix={0x0, 0x0, 0x47425247}})
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="002207ab31105d8d0e001000000000000beb1f83c1903da5b22a2b81f1ee550ac1033305e5d26af98f21631c5dc43da5a68faf65139e7ff7af25b82727c0936e0ffcab5ac0432fa6d4b2b249f57a12c7584ccbd31e8e6279410f27cfd5ce32e0447377d2f90bc07f28ece05e8df4bf7755e278"], 0x0}, 0x0)

1.171983863s ago: executing program 3 (id=2909):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0))
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)={0x44, 0x20, 0x301, 0x0, 0x0, "", [@generic="95e1ecae9836d2787b26197c50c47bf2107e6cb436444fa02954f081afd83b9106b6498575f3c7e94e5a776a429dba1f916ee01b"]}, 0x44}], 0x1}, 0x0)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000200)=<r4=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}]}, 0x1c}}, 0x40880)
r5 = openat$nci(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$nci(r5, &(0x7f0000000200)=ANY=[], 0x83)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

1.028334853s ago: executing program 3 (id=2910):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x4c, &(0x7f000002eff0)={0x1, &(0x7f0000000000)=[{0x1, 0x0, 0x0, 0x4}]}, 0x10)
connect$unix(r0, &(0x7f0000000100)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000000080)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
r1 = syz_usb_connect$uac1(0x5, 0xdc, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201"], 0x0)
socket(0x3, 0x6, 0x1)
syz_usb_control_io(r1, &(0x7f0000000340)={0x2c, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00030400000004030a"], 0x0, 0x0, 0x0}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'pimreg1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000180)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x10, 0xffffffff, 0xffffffff, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x2e, 0x80, 0x6, [{{0x9, 0x4, 0x0, 0xb, 0x2, 0x3, 0x1, 0x2, 0x8, {0x9, 0x21, 0x1, 0x10, 0x1, {0x22, 0x8f}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x2, 0x1, 0xfd}}, [{{0x9, 0x5, 0x2, 0x3, 0x200, 0x1, 0x4e, 0x9}}]}}}]}}]}}, &(0x7f0000000380)={0xa, &(0x7f00000002c0)={0xa, 0x6, 0x110, 0x5, 0x2, 0x15, 0x40, 0xfe}, 0x8, &(0x7f0000000300)={0x5, 0xf, 0x8, 0x1, [@ptm_cap={0x3}]}, 0x1, [{0xeb, &(0x7f0000000400)=@string={0xeb, 0x3, "03609d717cacc4a9cf5512e6a2db65ae47fdbf2686df7771190357626d17be0de8c04d19bea73b59db871647e6729e64734520e886ecb0a9ddbebb5d517d6af9b06acaf0254e11c06b872f505d1ca5dacc8fa4fd1b0b25fb238e6e4fc8ab9a37f925dc7e61d8fc095853cac5704a5ae05edd2384775ed91ed24339d2e99b42b9de6e500de19d483e0fa652b57840044a9d27a6e1fed40ade83263ad5b4f408afa99d4e4e1e7570c47e66c4edcee86d561f42823c87fd37a48ae6099fcdba5982cdcf16ef47227482471bfa27e43ca04b275aac407a5214ce5dd87b4cb1c71acbcc0f84b093bf1011ad"}}]})
write$tun(r2, &(0x7f0000000240)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x7, 0x4, 0x0, 0x0, 0x38, 0xffff, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local, {[@ssrr={0x89, 0x3, 0xb8}, @ssrr={0x89, 0x3, 0xed}]}}, @dest_unreach={0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @local, @empty}}}}, 0x46)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="440000000101010100000000000000000200000004000180180002"], 0x44}}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080010000000e8fe55a1180015000600142603600e120500210000000401a8001600a400014020", 0x39}], 0x1}, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000000)=ANY=[], 0xfe33)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0x2a}]})
syz_usb_control_io$uac1(r1, &(0x7f00000001c0)={0x14, 0x0, &(0x7f0000000080)={0x0, 0x3, 0xe5, @string={0xe5, 0x3, "52e5f50c051f79add6148aa669367158fcf34ee3f0c2d339cabe7bcac30e5a0ba418b136e47a04c8d27408cd3d55cb680dc0e243d6643bc4b73e02f28e0c4c396436662ad4107d3f71cf1c2dc94e55f3995ad27932c2c3f0539f11406980e0af6270d7c7b789d8cb69c1ec9420b927cfd1636c39ccb190935a49a8844f3c2270390e1b7fe0a9c1505093ba41b5d54a8580743f419d126bc4c1158546067d0a92d8cac38b64ca1596e23333795b23fb3fca195a0bcb1dbab8333d8107f4d76dcac0fec6c83727189bb1fbd7ec16ab009d99f0a6dfcd29f081f03a964ecd914e935af24b"}}}, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r7, 0x8040ae9f, &(0x7f0000000500))

0s ago: executing program 35 (id=2843):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r1)
sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000002500010324bd5502ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x20004888}, 0x0)
recvmsg(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002640)=[{&(0x7f00000010c0)=""/237, 0xed}, {&(0x7f00000011c0)=""/168, 0xa8}, {&(0x7f00000005c0)=""/122, 0x7a}, {&(0x7f0000001280)=""/41, 0x29}, {&(0x7f0000002740)=""/4097, 0x1001}, {&(0x7f0000002700)=""/36, 0x24}, {&(0x7f0000003dc0)=""/4096, 0x1000}, {&(0x7f0000002440)=""/240, 0xf0}, {&(0x7f0000002540)=""/205, 0xcd}], 0x9}, 0x22120)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r1)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
clock_gettime(0xffffffffffffffff, &(0x7f0000000e40)={<r5=>0x0, <r6=>0x0})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @broadcast}, 0x10)
r8 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r8, &(0x7f0000000000)=[{&(0x7f0000000440)="580000001400192340834b80040d8c560a067fbc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000b0808004149014006040800", 0x58}], 0x1)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6d706f6c3d62690bbe608ae7a8e257d632a80e6e643a302d4e3a332f", @ANYRESDEC])
recvmmsg$unix(r4, &(0x7f0000000c40)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000080)=""/89, 0x59}, {&(0x7f00000003c0)=""/139, 0x8b}, {&(0x7f0000000300)=""/85, 0x55}, {&(0x7f0000000480)=""/158, 0x9e}], 0x4, &(0x7f00000001c0)}}, {{&(0x7f0000000540), 0x6e, &(0x7f0000000800)=[{&(0x7f0000000240)=""/36, 0x24}, {&(0x7f0000000640)=""/249, 0xf9}, {&(0x7f0000000740)=""/147, 0x93}, {&(0x7f0000000880)=""/85, 0x55}], 0x4, &(0x7f0000000900)=[@cred={{0x1c}}], 0x20}}, {{0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000940)=""/238, 0xee}, {&(0x7f0000000a40)=""/19, 0x13}, {&(0x7f0000000a80)=""/253, 0xfd}], 0x3, &(0x7f0000000bc0)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x38, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r9=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78}}], 0x3, 0x0, &(0x7f0000000d40)={r5, r6+60000000})
r10 = openat$cuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
pipe2(&(0x7f0000000700)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x84800)
splice(r10, 0x0, r11, 0x0, 0x2000, 0x0)
sendmsg$NL80211_CMD_DEL_KEY(r4, &(0x7f0000000e00)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000dc0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="248d288a", @ANYRES16=r2, @ANYBLOB="100029bd7000fedbdf250c00000008000300", @ANYRES32=0x0, @ANYBLOB="0800370003000000"], 0x24}, 0x1, 0x0, 0x0, 0x4018}, 0x4090)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x50000, 0x1000, &(0x7f0000009000/0x1000)=nil})
r12 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r12, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f0000000280)="c7442400ca6d0000c744240200800000c7442406000000000f011c24266445cb67440f01c4f30353002e410f093e3e0f01cff3902ef20f1a70a0c463a9cf7cae210026660f380647af", 0x49}], 0x1, 0x11, 0x0, 0x0)
r13 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r13, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSFLAGS1(r13, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r13, &(0x7f00000002c0)=[{&(0x7f0000000040)="00214717000000a8a646381d8fee86d9ca0e6a9c4db5", 0x16}], 0x1, 0xe, 0x200004)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

.507800][  T156] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.515608][  T156] batman_adv: batadv0: Removing interface: batadv_slave_1
[  476.528705][  T156] veth1_macvtap: left promiscuous mode
[  476.534192][  T156] veth0_macvtap: left promiscuous mode
[  476.540329][  T156] veth1_vlan: left promiscuous mode
[  476.545611][  T156] veth0_vlan: left promiscuous mode
[  476.737865][  T156] team0 (unregistering): Port device team_slave_1 removed
[  476.768978][  T156] team0 (unregistering): Port device team_slave_0 removed
[  476.892121][ T1104] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.901901][ T1104] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  476.912689][ T1104] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  476.922740][ T1104] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  476.983586][ T1564] usb 5-1: USB disconnect, device number 102
[  477.144715][ T1168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  477.169489][ T1168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.205818][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  477.222643][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  477.249373][  T156] IPVS: stop unused estimator thread 0...
[  477.296403][ T5835] Bluetooth: hci0: command tx timeout
[  477.301977][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  477.773769][T16447] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  477.793538][T16447] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  477.801493][T16447] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  477.828338][T16447] comedi: valid board names for 8255 driver are:
[  477.834903][T16447]  8255
[  477.838631][T16447] comedi: valid board names for vmk80xx driver are:
[  477.845637][T16447]  vmk80xx
[  477.849318][T16447] comedi: valid board names for usbduxsigma driver are:
[  477.856785][T16447]  usbduxsigma
[  477.860285][T16447] comedi: valid board names for usbduxfast driver are:
[  477.869433][T16444] ucma_write: process 1630 (syz.4.2564) changed security contexts after opening file descriptor, this is not allowed.
[  477.892462][T16447]  usbduxfast
[  477.896441][T16447] comedi: valid board names for usbdux driver are:
[  477.903387][T16447]  usbdux
[  477.906844][T16447] comedi: valid board names for ni6501 driver are:
[  477.914893][T16447]  ni6501
[  477.919183][T16447] comedi: valid board names for dt9812 driver are:
[  477.926417][T16447]  dt9812
[  477.929609][T16447] comedi: valid board names for ni_labpc_cs driver are:
[  477.937220][T16447]  ni_labpc_cs
[  477.940779][T16447] comedi: valid board names for ni_daq_700 driver are:
[  477.948085][T16447]  ni_daq_700
[  477.951394][T16447] comedi: valid board names for labpc_pci driver are:
[  477.958465][T16447]  labpc_pci
[  477.961709][T16447] comedi: valid board names for adl_pci9118 driver are:
[  477.968950][T16447]  pci9118dg
[  477.972340][T16447]  pci9118hg
[  477.975586][T16447]  pci9118hr
[  477.979190][T16447] comedi: valid board names for 8255_pci driver are:
[  477.985881][T16447]  8255_pci
[  477.989938][T16447] comedi: valid board names for s526 driver are:
[  477.996373][T16447]  s526
[  477.999274][T16447] comedi: valid board names for multiq3 driver are:
[  478.005988][T16447]  multiq3
[  478.009302][T16447] comedi: valid board names for pcmuio driver are:
[  478.015846][T16447]  pcmuio48
[  478.019118][T16447]  pcmuio96
[  478.022413][T16447] comedi: valid board names for pcmmio driver are:
[  478.029482][T16447]  pcmmio
[  478.032571][T16447] comedi: valid board names for pcmda12 driver are:
[  478.039270][T16447]  pcmda12
[  478.042509][T16447] comedi: valid board names for pcmad driver are:
[  478.049259][T16447]  pcmad12
[  478.052639][T16447]  pcmad16
[  478.055692][T16447] comedi: valid board names for ni_labpc driver are:
[  478.062514][T16447]  lab-pc-1200
[  478.065986][T16447]  lab-pc-1200ai
[  478.069831][T16447]  lab-pc+
[  478.073011][T16447] comedi: valid board names for atmio16 driver are:
[  478.080014][T16447]  atmio16
[  478.083222][T16447]  atmio16d
[  478.088116][T16447] comedi: valid board names for ni_at_ao driver are:
[  478.095077][T16447]  at-ao-6
[  478.098431][T16447]  at-ao-10
[  478.101563][T16447] comedi: valid board names for ni_at_a2150 driver are:
[  478.108967][T16447]  ni_at_a2150
[  478.112390][T16447] comedi: valid board names for adq12b driver are:
[  478.119350][T16447]  adq12b
[  478.122311][T16447] comedi: valid board names for mpc624 driver are:
[  478.140653][T16447]  mpc624
[  478.143660][T16447] comedi: valid board names for c6xdigio driver are:
[  478.196660][T16447]  c6xdigio
[  478.199823][T16447] comedi: valid board names for aio_iiro_16 driver are:
[  478.208274][T16447]  aio_iiro_16
[  478.211693][T16447] comedi: valid board names for aio_aio12_8 driver are:
[  478.256503][T16447]  aio_aio12_8
[  478.261491][T16447]  aio_ai12_8
[  478.264944][T16447]  aio_ao12_4
[  478.275068][T16447] comedi: valid board names for fl512 driver are:
[  478.295756][T16447]  fl512
[  478.300314][T16447] comedi: valid board names for dmm32at driver are:
[  478.324328][T16447]  dmm32at
[  478.329750][T16447] comedi: valid board names for dt282x driver are:
[  478.341394][T16447]  dt2821
[  478.344985][T16447]  dt2821-f
[  478.356098][T16447]  dt2821-g
[  478.359312][T16447]  dt2823
[  478.362322][T16447]  dt2824-pgh
[  478.365635][T16447]  dt2824-pgl
[  478.386103][T16447]  dt2825
[  478.389098][T16447]  dt2827
[  478.392120][T16447]  dt2828
[  478.395133][T16447]  dt2829
[  478.406056][T16447]  dt21-ez
[  478.409150][T16447]  dt23-ez
[  478.412231][T16447]  dt24-ez
[  478.415271][T16447]  dt24-ez-pgl
[  478.416209][   T29] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  478.436256][T16447] comedi: valid board names for dt2817 driver are:
[  478.442811][T16447]  dt2817
[  478.445799][T16447] comedi: valid board names for dt2815 driver are:
[  478.453883][T16447]  dt2815
[  478.466151][T16447] comedi: valid board names for dt2814 driver are:
[  478.472699][T16447]  dt2814
[  478.475668][T16447] comedi: valid board names for dt2811 driver are:
[  478.486216][T16447]  dt2811-pgh
[  478.489535][T16447]  dt2811-pgl
[  478.492849][T16447] comedi: valid board names for dt2801 driver are:
[  478.506112][T16447]  dt2801
[  478.509318][T16447] comedi: valid board names for das6402 driver are:
[  478.515949][T16447]  das6402-12
[  478.526054][T16447]  das6402-16
[  478.529454][T16447] comedi: valid board names for das1800 driver are:
[  478.536687][T16447]  das-1701st
[  478.539996][T16447]  das-1701st-da
[  478.543582][T16447]  das-1702st
[  478.547436][T16447]  das-1702st-da
[  478.550999][T16447]  das-1702hr
[  478.554295][T16447]  das-1702hr-da
[  478.558494][T16447]  das-1701ao
[  478.562051][T16447]  das-1702ao
[  478.565367][T16447]  das-1801st
[  478.569532][T16447]  das-1801st-da
[  478.573098][T16447]  das-1802st
[  478.576786][T16447]  das-1802st-da
[  478.579586][   T29] usb 4-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  478.580342][T16447]  das-1802hr
[  478.580357][T16447]  das-1802hr-da
[  478.580366][T16447]  das-1801hc
[  478.580374][T16447]  das-1802hc
[  478.580382][T16447]  das-1801ao
[  478.580391][T16447]  das-1802ao
[  478.610475][   T29] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  478.624182][   T29] usb 4-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  478.637246][   T29] usb 4-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  478.647656][   T29] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  478.666203][T16447] comedi: valid board names for das800 driver are:
[  478.679907][T16455] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  478.688282][T16447]  das-800
[  478.698364][T16447]  cio-das800
[  478.701682][T16447]  das-801
[  478.704731][T16447]  cio-das801
[  478.717703][T16447]  das-802
[  478.762793][T16447]  cio-das802
[  478.771922][T16447]  cio-das802/16
[  478.775553][T16447] comedi: valid board names for isa-das08 driver are:
[  478.786640][T16447]  isa-das08
[  478.789891][T16447]  das08-pgm
[  478.793106][T16447]  das08-pgh
[  478.797066][T16447]  das08-pgl
[  478.800321][T16447]  das08-aoh
[  478.803560][T16447]  das08-aol
[  478.807790][T16447]  das08-aom
[  478.811046][T16447]  das08/jr-ao
[  478.816892][T16447]  das08jr-16-ao
[  478.820486][T16447]  pc104-das08
[  478.823997][T16447]  das08jr/16
[  478.827778][T16447] comedi: valid board names for das16m1 driver are:
[  478.835103][T16447]  das16m1
[  478.839533][T16447] comedi: valid board names for dac02 driver are:
[  478.847583][T16447]  dac02
[  478.852426][T16447] comedi: valid board names for rti802 driver are:
[  478.860810][T16447]  rti802
[  478.863803][T16447] comedi: valid board names for rti800 driver are:
[  478.872836][T16447]  rti800
[  478.875850][T16447]  rti815
[  478.883178][T16447] comedi: valid board names for pcm3724 driver are:
[  478.897634][T16447]  pcm3724
[  478.900728][T16447] comedi: valid board names for pcl818 driver are:
[  478.909379][T16447]  pcl818l
[  478.914558][T16447]  pcl818h
[  478.919788][T16447]  pcl818hd
[  478.922949][T16447]  pcl818hg
[  478.927652][T16447]  pcl818
[  478.930738][T16447]  pcl718
[  478.933715][T16447]  pcm3718
[  478.937474][T16447] comedi: valid board names for pcl816 driver are:
[  478.944117][T16447]  pcl816
[  478.947786][T16447]  pcl814b
[  478.950847][T16447] comedi: valid board names for pcl812 driver are:
[  478.957982][T16447]  pcl812
[  478.960965][T16447]  pcl812pg
[  478.964107][T16447]  acl8112pg
[  478.971615][T16447]  acl8112dg
[  478.974873][T16447]  acl8112hg
[  478.979933][T16447]  a821pgl
[  478.983001][T16447]  a821pglnda
[  478.991475][T16447]  a821pgh
[  478.994548][T16447]  a822pgl
[  478.999937][T16447]  a822pgh
[  479.003076][T16447]  a823pgl
[  479.007359][T16447]  a823pgh
[  479.010441][T16447]  pcl813
[  479.013485][T16447]  pcl813b
[  479.017303][T16447]  acl8113
[  479.020378][T16447]  iso813
[  479.023367][T16447]  acl8216
[  479.030462][T16447]  a826pg
[  479.033462][T16447] comedi: valid board names for pcl730 driver are:
[  479.040563][T16447]  pcl730
[  479.043549][T16447]  iso730
[  479.051883][T16447]  acl7130
[  479.054963][T16447]  pcm3730
[  479.058614][T16447]  pcl725
[  479.062150][T16447]  p8r8dio
[  479.065248][T16447]  acl7225b
[  479.069931][T16447]  p16r16dio
[  479.075055][T16447]  pcl733
[  479.075084][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  479.078338][T16447]  pcl734
[  479.090419][T16447]  opmm-1616-xt
[  479.093936][T16447]  pearl-mm-p
[  479.098612][T16447]  ir104-pbf
[  479.102001][T16447] comedi: valid board names for pcl726 driver are:
[  479.108661][T16447]  pcl726
[  479.111645][T16447]  pcl727
[  479.114811][T16447]  pcl728
[  479.118008][T16447]  acl6126
[  479.121050][T16447]  acl6128
[  479.124083][T16447] comedi: valid board names for pcl724 driver are:
[  479.131332][T16447]  pcl724
[  479.134290][T16447]  pcl722
[  479.137627][T16447]  pcl731
[  479.140585][T16447]  acl7122
[  479.143786][T16447]  acl7124
[  479.147032][T16447]  pet48dio
[  479.150158][T16447]  pcmio48
[  479.153202][T16447]  onyx-mm-dio
[  479.156790][T16447] comedi: valid board names for pcl711 driver are:
[  479.163370][T16447]  pcl711
[  479.172480][T16447]  pcl711b
[  479.175882][T16447]  acl8112hg
[  479.179176][T16447]  acl8112dg
[  479.182745][T16447] comedi: valid board names for amplc_pc263 driver are:
[  479.189861][T16447]  pc263
[  479.192896][T16447] comedi: valid board names for amplc_pc236 driver are:
[  479.199902][T16447]  pc36at
[  479.202855][T16447] comedi: valid board names for amplc_dio200 driver are:
[  479.212303][T16447]  pc212e
[  479.215278][T16447]  pc214e
[  479.218271][T16447]  pc215e
[  479.221296][T16447]  pc218e
[  479.224249][T16447]  pc272e
[  479.227516][T16447] comedi: valid board names for comedi_parport driver are:
[  479.234740][T16447]  comedi_parport
[  479.238674][T16447] comedi: valid board names for comedi_test driver are:
[  479.245648][T16447]  comedi_test
[  479.249277][T16447] comedi: valid board names for comedi_bond driver are:
[  479.256413][T16447]  comedi_bond
[  479.348477][T16473] Bluetooth: MGMT ver 1.23
[  479.366583][ T5835] Bluetooth: hci0: command tx timeout
[  479.912322][T16492] FAULT_INJECTION: forcing a failure.
[  479.912322][T16492] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  479.925987][T16492] CPU: 1 UID: 0 PID: 16492 Comm: syz.4.2578 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  479.926025][T16492] Tainted: [L]=SOFTLOCKUP
[  479.926033][T16492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  479.926044][T16492] Call Trace:
[  479.926052][T16492]  <TASK>
[  479.926061][T16492]  dump_stack_lvl+0xe8/0x150
[  479.926093][T16492]  should_fail_ex+0x412/0x560
[  479.926126][T16492]  _copy_from_user+0x2d/0xb0
[  479.926149][T16492]  video_usercopy+0x36f/0x14b0
[  479.926175][T16492]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  479.926208][T16492]  ? __pfx___video_do_ioctl+0x10/0x10
[  479.926232][T16492]  ? __pfx_video_usercopy+0x10/0x10
[  479.926266][T16492]  ? __fget_files+0x2a/0x420
[  479.926297][T16492]  ? __fget_files+0x2a/0x420
[  479.926323][T16492]  ? __fget_files+0x3a0/0x420
[  479.926352][T16492]  v4l2_ioctl+0x18d/0x1e0
[  479.926376][T16492]  ? __pfx_v4l2_ioctl+0x10/0x10
[  479.926397][T16492]  __se_sys_ioctl+0xfc/0x170
[  479.926431][T16492]  do_syscall_64+0x14d/0xf80
[  479.926459][T16492]  ? trace_irq_disable+0x3b/0x150
[  479.926487][T16492]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.926508][T16492]  ? clear_bhb_loop+0x40/0x90
[  479.926533][T16492]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  479.926553][T16492] RIP: 0033:0x7f943c99c629
[  479.926572][T16492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  479.926589][T16492] RSP: 002b:00007f943abf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  479.926612][T16492] RAX: ffffffffffffffda RBX: 00007f943cc15fa0 RCX: 00007f943c99c629
[  479.926626][T16492] RDX: 0000200000000100 RSI: 00000000c034564b RDI: 0000000000000003
[  479.926638][T16492] RBP: 00007f943abf6090 R08: 0000000000000000 R09: 0000000000000000
[  479.926650][T16492] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  479.926662][T16492] R13: 00007f943cc16038 R14: 00007f943cc15fa0 R15: 00007fff542b5dc8
[  479.926694][T16492]  </TASK>
[  480.256581][   T29] aiptek 4-1:17.0: Aiptek using 400 ms programming speed
[  480.266399][   T29] input: Aiptek as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:17.0/input/input82
[  480.296552][   T29] usb 4-1: USB disconnect, device number 72
[  480.302534][    C1] aiptek 4-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  480.303328][ T5835] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  480.700960][ T5835] Bluetooth: hci4: unexpected event for opcode 0x1004
[  480.746464][T16503] binder: 16502:16503 ioctl 400c620e 0 returned -14
[  480.994767][T16515] input: syz1 as /devices/virtual/input/input83
[  481.001246][T16515] input: failed to attach handler leds to device input83, error: -6
[  481.447213][ T5835] Bluetooth: hci0: command tx timeout
[  481.656166][ T5878] usb 4-1: new full-speed USB device number 73 using dummy_hcd
[  481.809783][ T5878] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  481.820000][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  481.828384][ T5878] usb 4-1: Product: syz
[  481.833070][ T5878] usb 4-1: SerialNumber: syz
[  481.845221][ T5878] usb 4-1: config 0 descriptor??
[  481.862235][ T5878] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  481.876380][ T5878] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  481.891387][ T5878] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) error while loading driver (-19)
[  482.069640][ T1564] usb 4-1: USB disconnect, device number 73
[  482.717953][T16530] netlink: 7060 bytes leftover after parsing attributes in process `syz.3.2592'.
[  482.799028][T16532] FAULT_INJECTION: forcing a failure.
[  482.799028][T16532] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  482.815450][T16532] CPU: 0 UID: 0 PID: 16532 Comm: syz.6.2593 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  482.815482][T16532] Tainted: [L]=SOFTLOCKUP
[  482.815489][T16532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  482.815501][T16532] Call Trace:
[  482.815509][T16532]  <TASK>
[  482.815517][T16532]  dump_stack_lvl+0xe8/0x150
[  482.815548][T16532]  should_fail_ex+0x412/0x560
[  482.815582][T16532]  _copy_from_iter+0x1d3/0x1670
[  482.815615][T16532]  ? __pfx__copy_from_iter+0x10/0x10
[  482.815640][T16532]  ? __lock_acquire+0x6b5/0x2cf0
[  482.815673][T16532]  tun_get_user+0x275/0x3dd0
[  482.815721][T16532]  ? __pfx_tun_get_user+0x10/0x10
[  482.815746][T16532]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  482.815774][T16532]  ? lockdep_hardirqs_on+0x7a/0x110
[  482.815810][T16532]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  482.815837][T16532]  ? save_netdev_trace_buffer+0x4e2/0x610
[  482.815871][T16532]  ? ref_tracker_alloc+0x363/0x4d0
[  482.815888][T16532]  ? tun_chr_write_iter+0x60/0x210
[  482.815909][T16532]  ? vfs_write+0x61d/0xb90
[  482.815926][T16532]  ? ksys_write+0x150/0x270
[  482.815943][T16532]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  482.815966][T16532]  ? tun_get+0x1c/0x2f0
[  482.815994][T16532]  ? tun_get+0x1c/0x2f0
[  482.816022][T16532]  ? tun_get+0x1c/0x2f0
[  482.816049][T16532]  tun_chr_write_iter+0x113/0x210
[  482.816075][T16532]  vfs_write+0x61d/0xb90
[  482.816102][T16532]  ? __pfx_vfs_write+0x10/0x10
[  482.816141][T16532]  ? __fget_files+0x2a/0x420
[  482.816178][T16532]  ksys_write+0x150/0x270
[  482.816201][T16532]  ? __pfx_ksys_write+0x10/0x10
[  482.816232][T16532]  do_syscall_64+0x14d/0xf80
[  482.816259][T16532]  ? trace_irq_disable+0x3b/0x150
[  482.816287][T16532]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.816306][T16532]  ? clear_bhb_loop+0x40/0x90
[  482.816330][T16532]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  482.816350][T16532] RIP: 0033:0x7f57f3b9c629
[  482.816368][T16532] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  482.816384][T16532] RSP: 002b:00007f57f4ab6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  482.816406][T16532] RAX: ffffffffffffffda RBX: 00007f57f3e15fa0 RCX: 00007f57f3b9c629
[  482.816421][T16532] RDX: 0000000000000042 RSI: 0000200000000480 RDI: 0000000000000004
[  482.816434][T16532] RBP: 00007f57f4ab6090 R08: 0000000000000000 R09: 0000000000000000
[  482.816446][T16532] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  482.816458][T16532] R13: 00007f57f3e16038 R14: 00007f57f3e15fa0 R15: 00007fffbed19f98
[  482.816490][T16532]  </TASK>
[  483.156673][T16536] FAULT_INJECTION: forcing a failure.
[  483.156673][T16536] name failslab, interval 1, probability 0, space 0, times 0
[  483.171184][T16536] CPU: 0 UID: 0 PID: 16536 Comm: syz.6.2595 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  483.171214][T16536] Tainted: [L]=SOFTLOCKUP
[  483.171222][T16536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  483.171232][T16536] Call Trace:
[  483.171237][T16536]  <TASK>
[  483.171243][T16536]  dump_stack_lvl+0xe8/0x150
[  483.171264][T16536]  should_fail_ex+0x412/0x560
[  483.171285][T16536]  should_failslab+0xa8/0x100
[  483.171299][T16536]  ? skb_clone+0x212/0x3a0
[  483.171316][T16536]  kmem_cache_alloc_noprof+0x87/0x650
[  483.171339][T16536]  skb_clone+0x212/0x3a0
[  483.171357][T16536]  __netlink_deliver_tap+0x424/0x8b0
[  483.171378][T16536]  ? netlink_deliver_tap+0x2e/0x1b0
[  483.171393][T16536]  netlink_deliver_tap+0x19c/0x1b0
[  483.171408][T16536]  netlink_sendskb+0x68/0x140
[  483.171421][T16536]  netlink_unicast+0x3a3/0x9b0
[  483.171435][T16536]  ? do_mirror+0xcb7/0x2720
[  483.171450][T16536]  ? __pfx_netlink_unicast+0x10/0x10
[  483.171468][T16536]  netlink_rcv_skb+0x2b6/0x4b0
[  483.171482][T16536]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  483.171497][T16536]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  483.171517][T16536]  ? bpf_lsm_capable+0x9/0x20
[  483.171531][T16536]  ? security_capable+0x7e/0x2c0
[  483.171552][T16536]  nfnetlink_rcv+0x2c0/0x27b0
[  483.171567][T16536]  ? unwind_get_return_address+0x4d/0x90
[  483.171585][T16536]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  483.171602][T16536]  ? trim_netdev_trace+0x7d7/0x830
[  483.171617][T16536]  ? stack_trace_save+0xa9/0x100
[  483.171634][T16536]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  483.171647][T16536]  ? save_netdev_trace_buffer+0x4f7/0x610
[  483.171660][T16536]  ? __pfx___dev_queue_xmit+0x10/0x10
[  483.171675][T16536]  ? __pfx_save_netdev_trace_buffer+0x10/0x10
[  483.171688][T16536]  ? ref_tracker_free+0x693/0x840
[  483.171698][T16536]  ? __netlink_deliver_tap+0x636/0x8b0
[  483.171711][T16536]  ? netlink_deliver_tap+0x19c/0x1b0
[  483.171724][T16536]  ? netlink_unicast+0x7e3/0x9b0
[  483.171735][T16536]  ? netlink_sendmsg+0x813/0xb40
[  483.171747][T16536]  ? sock_sendmsg_nosec+0x18f/0x1d0
[  483.171759][T16536]  ? ____sys_sendmsg+0x589/0x8c0
[  483.171774][T16536]  ? ___sys_sendmsg+0x2a5/0x360
[  483.171789][T16536]  ? __x64_sys_sendmsg+0x1bd/0x2a0
[  483.171804][T16536]  ? do_syscall_64+0x14d/0xf80
[  483.171820][T16536]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.171836][T16536]  ? __skb_clone+0x483/0x7a0
[  483.171856][T16536]  ? skb_clone+0x246/0x3a0
[  483.171875][T16536]  ? __netlink_deliver_tap+0x866/0x8b0
[  483.171889][T16536]  ? netlink_deliver_tap+0x2e/0x1b0
[  483.171906][T16536]  ? netlink_deliver_tap+0x2e/0x1b0
[  483.171924][T16536]  netlink_unicast+0x80f/0x9b0
[  483.171941][T16536]  ? __pfx_netlink_unicast+0x10/0x10
[  483.171955][T16536]  ? netlink_sendmsg+0x650/0xb40
[  483.171968][T16536]  ? skb_put+0x11b/0x210
[  483.171985][T16536]  netlink_sendmsg+0x813/0xb40
[  483.172004][T16536]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.172020][T16536]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  483.172038][T16536]  ? __pfx_netlink_sendmsg+0x10/0x10
[  483.172051][T16536]  sock_sendmsg_nosec+0x18f/0x1d0
[  483.172066][T16536]  ____sys_sendmsg+0x589/0x8c0
[  483.172087][T16536]  ? __pfx_____sys_sendmsg+0x10/0x10
[  483.172109][T16536]  ? import_iovec+0x73/0xa0
[  483.172125][T16536]  ___sys_sendmsg+0x2a5/0x360
[  483.172145][T16536]  ? __pfx____sys_sendmsg+0x10/0x10
[  483.172187][T16536]  ? __fget_files+0x2a/0x420
[  483.172202][T16536]  ? __fget_files+0x3a0/0x420
[  483.172223][T16536]  __x64_sys_sendmsg+0x1bd/0x2a0
[  483.172242][T16536]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  483.172263][T16536]  ? __pfx_ksys_write+0x10/0x10
[  483.172282][T16536]  do_syscall_64+0x14d/0xf80
[  483.172298][T16536]  ? trace_irq_disable+0x3b/0x150
[  483.172314][T16536]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.172326][T16536]  ? clear_bhb_loop+0x40/0x90
[  483.172340][T16536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  483.172351][T16536] RIP: 0033:0x7f57f3b9c629
[  483.172364][T16536] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  483.172373][T16536] RSP: 002b:00007f57f4ab6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  483.172388][T16536] RAX: ffffffffffffffda RBX: 00007f57f3e15fa0 RCX: 00007f57f3b9c629
[  483.172397][T16536] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  483.172404][T16536] RBP: 00007f57f4ab6090 R08: 0000000000000000 R09: 0000000000000000
[  483.172411][T16536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  483.172418][T16536] R13: 00007f57f3e16038 R14: 00007f57f3e15fa0 R15: 00007fffbed19f98
[  483.172436][T16536]  </TASK>
[  483.206115][ T1564] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  483.786328][ T1564] usb 4-1: Using ep0 maxpacket: 8
[  483.794704][ T1564] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  483.803614][ T1564] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  483.813862][ T1564] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  483.824110][ T1564] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  483.834960][ T1564] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  483.845900][ T1564] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  483.860640][ T1564] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  483.871095][ T1564] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.892817][ T1564] usbtmc 4-1:16.0: probe with driver usbtmc failed with error -22
[  484.023355][T16545] No control pipe specified
[  484.376144][ T1564] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[  484.536948][ T1564] usb 5-1: too many configurations: 237, using maximum allowed: 8
[  484.554484][ T1564] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  484.564054][ T1564] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.572395][ T1564] usb 5-1: Product: syz
[  484.578806][ T1564] usb 5-1: Manufacturer: syz
[  484.583430][ T1564] usb 5-1: SerialNumber: syz
[  484.595024][ T1564] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  484.645142][ T5964] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  484.967106][T16559] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2602'.
[  485.151971][   T10] usb 5-1: USB disconnect, device number 103
[  485.686968][ T5964] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  485.695725][ T5964] ath9k_htc: Failed to initialize the device
[  485.703708][   T10] usb 5-1: ath9k_htc: USB layer deinitialized
[  485.858158][T16569] FAULT_INJECTION: forcing a failure.
[  485.858158][T16569] name failslab, interval 1, probability 0, space 0, times 0
[  485.862473][   T29] usb 4-1: USB disconnect, device number 74
[  485.901415][T16569] CPU: 1 UID: 0 PID: 16569 Comm: syz.4.2603 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  485.901438][T16569] Tainted: [L]=SOFTLOCKUP
[  485.901443][T16569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  485.901450][T16569] Call Trace:
[  485.901456][T16569]  <TASK>
[  485.901461][T16569]  dump_stack_lvl+0xe8/0x150
[  485.901482][T16569]  should_fail_ex+0x412/0x560
[  485.901502][T16569]  should_failslab+0xa8/0x100
[  485.901516][T16569]  ? vm_area_dup+0x2b/0x680
[  485.901528][T16569]  kmem_cache_alloc_noprof+0x87/0x650
[  485.901550][T16569]  vm_area_dup+0x2b/0x680
[  485.901565][T16569]  __split_vma+0x1dc/0xa40
[  485.901581][T16569]  ? mas_find+0xb0e/0xd30
[  485.901602][T16569]  ? __pfx___split_vma+0x10/0x10
[  485.901625][T16569]  ? __pfx___up_read+0x10/0x10
[  485.901639][T16569]  vms_gather_munmap_vmas+0x32d/0x1370
[  485.901654][T16569]  ? __mt_destroy+0x1c9/0x280
[  485.901666][T16569]  ? vms_complete_munmap_vmas+0xa0b/0xc60
[  485.901688][T16569]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  485.901714][T16569]  do_vmi_align_munmap+0x2b4/0x4b0
[  485.901738][T16569]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  485.901770][T16569]  do_vmi_munmap+0x252/0x2d0
[  485.901788][T16569]  __vm_munmap+0x22c/0x3d0
[  485.901806][T16569]  ? __pfx___vm_munmap+0x10/0x10
[  485.901820][T16569]  ? vm_mmap_pgoff+0x3b1/0x4f0
[  485.901848][T16569]  __x64_sys_munmap+0x60/0x70
[  485.901866][T16569]  do_syscall_64+0x14d/0xf80
[  485.901882][T16569]  ? trace_irq_disable+0x3b/0x150
[  485.901899][T16569]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.901911][T16569]  ? clear_bhb_loop+0x40/0x90
[  485.901925][T16569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  485.901936][T16569] RIP: 0033:0x7f943c99c457
[  485.901949][T16569] Code: 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 0b 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  485.901959][T16569] RSP: 002b:00007f943abd3d18 EFLAGS: 00000206 ORIG_RAX: 000000000000000b
[  485.901973][T16569] RAX: ffffffffffffffda RBX: 00007f9434000000 RCX: 00007f943c99c457
[  485.901982][T16569] RDX: 0000000000000000 RSI: 0000000002a00000 RDI: 00007f9438000000
[  485.901990][T16569] RBP: 0000000000021000 R08: 00000000ffffffff R09: 0000000000000000
[  485.901998][T16569] R10: 0000000000000022 R11: 0000000000000206 R12: 0000000004000000
[  485.902005][T16569] R13: 0000000000001000 R14: 00007f9438000000 R15: 0000000001600000
[  485.902023][T16569]  </TASK>
[  486.236504][T16573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2605'.
[  486.430928][T16580] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2608'.
[  487.473526][T16599] FAULT_INJECTION: forcing a failure.
[  487.473526][T16599] name failslab, interval 1, probability 0, space 0, times 0
[  487.487397][T16599] CPU: 1 UID: 0 PID: 16599 Comm: syz.3.2614 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  487.487429][T16599] Tainted: [L]=SOFTLOCKUP
[  487.487437][T16599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  487.487449][T16599] Call Trace:
[  487.487457][T16599]  <TASK>
[  487.487466][T16599]  dump_stack_lvl+0xe8/0x150
[  487.487499][T16599]  should_fail_ex+0x412/0x560
[  487.487534][T16599]  should_failslab+0xa8/0x100
[  487.487561][T16599]  __kmalloc_cache_noprof+0x88/0x660
[  487.487582][T16599]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  487.487608][T16599]  ? sctp_add_bind_addr+0x8c/0x370
[  487.487639][T16599]  sctp_add_bind_addr+0x8c/0x370
[  487.487668][T16599]  sctp_copy_local_addr_list+0x314/0x4f0
[  487.487696][T16599]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  487.487721][T16599]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  487.487749][T16599]  ? sctp_v6_is_any+0x64/0x80
[  487.487776][T16599]  ? sctp_copy_one_addr+0x93/0x360
[  487.487805][T16599]  sctp_bind_addr_copy+0xb3/0x3c0
[  487.487831][T16599]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  487.487857][T16599]  sctp_connect_new_asoc+0x2ff/0x6b0
[  487.487890][T16599]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  487.487928][T16599]  ? __local_bh_enable_ip+0xd0/0x130
[  487.487953][T16599]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  487.487976][T16599]  ? security_sctp_bind_connect+0x7e/0x2c0
[  487.488006][T16599]  sctp_sendmsg+0x1528/0x2c10
[  487.488052][T16599]  ? __pfx_sctp_sendmsg+0x10/0x10
[  487.488090][T16599]  ? aa_sk_perm+0x6d5/0x900
[  487.488127][T16599]  ? __pfx_aa_sk_perm+0x10/0x10
[  487.488153][T16599]  ? sock_rps_record_flow+0x19/0x400
[  487.488187][T16599]  ? inet_sendmsg+0x2f4/0x370
[  487.488221][T16599]  sock_sendmsg_nosec+0x128/0x1d0
[  487.488248][T16599]  __sys_sendto+0x3ff/0x590
[  487.488278][T16599]  ? __pfx___sys_sendto+0x10/0x10
[  487.488301][T16599]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  487.488351][T16599]  ? __fget_files+0x3a0/0x420
[  487.488385][T16599]  ? ksys_write+0x242/0x270
[  487.488399][T16599]  ? __pfx_ksys_write+0x10/0x10
[  487.488414][T16599]  __x64_sys_sendto+0xde/0x100
[  487.488432][T16599]  do_syscall_64+0x14d/0xf80
[  487.488448][T16599]  ? trace_irq_disable+0x3b/0x150
[  487.488464][T16599]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.488476][T16599]  ? clear_bhb_loop+0x40/0x90
[  487.488490][T16599]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  487.488502][T16599] RIP: 0033:0x7fbfb299c629
[  487.488514][T16599] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  487.488524][T16599] RSP: 002b:00007fbfb388d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  487.488539][T16599] RAX: ffffffffffffffda RBX: 00007fbfb2c15fa0 RCX: 00007fbfb299c629
[  487.488548][T16599] RDX: 0000000000000001 RSI: 00002000000001c0 RDI: 0000000000000003
[  487.488555][T16599] RBP: 00007fbfb388d090 R08: 0000200000000480 R09: 000000000000001c
[  487.488563][T16599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  487.488571][T16599] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  487.488589][T16599]  </TASK>
[  487.888933][T16604] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2616'.
[  488.066193][ T5905] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  488.206254][ T5905] usb 4-1: device descriptor read/64, error -71
[  488.446271][ T5905] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  488.576269][ T5905] usb 4-1: device descriptor read/64, error -71
[  488.686833][ T5905] usb usb4-port1: attempt power cycle
[  489.056171][ T5905] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  489.076915][ T5905] usb 4-1: device descriptor read/8, error -71
[  489.316146][ T5905] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  489.351248][ T5905] usb 4-1: device descriptor read/8, error -71
[  489.466497][ T5905] usb usb4-port1: unable to enumerate USB device
[  489.787127][T16624] overlayfs: failed to resolve './file1': -2
[  490.110571][T15842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  490.120723][T15842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  490.129087][T15842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  490.142503][T15842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  490.155395][T15842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  490.403561][T16627] chnl_net:caif_netlink_parms(): no params data found
[  490.490187][T16627] bridge0: port 1(bridge_slave_0) entered blocking state
[  490.498056][T16627] bridge0: port 1(bridge_slave_0) entered disabled state
[  490.505420][T16627] bridge_slave_0: entered allmulticast mode
[  490.513704][T16627] bridge_slave_0: entered promiscuous mode
[  490.525028][T16627] bridge0: port 2(bridge_slave_1) entered blocking state
[  490.532503][T16627] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.540395][T16627] bridge_slave_1: entered allmulticast mode
[  490.549515][T16627] bridge_slave_1: entered promiscuous mode
[  490.614509][ T1168] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.654251][T16627] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.667642][T16627] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  490.720418][ T1168] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.739262][T16627] team0: Port device team_slave_0 added
[  490.749409][T16627] team0: Port device team_slave_1 added
[  490.794242][ T1168] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  490.813158][T16627] batman_adv: batadv0: Adding interface: batadv_slave_0
[  490.820880][T16627] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  490.847149][T16627] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  490.862672][T16627] batman_adv: batadv0: Adding interface: batadv_slave_1
[  490.870476][T16627] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  490.897629][T16627] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  490.922347][ T1168] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  491.020011][T16638] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2625'.
[  491.027845][T16627] hsr_slave_0: entered promiscuous mode
[  491.037154][T16627] hsr_slave_1: entered promiscuous mode
[  491.043818][T16627] debugfs: 'hsr0' already exists in 'hsr'
[  491.050074][T16627] Cannot create hsr debugfs directory
[  491.280386][ T1168] bridge_slave_1: left allmulticast mode
[  491.287117][ T1168] bridge_slave_1: left promiscuous mode
[  491.292956][ T1168] bridge0: port 2(bridge_slave_1) entered disabled state
[  491.305499][ T1168] bridge_slave_0: left allmulticast mode
[  491.316518][ T1168] bridge_slave_0: left promiscuous mode
[  491.326853][ T1168] bridge0: port 1(bridge_slave_0) entered disabled state
[  491.737902][ T1168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  491.749369][ T1168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  491.760907][ T1168] bond0 (unregistering): Released all slaves
[  491.881612][ T1168] tipc: Left network mode
[  491.942696][T16656] netlink: 'syz.3.2627': attribute type 3 has an invalid length.
[  492.236340][   T29] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[  492.248043][ T5835] Bluetooth: hci2: command tx timeout
[  492.288953][ T1168] hsr_slave_0: left promiscuous mode
[  492.295380][ T1168] hsr_slave_1: left promiscuous mode
[  492.302561][ T1168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  492.310390][ T1168] batman_adv: batadv0: Removing interface: batadv_slave_0
[  492.319422][ T1168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  492.330249][ T1168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  492.346604][ T1168] veth1_macvtap: left promiscuous mode
[  492.352247][ T1168] veth0_macvtap: left promiscuous mode
[  492.358053][ T1168] veth1_vlan: left promiscuous mode
[  492.363383][ T1168] veth0_vlan: left promiscuous mode
[  492.406561][   T29] usb 4-1: Using ep0 maxpacket: 16
[  492.414324][   T29] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  492.439259][   T29] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  492.464002][   T29] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  492.483329][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.494871][   T29] usb 4-1: Product: syz
[  492.499338][   T29] usb 4-1: Manufacturer: syz
[  492.503957][   T29] usb 4-1: SerialNumber: syz
[  492.732179][T16656] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  492.759276][T16656] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  492.774711][ T1168] team0 (unregistering): Port device team_slave_1 removed
[  492.802217][   T29] usb 4-1: 0:2 : does not exist
[  492.820093][   T29] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  492.851053][ T1168] team0 (unregistering): Port device team_slave_0 removed
[  492.980197][   T29] usb 4-1: USB disconnect, device number 79
[  493.068204][ T5838] udevd[5838]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  493.608314][T16689] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input84
[  493.693259][T16695] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2633'.
[  493.744913][T16695] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2633'.
[  493.875554][T16702] FAULT_INJECTION: forcing a failure.
[  493.875554][T16702] name failslab, interval 1, probability 0, space 0, times 0
[  493.889264][T16702] CPU: 0 UID: 0 PID: 16702 Comm: syz.6.2635 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  493.889296][T16702] Tainted: [L]=SOFTLOCKUP
[  493.889303][T16702] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  493.889315][T16702] Call Trace:
[  493.889324][T16702]  <TASK>
[  493.889333][T16702]  dump_stack_lvl+0xe8/0x150
[  493.889367][T16702]  should_fail_ex+0x412/0x560
[  493.889400][T16702]  should_failslab+0xa8/0x100
[  493.889425][T16702]  __kmalloc_cache_noprof+0x88/0x660
[  493.889454][T16702]  ? __sctp_v6_cmp_addr+0x1e6/0x510
[  493.889489][T16702]  ? sctp_add_bind_addr+0x8c/0x370
[  493.889518][T16702]  sctp_add_bind_addr+0x8c/0x370
[  493.889548][T16702]  sctp_copy_local_addr_list+0x314/0x4f0
[  493.889586][T16702]  ? sctp_copy_local_addr_list+0xa4/0x4f0
[  493.889611][T16702]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[  493.889638][T16702]  ? sctp_v6_is_any+0x64/0x80
[  493.889664][T16702]  ? sctp_copy_one_addr+0x93/0x360
[  493.889692][T16702]  sctp_bind_addr_copy+0xb3/0x3c0
[  493.889718][T16702]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[  493.889744][T16702]  sctp_connect_new_asoc+0x2ff/0x6b0
[  493.889775][T16702]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  493.889805][T16702]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  493.889835][T16702]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  493.889859][T16702]  ? sctp_endpoint_lookup_assoc+0x7b/0x260
[  493.889887][T16702]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[  493.889909][T16702]  ? security_sctp_bind_connect+0x7e/0x2c0
[  493.889939][T16702]  sctp_sendmsg+0x1528/0x2c10
[  493.889982][T16702]  ? __pfx_sctp_sendmsg+0x10/0x10
[  493.890021][T16702]  ? aa_sk_perm+0x6d5/0x900
[  493.890065][T16702]  ? __pfx_aa_sk_perm+0x10/0x10
[  493.890091][T16702]  ? sock_rps_record_flow+0x19/0x400
[  493.890132][T16702]  ? inet_sendmsg+0x2f4/0x370
[  493.890161][T16702]  sock_sendmsg_nosec+0x128/0x1d0
[  493.890187][T16702]  ____sys_sendmsg+0x589/0x8c0
[  493.890225][T16702]  ? __pfx_____sys_sendmsg+0x10/0x10
[  493.890260][T16702]  ? import_iovec+0x73/0xa0
[  493.890286][T16702]  ___sys_sendmsg+0x2a5/0x360
[  493.890317][T16702]  ? __pfx____sys_sendmsg+0x10/0x10
[  493.890382][T16702]  ? __fget_files+0x2a/0x420
[  493.890409][T16702]  ? __fget_files+0x3a0/0x420
[  493.890446][T16702]  __x64_sys_sendmsg+0x1bd/0x2a0
[  493.890477][T16702]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  493.890515][T16702]  ? __pfx_ksys_write+0x10/0x10
[  493.890547][T16702]  do_syscall_64+0x14d/0xf80
[  493.890575][T16702]  ? trace_irq_disable+0x3b/0x150
[  493.890602][T16702]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.890623][T16702]  ? clear_bhb_loop+0x40/0x90
[  493.890647][T16702]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  493.890667][T16702] RIP: 0033:0x7f57f3b9c629
[  493.890687][T16702] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  493.890703][T16702] RSP: 002b:00007f57f4ab6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  493.890726][T16702] RAX: ffffffffffffffda RBX: 00007f57f3e15fa0 RCX: 00007f57f3b9c629
[  493.890741][T16702] RDX: 0000000024000052 RSI: 00002000000000c0 RDI: 0000000000000003
[  493.890754][T16702] RBP: 00007f57f4ab6090 R08: 0000000000000000 R09: 0000000000000000
[  493.890767][T16702] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  493.890779][T16702] R13: 00007f57f3e16038 R14: 00007f57f3e15fa0 R15: 00007fffbed19f98
[  493.890812][T16702]  </TASK>
[  494.319950][ T1168] IPVS: stop unused estimator thread 0...
[  494.329096][T16627] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  494.330430][ T5835] Bluetooth: hci2: command tx timeout
[  494.370861][T16627] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  494.435679][T16627] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  494.475156][T16627] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  494.568084][T16717] netlink: 132 bytes leftover after parsing attributes in process `syz.0.2639'.
[  494.802192][T16725] netlink: 'syz.3.2640': attribute type 3 has an invalid length.
[  494.816447][T16627] 8021q: adding VLAN 0 to HW filter on device bond0
[  494.880803][T16627] 8021q: adding VLAN 0 to HW filter on device team0
[  494.911734][T16734] FAULT_INJECTION: forcing a failure.
[  494.911734][T16734] name failslab, interval 1, probability 0, space 0, times 0
[  494.926251][T16734] CPU: 0 UID: 0 PID: 16734 Comm: syz.3.2641 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  494.926284][T16734] Tainted: [L]=SOFTLOCKUP
[  494.926291][T16734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  494.926303][T16734] Call Trace:
[  494.926312][T16734]  <TASK>
[  494.926320][T16734]  dump_stack_lvl+0xe8/0x150
[  494.926351][T16734]  should_fail_ex+0x412/0x560
[  494.926386][T16734]  should_failslab+0xa8/0x100
[  494.926410][T16734]  __kmalloc_noprof+0xe8/0x760
[  494.926430][T16734]  ? rcu_is_watching+0x15/0xb0
[  494.926455][T16734]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  494.926491][T16734]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  494.926528][T16734]  genl_family_rcv_msg_doit+0xd9/0x330
[  494.926564][T16734]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  494.926603][T16734]  ? apparmor_capable+0x126/0x170
[  494.926628][T16734]  ? bpf_lsm_capable+0x9/0x20
[  494.926652][T16734]  ? security_capable+0x7e/0x2c0
[  494.926688][T16734]  genl_rcv_msg+0x61c/0x7a0
[  494.926724][T16734]  ? __pfx_genl_rcv_msg+0x10/0x10
[  494.926751][T16734]  ? __pfx_ieee802154_llsec_add_dev+0x10/0x10
[  494.926775][T16734]  ? __lock_acquire+0x6b5/0x2cf0
[  494.926812][T16734]  netlink_rcv_skb+0x232/0x4b0
[  494.926837][T16734]  ? __pfx_genl_rcv_msg+0x10/0x10
[  494.926865][T16734]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  494.926906][T16734]  ? down_read+0x272/0x2e0
[  494.926925][T16734]  ? genl_rcv+0xd/0x40
[  494.926954][T16734]  genl_rcv+0x28/0x40
[  494.926979][T16734]  netlink_unicast+0x80f/0x9b0
[  494.927002][T16734]  ? __pfx_netlink_unicast+0x10/0x10
[  494.927024][T16734]  ? netlink_sendmsg+0x650/0xb40
[  494.927046][T16734]  ? skb_put+0x11b/0x210
[  494.927075][T16734]  netlink_sendmsg+0x813/0xb40
[  494.927110][T16734]  ? __pfx_netlink_sendmsg+0x10/0x10
[  494.927137][T16734]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  494.927178][T16734]  ? __pfx_netlink_sendmsg+0x10/0x10
[  494.927199][T16734]  sock_sendmsg_nosec+0x18f/0x1d0
[  494.927224][T16734]  ____sys_sendmsg+0x589/0x8c0
[  494.927263][T16734]  ? __pfx_____sys_sendmsg+0x10/0x10
[  494.927302][T16734]  ? import_iovec+0x73/0xa0
[  494.927329][T16734]  ___sys_sendmsg+0x2a5/0x360
[  494.927364][T16734]  ? __pfx____sys_sendmsg+0x10/0x10
[  494.927431][T16734]  ? __fget_files+0x2a/0x420
[  494.927458][T16734]  ? __fget_files+0x3a0/0x420
[  494.927497][T16734]  __x64_sys_sendmsg+0x1bd/0x2a0
[  494.927528][T16734]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  494.927568][T16734]  ? __pfx_ksys_write+0x10/0x10
[  494.927603][T16734]  do_syscall_64+0x14d/0xf80
[  494.927631][T16734]  ? trace_irq_disable+0x3b/0x150
[  494.927656][T16734]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.927677][T16734]  ? clear_bhb_loop+0x40/0x90
[  494.927701][T16734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  494.927721][T16734] RIP: 0033:0x7fbfb299c629
[  494.927742][T16734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  494.927759][T16734] RSP: 002b:00007fbfb388d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  494.927780][T16734] RAX: ffffffffffffffda RBX: 00007fbfb2c15fa0 RCX: 00007fbfb299c629
[  494.927795][T16734] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  494.927808][T16734] RBP: 00007fbfb388d090 R08: 0000000000000000 R09: 0000000000000000
[  494.927820][T16734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  494.927832][T16734] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  494.927867][T16734]  </TASK>
[  494.929758][  T147] bridge0: port 1(bridge_slave_0) entered blocking state
[  495.278192][  T147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  495.345474][T16726] syzkaller0: tun_chr_ioctl cmd 1074025677
[  495.368778][T16726] syzkaller0: Linktype set failed because interface is up
[  495.384095][ T1168] bridge0: port 2(bridge_slave_1) entered blocking state
[  495.391306][ T1168] bridge0: port 2(bridge_slave_1) entered forwarding state
[  495.435179][ T1104] syzkaller0: tun_net_xmit 76
[  495.441773][ T1104] syzkaller0: tun_net_xmit 48
[  495.468383][  T804] syzkaller0: tun_net_xmit 76
[  495.560379][  T804] syzkaller0: tun_net_xmit 76
[  495.742676][T16627] 8021q: adding VLAN 0 to HW filter on device batadv0
[  495.906436][  T804] syzkaller0: tun_net_xmit 76
[  496.144906][T16627] veth0_vlan: entered promiscuous mode
[  496.170075][T16627] veth1_vlan: entered promiscuous mode
[  496.227230][T16627] veth0_macvtap: entered promiscuous mode
[  496.241501][T16627] veth1_macvtap: entered promiscuous mode
[  496.278158][T16627] batman_adv: batadv0: Interface activated: batadv_slave_0
[  496.300735][T16627] batman_adv: batadv0: Interface activated: batadv_slave_1
[  496.329664][T16777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2645'.
[  496.344218][T16777] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2645'.
[  496.358882][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  496.369950][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  496.381167][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  496.390220][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  496.413644][ T5835] Bluetooth: hci2: command tx timeout
[  496.502034][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  496.514970][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  496.557295][  T156] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  496.563485][T16779] input: syz1 as /devices/virtual/input/input85
[  496.565285][  T156] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  496.580535][T16779] input: failed to attach handler leds to device input85, error: -6
[  496.746458][T16785] netlink: 'syz.4.2648': attribute type 3 has an invalid length.
[  497.046795][  T804] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[  497.199806][  T804] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  497.209067][  T804] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.219540][  T804] usb 5-1: config 0 descriptor??
[  497.433421][  T804] elan 0003:04F3:0755.0020: unknown main item tag 0x1
[  497.435838][T16797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2653'.
[  497.451127][T16797] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2653'.
[  497.462041][  T804] elan 0003:04F3:0755.0020: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.4-1/input0
[  497.655569][ T5964] usb 5-1: USB disconnect, device number 104
[  497.815476][T16813] netlink: 'syz.3.2657': attribute type 3 has an invalid length.
[  498.491186][ T5835] Bluetooth: hci2: command tx timeout
[  499.589642][T16821] loop8: detected capacity change from 0 to 1
[  499.617862][T16821] Dev loop8: unable to read RDB block 1
[  499.639298][T16821]  loop8: unable to read partition table
[  499.645669][ T7773] lec:lec_start_xmit: lec0:No lecd attached
[  499.682105][T16821] loop8: partition table beyond EOD, truncated
[  499.693178][T16821] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[  499.717854][T16828] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  499.762651][T16828] kvm: pic: level sensitive irq not supported
[  499.762750][T16828] kvm: pic: non byte read
[  499.789946][T16828] kvm: pic: level sensitive irq not supported
[  499.790103][T16828] kvm: pic: non byte read
[  499.802150][T16828] kvm: pic: level sensitive irq not supported
[  499.802295][T16828] kvm: pic: non byte read
[  499.872352][T16834] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2662'.
[  499.891879][T16834] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2662'.
[  500.075802][T16836] FAULT_INJECTION: forcing a failure.
[  500.075802][T16836] name failslab, interval 1, probability 0, space 0, times 0
[  500.089876][T16836] CPU: 0 UID: 0 PID: 16836 Comm: syz.3.2663 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  500.089909][T16836] Tainted: [L]=SOFTLOCKUP
[  500.089917][T16836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  500.089929][T16836] Call Trace:
[  500.089937][T16836]  <TASK>
[  500.089946][T16836]  dump_stack_lvl+0xe8/0x150
[  500.089980][T16836]  should_fail_ex+0x412/0x560
[  500.090016][T16836]  should_failslab+0xa8/0x100
[  500.090042][T16836]  __kmalloc_noprof+0xe8/0x760
[  500.090064][T16836]  ? tomoyo_encode+0x28b/0x550
[  500.090091][T16836]  tomoyo_encode+0x28b/0x550
[  500.090119][T16836]  tomoyo_realpath_from_path+0x58d/0x5d0
[  500.090151][T16836]  ? tomoyo_path_number_perm+0x219/0x630
[  500.090180][T16836]  tomoyo_path_number_perm+0x246/0x630
[  500.090210][T16836]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  500.090239][T16836]  ? __lock_acquire+0x6b5/0x2cf0
[  500.090278][T16836]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  500.090341][T16836]  ? __fget_files+0x2a/0x420
[  500.090372][T16836]  ? __fget_files+0x2a/0x420
[  500.090398][T16836]  ? __fget_files+0x3a0/0x420
[  500.090424][T16836]  ? __fget_files+0x2a/0x420
[  500.090455][T16836]  security_file_ioctl+0xc3/0x2a0
[  500.090485][T16836]  __se_sys_ioctl+0x47/0x170
[  500.090510][T16836]  do_syscall_64+0x14d/0xf80
[  500.090538][T16836]  ? trace_irq_disable+0x3b/0x150
[  500.090566][T16836]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.090587][T16836]  ? clear_bhb_loop+0x40/0x90
[  500.090612][T16836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.090633][T16836] RIP: 0033:0x7fbfb299c629
[  500.090653][T16836] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  500.090670][T16836] RSP: 002b:00007fbfb388d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  500.090693][T16836] RAX: ffffffffffffffda RBX: 00007fbfb2c15fa0 RCX: 00007fbfb299c629
[  500.090708][T16836] RDX: 0000000000000000 RSI: 0000000000007001 RDI: 0000000000000003
[  500.090720][T16836] RBP: 00007fbfb388d090 R08: 0000000000000000 R09: 0000000000000000
[  500.090732][T16836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.090744][T16836] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  500.090777][T16836]  </TASK>
[  500.090801][T16836] ERROR: Out of memory at tomoyo_realpath_from_path.
[  500.522570][T16845] syz.6.2666 (16845): drop_caches: 2
[  500.529673][T16847] binder: 16844:16847 ioctl c0306201 2000000003c0 returned -14
[  500.562880][T16845] syz.6.2666 (16845): drop_caches: 2
[  500.743357][T16814] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  500.913511][T16857] FAULT_INJECTION: forcing a failure.
[  500.913511][T16857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.928820][T16857] CPU: 1 UID: 0 PID: 16857 Comm: syz.4.2670 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  500.928854][T16857] Tainted: [L]=SOFTLOCKUP
[  500.928864][T16857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  500.928876][T16857] Call Trace:
[  500.928884][T16857]  <TASK>
[  500.928892][T16857]  dump_stack_lvl+0xe8/0x150
[  500.928925][T16857]  should_fail_ex+0x412/0x560
[  500.928959][T16857]  _copy_to_user+0x31/0xb0
[  500.928985][T16857]  simple_read_from_buffer+0xe1/0x170
[  500.929017][T16857]  proc_fail_nth_read+0x1bb/0x230
[  500.929068][T16857]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.929100][T16857]  ? rw_verify_area+0x2a6/0x4d0
[  500.929120][T16857]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.929148][T16857]  vfs_read+0x20c/0xa70
[  500.929167][T16857]  ? fdget_pos+0x246/0x320
[  500.929200][T16857]  ? __pfx___mutex_lock+0x10/0x10
[  500.929221][T16857]  ? __pfx_vfs_read+0x10/0x10
[  500.929244][T16857]  ? __fget_files+0x2a/0x420
[  500.929277][T16857]  ? __fget_files+0x3a0/0x420
[  500.929303][T16857]  ? __fget_files+0x2a/0x420
[  500.929347][T16857]  ksys_read+0x150/0x270
[  500.929370][T16857]  ? __pfx_ksys_read+0x10/0x10
[  500.929403][T16857]  do_syscall_64+0x14d/0xf80
[  500.929431][T16857]  ? trace_irq_disable+0x3b/0x150
[  500.929459][T16857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.929479][T16857]  ? clear_bhb_loop+0x40/0x90
[  500.929505][T16857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.929526][T16857] RIP: 0033:0x7fe278b5cece
[  500.929546][T16857] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  500.929563][T16857] RSP: 002b:00007fe2799e1fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  500.929586][T16857] RAX: ffffffffffffffda RBX: 00007fe2799e26c0 RCX: 00007fe278b5cece
[  500.929601][T16857] RDX: 000000000000000f RSI: 00007fe2799e20a0 RDI: 0000000000000007
[  500.929613][T16857] RBP: 00007fe2799e2090 R08: 0000000000000000 R09: 0000000000000000
[  500.929626][T16857] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  500.929638][T16857] R13: 00007fe278e16038 R14: 00007fe278e15fa0 R15: 00007ffd79f007c8
[  500.929671][T16857]  </TASK>
[  500.970281][T16859] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2671'.
[  501.163432][T16859] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2671'.
[  501.348423][T16862] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  501.382230][T16862] kvm: pic: level sensitive irq not supported
[  501.382369][T16862] kvm: pic: non byte read
[  501.404386][T16862] kvm: pic: level sensitive irq not supported
[  501.404508][T16862] kvm: pic: non byte read
[  501.417021][T16862] kvm: pic: level sensitive irq not supported
[  501.427389][T16862] kvm: pic: non byte read
[  501.454689][ T1308] ieee802154 phy0 wpan0: encryption failed: -22
[  501.462934][ T1308] ieee802154 phy1 wpan1: encryption failed: -22
[  502.110599][T16887] netlink: 'syz.3.2679': attribute type 3 has an invalid length.
[  502.346685][ T5835] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  502.437307][T16893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2682'.
[  502.467985][T16893] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2682'.
[  502.590456][T16899] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  502.609323][T16899] kvm: pic: level sensitive irq not supported
[  502.609428][T16899] kvm: pic: non byte read
[  502.621045][T16899] kvm: pic: level sensitive irq not supported
[  502.621129][T16899] kvm: pic: non byte read
[  502.656504][T16899] kvm: pic: level sensitive irq not supported
[  502.656614][T16899] kvm: pic: non byte read
[  502.683946][T16903] : entered promiscuous mode
[  502.936152][ T5964] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[  502.943046][T16910] netlink: 'syz.0.2688': attribute type 3 has an invalid length.
[  503.108049][ T5964] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  503.126580][ T5964] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  503.152135][ T5964] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  503.161498][ T5964] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.169569][ T5964] usb 5-1: Product: syz
[  503.173915][ T5964] usb 5-1: Manufacturer: syz
[  503.178667][ T5964] usb 5-1: SerialNumber: syz
[  503.195694][ T5964] cdc_mbim 5-1:1.0: skipping garbage
[  503.390571][T16903] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  503.600810][T16903] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  503.611330][T16903] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  503.626264][T16903] netlink: 'syz.4.2685': attribute type 21 has an invalid length.
[  503.636563][T16903] netlink: 'syz.4.2685': attribute type 1 has an invalid length.
[  503.644603][T16903] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2685'.
[  503.745899][T16925] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2694'.
[  503.756286][T16925] netlink: 44 bytes leftover after parsing attributes in process `syz.0.2694'.
[  503.913198][T16927] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  504.055463][T16932] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  504.062161][T16903] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  504.073001][ T5964] cdc_mbim 5-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  504.082406][ T5964] cdc_mbim 5-1:1.0: setting rx_max = 2048
[  504.123325][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  504.281819][ T5964] cdc_mbim 5-1:1.0: setting tx_max = 56
[  504.295572][   T29] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[  504.309523][ T5964] cdc_mbim 5-1:1.0: cdc-wdm0: USB WDM device
[  504.319986][T16937] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  504.331042][ T5964] wwan wwan0: port wwan0mbim0 attached
[  504.337255][T16937] kvm: pic: level sensitive irq not supported
[  504.337396][T16937] kvm: pic: non byte read
[  504.349306][ T5964] cdc_mbim 5-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.4-1, CDC MBIM, 46:be:5c:b4:0b:1a
[  504.377973][ T5964] usb 5-1: USB disconnect, device number 105
[  504.385545][ T5964] cdc_mbim 5-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.4-1, CDC MBIM
[  504.480279][ T5964] wwan wwan0: port wwan0mbim0 disconnected
[  504.487763][   T29] usb 4-1: Using ep0 maxpacket: 32
[  504.500783][   T29] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  504.522952][   T29] usb 4-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  504.538086][   T29] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 104, changing to 10
[  504.554428][   T29] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 42652, setting to 1024
[  504.567936][   T29] usb 4-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  504.585312][   T29] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  504.595420][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  504.604771][   T29] usb 4-1: Product: syz
[  504.609044][   T29] usb 4-1: Manufacturer: syz
[  504.613786][   T29] usb 4-1: SerialNumber: syz
[  504.625981][T16931] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  504.636156][    C1] imon 4-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  504.644817][   T29] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/input/input86
[  504.847165][   T29] imon 4-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  504.855711][   T29]  (id 0x00)
[  504.886073][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5240 ms
[  504.894179][    C0] lec:lec_tx_timeout: lec0
[  504.899734][    C0] lec:lec_start_xmit: lec0:No lecd attached
[  504.926129][   T29] rc_core: IR keymap rc-imon-pad not found
[  504.936085][   T29] Registered IR keymap rc-empty
[  504.941061][   T29] imon 4-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  504.956900][   T29] imon 4-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  505.059919][   T29] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/rc/rc0
[  505.074942][   T29] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:155.0/rc/rc0/input87
[  505.092502][   T29] imon 4-1:155.0: iMON device (15c2:ffdc, intf0) on usb<4:80> initialized
[  505.264630][T16951] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2703'.
[  505.283226][T16951] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2703'.
[  505.344236][T16954] netlink: 'syz.0.2705': attribute type 3 has an invalid length.
[  505.442897][ T5835] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  505.587751][T16962] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  505.612480][T16962] pic_ioport_write: 2 callbacks suppressed
[  505.612500][T16962] kvm: pic: level sensitive irq not supported
[  505.626347][T16962] picdev_read: 2 callbacks suppressed
[  505.626367][T16962] kvm: pic: non byte read
[  505.645172][T16962] kvm: pic: level sensitive irq not supported
[  505.645318][T16962] kvm: pic: non byte read
[  505.645863][T16965] FAULT_INJECTION: forcing a failure.
[  505.645863][T16965] name failslab, interval 1, probability 0, space 0, times 0
[  505.652565][T16962] kvm: pic: level sensitive irq not supported
[  505.656105][T16965] CPU: 1 UID: 0 PID: 16965 Comm: syz.4.2709 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  505.656135][T16965] Tainted: [L]=SOFTLOCKUP
[  505.656142][T16965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  505.656154][T16965] Call Trace:
[  505.656162][T16965]  <TASK>
[  505.656171][T16965]  dump_stack_lvl+0xe8/0x150
[  505.656207][T16965]  should_fail_ex+0x412/0x560
[  505.656238][T16965]  should_failslab+0xa8/0x100
[  505.656261][T16965]  __kmalloc_cache_node_noprof+0x8a/0x6b0
[  505.656280][T16965]  ? __lock_acquire+0x6b5/0x2cf0
[  505.656302][T16965]  ? __get_vm_area_node+0x13f/0x300
[  505.656332][T16965]  __get_vm_area_node+0x13f/0x300
[  505.656363][T16965]  __vmalloc_node_range_noprof+0x372/0x1730
[  505.656382][T16965]  ? copy_process+0x508/0x3cf0
[  505.656403][T16965]  ? refill_obj_stock+0x117/0x9b0
[  505.656433][T16965]  ? percpu_ref_get_many+0x19/0x140
[  505.656461][T16965]  ? percpu_ref_get_many+0x19/0x140
[  505.656487][T16965]  ? __memcg_slab_post_alloc_hook+0x3df/0xa80
[  505.656516][T16965]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  505.656536][T16965]  ? rcu_is_watching+0x15/0xb0
[  505.656562][T16965]  ? memcpy_and_pad+0x48/0x80
[  505.656589][T16965]  __vmalloc_node_noprof+0xc2/0x100
[  505.656608][T16965]  ? copy_process+0x508/0x3cf0
[  505.656629][T16965]  ? copy_process+0x508/0x3cf0
[  505.656653][T16965]  dup_task_struct+0x228/0x9a0
[  505.656678][T16965]  ? _raw_spin_unlock_irq+0x23/0x50
[  505.656706][T16965]  copy_process+0x508/0x3cf0
[  505.656756][T16965]  ? __pfx_copy_process+0x10/0x10
[  505.656787][T16965]  ? mutex_init_lockep+0xf9/0x130
[  505.656815][T16965]  vhost_task_create+0x1f9/0x380
[  505.656834][T16965]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  505.656853][T16965]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  505.656872][T16965]  ? __pfx_vhost_task_create+0x10/0x10
[  505.656899][T16965]  ? __pfx_vhost_task_fn+0x10/0x10
[  505.656926][T16965]  ? __lock_acquire+0x6b5/0x2cf0
[  505.656955][T16965]  kvm_mmu_post_init_vm+0x14c/0x300
[  505.656979][T16965]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  505.657008][T16965]  ? __mutex_trylock_common+0x158/0x260
[  505.657036][T16965]  ? __pfx___mutex_trylock_common+0x10/0x10
[  505.657062][T16965]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  505.657083][T16965]  ? register_lock_class+0x31/0x2e0
[  505.657115][T16965]  ? __lock_acquire+0x6b5/0x2cf0
[  505.657145][T16965]  ? kasan_quarantine_put+0xbb/0x1f0
[  505.657165][T16965]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  505.657191][T16965]  ? do_raw_write_lock+0x11d/0x260
[  505.657226][T16965]  kvm_vcpu_ioctl+0xa62/0xfd0
[  505.657250][T16965]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  505.657288][T16965]  ? __fget_files+0x2a/0x420
[  505.657314][T16965]  ? __fget_files+0x2a/0x420
[  505.657336][T16965]  ? __fget_files+0x3a0/0x420
[  505.657358][T16965]  ? __fget_files+0x2a/0x420
[  505.657384][T16965]  ? bpf_lsm_file_ioctl+0x9/0x20
[  505.657406][T16965]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  505.657424][T16965]  __se_sys_ioctl+0xfc/0x170
[  505.657447][T16965]  do_syscall_64+0x14d/0xf80
[  505.657472][T16965]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.657491][T16965]  ? clear_bhb_loop+0x40/0x90
[  505.657513][T16965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  505.657530][T16965] RIP: 0033:0x7fe278b9c629
[  505.657548][T16965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  505.657563][T16965] RSP: 002b:00007fe2799e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  505.657582][T16965] RAX: ffffffffffffffda RBX: 00007fe278e15fa0 RCX: 00007fe278b9c629
[  505.657596][T16965] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  505.657607][T16965] RBP: 00007fe2799e2090 R08: 0000000000000000 R09: 0000000000000000
[  505.657618][T16965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  505.657628][T16965] R13: 00007fe278e16038 R14: 00007fe278e15fa0 R15: 00007ffd79f007c8
[  505.657658][T16965]  </TASK>
[  505.661563][T16966] imon:send_packet: packet tx failed (-71)
[  505.683452][T16962] kvm: pic: non byte read
[  505.687226][   T29] usb 4-1: USB disconnect, device number 80
[  505.755964][T16965] syz.4.2709: vmalloc error: size 32768, vm_struct allocation failed, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null)
[  505.756097][T16966] imon:vfd_write: send packet #1 failed
[  506.115245][T16965] ,cpuset=/,mems_allowed=0-1
[  506.120135][T16965] CPU: 1 UID: 0 PID: 16965 Comm: syz.4.2709 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  506.120166][T16965] Tainted: [L]=SOFTLOCKUP
[  506.120174][T16965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  506.120186][T16965] Call Trace:
[  506.120194][T16965]  <TASK>
[  506.120209][T16965]  dump_stack_lvl+0xe8/0x150
[  506.120242][T16965]  warn_alloc+0x249/0x340
[  506.120270][T16965]  ? qlist_free_all+0x8c/0x100
[  506.120290][T16965]  ? __pfx_warn_alloc+0x10/0x10
[  506.120313][T16965]  ? __get_vm_area_node+0x13f/0x300
[  506.120345][T16965]  ? __get_vm_area_node+0x2b5/0x300
[  506.120382][T16965]  __vmalloc_node_range_noprof+0x397/0x1730
[  506.120402][T16965]  ? refill_obj_stock+0x117/0x9b0
[  506.120435][T16965]  ? percpu_ref_get_many+0x19/0x140
[  506.120466][T16965]  ? percpu_ref_get_many+0x19/0x140
[  506.120495][T16965]  ? __memcg_slab_post_alloc_hook+0x3df/0xa80
[  506.120528][T16965]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  506.120553][T16965]  ? rcu_is_watching+0x15/0xb0
[  506.120581][T16965]  ? memcpy_and_pad+0x48/0x80
[  506.120612][T16965]  __vmalloc_node_noprof+0xc2/0x100
[  506.120632][T16965]  ? copy_process+0x508/0x3cf0
[  506.120656][T16965]  ? copy_process+0x508/0x3cf0
[  506.120684][T16965]  dup_task_struct+0x228/0x9a0
[  506.120711][T16965]  ? _raw_spin_unlock_irq+0x23/0x50
[  506.120743][T16965]  copy_process+0x508/0x3cf0
[  506.120799][T16965]  ? __pfx_copy_process+0x10/0x10
[  506.120834][T16965]  ? mutex_init_lockep+0xf9/0x130
[  506.120867][T16965]  vhost_task_create+0x1f9/0x380
[  506.120889][T16965]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  506.120910][T16965]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  506.120931][T16965]  ? __pfx_vhost_task_create+0x10/0x10
[  506.120961][T16965]  ? __pfx_vhost_task_fn+0x10/0x10
[  506.120992][T16965]  ? __lock_acquire+0x6b5/0x2cf0
[  506.121025][T16965]  kvm_mmu_post_init_vm+0x14c/0x300
[  506.121051][T16965]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  506.121084][T16965]  ? __mutex_trylock_common+0x158/0x260
[  506.121126][T16965]  ? __pfx___mutex_trylock_common+0x10/0x10
[  506.121155][T16965]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  506.121179][T16965]  ? register_lock_class+0x31/0x2e0
[  506.121211][T16965]  ? __lock_acquire+0x6b5/0x2cf0
[  506.121246][T16965]  ? kasan_quarantine_put+0xbb/0x1f0
[  506.121269][T16965]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  506.121300][T16965]  ? do_raw_write_lock+0x11d/0x260
[  506.121338][T16965]  kvm_vcpu_ioctl+0xa62/0xfd0
[  506.121365][T16965]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  506.121409][T16965]  ? __fget_files+0x2a/0x420
[  506.121438][T16965]  ? __fget_files+0x2a/0x420
[  506.121463][T16965]  ? __fget_files+0x3a0/0x420
[  506.121490][T16965]  ? __fget_files+0x2a/0x420
[  506.121520][T16965]  ? bpf_lsm_file_ioctl+0x9/0x20
[  506.121543][T16965]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  506.121564][T16965]  __se_sys_ioctl+0xfc/0x170
[  506.121589][T16965]  do_syscall_64+0x14d/0xf80
[  506.121616][T16965]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.121636][T16965]  ? clear_bhb_loop+0x40/0x90
[  506.121661][T16965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  506.121681][T16965] RIP: 0033:0x7fe278b9c629
[  506.121700][T16965] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  506.121716][T16965] RSP: 002b:00007fe2799e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  506.121736][T16965] RAX: ffffffffffffffda RBX: 00007fe278e15fa0 RCX: 00007fe278b9c629
[  506.121750][T16965] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  506.121763][T16965] RBP: 00007fe2799e2090 R08: 0000000000000000 R09: 0000000000000000
[  506.121776][T16965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  506.121788][T16965] R13: 00007fe278e16038 R14: 00007fe278e15fa0 R15: 00007ffd79f007c8
[  506.121820][T16965]  </TASK>
[  506.121872][T16965] Mem-Info:
[  506.517589][T16965] active_anon:23966 inactive_anon:0 isolated_anon:0
[  506.517589][T16965]  active_file:16583 inactive_file:40161 isolated_file:0
[  506.517589][T16965]  unevictable:768 dirty:227 writeback:0
[  506.517589][T16965]  slab_reclaimable:7254 slab_unreclaimable:96642
[  506.517589][T16965]  mapped:31277 shmem:17822 pagetables:1765
[  506.517589][T16965]  sec_pagetables:3 bounce:0
[  506.517589][T16965]  kernel_misc_reclaimable:0
[  506.517589][T16965]  free:1288839 free_pcp:17528 free_cma:0
[  506.609301][T16965] Node 0 active_anon:95964kB inactive_anon:0kB active_file:66256kB inactive_file:160448kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125032kB dirty:900kB writeback:0kB shmem:69752kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12648kB pagetables:6628kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB
[  506.648693][T16965] Node 1 active_anon:0kB inactive_anon:0kB active_file:76kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:76kB dirty:8kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:32kB pagetables:132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  506.695047][T16965] Node 0 DMA free:15356kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  506.727265][T16965] lowmem_reserve[]: 0 2481 2482 2482 2482
[  506.733213][T16965] Node 0 DMA32 free:1203912kB boost:0kB min:34092kB low:42612kB high:51132kB reserved_highatomic:0KB free_highatomic:0KB active_anon:95916kB inactive_anon:0kB active_file:66256kB inactive_file:160448kB unevictable:1536kB writepending:836kB zspages:0kB present:3129332kB managed:2540552kB mlocked:0kB bounce:0kB free_pcp:67024kB local_pcp:24788kB free_cma:0kB
[  506.767505][T16965] lowmem_reserve[]: 0 0 1 1 1
[  506.772358][T16965] Node 0 Normal free:0kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1676kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:4kB free_cma:0kB
[  506.802223][T16965] lowmem_reserve[]: 0 0 0 0 0
[  506.810346][T16965] Node 1 Normal free:3935484kB boost:0kB min:55784kB low:69728kB high:83672kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:76kB inactive_file:196kB unevictable:1536kB writepending:8kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:4096kB local_pcp:0kB free_cma:0kB
[  506.844993][T16965] lowmem_reserve[]: 0 0 0 0 0
[  506.849925][T16965] Node 0 DMA: 1*4kB (U) 1*8kB (U) 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15356kB
[  506.865407][T16965] Node 0 DMA32: 1644*4kB (UM) 2627*8kB (UME) 1366*16kB (UME) 300*32kB (UME) 212*64kB (UME) 179*128kB (UME) 93*256kB (UME) 80*512kB (UME) 59*1024kB (UME) 32*2048kB (UME) 224*4096kB (UM) = 1203752kB
[  506.884965][T16965] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  506.897550][T16965] Node 1 Normal: 5*4kB (UM) 7*8kB (UM) 11*16kB (UE) 12*32kB (UME) 8*64kB (UME) 7*128kB (UM) 3*256kB (M) 5*512kB (UM) 4*1024kB (UME) 9*2048kB (UME) 954*4096kB (UM) = 3935484kB
[  506.916095][T16965] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  506.916274][   T29] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[  506.935620][T16965] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  506.945389][T16965] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  506.957102][T16965] Node 1 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[  506.967294][T16965] 74556 total pagecache pages
[  506.971992][T16965] 1 pages in swap cache
[  506.977068][T16965] Free swap  = 124992kB
[  506.981930][T16965] Total swap = 124996kB
[  506.988617][T16965] 2097051 pages RAM
[  506.992455][T16965] 0 pages HighMem/MovableOnly
[  506.997218][T16965] 429879 pages reserved
[  507.001392][T16965] 0 pages cma reserved
[  507.058037][T16981] netlink: 'syz.0.2714': attribute type 3 has an invalid length.
[  507.106093][   T29] usb 4-1: Using ep0 maxpacket: 32
[  507.120545][   T29] usb 4-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  507.139439][   T29] usb 4-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  507.152879][   T29] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  507.164334][   T29] usb 4-1: config 155 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  507.165093][T16985] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2715'.
[  507.174871][   T29] usb 4-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  507.184578][T16985] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2715'.
[  507.218402][   T29] usb 4-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  507.227811][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.238072][   T29] usb 4-1: Product: syz
[  507.242684][   T29] usb 4-1: Manufacturer: syz
[  507.247434][   T29] usb 4-1: SerialNumber: syz
[  507.267128][   T29] imon:imon_init_intf0: usb_submit_urb failed for intf0 (-90)
[  507.282033][   T29] imon 4-1:155.0: unable to initialize intf0, err -90
[  507.295259][   T29] imon:imon_probe: failed to initialize context!
[  507.302131][   T29] imon 4-1:155.0: unable to register, err -19
[  507.343543][T16987] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2139632632 (8558530528 ns) > initial count (4400489236 ns). Using initial count to start timer.
[  507.361963][T16987] FAULT_INJECTION: forcing a failure.
[  507.361963][T16987] name failslab, interval 1, probability 0, space 0, times 0
[  507.375804][T16987] CPU: 0 UID: 0 PID: 16987 Comm: syz.0.2717 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  507.375835][T16987] Tainted: [L]=SOFTLOCKUP
[  507.375842][T16987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  507.375854][T16987] Call Trace:
[  507.375863][T16987]  <TASK>
[  507.375872][T16987]  dump_stack_lvl+0xe8/0x150
[  507.375907][T16987]  should_fail_ex+0x412/0x560
[  507.375942][T16987]  should_failslab+0xa8/0x100
[  507.375968][T16987]  __kmalloc_cache_node_noprof+0x8a/0x6b0
[  507.375996][T16987]  ? __lock_acquire+0x6b5/0x2cf0
[  507.376021][T16987]  ? __get_vm_area_node+0x13f/0x300
[  507.376065][T16987]  __get_vm_area_node+0x13f/0x300
[  507.376101][T16987]  __vmalloc_node_range_noprof+0x372/0x1730
[  507.376123][T16987]  ? copy_process+0x508/0x3cf0
[  507.376147][T16987]  ? refill_obj_stock+0x117/0x9b0
[  507.376182][T16987]  ? percpu_ref_get_many+0x19/0x140
[  507.376215][T16987]  ? percpu_ref_get_many+0x19/0x140
[  507.376245][T16987]  ? __memcg_slab_post_alloc_hook+0x3df/0xa80
[  507.376279][T16987]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  507.376302][T16987]  ? rcu_is_watching+0x15/0xb0
[  507.376332][T16987]  ? memcpy_and_pad+0x48/0x80
[  507.376363][T16987]  __vmalloc_node_noprof+0xc2/0x100
[  507.376384][T16987]  ? copy_process+0x508/0x3cf0
[  507.376408][T16987]  ? copy_process+0x508/0x3cf0
[  507.376437][T16987]  dup_task_struct+0x228/0x9a0
[  507.376465][T16987]  ? _raw_spin_unlock_irq+0x23/0x50
[  507.376495][T16987]  copy_process+0x508/0x3cf0
[  507.376551][T16987]  ? __pfx_copy_process+0x10/0x10
[  507.376585][T16987]  ? mutex_init_lockep+0xf9/0x130
[  507.376616][T16987]  vhost_task_create+0x1f9/0x380
[  507.376638][T16987]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  507.376658][T16987]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  507.376680][T16987]  ? __pfx_vhost_task_create+0x10/0x10
[  507.376710][T16987]  ? __pfx_vhost_task_fn+0x10/0x10
[  507.376741][T16987]  ? __lock_acquire+0x6b5/0x2cf0
[  507.376774][T16987]  kvm_mmu_post_init_vm+0x14c/0x300
[  507.376802][T16987]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  507.376835][T16987]  ? __mutex_trylock_common+0x158/0x260
[  507.376868][T16987]  ? __pfx___mutex_trylock_common+0x10/0x10
[  507.376899][T16987]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  507.376922][T16987]  ? register_lock_class+0x31/0x2e0
[  507.376952][T16987]  ? __lock_acquire+0x6b5/0x2cf0
[  507.376987][T16987]  ? kasan_quarantine_put+0xbb/0x1f0
[  507.377009][T16987]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  507.377039][T16987]  ? do_raw_write_lock+0x11d/0x260
[  507.377087][T16987]  kvm_vcpu_ioctl+0xa62/0xfd0
[  507.377115][T16987]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  507.377133][T16987]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  507.377186][T16987]  ? __fget_files+0x2a/0x420
[  507.377216][T16987]  ? __fget_files+0x2a/0x420
[  507.377241][T16987]  ? __fget_files+0x3a0/0x420
[  507.377267][T16987]  ? __fget_files+0x2a/0x420
[  507.377298][T16987]  ? bpf_lsm_file_ioctl+0x9/0x20
[  507.377321][T16987]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  507.377342][T16987]  __se_sys_ioctl+0xfc/0x170
[  507.377367][T16987]  do_syscall_64+0x14d/0xf80
[  507.377394][T16987]  ? trace_irq_disable+0x3b/0x150
[  507.377422][T16987]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.377442][T16987]  ? clear_bhb_loop+0x40/0x90
[  507.377467][T16987]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  507.377488][T16987] RIP: 0033:0x7f444599c629
[  507.377508][T16987] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  507.377525][T16987] RSP: 002b:00007f44467bd028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  507.377548][T16987] RAX: ffffffffffffffda RBX: 00007f4445c15fa0 RCX: 00007f444599c629
[  507.377562][T16987] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  507.377575][T16987] RBP: 00007f44467bd090 R08: 0000000000000000 R09: 0000000000000000
[  507.377587][T16987] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  507.377599][T16987] R13: 00007f4445c16038 R14: 00007f4445c15fa0 R15: 00007ffd94612ac8
[  507.377633][T16987]  </TASK>
[  507.900424][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  508.066204][ T5964] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[  508.240131][ T5964] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  508.249232][ T5964] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  508.261298][ T5964] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  508.272589][ T5964] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  508.284719][ T5964] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  508.298312][ T5964] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  508.307858][ T5964] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  508.315944][ T5964] usb 5-1: Product: syz
[  508.322875][ T5964] usb 5-1: Manufacturer: syz
[  508.343121][ T5964] cdc_wdm 5-1:1.0: skipping garbage
[  508.349477][ T5964] cdc_wdm 5-1:1.0: skipping garbage
[  508.359964][ T5964] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  508.366340][ T5964] cdc_wdm 5-1:1.0: Unknown control protocol
[  508.546512][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  508.547712][ T5964] usb 5-1: USB disconnect, device number 106
[  508.553353][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  508.565279][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  508.798111][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  508.930445][T17018] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2726'.
[  509.206277][   T10] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[  509.358130][   T10] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  509.367170][   T10] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  509.377933][   T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  509.387455][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  509.398509][   T10] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  509.411187][   T10] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  509.420369][   T10] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  509.428488][   T10] usb 5-1: Product: syz
[  509.432665][   T10] usb 5-1: Manufacturer: syz
[  509.445085][   T10] cdc_wdm 5-1:1.0: skipping garbage
[  509.450881][   T10] cdc_wdm 5-1:1.0: skipping garbage
[  509.457693][   T10] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  509.463636][   T10] cdc_wdm 5-1:1.0: Unknown control protocol
[  509.632625][T17023] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  509.639171][T17023] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  509.649790][T17023] vhci_hcd vhci_hcd.0: Device attached
[  509.699866][T17024] vhci_hcd: connection closed
[  509.702658][  T156] vhci_hcd vhci_hcd.6: stop threads
[  509.716323][  T156] vhci_hcd vhci_hcd.6: release socket
[  509.721754][  T156] vhci_hcd vhci_hcd.6: disconnect device
[  509.916106][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5020 ms
[  509.924224][    C0] lec:lec_tx_timeout: lec0
[  510.256634][ T5964] usb 4-1: USB disconnect, device number 81
[  510.343724][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  510.706120][ T5964] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[  510.867034][ T5964] usb 4-1: too many configurations: 237, using maximum allowed: 8
[  510.870598][   T10] usb 5-1: USB disconnect, device number 107
[  510.908525][ T5964] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  510.928792][ T5964] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.946557][ T5964] usb 4-1: Product: syz
[  510.950889][ T5964] usb 4-1: Manufacturer: syz
[  510.955606][ T5835] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  510.955682][ T5964] usb 4-1: SerialNumber: syz
[  510.992844][ T5964] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  511.017485][ T1564] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  511.210341][T17047] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2735'.
[  511.588764][ T5964] usb 4-1: USB disconnect, device number 82
[  511.760860][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  511.983125][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  512.096491][ T1564] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  512.129147][ T1564] ath9k_htc: Failed to initialize the device
[  512.139163][ T5964] usb 4-1: ath9k_htc: USB layer deinitialized
[  512.199733][T17071] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2744'.
[  512.404079][T17077] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  512.692930][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  512.776327][T17091] FAULT_INJECTION: forcing a failure.
[  512.776327][T17091] name failslab, interval 1, probability 0, space 0, times 0
[  512.796598][T17091] CPU: 0 UID: 0 PID: 17091 Comm: syz.6.2751 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  512.796630][T17091] Tainted: [L]=SOFTLOCKUP
[  512.796638][T17091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  512.796651][T17091] Call Trace:
[  512.796660][T17091]  <TASK>
[  512.796669][T17091]  dump_stack_lvl+0xe8/0x150
[  512.796703][T17091]  should_fail_ex+0x412/0x560
[  512.796738][T17091]  should_failslab+0xa8/0x100
[  512.796764][T17091]  __kmalloc_cache_node_noprof+0x8a/0x6b0
[  512.796787][T17091]  ? __lock_acquire+0x6b5/0x2cf0
[  512.796811][T17091]  ? __get_vm_area_node+0x13f/0x300
[  512.796847][T17091]  __get_vm_area_node+0x13f/0x300
[  512.796882][T17091]  __vmalloc_node_range_noprof+0x372/0x1730
[  512.796904][T17091]  ? copy_process+0x508/0x3cf0
[  512.796929][T17091]  ? refill_obj_stock+0x117/0x9b0
[  512.796964][T17091]  ? percpu_ref_get_many+0x19/0x140
[  512.796997][T17091]  ? percpu_ref_get_many+0x19/0x140
[  512.797026][T17091]  ? __memcg_slab_post_alloc_hook+0x3df/0xa80
[  512.797060][T17091]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  512.797085][T17091]  ? rcu_is_watching+0x15/0xb0
[  512.797114][T17091]  ? memcpy_and_pad+0x48/0x80
[  512.797143][T17091]  __vmalloc_node_noprof+0xc2/0x100
[  512.797163][T17091]  ? copy_process+0x508/0x3cf0
[  512.797186][T17091]  ? copy_process+0x508/0x3cf0
[  512.797215][T17091]  dup_task_struct+0x228/0x9a0
[  512.797245][T17091]  ? _raw_spin_unlock_irq+0x23/0x50
[  512.797277][T17091]  copy_process+0x508/0x3cf0
[  512.797336][T17091]  ? __pfx_copy_process+0x10/0x10
[  512.797382][T17091]  ? mutex_init_lockep+0xf9/0x130
[  512.797416][T17091]  vhost_task_create+0x1f9/0x380
[  512.797438][T17091]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  512.797459][T17091]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  512.797483][T17091]  ? __pfx_vhost_task_create+0x10/0x10
[  512.797514][T17091]  ? __pfx_vhost_task_fn+0x10/0x10
[  512.797544][T17091]  ? __lock_acquire+0x6b5/0x2cf0
[  512.797578][T17091]  kvm_mmu_post_init_vm+0x14c/0x300
[  512.797606][T17091]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  512.797640][T17091]  ? __mutex_trylock_common+0x158/0x260
[  512.797673][T17091]  ? __pfx___mutex_trylock_common+0x10/0x10
[  512.797704][T17091]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  512.797727][T17091]  ? register_lock_class+0x31/0x2e0
[  512.797758][T17091]  ? __lock_acquire+0x6b5/0x2cf0
[  512.797792][T17091]  ? kasan_quarantine_put+0xbb/0x1f0
[  512.797816][T17091]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  512.797846][T17091]  ? do_raw_write_lock+0x11d/0x260
[  512.797886][T17091]  kvm_vcpu_ioctl+0xa62/0xfd0
[  512.797914][T17091]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  512.797933][T17091]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  512.797985][T17091]  ? __fget_files+0x2a/0x420
[  512.798014][T17091]  ? __fget_files+0x2a/0x420
[  512.798036][T17091]  ? __fget_files+0x3a0/0x420
[  512.798056][T17091]  ? __fget_files+0x2a/0x420
[  512.798086][T17091]  ? bpf_lsm_file_ioctl+0x9/0x20
[  512.798108][T17091]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  512.798129][T17091]  __se_sys_ioctl+0xfc/0x170
[  512.798153][T17091]  do_syscall_64+0x14d/0xf80
[  512.798181][T17091]  ? trace_irq_disable+0x3b/0x150
[  512.798207][T17091]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.798226][T17091]  ? clear_bhb_loop+0x40/0x90
[  512.798250][T17091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  512.798269][T17091] RIP: 0033:0x7f57f3b9c629
[  512.798288][T17091] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  512.798305][T17091] RSP: 002b:00007f57f4ab6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  512.798326][T17091] RAX: ffffffffffffffda RBX: 00007f57f3e15fa0 RCX: 00007f57f3b9c629
[  512.798350][T17091] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  512.798362][T17091] RBP: 00007f57f4ab6090 R08: 0000000000000000 R09: 0000000000000000
[  512.798374][T17091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  512.798385][T17091] R13: 00007f57f3e16038 R14: 00007f57f3e15fa0 R15: 00007fffbed19f98
[  512.798418][T17091]  </TASK>
[  513.434894][T17098] FAULT_INJECTION: forcing a failure.
[  513.434894][T17098] name failslab, interval 1, probability 0, space 0, times 0
[  513.468602][T17098] CPU: 0 UID: 0 PID: 17098 Comm: syz.4.2756 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  513.468636][T17098] Tainted: [L]=SOFTLOCKUP
[  513.468643][T17098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  513.468656][T17098] Call Trace:
[  513.468664][T17098]  <TASK>
[  513.468673][T17098]  dump_stack_lvl+0xe8/0x150
[  513.468707][T17098]  should_fail_ex+0x412/0x560
[  513.468742][T17098]  should_failslab+0xa8/0x100
[  513.468766][T17098]  ? sk_prot_alloc+0x57/0x210
[  513.468793][T17098]  kmem_cache_alloc_noprof+0x87/0x650
[  513.468832][T17098]  ? security_inode_alloc+0x39/0x310
[  513.468861][T17098]  sk_prot_alloc+0x57/0x210
[  513.468892][T17098]  sk_clone+0x7f/0x1000
[  513.468929][T17098]  sctp_clone_sock+0x31/0x16b0
[  513.468958][T17098]  ? security_socket_post_create+0x83/0x330
[  513.469008][T17098]  ? sock_create_lite+0x289/0x350
[  513.469037][T17098]  sctp_getsockopt_peeloff_common+0x3eb/0x7e0
[  513.469074][T17098]  ? __pfx_sctp_getsockopt_peeloff_common+0x10/0x10
[  513.469121][T17098]  sctp_getsockopt_peeloff_flags+0x14b/0x240
[  513.469151][T17098]  ? __pfx_sctp_getsockopt_peeloff_flags+0x10/0x10
[  513.469175][T17098]  ? sctp_getsockopt+0x12f/0xb90
[  513.469206][T17098]  ? __local_bh_enable_ip+0xd0/0x130
[  513.469237][T17098]  sctp_getsockopt+0x3a5/0xb90
[  513.469263][T17098]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  513.469289][T17098]  do_sock_getsockopt+0x2d3/0x3f0
[  513.469321][T17098]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  513.469350][T17098]  ? __fget_files+0x3a0/0x420
[  513.469377][T17098]  ? __fget_files+0x2a/0x420
[  513.469412][T17098]  __x64_sys_getsockopt+0x1a4/0x240
[  513.469450][T17098]  do_syscall_64+0x14d/0xf80
[  513.469478][T17098]  ? trace_irq_disable+0x3b/0x150
[  513.469516][T17098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.469536][T17098]  ? clear_bhb_loop+0x40/0x90
[  513.469561][T17098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  513.469581][T17098] RIP: 0033:0x7fe278b9c629
[  513.469602][T17098] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  513.469618][T17098] RSP: 002b:00007fe2799e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  513.469640][T17098] RAX: ffffffffffffffda RBX: 00007fe278e15fa0 RCX: 00007fe278b9c629
[  513.469655][T17098] RDX: 000000000000007a RSI: 0000000000000084 RDI: 0000000000000003
[  513.469667][T17098] RBP: 00007fe2799e2090 R08: 0000200000000040 R09: 0000000000000000
[  513.469680][T17098] R10: 00002000000003c0 R11: 0000000000000246 R12: 0000000000000001
[  513.469694][T17098] R13: 00007fe278e16038 R14: 00007fe278e15fa0 R15: 00007ffd79f007c8
[  513.469728][T17098]  </TASK>
[  513.813961][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  513.921255][T17112] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2760'.
[  514.075603][   T30] audit: type=1326 audit(1771518740.757:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17117 comm="syz.6.2762" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f57f3b9c629 code=0x0
[  514.176637][ T5964] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[  514.346079][ T5964] usb 5-1: Using ep0 maxpacket: 8
[  514.358551][ T5964] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  514.376129][ T5964] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  514.386491][ T5964] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  514.408401][ T5964] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  514.418659][ T5964] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  514.430405][ T5964] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  514.445359][ T5964] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  514.457424][ T5964] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  514.479475][ T5964] usbtmc 5-1:16.0: probe with driver usbtmc failed with error -22
[  515.166114][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  515.281747][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  515.446357][T17149] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2772'.
[  515.732679][T17156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2775'.
[  515.931879][T17164] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2779'.
[  516.066528][T17171] x_tables: duplicate underflow at hook 1
[  516.914214][ T5964] usb 5-1: USB disconnect, device number 108
[  517.066854][T17175] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2784'.
[  517.246114][T17184] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2788'.
[  517.293170][T17186] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2789'.
[  517.999480][T17199] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2794'.
[  518.475390][T17209] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2797'.
[  518.816224][   T10] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[  518.837915][   T30] audit: type=1326 audit(1771518745.527:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17216 comm="syz.4.2801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe278b9c629 code=0x7ffc0000
[  518.860547][   T30] audit: type=1326 audit(1771518745.527:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17216 comm="syz.4.2801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe278b9c629 code=0x7ffc0000
[  518.883149][   T30] audit: type=1326 audit(1771518745.537:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17216 comm="syz.4.2801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fe278b9c629 code=0x7ffc0000
[  518.908950][   T30] audit: type=1326 audit(1771518745.537:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17216 comm="syz.4.2801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe278b9c629 code=0x7ffc0000
[  518.931362][   T30] audit: type=1326 audit(1771518745.537:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17216 comm="syz.4.2801" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fe278b9c629 code=0x7ffc0000
[  518.986299][   T10] usb 4-1: Using ep0 maxpacket: 8
[  518.993057][   T10] usb 4-1: config 6 has too many interfaces: 254, using maximum allowed: 32
[  519.001874][   T10] usb 4-1: config 6 has 1 interface, different from the descriptor's value: 254
[  519.011521][   T10] usb 4-1: config 6 has no interface number 0
[  519.017823][   T10] usb 4-1: config 6 interface 51 has no altsetting 0
[  519.027090][   T10] usb 4-1: New USB device found, idVendor=04e2, idProduct=1420, bcdDevice=30.ad
[  519.036440][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  519.044522][   T10] usb 4-1: Product: syz
[  519.056130][   T10] usb 4-1: Manufacturer: syz
[  519.060768][   T10] usb 4-1: SerialNumber: syz
[  519.154675][T17224] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2803'.
[  519.265721][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  519.293465][   T10] usb 4-1: USB disconnect, device number 83
[  519.819422][T17232] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2807'.
[  519.910517][T17234] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  520.778562][T17247] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2812'.
[  520.921563][ T5835] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  521.228004][T17256] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  521.301009][T17259] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2817'.
[  521.374170][T17263] FAULT_INJECTION: forcing a failure.
[  521.374170][T17263] name failslab, interval 1, probability 0, space 0, times 0
[  521.389467][T17263] CPU: 0 UID: 0 PID: 17263 Comm: syz.4.2818 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  521.389489][T17263] Tainted: [L]=SOFTLOCKUP
[  521.389494][T17263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  521.389501][T17263] Call Trace:
[  521.389506][T17263]  <TASK>
[  521.389512][T17263]  dump_stack_lvl+0xe8/0x150
[  521.389533][T17263]  should_fail_ex+0x412/0x560
[  521.389553][T17263]  should_failslab+0xa8/0x100
[  521.389569][T17263]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  521.389581][T17263]  ? __alloc_skb+0x186/0x7d0
[  521.389595][T17263]  ? __alloc_skb+0x1d0/0x7d0
[  521.389609][T17263]  ? __local_bh_enable_ip+0xd0/0x130
[  521.389627][T17263]  __alloc_skb+0x1d0/0x7d0
[  521.389645][T17263]  alloc_skb_with_frags+0xca/0x890
[  521.389665][T17263]  ? apparmor_capable+0x126/0x170
[  521.389681][T17263]  sock_alloc_send_pskb+0x878/0x990
[  521.389708][T17263]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  521.389725][T17263]  ? sock_omalloc+0x126/0x1e0
[  521.389744][T17263]  ? msg_zerocopy_realloc+0x2b3/0x850
[  521.389765][T17263]  __ip6_append_data+0x2976/0x3c50
[  521.389791][T17263]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  521.389806][T17263]  ? __ip6_append_data+0xde1/0x3c50
[  521.389821][T17263]  ? __lock_acquire+0x6b5/0x2cf0
[  521.389846][T17263]  ? __pfx___ip6_append_data+0x10/0x10
[  521.389862][T17263]  ? __pfx_ip6_mtu+0x10/0x10
[  521.389880][T17263]  ip6_make_skb+0x2af/0x320
[  521.389897][T17263]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  521.389915][T17263]  ? __pfx_ip6_make_skb+0x10/0x10
[  521.389937][T17263]  ? ip6_dst_hoplimit+0x65/0x3e0
[  521.389949][T17263]  ? ip6_dst_hoplimit+0x65/0x3e0
[  521.389963][T17263]  udpv6_sendmsg+0x1cfe/0x2560
[  521.389983][T17263]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  521.389998][T17263]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  521.390017][T17263]  ? __pfx_udpv6_sendmsg+0x10/0x10
[  521.390046][T17263]  ? aa_sk_perm+0x6d5/0x900
[  521.390067][T17263]  ? inet_send_prepare+0x5c/0x270
[  521.390086][T17263]  ? inet6_sendmsg+0xe4/0x120
[  521.390100][T17263]  sock_sendmsg_nosec+0x8e/0x1d0
[  521.390114][T17263]  ____sys_sendmsg+0x589/0x8c0
[  521.390135][T17263]  ? __pfx_____sys_sendmsg+0x10/0x10
[  521.390156][T17263]  ? import_iovec+0x73/0xa0
[  521.390172][T17263]  ___sys_sendmsg+0x2a5/0x360
[  521.390191][T17263]  ? __pfx____sys_sendmsg+0x10/0x10
[  521.390210][T17263]  ? kstrtouint+0x6e/0xe0
[  521.390239][T17263]  ? __fget_files+0x2a/0x420
[  521.390255][T17263]  ? __fget_files+0x3a0/0x420
[  521.390276][T17263]  __sys_sendmmsg+0x27c/0x4e0
[  521.390296][T17263]  ? __pfx___sys_sendmmsg+0x10/0x10
[  521.390319][T17263]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  521.390350][T17263]  ? ksys_write+0x242/0x270
[  521.390363][T17263]  ? __pfx_ksys_write+0x10/0x10
[  521.390378][T17263]  __x64_sys_sendmmsg+0xa0/0xc0
[  521.390396][T17263]  do_syscall_64+0x14d/0xf80
[  521.390412][T17263]  ? trace_irq_disable+0x3b/0x150
[  521.390428][T17263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.390440][T17263]  ? clear_bhb_loop+0x40/0x90
[  521.390454][T17263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  521.390465][T17263] RIP: 0033:0x7fe278b9c629
[  521.390477][T17263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  521.390487][T17263] RSP: 002b:00007fe2799e2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  521.390502][T17263] RAX: ffffffffffffffda RBX: 00007fe278e15fa0 RCX: 00007fe278b9c629
[  521.390510][T17263] RDX: 0400000000000172 RSI: 0000200000003cc0 RDI: 0000000000000003
[  521.390519][T17263] RBP: 00007fe2799e2090 R08: 0000000000000000 R09: 0000000000000000
[  521.390527][T17263] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[  521.390534][T17263] R13: 00007fe278e16038 R14: 00007fe278e15fa0 R15: 00007ffd79f007c8
[  521.390551][T17263]  </TASK>
[  521.889028][T17267] binder: 17266:17267 ioctl c0306201 2000000003c0 returned -14
[  521.931810][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  522.674517][T17294] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  522.717916][T17299] binder: 17298:17299 ioctl c0306201 2000000003c0 returned -14
[  522.750416][T17294] kvm: pic: level sensitive irq not supported
[  522.750513][T17294] kvm: pic: non byte read
[  522.765795][T17296] FAULT_INJECTION: forcing a failure.
[  522.765795][T17296] name failslab, interval 1, probability 0, space 0, times 0
[  522.772290][T17294] kvm: pic: level sensitive irq not supported
[  522.792635][T17296] CPU: 0 UID: 0 PID: 17296 Comm: syz.3.2829 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  522.792670][T17296] Tainted: [L]=SOFTLOCKUP
[  522.792679][T17296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  522.792690][T17296] Call Trace:
[  522.792699][T17296]  <TASK>
[  522.792708][T17296]  dump_stack_lvl+0xe8/0x150
[  522.792740][T17296]  should_fail_ex+0x412/0x560
[  522.792771][T17296]  should_failslab+0xa8/0x100
[  522.792799][T17296]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  522.792819][T17296]  ? cgroup1_freezing+0x20/0x350
[  522.792844][T17296]  ? cgroup1_freezing+0x20/0x350
[  522.792868][T17296]  ? dup_task_struct+0x57/0x9a0
[  522.792901][T17296]  dup_task_struct+0x57/0x9a0
[  522.792930][T17296]  ? _raw_spin_unlock_irq+0x23/0x50
[  522.792959][T17296]  copy_process+0x508/0x3cf0
[  522.793017][T17296]  ? __pfx_copy_process+0x10/0x10
[  522.793054][T17296]  ? mutex_init_lockep+0xf9/0x130
[  522.793087][T17296]  vhost_task_create+0x1f9/0x380
[  522.793108][T17296]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  522.793128][T17296]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  522.793150][T17296]  ? __pfx_vhost_task_create+0x10/0x10
[  522.793181][T17296]  ? __pfx_vhost_task_fn+0x10/0x10
[  522.793220][T17296]  ? __lock_acquire+0x6b5/0x2cf0
[  522.793254][T17296]  kvm_mmu_post_init_vm+0x14c/0x300
[  522.793281][T17296]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  522.793314][T17296]  ? __mutex_trylock_common+0x158/0x260
[  522.793346][T17296]  ? __pfx___mutex_trylock_common+0x10/0x10
[  522.793377][T17296]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  522.793401][T17296]  ? register_lock_class+0x31/0x2e0
[  522.793430][T17296]  ? __lock_acquire+0x6b5/0x2cf0
[  522.793465][T17296]  ? kasan_quarantine_put+0xbb/0x1f0
[  522.793489][T17296]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  522.793517][T17296]  ? do_raw_write_lock+0x11d/0x260
[  522.793554][T17296]  kvm_vcpu_ioctl+0xa62/0xfd0
[  522.793582][T17296]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  522.793601][T17296]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  522.793654][T17296]  ? __fget_files+0x2a/0x420
[  522.793685][T17296]  ? __fget_files+0x2a/0x420
[  522.793711][T17296]  ? __fget_files+0x3a0/0x420
[  522.793736][T17296]  ? __fget_files+0x2a/0x420
[  522.793766][T17296]  ? bpf_lsm_file_ioctl+0x9/0x20
[  522.793792][T17296]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  522.793813][T17296]  __se_sys_ioctl+0xfc/0x170
[  522.793839][T17296]  do_syscall_64+0x14d/0xf80
[  522.793868][T17296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.793889][T17296]  ? clear_bhb_loop+0x40/0x90
[  522.793914][T17296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  522.793933][T17296] RIP: 0033:0x7fbfb299c629
[  522.793952][T17296] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  522.793969][T17296] RSP: 002b:00007fbfb388d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  522.793991][T17296] RAX: ffffffffffffffda RBX: 00007fbfb2c15fa0 RCX: 00007fbfb299c629
[  522.794006][T17296] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  522.794019][T17296] RBP: 00007fbfb388d090 R08: 0000000000000000 R09: 0000000000000000
[  522.794032][T17296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  522.794045][T17296] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  522.794079][T17296]  </TASK>
[  522.796801][T17294] kvm: pic: non byte read
[  523.162725][T17294] kvm: pic: level sensitive irq not supported
[  523.162848][T17294] kvm: pic: non byte read
[  523.174087][T17294] kvm: pic: level sensitive irq not supported
[  523.174239][T17294] kvm: pic: non byte read
[  523.185438][T17294] kvm: pic: level sensitive irq not supported
[  523.185525][T17294] kvm: pic: non byte read
[  523.196889][T17294] kvm: pic: level sensitive irq not supported
[  523.197021][T17294] kvm: pic: non byte read
[  523.379395][T17310] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  523.466675][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  523.876407][ T5964] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[  524.046261][ T5964] usb 5-1: Using ep0 maxpacket: 8
[  524.054024][ T5964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  524.065312][ T5964] usb 5-1: New USB device found, idVendor=048d, idProduct=ce50, bcdDevice= 0.00
[  524.074498][ T5964] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  524.089608][ T5964] usb 5-1: config 0 descriptor??
[  524.509923][T17322] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.523610][T17322] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  524.550852][ T5964] asus 0003:048D:CE50.0021: hidraw0: USB HID v0.00 Device [HID 048d:ce50] on usb-dummy_hcd.4-1/input0
[  524.574907][ T5964] asus 0003:048D:CE50.0021: Asus input not registered
[  524.587192][ T5964] asus 0003:048D:CE50.0021: probe with driver asus failed with error -12
[  524.745013][ T5878] usb 5-1: USB disconnect, device number 109
[  524.811023][T17334] binder: 17333:17334 ioctl c0306201 2000000001c0 returned -22
[  525.066112][   T10] usb 4-1: new full-speed USB device number 84 using dummy_hcd
[  525.219891][   T10] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  525.229240][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.238199][   T10] usb 4-1: Product: syz
[  525.242359][   T10] usb 4-1: Manufacturer: syz
[  525.247041][   T10] usb 4-1: SerialNumber: syz
[  525.253752][   T10] usb 4-1: config 0 descriptor??
[  525.263219][   T10] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  525.942274][T17336] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  525.954465][T17336] kvm: pic: level sensitive irq not supported
[  525.954559][T17336] kvm: pic: non byte read
[  525.966301][T17336] kvm: pic: level sensitive irq not supported
[  525.966443][T17336] kvm: pic: non byte read
[  525.978456][T17336] kvm: pic: level sensitive irq not supported
[  525.978532][T17336] kvm: pic: non byte read
[  526.302613][T17343] netlink: 'syz.6.2846': attribute type 2 has an invalid length.
[  526.315050][T17343] loop5: detected capacity change from 0 to 7
[  526.324417][T17343] Dev loop5: unable to read RDB block 7
[  526.330260][T17343]  loop5: AHDI p1 p2
[  526.334202][T17343] loop5: partition table partially beyond EOD, truncated
[  526.341923][T17343] loop5: p1 start 1702000233 is beyond EOD, truncated
[  527.881723][   T10] gspca_stk1135: reg_w 0x300 err -71
[  527.888249][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.897762][   T10] gspca_stk1135: Sensor write failed
[  527.903098][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.910978][   T10] gspca_stk1135: Sensor write failed
[  527.916606][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.924615][   T10] gspca_stk1135: Sensor read failed
[  527.930665][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.937300][   T10] gspca_stk1135: Sensor read failed
[  527.942517][   T10] gspca_stk1135: Detected sensor type unknown (0x0)
[  527.956162][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.962526][   T10] gspca_stk1135: Sensor read failed
[  527.968436][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.974794][   T10] gspca_stk1135: Sensor read failed
[  527.980438][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.987178][   T10] gspca_stk1135: Sensor write failed
[  527.992508][   T10] gspca_stk1135: serial bus timeout: status=0x00
[  527.999261][   T10] gspca_stk1135: Sensor write failed
[  528.004649][   T10] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  528.027487][   T10] usb 4-1: USB disconnect, device number 84
[  528.157515][T17366] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  528.178444][T17366] kvm: pic: level sensitive irq not supported
[  528.178534][T17366] kvm: pic: non byte read
[  528.189654][T17366] kvm: pic: level sensitive irq not supported
[  528.189724][T17366] kvm: pic: non byte read
[  528.200947][T17366] kvm: pic: level sensitive irq not supported
[  528.201060][T17366] kvm: pic: non byte read
[  528.413696][T17371] netlink: 'syz.0.2854': attribute type 3 has an invalid length.
[  528.459935][T17373] syzkaller1: entered promiscuous mode
[  528.465610][T17373] syzkaller1: entered allmulticast mode
[  528.523298][T17375] syzkaller1: entered promiscuous mode
[  528.530209][T17375] syzkaller1: entered allmulticast mode
[  528.630339][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  530.796321][T17396] FAULT_INJECTION: forcing a failure.
[  530.796321][T17396] name failslab, interval 1, probability 0, space 0, times 0
[  530.817451][T17396] CPU: 0 UID: 0 PID: 17396 Comm: syz.3.2863 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  530.817483][T17396] Tainted: [L]=SOFTLOCKUP
[  530.817491][T17396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  530.817503][T17396] Call Trace:
[  530.817511][T17396]  <TASK>
[  530.817520][T17396]  dump_stack_lvl+0xe8/0x150
[  530.817553][T17396]  should_fail_ex+0x412/0x560
[  530.817576][T17396]  should_failslab+0xa8/0x100
[  530.817590][T17396]  ? __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  530.817608][T17396]  kmem_cache_alloc_noprof+0x87/0x650
[  530.817625][T17396]  ? __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  530.817641][T17396]  ? kmem_cache_alloc_noprof+0x15a/0x650
[  530.817662][T17396]  __kvm_mmu_topup_memory_cache+0x1b4/0x610
[  530.817686][T17396]  mmu_topup_memory_caches+0x21/0x170
[  530.817707][T17396]  kvm_mmu_load+0x9d/0x22d0
[  530.817717][T17396]  ? kvm_msr_allowed+0x3f4/0x490
[  530.817729][T17396]  ? kvm_msr_allowed+0x9a/0x490
[  530.817745][T17396]  ? vmx_recalc_intercepts+0xed5/0x1b40
[  530.817757][T17396]  ? kvm_apic_has_interrupt+0x73c/0x770
[  530.817777][T17396]  vcpu_run+0x5faf/0x7b90
[  530.817790][T17396]  ? trace_ipi_send_cpu+0x7e/0x220
[  530.817844][T17396]  ? __pfx_vcpu_run+0x10/0x10
[  530.817857][T17396]  ? fpu_swap_kvm_fpstate+0xc1/0x4f0
[  530.817876][T17396]  ? __srcu_check_read_flavor+0x10b/0x250
[  530.817893][T17396]  kvm_arch_vcpu_ioctl_run+0x11e6/0x20d0
[  530.817915][T17396]  ? kvm_arch_vcpu_ioctl_run+0x2e8/0x20d0
[  530.817929][T17396]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  530.817945][T17396]  ? register_lock_class+0x31/0x2e0
[  530.817962][T17396]  ? __lock_acquire+0x6b5/0x2cf0
[  530.817982][T17396]  ? kasan_quarantine_put+0xbb/0x1f0
[  530.817995][T17396]  ? kvm_vcpu_ioctl+0x280/0xfd0
[  530.818011][T17396]  ? do_raw_write_lock+0x11d/0x260
[  530.818033][T17396]  kvm_vcpu_ioctl+0xa62/0xfd0
[  530.818048][T17396]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  530.818059][T17396]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  530.818088][T17396]  ? __fget_files+0x2a/0x420
[  530.818107][T17396]  ? __fget_files+0x2a/0x420
[  530.818122][T17396]  ? __fget_files+0x3a0/0x420
[  530.818137][T17396]  ? __fget_files+0x2a/0x420
[  530.818155][T17396]  ? bpf_lsm_file_ioctl+0x9/0x20
[  530.818170][T17396]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  530.818182][T17396]  __se_sys_ioctl+0xfc/0x170
[  530.818204][T17396]  do_syscall_64+0x14d/0xf80
[  530.818221][T17396]  ? trace_irq_disable+0x3b/0x150
[  530.818237][T17396]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.818249][T17396]  ? clear_bhb_loop+0x40/0x90
[  530.818264][T17396]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  530.818275][T17396] RIP: 0033:0x7fbfb299c629
[  530.818288][T17396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  530.818299][T17396] RSP: 002b:00007fbfb388d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  530.818313][T17396] RAX: ffffffffffffffda RBX: 00007fbfb2c15fa0 RCX: 00007fbfb299c629
[  530.818322][T17396] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  530.818330][T17396] RBP: 00007fbfb388d090 R08: 0000000000000000 R09: 0000000000000000
[  530.818337][T17396] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  530.818344][T17396] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  530.818362][T17396]  </TASK>
[  531.198919][T17399] netlink: 'syz.6.2864': attribute type 3 has an invalid length.
[  531.260843][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  531.336728][T17405] syzkaller1: entered promiscuous mode
[  531.350215][T17405] syzkaller1: entered allmulticast mode
[  531.358033][T17405] FAULT_INJECTION: forcing a failure.
[  531.358033][T17405] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  531.374280][T17405] CPU: 1 UID: 0 PID: 17405 Comm: syz.3.2867 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  531.374310][T17405] Tainted: [L]=SOFTLOCKUP
[  531.374316][T17405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  531.374323][T17405] Call Trace:
[  531.374329][T17405]  <TASK>
[  531.374335][T17405]  dump_stack_lvl+0xe8/0x150
[  531.374355][T17405]  should_fail_ex+0x412/0x560
[  531.374381][T17405]  _copy_from_iter+0x1d3/0x1670
[  531.374412][T17405]  ? __pfx__copy_from_iter+0x10/0x10
[  531.374427][T17405]  ? sock_alloc_send_pskb+0x896/0x990
[  531.374460][T17405]  ? __pfx__copy_from_iter+0x10/0x10
[  531.374481][T17405]  ? page_copy_sane+0x16a/0x270
[  531.374501][T17405]  copy_page_from_iter+0xdd/0x170
[  531.374522][T17405]  skb_copy_datagram_from_iter+0x306/0x710
[  531.374540][T17405]  tun_get_user+0xc38/0x3dd0
[  531.374566][T17405]  ? __pfx_tun_get_user+0x10/0x10
[  531.374581][T17405]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  531.374597][T17405]  ? lockdep_hardirqs_on+0x7a/0x110
[  531.374613][T17405]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  531.374628][T17405]  ? save_netdev_trace_buffer+0x4e2/0x610
[  531.374646][T17405]  ? ref_tracker_alloc+0x363/0x4d0
[  531.374657][T17405]  ? tun_chr_write_iter+0x60/0x210
[  531.374670][T17405]  ? vfs_write+0x61d/0xb90
[  531.374681][T17405]  ? ksys_write+0x150/0x270
[  531.374692][T17405]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  531.374705][T17405]  ? tun_get+0x1c/0x2f0
[  531.374723][T17405]  ? tun_get+0x1c/0x2f0
[  531.374737][T17405]  ? tun_get+0x1c/0x2f0
[  531.374753][T17405]  tun_chr_write_iter+0x113/0x210
[  531.374769][T17405]  vfs_write+0x61d/0xb90
[  531.374785][T17405]  ? __pfx_vfs_write+0x10/0x10
[  531.374802][T17405]  ? __fget_files+0x2a/0x420
[  531.374822][T17405]  ksys_write+0x150/0x270
[  531.374836][T17405]  ? __pfx_ksys_write+0x10/0x10
[  531.374853][T17405]  do_syscall_64+0x14d/0xf80
[  531.374870][T17405]  ? trace_irq_disable+0x3b/0x150
[  531.374886][T17405]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.374898][T17405]  ? clear_bhb_loop+0x40/0x90
[  531.374912][T17405]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.374923][T17405] RIP: 0033:0x7fbfb299c629
[  531.374936][T17405] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  531.374946][T17405] RSP: 002b:00007fbfb388d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  531.374963][T17405] RAX: ffffffffffffffda RBX: 00007fbfb2c15fa0 RCX: 00007fbfb299c629
[  531.374972][T17405] RDX: 000000000000fdef RSI: 0000200000000140 RDI: 0000000000000003
[  531.374979][T17405] RBP: 00007fbfb388d090 R08: 0000000000000000 R09: 0000000000000000
[  531.374987][T17405] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  531.374994][T17405] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  531.375011][T17405]  </TASK>
[  532.589066][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  532.859915][T17424] netlink: 'syz.3.2873': attribute type 3 has an invalid length.
[  534.191008][T17452] syz.3.2883 (17452): drop_caches: 2
[  534.201776][T17452] syz.3.2883 (17452): drop_caches: 2
[  534.210819][T17452] binder: 17451:17452 ioctl c0306201 2000000003c0 returned -14
[  534.267225][T17455] netlink: 'syz.3.2884': attribute type 3 has an invalid length.
[  534.354814][T17459] FAULT_INJECTION: forcing a failure.
[  534.354814][T17459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  534.369621][T17459] CPU: 0 UID: 0 PID: 17459 Comm: syz.3.2886 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  534.369655][T17459] Tainted: [L]=SOFTLOCKUP
[  534.369663][T17459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  534.369675][T17459] Call Trace:
[  534.369683][T17459]  <TASK>
[  534.369692][T17459]  dump_stack_lvl+0xe8/0x150
[  534.369726][T17459]  should_fail_ex+0x412/0x560
[  534.369762][T17459]  _copy_to_user+0x31/0xb0
[  534.369788][T17459]  simple_read_from_buffer+0xe1/0x170
[  534.369820][T17459]  proc_fail_nth_read+0x1bb/0x230
[  534.369851][T17459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  534.369882][T17459]  ? rw_verify_area+0x2a6/0x4d0
[  534.369904][T17459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  534.369931][T17459]  vfs_read+0x20c/0xa70
[  534.369949][T17459]  ? fdget_pos+0x246/0x320
[  534.369981][T17459]  ? __pfx___mutex_lock+0x10/0x10
[  534.370001][T17459]  ? __pfx_vfs_read+0x10/0x10
[  534.370020][T17459]  ? __fget_files+0x2a/0x420
[  534.370047][T17459]  ? __fget_files+0x3a0/0x420
[  534.370071][T17459]  ? __fget_files+0x2a/0x420
[  534.370103][T17459]  ksys_read+0x150/0x270
[  534.370125][T17459]  ? __pfx_ksys_read+0x10/0x10
[  534.370148][T17459]  do_syscall_64+0x14d/0xf80
[  534.370165][T17459]  ? trace_irq_disable+0x3b/0x150
[  534.370188][T17459]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.370200][T17459]  ? clear_bhb_loop+0x40/0x90
[  534.370214][T17459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  534.370226][T17459] RIP: 0033:0x7fbfb295cece
[  534.370239][T17459] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  534.370249][T17459] RSP: 002b:00007fbfb388cfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  534.370264][T17459] RAX: ffffffffffffffda RBX: 00007fbfb388d6c0 RCX: 00007fbfb295cece
[  534.370273][T17459] RDX: 000000000000000f RSI: 00007fbfb388d0a0 RDI: 0000000000000006
[  534.370281][T17459] RBP: 00007fbfb388d090 R08: 0000000000000000 R09: 0000000000000000
[  534.370288][T17459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  534.370295][T17459] R13: 00007fbfb2c16038 R14: 00007fbfb2c15fa0 R15: 00007ffcff9cf338
[  534.370313][T17459]  </TASK>
[  535.070617][ T5835] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  535.185964][T17476] syz.0.2892 (17476): drop_caches: 2
[  535.200554][T17476] syz.0.2892 (17476): drop_caches: 2
[  535.209267][T17476] binder: 17475:17476 ioctl c0306201 2000000003c0 returned -14
[  535.671331][T17494] netlink: 200 bytes leftover after parsing attributes in process `syz.6.2900'.
[  535.810241][T17498] netlink: 'syz.6.2901': attribute type 12 has an invalid length.
[  535.819406][T17498] netlink: 14585 bytes leftover after parsing attributes in process `syz.6.2901'.
[  535.946148][ T5906] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[  536.076116][ T5906] usb 4-1: device descriptor read/64, error -71
[  536.316209][ T5906] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[  536.446090][ T5906] usb 4-1: device descriptor read/64, error -71
[  536.556691][ T5906] usb usb4-port1: attempt power cycle
[  536.896138][ T5906] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[  536.916908][ T5906] usb 4-1: device descriptor read/8, error -71
[  537.156195][ T5906] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[  537.176819][ T5906] usb 4-1: device descriptor read/8, error -71
[  537.287568][ T5906] usb usb4-port1: unable to enumerate USB device
[  538.949793][ T5835] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  539.988182][T17519] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  540.336115][ T5934] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[  540.497622][ T5934] usb 4-1: Using ep0 maxpacket: 16
[  540.504681][ T5934] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  540.515420][ T5934] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  540.526546][ T5934] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  540.535626][ T5934] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  540.543931][ T5934] usb 4-1: Product: syz
[  540.548154][ T5934] usb 4-1: Manufacturer: syz
[  540.552771][ T5934] usb 4-1: SerialNumber: syz
[  541.033811][T17528] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2910'.
[  541.054088][T17528] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  541.322601][T15842] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  541.334740][T15842] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  541.345558][T15842] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  541.355001][T15842] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  541.363135][T15842] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  541.485280][ T5934] usb 4-1: USB disconnect, device number 89
[  541.491427][T16696] ==================================================================
[  541.499514][T16696] BUG: KASAN: use-after-free in __mutex_lock+0x812/0x1300
[  541.506661][T16696] Read of size 8 at addr ffff8880762480a8 by task khidpd_6b9a550a/16696
[  541.515004][T16696] 
[  541.517338][T16696] CPU: 0 UID: 0 PID: 16696 Comm: khidpd_6b9a550a Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  541.517361][T16696] Tainted: [L]=SOFTLOCKUP
[  541.517367][T16696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  541.517377][T16696] Call Trace:
[  541.517384][T16696]  <TASK>
[  541.517391][T16696]  dump_stack_lvl+0xe8/0x150
[  541.517416][T16696]  print_report+0xba/0x230
[  541.517435][T16696]  ? __mutex_lock+0x812/0x1300
[  541.517448][T16696]  kasan_report+0x117/0x150
[  541.517466][T16696]  ? __mutex_lock+0x812/0x1300
[  541.517481][T16696]  __mutex_lock+0x812/0x1300
[  541.517495][T16696]  ? __mutex_lock+0x5ac/0x1300
[  541.517509][T16696]  ? l2cap_unregister_user+0x6a/0x1b0
[  541.517526][T16696]  ? __pfx___mutex_lock+0x10/0x10
[  541.517543][T16696]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  541.517562][T16696]  ? lockdep_hardirqs_on+0x7a/0x110
[  541.517584][T16696]  l2cap_unregister_user+0x6a/0x1b0
[  541.517599][T16696]  hidp_session_thread+0x3cb/0x440
[  541.517617][T16696]  ? __pfx_hidp_session_thread+0x10/0x10
[  541.517633][T16696]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  541.517651][T16696]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  541.517668][T16696]  ? __kthread_parkme+0x7a/0x1f0
[  541.517688][T16696]  ? __kthread_parkme+0x19c/0x1f0
[  541.517709][T16696]  kthread+0x388/0x470
[  541.517722][T16696]  ? __pfx_hidp_session_thread+0x10/0x10
[  541.517737][T16696]  ? __pfx_kthread+0x10/0x10
[  541.517751][T16696]  ret_from_fork+0x51e/0xb90
[  541.517771][T16696]  ? __pfx_ret_from_fork+0x10/0x10
[  541.517788][T16696]  ? __switch_to+0xc7d/0x1450
[  541.517806][T16696]  ? __pfx_kthread+0x10/0x10
[  541.517820][T16696]  ret_from_fork_asm+0x1a/0x30
[  541.517845][T16696]  </TASK>
[  541.517851][T16696] 
[  541.684787][T16696] The buggy address belongs to the physical page:
[  541.691196][T16696] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807624a700 pfn:0x76248
[  541.701265][T16696] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  541.708376][T16696] raw: 00fff00000000000 ffffea0001a86708 ffff8880b8540c40 0000000000000000
[  541.716956][T16696] raw: ffff88807624a700 0000000000000000 00000000ffffffff 0000000000000000
[  541.725532][T16696] page dumped because: kasan: bad access detected
[  541.731939][T16696] page_owner tracks the page as freed
[  541.737305][T16696] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), pid 16627, tgid 16627 (syz-executor), ts 490090732594, free_ts 541489745456
[  541.755541][T16696]  post_alloc_hook+0x231/0x280
[  541.760307][T16696]  get_page_from_freelist+0x24dc/0x2580
[  541.765855][T16696]  __alloc_frozen_pages_noprof+0x18d/0x380
[  541.771661][T16696]  alloc_pages_mpol+0x232/0x4a0
[  541.776517][T16696]  ___kmalloc_large_node+0x4e/0x150
[  541.781727][T16696]  __kmalloc_large_node_noprof+0x18/0x90
[  541.787357][T16696]  __kmalloc_noprof+0x3e8/0x760
[  541.792201][T16696]  hci_alloc_dev_priv+0x28/0x2060
[  541.797226][T16696]  vhci_create_device+0x120/0x650
[  541.802251][T16696]  vhci_write+0x3ce/0x4a0
[  541.806575][T16696]  vfs_write+0x61d/0xb90
[  541.810816][T16696]  ksys_write+0x150/0x270
[  541.815141][T16696]  do_syscall_64+0x14d/0xf80
[  541.819836][T16696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.825750][T16696] page last free pid 16627 tgid 16627 stack trace:
[  541.832251][T16696]  __free_frozen_pages+0xc2b/0xdb0
[  541.837366][T16696]  bt_host_release+0x82/0x90
[  541.841958][T16696]  device_release+0x9e/0x1d0
[  541.846550][T16696]  kobject_put+0x228/0x560
[  541.850965][T16696]  vhci_release+0x15a/0x1a0
[  541.855471][T16696]  __fput+0x44f/0xa70
[  541.859453][T16696]  task_work_run+0x1d9/0x270
[  541.864053][T16696]  do_exit+0x69b/0x2320
[  541.868222][T16696]  do_group_exit+0x21b/0x2d0
[  541.872816][T16696]  get_signal+0x1284/0x1330
[  541.877328][T16696]  arch_do_signal_or_restart+0xbc/0x830
[  541.882884][T16696]  exit_to_user_mode_loop+0x86/0x480
[  541.888178][T16696]  do_syscall_64+0x32d/0xf80
[  541.892779][T16696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  541.898669][T16696] 
[  541.900992][T16696] Memory state around the buggy address:
[  541.906615][T16696]  ffff888076247f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  541.914669][T16696]  ffff888076248000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  541.922724][T16696] >ffff888076248080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  541.930779][T16696]                                   ^
[  541.936148][T16696]  ffff888076248100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  541.944203][T16696]  ffff888076248180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  541.952263][T16696] ==================================================================
[  541.961285][T16696] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  541.968512][T16696] CPU: 0 UID: 0 PID: 16696 Comm: khidpd_6b9a550a Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  541.979907][T16696] Tainted: [L]=SOFTLOCKUP
[  541.984252][T16696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  541.994330][T16696] Call Trace:
[  541.997643][T16696]  <TASK>
[  542.000592][T16696]  vpanic+0x56c/0xa60
[  542.004592][T16696]  ? __pfx_vpanic+0x10/0x10
[  542.009103][T16696]  panic+0xc5/0xd0
[  542.012836][T16696]  ? __pfx_panic+0x10/0x10
[  542.017265][T16696]  ? __mutex_lock+0x812/0x1300
[  542.022037][T16696]  ? __mutex_lock+0x812/0x1300
[  542.026798][T16696]  check_panic_on_warn+0x89/0xb0
[  542.031734][T16696]  ? __mutex_lock+0x812/0x1300
[  542.036494][T16696]  end_report+0x73/0x180
[  542.040738][T16696]  ? __mutex_lock+0x812/0x1300
[  542.045496][T16696]  kasan_report+0x128/0x150
[  542.050003][T16696]  ? __mutex_lock+0x812/0x1300
[  542.054765][T16696]  __mutex_lock+0x812/0x1300
[  542.059354][T16696]  ? __mutex_lock+0x5ac/0x1300
[  542.064118][T16696]  ? l2cap_unregister_user+0x6a/0x1b0
[  542.069499][T16696]  ? __pfx___mutex_lock+0x10/0x10
[  542.074522][T16696]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  542.080331][T16696]  ? lockdep_hardirqs_on+0x7a/0x110
[  542.085532][T16696]  l2cap_unregister_user+0x6a/0x1b0
[  542.090728][T16696]  hidp_session_thread+0x3cb/0x440
[  542.095844][T16696]  ? __pfx_hidp_session_thread+0x10/0x10
[  542.101477][T16696]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  542.107724][T16696]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  542.113991][T16696]  ? __kthread_parkme+0x7a/0x1f0
[  542.118946][T16696]  ? __kthread_parkme+0x19c/0x1f0
[  542.123978][T16696]  kthread+0x388/0x470
[  542.128049][T16696]  ? __pfx_hidp_session_thread+0x10/0x10
[  542.133684][T16696]  ? __pfx_kthread+0x10/0x10
[  542.138275][T16696]  ret_from_fork+0x51e/0xb90
[  542.142866][T16696]  ? __pfx_ret_from_fork+0x10/0x10
[  542.147977][T16696]  ? __switch_to+0xc7d/0x1450
[  542.152655][T16696]  ? __pfx_kthread+0x10/0x10
[  542.157254][T16696]  ret_from_fork_asm+0x1a/0x30
[  542.162029][T16696]  </TASK>
[  542.165387][T16696] Kernel Offset: disabled
[  542.169700][T16696] Rebooting in 86400 seconds..