last executing test programs:

12m38.330091928s ago: executing program 2 (id=202):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f00000002c0)=@userptr={0xffffffc6, 0x2, 0x4, 0x806, 0xfffffffc, {0x0, 0xea60}, {0x1, 0xc, 0x9, 0xa0, 0x40, 0xc4, "9ed43cbd"}, 0x4, 0x2, {&(0x7f0000000140)}, 0x554})
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{0x0}], 0x1}, 0x0)
syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaa2ffffffffffff86dd6016000000102b00fc010000000000000000000000000000fe8000000000000000000000000000aa00000000000090780200000000000000867a0d3633bc4226d6ae0e289c171f207a78c405c018ecfd637219"], 0x0)
sendmsg$NL80211_CMD_NEW_INTERFACE(0xffffffffffffffff, 0x0, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240), 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x19)
ioctl$PTP_PIN_SETFUNC(0xffffffffffffffff, 0x40603d07, &(0x7f0000000040)={'\x00', 0xfffffffe, 0x1, 0x3})
r1 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r1, 0xc0285628, &(0x7f0000000080)={0x3, @win={{0x2, 0x0, 0x0, 0x100000}, 0x0, 0x0, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0xfffffffe}}, 0x0, 0x0}})
connect$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x284840, 0x2)
fchdir(0xffffffffffffffff)
connect$l2tp6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0xa}, 0x20)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66b80e010f00d0b0060f21a20f01c40f009b2700000066b80c008ee00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a00b9730200000f32328fe858b660002fb90d090000b800680000ba000000000f30", 0x65}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000080)=0x2)

12m35.989052963s ago: executing program 2 (id=211):
r0 = syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = socket$inet6_dccp(0xa, 0x6, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @dev}})
io_uring_enter(r0, 0x4e67, 0x0, 0x0, 0x0, 0xa2) (fail_nth: 2)

12m35.206520478s ago: executing program 2 (id=214):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f000000a400)={0x2020, 0x0, <r1=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x90, 0x0, 0x0, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000000340)={0x50, 0x0, r1}, 0x50)
openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x4000, 0x0)

12m34.416633178s ago: executing program 2 (id=217):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x70, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x5819, 0x1}, [@IFLA_AF_SPEC={0x3c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x3e}}}]}, @AF_INET={0x20, 0x2, 0x0, 0x1, {0x1c, 0x1, 0x0, 0x1, [{0x8, 0x1b, 0x0, 0x0, 0x4}, {0x8, 0x2, 0x0, 0x0, 0xffffff80}, {0x8, 0x1a, 0x0, 0x0, 0x9}]}}]}, @IFLA_IFNAME={0x14, 0x3, 'sit0\x00'}]}, 0x70}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'vcan0\x00'})
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@lld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x839}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r1}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
syz_open_procfs$userns(0x0, &(0x7f0000000300))
syz_open_dev$tty20(0xc, 0x4, 0x1)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x0)
sched_setattr(0x0, 0x0, 0x0)
close(0xffffffffffffffff)
r5 = syz_open_dev$video4linux(&(0x7f0000000040), 0x0, 0x202)
ioctl$VIDIOC_DQEVENT(r5, 0x80885659, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900, 0x3})
ioctl$VIDIOC_SUBSCRIBE_EVENT(r5, 0x4020565a, &(0x7f0000000000)={0x4, 0x588})
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x2001442, 0x0)

12m33.129305998s ago: executing program 2 (id=221):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000100)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x458, 0x153, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x80}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@ipv4_newrule={0x24, 0x20, 0x1, 0x70bd29, 0x5dfdbfe, {0x2, 0x0, 0x10, 0x80, 0x7, 0x0, 0x0, 0x3}, [@FRA_SRC={0x8, 0x2, @multicast1}]}, 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x20004080)
listen(r0, 0x9)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg(r2, &(0x7f0000002840)=[{{0x0, 0x0, 0x0}}], 0x1, 0x20000000)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000740), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)={0x28, r4, 0x9, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1d}]}]}, 0x28}}, 0x0)

12m32.051273142s ago: executing program 2 (id=225):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x30, 0x9, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x40, 0x3a, 0x0, @private1, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "2f8703", 0x0, 0x0, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [@srh={0x4, 0x0, 0x4, 0x0, 0x2, 0x8, 0xf001}], "8763be05bdbf976f"}}}}}}}, 0x0)
connect$unix(r2, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)

12m31.84793258s ago: executing program 32 (id=225):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000005c00)={&(0x7f0000000000)=@newtaction={0x44, 0x30, 0x9, 0x0, 0x0, {}, [{0x30, 0x1, [@m_bpf={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}, 0x44}}, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_emit_ethernet(0x76, &(0x7f0000000000)={@broadcast, @multicast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x40, 0x3a, 0x0, @private1, @local, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, "2f8703", 0x0, 0x0, 0x0, @private2, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, [@srh={0x4, 0x0, 0x4, 0x0, 0x2, 0x8, 0xf001}], "8763be05bdbf976f"}}}}}}}, 0x0)
connect$unix(r2, &(0x7f0000000440)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)

2m52.324836397s ago: executing program 0 (id=2203):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
sendmsg$802154_dgram(r0, &(0x7f00000004c0)={&(0x7f0000000400), 0x14, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x10}, 0x84)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000040)=0x7ff, 0x4)
r1 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000240)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109024a0001100000000904000003fe03010009cd8d1f00020000000905050200067e001009058b1e20"], 0x0)
syz_usb_control_io(r1, 0x0, &(0x7f0000000680)={0x84, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r2, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000001480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x60, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000003c0)="05", 0x1)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r3, 0x7a0, &(0x7f0000000240)={@hyper})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
fstat(r5, &(0x7f0000000500))
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r3, 0x7a8, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={r5, 0xe0, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r6=>0x0, 0x0, 0x0, 0x0, 0x9, 0x1, &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000100)=[0x0], 0x0, 0x71, &(0x7f0000000480)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x40, 0x10, &(0x7f00000004c0), &(0x7f0000000580), 0x8, 0x3f, 0x8, 0x8, &(0x7f00000005c0)}}, 0x10)
r7 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000740), 0x2c0, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000940)={r5, 0x20, &(0x7f0000000900)={&(0x7f0000000800)=""/243, 0xf3, <r8=>0x0, &(0x7f0000001180)=""/4096, 0x1000}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x15, 0x25, &(0x7f0000000ac0)=ANY=[@ANYBLOB="18000000a003000000000000f8ffffff18110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018570000090000000000000000000000a281e600ff030000850000000a00000003340400f0ffffff18010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000018150000", @ANYRES32=r5, @ANYBLOB="000000000000000018000000010000000000000057ffffff18400000fbffffff000000000000000018320000050000fbffffff00000000008510000003000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000103696746faa3aa89a07aecf8f8ae49a7e0ac713297553bed3626b4e139437dcdc556df2cb735b429dc4c86f4c22c051e6cd00b32a72784b3c952c5e74afcc19ce498bd3bf0b4af1fff04873024c66bbc726e13d4aa693d78824727b99438b6f1f28f9bbc04757f302ee8164a8134a86a98b48a93f478be1301459ba5dc68550235bb82a280bfce3f89161f28de3625077ad7e6c3abe4833e7ac2e3b56dea63482a2c9228774eb27be773ecce8551c35884a19356a1a"], &(0x7f0000000080)='syzkaller\x00', 0x8, 0x8f, &(0x7f0000000180)=""/143, 0x40f00, 0x20, '\x00', r6, @sk_reuseport=0x27, r7, 0x8, &(0x7f0000000780)={0x2, 0x1}, 0x8, 0x10, &(0x7f00000007c0)={0x3, 0xc, 0x1, 0x9}, 0x10, r8, r5, 0x4, &(0x7f0000000980)=[r5, r5, r5, r5, r5], &(0x7f00000009c0)=[{0x5, 0x2, 0x6, 0x4}, {0x4, 0x1, 0x10, 0x1}, {0x0, 0x3, 0x5, 0xc}, {0x1, 0x3, 0xc, 0x1}], 0x10, 0x7fffffff, @void, @value}, 0x94)
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r3, 0x7a9, &(0x7f00000003c0)={{@host}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff8, 0x4})
socket(0x2a, 0x800, 0x7)
r9 = openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
write$binfmt_script(r9, &(0x7f0000000000)={'#! ', './file0', [{0x20, '/'}, {}, {0x20, '\xbb'}, {0x20, '/&,:-\''}], 0xa, "fa253e19ced0d5ed1072889ea896454b70b2deb8dba5368a"}, 0x2f)

2m49.178486366s ago: executing program 0 (id=2216):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@fallback, 0x16, 0x0, 0xfbc, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0, 0x0]}, 0x40)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'geneve0\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x4, 0x3, 0x10007, 0x101, 0x7fffffff, 0x0, 0x7095eac0, 0x4}})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
remap_file_pages(&(0x7f0000027000/0x4000)=nil, 0x4000, 0x0, 0xffff, 0x10000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000500)={'syzkaller1\x00', @link_local})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

2m48.684880801s ago: executing program 4 (id=2218):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="8400000019001fb2b9409b0d1b809ac00a80a57802", 0x15, 0x0, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000), 0x0, 0x800, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x18)
io_uring_enter(0xffffffffffffffff, 0x2a94, 0x91ec, 0x18, &(0x7f00000000c0)={[0x2]}, 0x8)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$SOUND_MIXER_READ_CAPS(0xffffffffffffffff, 0x80044dfc, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r5, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4)
setsockopt$inet6_buf(r5, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r5, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd5", 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x0, @mcast2}, 0x1c)
recvfrom$inet6(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NBD_CMD_RECONFIGURE(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16, @ANYBLOB="01"], 0x14}}, 0x0)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r6)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="24002d801a0001"], 0x64}}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), r6)

2m47.716904771s ago: executing program 4 (id=2219):
r0 = socket$netlink(0x10, 0x3, 0x4)
r1 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c4000000000010902"], 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000010430b0300000000000001090224000100004000090416000103000000092100000001220200090581030004010000a5b59f7b079851349e3f00fd7d1f2ed905da01336bfbb3cbcbeb4512f9b21c819cb4086951765becc5dccea4362c2f0c0b4000b67a"], 0x0)
syz_usb_disconnect(r1)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c4178c40ba0d0010"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x3, 0x10100}, 0x0, 0x0)
r3 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000180)=<r5=>0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r7, &(0x7f00000019c0)={0x0, 0xffffffffffffff14, &(0x7f0000001980)={&(0x7f0000001880)={0x4c, r8, 0x1, 0x70bd25, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x4c}, 0x1, 0x300}, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000380), 0x2, 0x0)
r9 = getpgrp(0xffffffffffffffff)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f00000001c0)=<r10=>0x0)
sendmsg$DEVLINK_CMD_RELOAD(r0, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800080}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0xb0, r8, 0x200, 0x70bd2c, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_FD={0x8, 0x8a, r6}}, {@pci={{0x8}, {0x11}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_ID={0x8, 0x8c, 0x4}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r10}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x48d0}, 0x0)
write$UHID_CREATE2(r6, &(0x7f0000000040)=ANY=[@ANYRES64=r3], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r6, 0x0)
r11 = socket$nl_netfilter(0x10, 0x3, 0xc)
add_key(&(0x7f0000000000)='pkcs7_test\x00', 0x0, &(0x7f00000021c0)="305c065ae182087051667557c7d7982b8f57fb20a3adc9e3baa292ce8f0a861e6417acfc8648ad1b86400393d51cb0cd490635d54cdf5bd0461690982b236949ab5e000000808ce41d86b9b949004fd8fe45b91e8fe7ec7c49750a1b0ade", 0x5e, 0xfffffffffffffffe)
sendmsg$IPSET_CMD_CREATE(r11, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x48, 0x2, 0x6, 0x301, 0x6c, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}]}, 0x48}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x28, 0x3, 0x6, 0x5, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40080}, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2m47.070319205s ago: executing program 0 (id=2225):
r0 = socket$inet(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000240)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980913, 0x0, '\x00', @p_u8=0x0}})
listen(r0, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f0000000380))
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
listen(r0, 0xffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a891588d818a0afc0b3116a130974cac0615232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f84e4272d2cc72d4e771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de457f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5bfc182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456cd7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b4"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x15, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000100)="240000001e005f02142dadffffffffee0200000000000000000000070000000000", 0x21)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f0000001240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x9}}, [@NFT_MSG_DELTABLE={0x120, 0x2, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_USERDATA={0xde, 0x6, "8811dea140f51dadc16e3961e9c5d8cf002ae26319d8a73392ccb3001573bf2612d0748acbb38f5fe3f996dbe32ac818e40a4fcff38e5196e58082d3b9b12a0158ca577aa9c83551d33fc255644f4ba5400d203a95edd8c4cadec08a72b83a831110e43d24f059b1cc7af8fcf61aeab2a737dd67cd36ddc87e9cc1e4d7829cec810de577cf4d443a8e3c4f5bcf3f02bb1e97bd2ea172a51fb842d655d15023b4a46246bc7f3d78da765bbbc7cd214049e3080f423c1117f815b16d1f8e88e11d7feacaa22c36856c08f5b3144ebd3fe86f1a2e757ac00b1547b0"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWSET={0x118, 0x9, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x88}, @NFTA_SET_EXPRESSIONS={0x6c, 0x12, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x17}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @xfrm={{0x9}, @void}}]}, @NFTA_SET_EXPRESSIONS={0x14, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}]}, @NFTA_SET_DESC={0x74, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x70, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa73}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000000}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xcd71}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9996}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffe01}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}]}]}]}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_SET_DESC={0x8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x4}]}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @exthdr={{0xb}, @void}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x2c0}, 0x1, 0x0, 0x0, 0x40010}, 0x4000014)

2m45.623762403s ago: executing program 0 (id=2230):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100000)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
io_setup(0x2, &(0x7f0000000180)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}])

2m44.374151209s ago: executing program 4 (id=2234):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x8080, 0x0)
ioctl$TIOCGICOUNT(r2, 0x545d, 0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
vmsplice(r3, 0x0, 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000140))
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000180)={0x2, &(0x7f0000000000)=[{0x50, 0x0, 0x0, 0xe}, {0x6, 0x5, 0x0, 0x5}]})
close_range(r0, 0xffffffffffffffff, 0x0)
r4 = creat(&(0x7f00000001c0)='./file0\x00', 0x0)
close(r4)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f000000c400)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r4, &(0x7f00000002c0)={0x50, 0x0, r6, {0x7, 0x1f}}, 0x50)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000040)={0x30, 0x5, 0x0, {0x0, 0x1, 0x7, 0xffffff38}}, 0x30)
ioctl$SG_EMULATED_HOST(r4, 0x2203, &(0x7f0000000080))

2m44.002326129s ago: executing program 0 (id=2235):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@fallback, 0x16, 0x0, 0xfbc, &(0x7f0000000080)=[0x0, 0x0, 0x0], 0x3, 0x0, &(0x7f00000002c0)=[0x0, 0x0], &(0x7f0000000300)=[0x0], &(0x7f0000000340)=[0x0, 0x0]}, 0x40)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'geneve0\x00', &(0x7f0000000000)=@ethtool_channels={0x3d, 0x4, 0x3, 0x10007, 0x101, 0x7fffffff, 0x0, 0x7095eac0, 0x4}})
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
remap_file_pages(&(0x7f0000027000/0x4000)=nil, 0x4000, 0x0, 0xffff, 0x10000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000500)={'syzkaller1\x00', @link_local})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

2m42.111515047s ago: executing program 4 (id=2239):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x62642, 0x0)
write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2)
preadv(r0, &(0x7f0000000000)=[{&(0x7f0000000100)=""/52, 0x34}], 0x1, 0x3ff, 0x2)

2m41.161012019s ago: executing program 0 (id=2243):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @empty, @loopback, {[], {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dac3aa740a0a8c89c9f966adadf3b0a7f13a639f71768050", "9603e6f247c73de51da4d1190600844f8752285fb6be0600b6cdffffffc4a6b8"}}}}}}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@updpolicy={0xc0, 0x13, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x40, 0x5e}, {0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x1}, {}, 0x0, 0x0, 0x1}, [@replay_thresh={0x8, 0xb, 0x7}]}, 0xc0}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1b, 0x61, 0xe3, 0x8, 0x16d0, 0x10a9, 0x3052, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0x7f, 0x88, 0x0, [], [{{0x9, 0x5, 0x3, 0x2}}]}}]}}]}}, 0x0)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x32)

2m41.109362454s ago: executing program 4 (id=2245):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
getpid()

2m40.603720331s ago: executing program 4 (id=2248):
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = io_uring_setup(0x6779, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1})
close_range(r0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xe, &(0x7f0000000140)={@broadcast, @local, @void, {@generic={0x6000}}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f000000c300)=""/102386, 0x18ff2}], 0x1, 0xa30e, 0x0)

2m25.830572998s ago: executing program 33 (id=2243):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@link_local, @broadcast, @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x48, 0x11, 0x0, @empty, @loopback, {[], {0x0, 0x0, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "dac3aa740a0a8c89c9f966adadf3b0a7f13a639f71768050", "9603e6f247c73de51da4d1190600844f8752285fb6be0600b6cdffffffc4a6b8"}}}}}}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@updpolicy={0xc0, 0x13, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x40, 0x5e}, {0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x1}, {}, 0x0, 0x0, 0x1}, [@replay_thresh={0x8, 0xb, 0x7}]}, 0xc0}}, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x1b, 0x61, 0xe3, 0x8, 0x16d0, 0x10a9, 0x3052, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0x7f, 0x88, 0x0, [], [{{0x9, 0x5, 0x3, 0x2}}]}}]}}]}}, 0x0)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x32)

2m25.444357556s ago: executing program 34 (id=2248):
openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = io_uring_setup(0x6779, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1})
close_range(r0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0xe, &(0x7f0000000140)={@broadcast, @local, @void, {@generic={0x6000}}}, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f000000c300)=""/102386, 0x18ff2}], 0x1, 0xa30e, 0x0)

4.531072455s ago: executing program 3 (id=2786):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000000c0)={r0, 0xffffffffffffffff, 0x2d, 0x0, @val=@netfilter={0xa, 0x4000000, 0xfffffed4, 0x20}}, 0x20)

4.50729116s ago: executing program 1 (id=2787):
socket(0x10, 0x3, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="34020000", @ANYRES16=0x0, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e000000000000000000080009"], 0x34}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
epoll_create1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000000)={'team0\x00', <r4=>0x0})
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000080)={r4, 0x1, 0x6, @remote}, 0x10)
setsockopt$packet_add_memb(r3, 0x107, 0x1, &(0x7f0000000740)={r4, 0x1, 0x6, @multicast}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe050000000000000000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_io_uring_setup(0x10c, &(0x7f0000000380)={0x0, 0x5885, 0x10}, &(0x7f0000000340)=<r6=>0x0, &(0x7f0000000280)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r5, 0x3516, 0x0, 0x0, 0x0, 0x0)

4.455554907s ago: executing program 3 (id=2788):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @multicast2}, "00186371ae9b1c03"}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x11d080, 0x122)
mknodat$null(r2, &(0x7f00000002c0)='./file0\x00', 0x400, 0x103)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f00000000c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00'}, 0x10)
close(0xffffffffffffffff)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

4.330543536s ago: executing program 5 (id=2789):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0a0000000000e47f000031c5fe7ee5403ad2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRESOCT=0x0], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000009c0)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
accept(r3, &(0x7f0000000280)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000180)=0x80)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000003c0)={'hsr0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_blackhole={0xe}]}, 0x34}, 0x1, 0x0, 0x0, 0x4008004}, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_VM_TYPES(r6, 0x4068aea3, &(0x7f00000000c0)={0xeb, 0x0, 0x9})
getsockopt$WPAN_SECURITY(r5, 0x0, 0x1, 0x0, &(0x7f0000000080))

3.022642904s ago: executing program 5 (id=2790):
sched_setaffinity(0x0, 0x0, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000010711e1020000000000001090224000100000000"], 0x0)

3.00524104s ago: executing program 1 (id=2791):
syz_open_dev$usbfs(0x0, 0x201, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100000)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
io_setup(0x2, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

2.879025301s ago: executing program 3 (id=2792):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x12000000, 0x0, 0x16, 0x0, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000000280))
setreuid(0x0, 0x0)
setpriority(0x1, 0x0, 0x0)

2.419634269s ago: executing program 3 (id=2793):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xd9, 0x72, 0xa4, 0x40, 0x20b7, 0x1540, 0xb75a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)

2.361686504s ago: executing program 1 (id=2794):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/ip6_mr_vif\x00')
preadv(r0, &(0x7f0000003400)=[{&(0x7f0000001f00)=""/83, 0x53}], 0x1, 0x37, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000040)='./file0\x00', 0xa4)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000380), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r2=>0x0}, 0x2042)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000714000/0x2000)=nil, 0x2000, 0x200000a, 0x10, r3, 0x0)
write$FUSE_INIT(r1, &(0x7f0000000040)={0x50, 0x0, r2, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0xb}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, 0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000004480)=[{{&(0x7f0000000000)=@phonet, 0x80, &(0x7f0000000300)=[{&(0x7f0000000380)=""/153, 0x99}, {&(0x7f0000000240)=""/107, 0x6b}, {&(0x7f0000000080), 0xfffffffffffffd5a}, {&(0x7f0000000840)=""/39, 0x2f}], 0x4, &(0x7f00000008c0)=""/4096, 0x1000}, 0x447}, {{&(0x7f0000000440)=@l2={0x1f, 0x0, @none}, 0xc, &(0x7f0000000740)=[{&(0x7f00000004c0)=""/177, 0xb1}, {&(0x7f00000028c0)=""/4106, 0x1000}, {&(0x7f0000000580)=""/150, 0x96}, {&(0x7f0000000640)=""/224, 0xe0}], 0xffffffffffffd83}, 0x5}, {{0x0, 0x0, &(0x7f0000003a40), 0x5, &(0x7f0000003ac0)=""/109, 0x6d}, 0x200}, {{&(0x7f0000003b40)=@can, 0x80, &(0x7f0000004100)=[{&(0x7f0000003bc0)=""/176, 0xb0}, {&(0x7f0000003c80)=""/104, 0x68}, {&(0x7f0000003d00)=""/228, 0xe4}, {&(0x7f0000003e00)=""/170, 0xaa}, {&(0x7f0000003ec0)=""/156, 0x9c}, {&(0x7f0000003f80)=""/249, 0xff}, {&(0x7f0000004080)=""/106, 0x6a}], 0x7, &(0x7f0000000080)=""/63, 0x3f}}, {{&(0x7f00000041c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000004340)=[{&(0x7f0000004240)=""/209, 0xd1}], 0x1, &(0x7f00000045c0)=""/204, 0xcc}, 0x9}], 0x5, 0x40000023, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000800)={&(0x7f0000000100)='kfree\x00'}, 0x18)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
creat(&(0x7f0000000780)='./file0\x00', 0xc8)
sendmsg$unix(r7, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="14000000000000000100000001"], 0x18}, 0x0)
recvmsg$unix(r6, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x2000)
modify_ldt$write2(0x11, &(0x7f00000007c0)={0x9, 0x20001000, 0x2000, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

1.708566641s ago: executing program 5 (id=2795):
r0 = socket$inet(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_dev$video(&(0x7f0000000580), 0x7, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0205647, &(0x7f0000000240)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x980913, 0x0, '\x00', @p_u8=0x0}})
listen(r0, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r4, 0x4068aea3, &(0x7f0000000380))
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)='4', 0x1}], 0x1)
listen(r0, 0xffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000010000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e1a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080e71113610e10d858e8327edb1fb6c86adac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18c65ae1bd4f4390af9a9ceafd07ed00b0000002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a891588d818a0afc0b3116a130974cac0615232f5e16c1b30c3a2a71bc85018e5ff2c910496f18afc9ffc2cc788bee1b47683db01a469398685211bbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72c7ead0509d380578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9624d37c10223fdae7ed04935c3c9068000000bc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b40000000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f3ca1664fe2f3ced8416dc180604b60c2499d16d7d9158ffffffff00000000ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a9e90d7676074a0bde4471414c99d4894ee7f8139dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8070000001fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7aded448859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b2042b8ff8c21ad702cca54728acad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd20785f653b621491d04aaee0d409731091f4fb94c06006e3c1be2f633c1d987591ec3db58a7bb3042ec3f84e4272d2cc72d4e771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e1590bab105b0cb578af7dc7d5e87d48d376444e2de02f47c61e8e84ff828de457f34c2b08660b080efc707e676e1fb4d5865c0ca177a4c7fbb4e829ab0894a1062b445c00f576b2b5cc7f819abd0f885cc4806f47ffb966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d3676329bb8cda690d192a070886df42b2708398773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169cdfaa4252d4ea6b8f6216ff202b5bfc182cb5e8380100632d03a7ca6f6d0339f9953c30930804fdc3690d10ecb65dc5b47481edbf1eee2e8893e903054d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026def743f1213bf817becd9e5a225d67521d1128eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979030000007081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f324661351df747aa6a65872dfdcfa68f65bd06b4082d43e121861b5cc09b986bf56c747d9a1cc5b506892c3a16ff10feea20bdac89bfb758cf3500000000000000000000000000000098e6db5a96055e764a3bfd4ccb20d2e800994f4b602d25b2c076f21c7102687e054bb93b2d013be6227fd99902b074c0de00733128c81c48c5e140b17d71ac48f137d10798c4272826d2ba55bbda0059636528c132ed06759d880d1bc291a76456cd7ee8bcb392fdf886dbc74879ec4b831904d7c101ebbaef3c0ae6d0cf0000000000000000000000000000000011cb735f66a559ef0cdb5163a15c0bb986474bf5d9542e3e48805ce53127e4c076d69d868df543717aaaa07d7aca056f7f036c2bcba0795d1a64868a29ac5321b3cd6ef5b1a741afc7124ee3df3a35e8014d6cb5fd6c054a10bb2146174c1d68b45fcfd7e531090ceae2f05536a4d5d6a4081e743827fb9c031d1fc9f195c2da189c49eaed6c30c71da0452e502ef393efeb02ebe82b1851cae5fa7c958ba23110b5e0e5b890803f28a356b2920e74564e0f8377b0ba5187fed2882b4780a1bcb583f1cb1470003ef9b592b9461328cfc01ebfce0ecdcea714a517dc40000000000000000000000000006bd0561e1cc72880cc3ec1bdf35eb670a9040e3b53cd826b94ad8aeb014e74787fe89fb3247a87d8bfb6d400142369f88964708d1d4db5a5df9d62ea6d805dfce568b885a50ed8e2eaf8a932287a1d3bfac17774e58875a63b77e07298e4b4f515189c6fcac3cd35dac9240e633219bb6a5a25865e6ed8e16caa5406b56702afe0befcabbc9a2a772a1a087f0d633d457bceb695b2cba3a1a2daa2dda796373cc0fe0a53236d028fc1076bb746b2717c8b6052f58c91bb8cc19474ab9d4d2160773829f078727f6c684ca749136a7f46ca28b00bb4237695b4"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x15, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
socket(0xa, 0x2, 0x0)
r5 = socket(0x10, 0x3, 0x0)
write(r5, &(0x7f0000000100)="240000001e005f02142dadffffffffee0200000000000000000000070000000000", 0x21)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000480)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000440)={&(0x7f0000001240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x9}}, [@NFT_MSG_DELTABLE={0x114, 0x2, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFTA_TABLE_FLAGS={0x8}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_USERDATA={0xde, 0x6, "8811dea140f51dadc16e3961e9c5d8cf002ae26319d8a73392ccb3001573bf2612d0748acbb38f5fe3f996dbe32ac818e40a4fcff38e5196e58082d3b9b12a0158ca577aa9c83551d33fc255644f4ba5400d203a95edd8c4cadec08a72b83a831110e43d24f059b1cc7af8fcf61aeab2a737dd67cd36ddc87e9cc1e4d7829cec810de577cf4d443a8e3c4f5bcf3f02bb1e97bd2ea172a51fb842d655d15023b4a46246bc7f3d78da765bbbc7cd214049e3080f423c1117f815b16d1f8e88e11d7feacaa22c36856c08f5b3144ebd3fe86f1a2e757ac00b1547b0"}]}, @NFT_MSG_NEWSET={0x120, 0x9, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x88}, @NFTA_SET_EXPRESSIONS={0x6c, 0x12, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @dup_ipv4={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_ADDR={0x8, 0x1, 0x1, 0x0, 0x17}]}}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @match={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @limit={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}, {0x10, 0x1, 0x0, 0x1, @xfrm={{0x9}, @void}}]}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x1}, @NFTA_SET_EXPRESSIONS={0x14, 0x12, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @quota={{0xa}, @void}}]}, @NFTA_SET_DESC={0x74, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x70, 0x2, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa73}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000000}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xcd71}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9996}, @NFTA_SET_FIELD_LEN={0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffe01}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}]}]}]}]}, @NFT_MSG_NEWSET={0x60, 0x9, 0xa, 0x3, 0x0, 0x0, {0x0, 0x0, 0x3}, [@NFTA_SET_DESC={0x8, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x4}]}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1}]}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_DATA_TYPE={0x8, 0x6, 0x1, 0x0, 0xffffff00}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}]}, @NFTA_SET_EXPR={0x10, 0x11, 0x0, 0x1, @exthdr={{0xb}, @void}}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x2bc}, 0x1, 0x0, 0x0, 0x40010}, 0x4000014)

1.317827221s ago: executing program 1 (id=2796):
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x2b442, 0x0)
syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x1c, r1, 0x181, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0)

1.277673945s ago: executing program 5 (id=2797):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000740)=0xa0000)
r1 = dup(r0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000040)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7cb, &(0x7f0000000100)={&(0x7f0000001100)={{@local}, {@hyper}, 0x400, "a9e982103df53ce6b531b9df69f4a83ca7c6c257ffcec48fdd079a484b999da8d403d2d5ae19962553412682691cb347a8ca3723330043d55bab204ad8910cdf928e51f78c9f8c491e01c0d8e9144bb316d74615369a7a2ddabf419d3e2d65d38103fad0397dadd36dbe6316275a011b5f2870f38d732bfae62c9fdb0041aed9aefade394a2894e979f2fb2cd1316f801727ce4a8cfceb7bb8a9402f66c37d8206f69da312b8c1c5e8e99e2a0b16ba5295795122357d9bb1657833b8ae83ac9256afc32056ee35dba7b44623dfa55250ae9fa1f9a950b930b98a6361f11f0fbd38339dde08ba0f056107fd2dc5bfaa8af65fa3d207f1db778b17d00e0988be71bb3f9e9364b865ea45276dc6c18f32b285f198161939e68f211d940d7f5e225c5e15945f1fd125859f94b08a3e777789fb743af30d11c3c68fae32f3aaf941d7e3b0111f19e1006b1730006b876f66be174f674cfffac793cb0bf7ba79b82cf4be085a4b8d8bd131d54efd9deba758fa848320296b5268c9885bf752a7a5dc6f080e322acf3a9ee33e1895b55a171d8114f15117f84cd13f6069141e9e31332ebd5189fff0a38dd650d179ba03f4754a1fde5f15f7267db4b2dc9a5cf43b6bc13133ec7ee6a6722ff39479a10d2336cb54074b1e00264b3a5f379015bdda214080959d2d1f3d376be2e3a049c86c7235cf1a0440b0c7758d2c08e2a2f00cd408b7fdfb789d77628631f98c4b0ecc1f63b60de931f419e17833d3846aaafa8b59368b6e993a6999f5ea6f75b09e394e2fb1f36c6a7669184f33a93ebda47aa5cfa402e76badd8996a760fb0713fefe693956336604d48dd28c2ff08f9433f390fa7995fa4423be17dc484ea61af21f5d3ba81605a1a511aae387097483689502cfd5658cf430277bc0baedd616f5aed85394031652b120ff98f5f626d4667f7b00f65e8ddb68496ef402041fe33e9e44a050366c0996bd06795926fb7e769c8f64d19ae9892a5faea7216f2c2b6f556cae9a12679f111a1585b936f7ae3bcfde5c633409646950fc42d5b6361462d5a39674fdf2a290ab8ef142312060d46ef792b6dbe17f9728d5e77ca33eeb9ab5e6982091f31f53829c8ff64b13bcfbb5e76137a2e402029f5882c79f66310fd4a3af9d88518e9f39a53804ed066d0adf687634fd27525866f7a5730d6047d4e049b2f48d5ef5d88502482471eb9fafd60a2d234f69b19b232235030c5ca8975f2be003fb079dd28cb029a599169bfd17e53e94fe0802b3fd6ba43e8fad6c0ae124ca1384a66e007c9066b3da2875ab032d1354a604b472b7e27298fcbeadcad250eff76b1e7d77e1861fb38dbbbb75fdea353604ff34c6b9ca6b692305b5e3f634c7a6d431aeafb6f82456a69996793645fd91cccf5b38ff5e070f049c992003e11d6174a38e217d56f2e427901927a5c17"}, 0x418})

1.224812148s ago: executing program 1 (id=2798):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f00000018c0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16aef0a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fd52347125907000000000000003ed38ae89d2434b1bfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde4990000000e000000010000000000000000000000000000000000000000000cabbdebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c19bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0842b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f04c7f0be31491eb8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d30586ae00460a6a6caf5741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b53c3fca5206cb000000d357d0c3d9d90b53a5d3e207b82b457bff9636bd79f4158fd1bbdc41babf5b17c0479221c93f71da5d87f726ae402b80cf0daa0c3429d39027e795c451075cc88d056c4fe1bbc2bc0106d0ceb07a3eb31ec752c8cf1af4735b79ed848716dc705fac8e94e8fc37185fa8c923726621748fa916fd10ac5b9a1d966318feda951ca6ed43f474c5976d150ca82e0694d28958b5338c083317b906367d"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
dup(r2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx2\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
socket$inet_mptcp(0x2, 0x1, 0x106)

1.202531068s ago: executing program 5 (id=2799):
socket(0x2a, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f00000003c0)='syzkaller\x00', 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
arch_prctl$ARCH_SET_CPUID(0x1012, 0x1)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
syz_open_pts(r3, 0x943681)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r4 = socket$netlink(0x10, 0x3, 0xa)
sendmmsg(r4, &(0x7f00000002c0), 0x40000000000009f, 0x0)

282.806174ms ago: executing program 1 (id=2800):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@multicast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @dev, @multicast2}, "00186371ae9b1c03"}}}}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x11d080, 0x122)
mknodat$null(r2, &(0x7f00000002c0)='./file0\x00', 0x400, 0x103)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f00000000c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @broadcast}}}, 0x108)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7b, 0x4)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e23, @broadcast}, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="3c34000000000000040100c910fc02000000000000000000000000000107", @ANYRES32], 0x1b0)
setsockopt$inet6_IPV6_HOPOPTS(r5, 0x29, 0x36, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='ext4_ext_remove_space_done\x00'}, 0x10)
close(0xffffffffffffffff)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10)
recvmsg(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0xa, &(0x7f0000002200)=[{&(0x7f00000035c0)=""/4106, 0x200045ca}], 0x1, 0x0, 0x46, 0x407006}, 0x104)

271.624288ms ago: executing program 3 (id=2801):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
syz_clone(0x12000000, 0x0, 0x16, 0x0, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000000280))
setreuid(0x0, 0x0)
setpriority(0x1, 0x0, 0x0)

38.600485ms ago: executing program 5 (id=2802):
syz_open_dev$usbfs(0x0, 0x201, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x100000)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
io_setup(0x2, &(0x7f0000000180)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000240)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

0s ago: executing program 3 (id=2803):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="8400000019001fb2b9409b0d1b809ac00a80a57802", 0x15, 0x0, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="9000000019001f15b9409b0d1b849ac002", 0x11, 0x0, 0x0, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
io_uring_enter(0xffffffffffffffff, 0x2a94, 0x91ec, 0x18, &(0x7f00000000c0)={[0x2]}, 0x8)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$SOUND_MIXER_READ_CAPS(0xffffffffffffffff, 0x80044dfc, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x3c, &(0x7f0000311ffc)=0x1, 0x4)
setsockopt$inet6_buf(r4, 0x29, 0x3e, &(0x7f00002cef88)="d84f7398", 0x4)
sendto$inet6(r4, &(0x7f0000000800)="51e251578851f74182a74b89b27df427aeef44966d202e4138b5a18e75a0424e7fe93b0d32c7abba87b65f97aba1c26a06b6d94c4aefd8fdca10e744391062c8e612721c20051608d9aa6dacf61e1eb331a4daad402b9885599d56130f7149fb1111fa116e94324d585a0569fbd311dad54cb4e32ff7f02216844ef42eeb66c3d526c878d5135ad1c9262239339c18885e2a0a95854d6cde3dd2feeaa50216af6c5760923413af81199a65a6332b02ec7bbf79d557c033cbe032fdc44f66a5c59cc4a3c5d218f5896b359d1efd60baf98df6396567478f7b817ce6e11d59a7def452a068e9607f57f626a5b8d476636ef1ee76307524009ae49be402000000000000001e80fed632155e14da1f7324d97bc61a3c1edc4431ee8a6caa2ed9f85cea5a2a9b263630c7d6fc35dda6002da571a2e51917e7c1019d8ce21a608147e408074c7c5f444fab931bda86d977d7c9ccefd881e5ef05b287f41eea526862885881c2cdc687dff02ba9b70a9b08734ac4d62c7f34465c34aa9e9f136c7f796d9eea41aa37f61830508338bb1f887089070567a1dd96cd700e7a098dabedb60f31acd17d487bc8be1a3101d2b5ac1715003793596c6daa93a27f4adb4d6fbea5669cabc206c944317ea18a2c762457f1bc945fec8f849641d44e7e2a24faeee28f3f266395fe18b0dce20c1f64e8896c8ff0e4a44a116fb32462471a0fcde143e551723d57339722765673b4163d66f473ac10f988cb252f106632f9884a47866d284b4efc6bb1aa74ed48d4a6535795f0873a99907ebc22be2337364cf9acc063e32f7d2e02fad64d04aa405d2dbdee1128ab1e4761d2dd30885ad37dd168478f10789d172feef4c817a5cd372caade57f23300e45f47e001e3ea09364ab42ee9802477368b9910f4e24037c871cb8251568c792287a6f49fa61b7c2600accaa0e7b40c59d88a29af5886c1f5dfc6837c58aaef12a9e100225c70441144ffa82927fa4802ed9ebb03eea8e945af5f4993f21a7f53baf7ec5bb6cc96b917dde82c18840c3500e9565f68f687b1c73d834c0d99d4acb002dc5682dbcdb1217a98f6c3ef8318b7fa93894e8a097b4511ba5c035e27c9fe8bfe7754741ac21bbc0303b81672e3117e5590fe2d92f912759b9937f64204ec5caa92e218daa5a3ef64617beb30cccb31016b13ed8d7bcabb03e176b1c9bda3bf1c1256ab74ab6f42ed9bafbbd0096263be1a7da1e1c88deec55a653d170e1e13c77dacaa60a37a6ba2383e661ebc9f13dbaade2dd884c9951819fb4608e19e70cd2496ccfb12f24c71f496cfe90400fe1bbea1e9a24b1d4664fb0776aca6269b396779680e52f86877d9209988d12ccb137be01ab7496d00547a7d4849d365a18dbb55c429cde87d33c4b74ad2273cdfee88b5418866ef327f25e9cbcd5a64d97184339f7e4cb5f8de171d2779c0f68884ae835e398f982d5749f085628d3608986656ea04b721f828202e9342bd7d19dfa091e772aebf9718030167a8c029df7c58b7f40029d7cfcaf26fd1900d8775ef373e8e2c5bf3525f907add3be426cd5a079c49abffe933e9ee213a3baf34f932d1299312691e1c53e6247ae0989ad66070d51fad22856a8b6b28954e7d41189b11c5321789eec8670de9e8db0b0473ba2e02731e60e7222697d61e052c18d4bcc6d1572fdf426f7b2fee6c1dee66c85c497b90facaf63b8ec5cde4a73400f9180bcfc0f81eca9580a7c81462a077f9034026bf72aa7c6de4b3c15d4a2dbd6fd7d87084aea9f25fb4bf5ec83eb56874a760533792dff2695407ccdd6a7375e0007230fd3f6501c152f1c1ff279b1d67cc95f2820762b7927659368e41657bdef2dd15b63498a93b787bdb26809d734aaf98b86fcf9fc643a34d03ebbe072820662d20d4774d66c5ae270adade5b8f6242a059b926221ee3d677487471c432b0d6d64dad030703475bb3ecac39b204a814f5ece5961621358e36f8a2cf7196c76959824bbb475a7cad8f57853fe05f59f341b5207cc9bb8d686982c2f158e0d8f5c7ec6cbfd5", 0x5ad, 0x0, &(0x7f0000000080)={0xa, 0x5e20, 0x0, @mcast2}, 0x1c)
recvfrom$inet6(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r5)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x64}}, 0x0)
syz_genetlink_get_family_id$ieee802154(&(0x7f0000000300), r5)

kernel console output (not intermixed with test programs):

3333.002A: fixing up Keytouch IEC report descriptor
[  694.754408][T14852] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2188'.
[  695.181549][ T5875] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.002A/input/input75
[  695.361883][T14858] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  696.275440][ T5875] keytouch 0003:0926:3333.002A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  696.299544][ T5874] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  696.307836][ T5875] usb 5-1: USB disconnect, device number 54
[  696.655573][T14868] FAULT_INJECTION: forcing a failure.
[  696.655573][T14868] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  696.669868][ T5874] usb 2-1: Using ep0 maxpacket: 16
[  696.675835][T14868] CPU: 0 UID: 0 PID: 14868 Comm: syz.3.2193 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  696.686604][T14868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  696.696644][T14868] Call Trace:
[  696.699905][T14868]  <TASK>
[  696.702823][T14868]  dump_stack_lvl+0x16c/0x1f0
[  696.707663][T14868]  should_fail_ex+0x497/0x5b0
[  696.712329][T14868]  _copy_to_user+0x32/0xd0
[  696.716747][T14868]  simple_read_from_buffer+0xd0/0x160
[  696.722113][T14868]  proc_fail_nth_read+0x198/0x270
[  696.727124][T14868]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  696.732657][T14868]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  696.738187][T14868]  vfs_read+0x1df/0xbe0
[  696.742332][T14868]  ? __fget_files+0x23a/0x3f0
[  696.746999][T14868]  ? fdget_pos+0x24c/0x360
[  696.751395][T14868]  ? __pfx_lock_release+0x10/0x10
[  696.756399][T14868]  ? trace_lock_acquire+0x14a/0x1d0
[  696.761583][T14868]  ? __pfx_vfs_read+0x10/0x10
[  696.766248][T14868]  ? __pfx___mutex_lock+0x10/0x10
[  696.771262][T14868]  ? __fget_files+0x244/0x3f0
[  696.775935][T14868]  ksys_read+0x12f/0x260
[  696.780183][T14868]  ? __pfx_ksys_read+0x10/0x10
[  696.784958][T14868]  do_syscall_64+0xcd/0x250
[  696.789460][T14868]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  696.795351][T14868] RIP: 0033:0x7f1e1117d15c
[  696.799756][T14868] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  696.819354][T14868] RSP: 002b:00007f1e11f92030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  696.827773][T14868] RAX: ffffffffffffffda RBX: 00007f1e11336058 RCX: 00007f1e1117d15c
[  696.835736][T14868] RDX: 000000000000000f RSI: 00007f1e11f920a0 RDI: 0000000000000004
[  696.843691][T14868] RBP: 00007f1e11f92090 R08: 0000000000000000 R09: 0000000000000000
[  696.851658][T14868] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  696.859619][T14868] R13: 0000000000000000 R14: 00007f1e11336058 R15: 00007ffe3f08ffb8
[  696.867612][T14868]  </TASK>
[  696.891898][ T5874] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  696.903816][ T5874] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  696.914093][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  696.923055][ T5874] usb 2-1: SerialNumber: syz
[  696.957540][ T5874] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  696.968304][ T5874] cdc_acm 2-1:1.0: This needs exactly 3 endpoints
[  696.976541][ T5874] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -22
[  697.669925][ T5874] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  697.829877][ T5874] usb 5-1: Using ep0 maxpacket: 8
[  697.882154][ T5874] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  697.913104][ T5874] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  697.988995][ T5874] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  697.998650][ T5874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  698.060613][ T5874] usb 5-1: Product: syz
[  698.066798][ T5874] usb 5-1: Manufacturer: syz
[  698.076419][ T5874] usb 5-1: SerialNumber: syz
[  698.085522][ T5874] usb 5-1: config 0 descriptor??
[  698.540662][ T5874] usb 5-1: USB disconnect, device number 55
[  698.572739][T14892] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  698.589590][T14892] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  698.689905][   T29] audit: type=1400 audit(2000000238.784:760): avc:  denied  { create } for  pid=14893 comm="syz.5.2202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  698.744429][T11995] usb 2-1: USB disconnect, device number 43
[  698.753466][   T29] audit: type=1400 audit(2000000238.844:761): avc:  denied  { write } for  pid=14895 comm="syz.0.2203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  698.800966][   T29] audit: type=1400 audit(2000000238.874:762): avc:  denied  { setopt } for  pid=14895 comm="syz.0.2203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  698.959911][ T5874] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  699.029803][T13620] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  699.209679][T13620] usb 1-1: Using ep0 maxpacket: 8
[  699.225550][T13620] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[  699.250067][T13620] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  699.279522][T13620] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  699.299498][T13620] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  699.317912][T13620] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  699.331254][T13620] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  699.340358][T13620] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  699.430895][ T5874] usb 6-1: Using ep0 maxpacket: 32
[  699.737742][ T5874] usb 6-1: config 32 has an invalid interface number: 178 but max is 0
[  699.755216][T13620] usb 1-1: GET_CAPABILITIES returned 0
[  699.760785][T13620] usbtmc 1-1:16.0: can't read capabilities
[  699.764150][ T5874] usb 6-1: config 32 has no interface number 0
[  699.794674][ T5874] usb 6-1: config 32 interface 178 has no altsetting 0
[  700.151086][ T5874] usb 6-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=6e.11
[  700.154709][   T29] audit: type=1400 audit(2000000240.244:763): avc:  denied  { read } for  pid=14895 comm="syz.0.2203" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  700.160431][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  700.179962][    C1] vkms_vblank_simulate: vblank timer overrun
[  700.196834][ T5874] usb 6-1: Product: syz
[  700.204163][ T5874] usb 6-1: Manufacturer: syz
[  700.229589][ T5874] usb 6-1: SerialNumber: syz
[  700.557307][T14912] block nbd1: not configured, cannot reconfigure
[  700.569140][T14912] Process accounting resumed
[  700.585811][T14916] misc userio: No port type given on /dev/userio
[  700.602497][T14912] Process accounting resumed
[  700.635790][   T29] audit: type=1326 audit(2000000240.724:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14895 comm="syz.0.2203" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f137077e719 code=0x0
[  700.682463][T14896] "syz.0.2203" (14896) uses obsolete ecb(arc4) skcipher
[  700.695443][T14896] Context (ID=0x0) not attached to queue pair (handle=0x2:0x0)
[  700.754284][T14927] FAULT_INJECTION: forcing a failure.
[  700.754284][T14927] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  700.768107][T14927] CPU: 1 UID: 0 PID: 14927 Comm: syz.1.2212 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  700.778879][T14927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  700.788922][T14927] Call Trace:
[  700.792186][T14927]  <TASK>
[  700.795103][T14927]  dump_stack_lvl+0x16c/0x1f0
[  700.799775][T14927]  should_fail_ex+0x497/0x5b0
[  700.804446][T14927]  _copy_from_user+0x2e/0xd0
[  700.809027][T14927]  copy_msghdr_from_user+0x99/0x160
[  700.814219][T14927]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  700.820030][T14927]  ? __pfx___lock_acquire+0x10/0x10
[  700.825256][T14927]  ___sys_sendmsg+0xff/0x1e0
[  700.829850][T14927]  ? __pfx____sys_sendmsg+0x10/0x10
[  700.835047][T14927]  ? lock_acquire+0x2f/0xb0
[  700.839538][T14927]  ? __fget_files+0x40/0x3f0
[  700.844148][T14927]  ? fdget+0x176/0x210
[  700.848216][T14927]  __sys_sendmmsg+0x1a1/0x450
[  700.852888][T14927]  ? __pfx___sys_sendmmsg+0x10/0x10
[  700.858075][T14927]  ? vfs_write+0x306/0x1150
[  700.862577][T14927]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  700.868552][T14927]  ? fput+0x30/0x390
[  700.872435][T14927]  ? ksys_write+0x1ad/0x260
[  700.876928][T14927]  ? __pfx_ksys_write+0x10/0x10
[  700.881768][T14927]  __x64_sys_sendmmsg+0x9c/0x100
[  700.886696][T14927]  ? lockdep_hardirqs_on+0x7c/0x110
[  700.891900][T14927]  do_syscall_64+0xcd/0x250
[  700.896401][T14927]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.902291][T14927] RIP: 0033:0x7f11b5b7e719
[  700.906696][T14927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.926290][T14927] RSP: 002b:00007f11b3ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  700.934693][T14927] RAX: ffffffffffffffda RBX: 00007f11b5d35f80 RCX: 00007f11b5b7e719
[  700.942649][T14927] RDX: 0000000000000001 RSI: 0000000020001ec0 RDI: 0000000000000004
[  700.950637][T14927] RBP: 00007f11b3ff6090 R08: 0000000000000000 R09: 0000000000000000
[  700.958595][T14927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.966552][T14927] R13: 0000000000000000 R14: 00007f11b5d35f80 R15: 00007ffe425599b8
[  700.974520][T14927]  </TASK>
[  700.977623][    C1] vkms_vblank_simulate: vblank timer overrun
[  700.993036][   T29] audit: type=1400 audit(2000000241.084:765): avc:  denied  { write } for  pid=14893 comm="syz.5.2202" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_crypto_socket permissive=1
[  701.079467][   T29] audit: type=1400 audit(2000000241.124:766): avc:  denied  { validate_trans } for  pid=14893 comm="syz.5.2202" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:security_t tclass=security permissive=1
[  701.782056][ T5872] usb 1-1: USB disconnect, device number 42
[  701.869756][T13620] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  702.194259][T13620] usb 2-1: Using ep0 maxpacket: 32
[  702.218701][T13620] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[  702.251607][T13620] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 22
[  702.275416][T13620] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  702.284615][T13620] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  702.292931][T13620] usb 2-1: SerialNumber: syz
[  702.315411][T14934] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  703.203333][ T5874] redrat3 6-1:32.178: Couldn't find all endpoints
[  703.250483][ T5874] usb 6-1: USB disconnect, device number 43
[  703.290135][T13620] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[  703.298549][T13620] cdc_acm 2-1:1.0: This needs exactly 3 endpoints
[  703.305097][T13620] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -22
[  703.322308][T13620] usb 2-1: USB disconnect, device number 44
[  703.407042][T14954] FAULT_INJECTION: forcing a failure.
[  703.407042][T14954] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  703.445840][T14954] CPU: 1 UID: 0 PID: 14954 Comm: syz.3.2221 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  703.456641][T14954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  703.466692][T14954] Call Trace:
[  703.469951][T14954]  <TASK>
[  703.472869][T14954]  dump_stack_lvl+0x16c/0x1f0
[  703.477538][T14954]  should_fail_ex+0x497/0x5b0
[  703.482228][T14954]  _copy_from_user+0x2e/0xd0
[  703.486829][T14954]  __sys_bpf+0x21c/0x49a0
[  703.491164][T14954]  ? ksys_write+0x21e/0x260
[  703.495668][T14954]  ? reacquire_held_locks+0x470/0x4c0
[  703.501043][T14954]  ? __pfx___sys_bpf+0x10/0x10
[  703.505812][T14954]  ? vfs_write+0x306/0x1150
[  703.510337][T14954]  ? __mutex_unlock_slowpath+0x164/0x650
[  703.515989][T14954]  ? fput+0x30/0x390
[  703.519893][T14954]  ? ksys_write+0x1ad/0x260
[  703.524399][T14954]  ? __pfx_ksys_write+0x10/0x10
[  703.529255][T14954]  __x64_sys_bpf+0x78/0xc0
[  703.533675][T14954]  ? lockdep_hardirqs_on+0x7c/0x110
[  703.538887][T14954]  do_syscall_64+0xcd/0x250
[  703.543395][T14954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  703.549300][T14954] RIP: 0033:0x7f1e1117e719
[  703.553717][T14954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  703.573331][T14954] RSP: 002b:00007f1e11fb3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  703.581753][T14954] RAX: ffffffffffffffda RBX: 00007f1e11335f80 RCX: 00007f1e1117e719
[  703.589727][T14954] RDX: 0000000000000090 RSI: 0000000020000200 RDI: 0000000000000005
[  703.597702][T14954] RBP: 00007f1e11fb3090 R08: 0000000000000000 R09: 0000000000000000
[  703.605676][T14954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  703.613642][T14954] R13: 0000000000000000 R14: 00007f1e11335f80 R15: 00007ffe3f08ffb8
[  703.621598][T14954]  </TASK>
[  703.624666][    C1] vkms_vblank_simulate: vblank timer overrun
[  703.668122][T14959] blktrace: Concurrent blktraces are not allowed on sg0
[  703.789589][ T5875] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  703.959035][T14965] netlink: 'syz.3.2223': attribute type 8 has an invalid length.
[  703.966941][T14965] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.2223'.
[  704.359463][ T5875] usb 5-1: Using ep0 maxpacket: 32
[  704.365971][ T5875] usb 5-1: config 0 has no interfaces?
[  704.372132][T14972] misc userio: No port type given on /dev/userio
[  704.388217][ T5875] usb 5-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  704.397476][ T5875] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.508540][ T5875] usb 5-1: config 0 descriptor??
[  705.055387][T14952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.159813][T14952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  705.280494][ T5874] usb 5-1: USB disconnect, device number 56
[  705.379145][   T29] audit: type=1326 audit(2000000245.464:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14981 comm="syz.5.2229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f150b97e719 code=0x0
[  705.512635][ T5876] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  706.229605][ T5876] usb 4-1: Using ep0 maxpacket: 16
[  706.246261][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  706.374624][ T5876] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  706.511497][ T5874] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  706.527255][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  706.536763][ T5876] usb 4-1: Product: syz
[  706.542226][ T5876] usb 4-1: Manufacturer: syz
[  706.546803][ T5876] usb 4-1: SerialNumber: syz
[  706.562352][ T5876] usb 4-1: config 0 descriptor??
[  706.574042][ T5876] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  706.587551][ T5876] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  706.991989][ T5874] usb 5-1: device not accepting address 57, error -71
[  708.432812][T15013] block nbd5: not configured, cannot reconfigure
[  708.668562][ T5876] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  708.761284][ T5876] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  708.769901][ T5876] em28xx 4-1:0.0: board has no eeprom
[  708.939498][ T5876] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  709.025669][ T5876] em28xx 4-1:0.0: dvb set to bulk mode.
[  709.036157][T15026] misc userio: No port type given on /dev/userio
[  709.053775][ T5874] em28xx 4-1:0.0: Binding DVB extension
[  709.601117][ T5874] em28xx 4-1:0.0: Registering input extension
[  709.955074][ T5936] usb 4-1: USB disconnect, device number 32
[  709.962470][ T5936] em28xx 4-1:0.0: Disconnecting em28xx
[  709.967961][ T5936] em28xx 4-1:0.0: Closing input extension
[  709.979111][T15037] netlink: 100 bytes leftover after parsing attributes in process `syz.5.2244'.
[  710.117907][ T5876] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  710.356688][ T5936] em28xx 4-1:0.0: Freeing device
[  710.521282][ T5876] usb 1-1: Using ep0 maxpacket: 8
[  710.569132][ T5876] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  710.580284][ T5876] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  710.750763][ T5876] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  710.767431][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.775530][ T5876] usb 1-1: Product: syz
[  710.779934][ T5876] usb 1-1: Manufacturer: syz
[  710.784536][ T5876] usb 1-1: SerialNumber: syz
[  710.794275][ T5876] usb 1-1: config 0 descriptor??
[  710.804519][   T29] audit: type=1400 audit(2000000250.894:768): avc:  denied  { create } for  pid=15057 comm="syz.5.2249" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=user_namespace permissive=1
[  710.837058][   T29] audit: type=1400 audit(2000000250.924:769): avc:  denied  { sys_admin } for  pid=15057 comm="syz.5.2249" capability=21  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  711.118487][T15065] team0: entered promiscuous mode
[  711.123687][T15065] team_slave_0: entered promiscuous mode
[  711.130122][T15065] team_slave_1: entered promiscuous mode
[  711.717193][T15059] team0: left promiscuous mode
[  711.722511][T15059] team_slave_0: left promiscuous mode
[  711.728305][T15059] team_slave_1: left promiscuous mode
[  711.781255][T15069] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  711.822160][   T29] audit: type=1326 audit(2000000251.914:770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15070 comm="syz.3.2253" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1e1117e719 code=0x0
[  713.133961][T15087] fuse: Bad value for 'fd'
[  713.606753][T13621] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  714.879687][T13621] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  714.891130][T13621] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  714.900427][T13621] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.911514][T13621] usb 2-1: config 0 descriptor??
[  716.018373][T13621] keytouch 0003:0926:3333.002B: fixing up Keytouch IEC report descriptor
[  716.029035][T13621] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.002B/input/input77
[  716.164989][T13621] keytouch 0003:0926:3333.002B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  716.224899][    C1] usb 2-1: input irq status -75 received
[  716.564958][T13621] usb 2-1: USB disconnect, device number 45
[  717.417845][T15138] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2273'.
[  717.459198][T15138] : entered promiscuous mode
[  718.750858][   T29] audit: type=1400 audit(2000000258.834:771): avc:  denied  { create } for  pid=15159 comm="syz.5.2281" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  720.427451][   T29] audit: type=1400 audit(2000000260.514:772): avc:  denied  { ioctl } for  pid=15179 comm="syz.1.2286" path="/457/file0/file0" dev="fuse" ino=0 ioctlcmd=0x70ca scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=blk_file permissive=1
[  720.549150][T15185] block nbd1: not configured, cannot reconfigure
[  721.269638][ T5876] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  721.479554][ T5876] usb 6-1: Using ep0 maxpacket: 32
[  721.499078][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  721.524348][ T5876] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  721.584582][ T5876] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  721.595359][ T5876] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  722.005354][ T5876] usb 6-1: config 0 descriptor??
[  722.680836][T15171] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2284'.
[  722.794340][ T5876] usbhid 6-1:0.0: can't add hid device: -71
[  722.800435][ T5876] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  722.811839][ T5876] usb 6-1: USB disconnect, device number 44
[  723.835553][T15220] af_packet: tpacket_rcv: packet too big, clamped from 65338 to 3956. macoff=92
[  725.226618][T15242] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2305'.
[  725.264530][T15240] FAULT_INJECTION: forcing a failure.
[  725.264530][T15240] name failslab, interval 1, probability 0, space 0, times 0
[  725.279685][T15240] CPU: 0 UID: 0 PID: 15240 Comm: syz.3.2304 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  725.290472][T15240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  725.300548][T15240] Call Trace:
[  725.303825][T15240]  <TASK>
[  725.306753][T15240]  dump_stack_lvl+0x16c/0x1f0
[  725.311442][T15240]  should_fail_ex+0x497/0x5b0
[  725.316130][T15240]  ? fs_reclaim_acquire+0xae/0x150
[  725.321244][T15240]  should_failslab+0xc2/0x120
[  725.326682][T15240]  __kmalloc_noprof+0xcb/0x400
[  725.331432][T15240]  tomoyo_encode2+0x100/0x3e0
[  725.336099][T15240]  tomoyo_encode+0x29/0x50
[  725.340500][T15240]  tomoyo_realpath_from_path+0x19d/0x720
[  725.346120][T15240]  ? tomoyo_path_number_perm+0x232/0x590
[  725.351751][T15240]  tomoyo_path_number_perm+0x245/0x590
[  725.357210][T15240]  ? tomoyo_path_number_perm+0x232/0x590
[  725.362831][T15240]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  725.368810][T15240]  ? trace_lock_acquire+0x14a/0x1d0
[  725.373999][T15240]  ? lock_acquire+0x2f/0xb0
[  725.378496][T15240]  ? __fget_files+0x40/0x3f0
[  725.383081][T15240]  ? __fget_files+0x244/0x3f0
[  725.387761][T15240]  security_file_ioctl+0x9b/0x240
[  725.392773][T15240]  __x64_sys_ioctl+0xbb/0x220
[  725.397439][T15240]  do_syscall_64+0xcd/0x250
[  725.401930][T15240]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  725.407815][T15240] RIP: 0033:0x7f1e1117e719
[  725.412213][T15240] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  725.431804][T15240] RSP: 002b:00007f1e11fb3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  725.440205][T15240] RAX: ffffffffffffffda RBX: 00007f1e11335f80 RCX: 00007f1e1117e719
[  725.448167][T15240] RDX: 0000000000000000 RSI: 00000000c0046686 RDI: 0000000000000006
[  725.456124][T15240] RBP: 00007f1e11fb3090 R08: 0000000000000000 R09: 0000000000000000
[  725.464089][T15240] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  725.472044][T15240] R13: 0000000000000000 R14: 00007f1e11335f80 R15: 00007ffe3f08ffb8
[  725.480009][T15240]  </TASK>
[  725.495096][T15240] ERROR: Out of memory at tomoyo_realpath_from_path.
[  725.760154][T15249] netlink: 'syz.5.2306': attribute type 8 has an invalid length.
[  725.767968][T15249] netlink: 161700 bytes leftover after parsing attributes in process `syz.5.2306'.
[  726.928867][T15261] netlink: 'syz.5.2310': attribute type 8 has an invalid length.
[  726.936711][T15261] netlink: 161700 bytes leftover after parsing attributes in process `syz.5.2310'.
[  728.212113][T15275] netlink: 'syz.1.2314': attribute type 11 has an invalid length.
[  728.220845][T15275] netlink: 210876 bytes leftover after parsing attributes in process `syz.1.2314'.
[  728.542936][ T5874] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  728.680939][   T29] audit: type=1400 audit(2000000268.774:773): avc:  denied  { ioctl } for  pid=15283 comm="syz.3.2317" path="socket:[45595]" dev="sockfs" ino=45595 ioctlcmd=0x89e3 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rose_socket permissive=1
[  728.734198][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  728.745571][ T5874] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  728.755089][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.799675][ T5874] usb 6-1: config 0 descriptor??
[  729.411664][T15300] netlink: 'syz.3.2321': attribute type 8 has an invalid length.
[  729.419500][T15300] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.2321'.
[  729.889715][ T5874] keytouch 0003:0926:3333.002C: fixing up Keytouch IEC report descriptor
[  729.905537][ T5874] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.002C/input/input78
[  729.965328][    C0] usb 6-1: input irq status -75 received
[  729.982439][ T5874] keytouch 0003:0926:3333.002C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  730.395124][T15311] FAULT_INJECTION: forcing a failure.
[  730.395124][T15311] name failslab, interval 1, probability 0, space 0, times 0
[  730.528871][T15311] CPU: 0 UID: 0 PID: 15311 Comm: syz.1.2324 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  730.539690][T15311] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  730.549747][T15311] Call Trace:
[  730.553024][T15311]  <TASK>
[  730.555956][T15311]  dump_stack_lvl+0x16c/0x1f0
[  730.560641][T15311]  should_fail_ex+0x497/0x5b0
[  730.565326][T15311]  should_failslab+0xc2/0x120
[  730.570006][T15311]  __kmalloc_noprof+0xcb/0x400
[  730.574752][T15311]  tomoyo_encode2+0x100/0x3e0
[  730.579408][T15311]  tomoyo_encode+0x29/0x50
[  730.583801][T15311]  tomoyo_mount_acl+0x145/0x880
[  730.588629][T15311]  ? __pfx_tomoyo_mount_acl+0x10/0x10
[  730.593977][T15311]  ? lockdep_hardirqs_on+0x7c/0x110
[  730.599164][T15311]  ? trace_lock_acquire+0x14a/0x1d0
[  730.604347][T15311]  ? tomoyo_mount_permission+0x146/0x410
[  730.609970][T15311]  ? lock_acquire+0x2f/0xb0
[  730.614448][T15311]  ? tomoyo_mount_permission+0x146/0x410
[  730.620057][T15311]  tomoyo_mount_permission+0x16b/0x410
[  730.625491][T15311]  ? tomoyo_mount_permission+0x146/0x410
[  730.631099][T15311]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  730.637058][T15311]  ? get_current_fs_domain+0x184/0x1f0
[  730.642497][T15311]  security_sb_mount+0x9b/0x260
[  730.647323][T15311]  path_mount+0x129/0x1f20
[  730.651731][T15311]  ? __pfx_path_mount+0x10/0x10
[  730.656559][T15311]  __x64_sys_mount+0x294/0x320
[  730.661298][T15311]  ? __pfx___x64_sys_mount+0x10/0x10
[  730.666560][T15311]  do_syscall_64+0xcd/0x250
[  730.671040][T15311]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.676911][T15311] RIP: 0033:0x7f11b5b7e719
[  730.681303][T15311] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.700883][T15311] RSP: 002b:00007f11b3fd5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  730.709270][T15311] RAX: ffffffffffffffda RBX: 00007f11b5d36058 RCX: 00007f11b5b7e719
[  730.717217][T15311] RDX: 0000000000000000 RSI: 00000000200003c0 RDI: 0000000000000000
[  730.725163][T15311] RBP: 00007f11b3fd5090 R08: 0000000000000000 R09: 0000000000000000
[  730.733110][T15311] R10: 0000000000004023 R11: 0000000000000246 R12: 0000000000000001
[  730.741056][T15311] R13: 0000000000000001 R14: 00007f11b5d36058 R15: 00007ffe425599b8
[  730.749006][T15311]  </TASK>
[  730.792374][ T5874] usb 6-1: USB disconnect, device number 45
[  730.961735][   T29] audit: type=1400 audit(2000000271.054:774): avc:  denied  { accept } for  pid=15312 comm="syz.1.2325" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  732.349626][   T25] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  732.535373][   T25] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  732.549457][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  732.566153][   T25] usb 2-1: config 0 descriptor??
[  732.575454][   T25] cp210x 2-1:0.0: cp210x converter detected
[  732.663497][   T29] audit: type=1326 audit(2000000272.754:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.687083][   T29] audit: type=1326 audit(2000000272.754:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.711041][   T29] audit: type=1326 audit(2000000272.754:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.734417][   T29] audit: type=1326 audit(2000000272.754:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.758091][   T29] audit: type=1326 audit(2000000272.754:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=89 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.782632][   T29] audit: type=1326 audit(2000000272.754:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.806118][   T29] audit: type=1326 audit(2000000272.754:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f150b97d0b0 code=0x7ffc0000
[  732.830040][   T29] audit: type=1326 audit(2000000272.754:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15339 comm="syz.5.2334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f150b97e719 code=0x7ffc0000
[  732.976008][   T25] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[  732.988731][   T25] cp210x 2-1:0.0: failed to get vendor val 0x3711 size 2: -121
[  733.101946][   T25] cp210x 2-1:0.0: GPIO initialisation failed: -121
[  733.118199][   T25] usb 2-1: cp210x converter now attached to ttyUSB0
[  733.691805][T15355] FAULT_INJECTION: forcing a failure.
[  733.691805][T15355] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  733.704994][T15355] CPU: 0 UID: 0 PID: 15355 Comm: syz.3.2337 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  733.715752][T15355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  733.725792][T15355] Call Trace:
[  733.729055][T15355]  <TASK>
[  733.731972][T15355]  dump_stack_lvl+0x16c/0x1f0
[  733.736642][T15355]  should_fail_ex+0x497/0x5b0
[  733.741311][T15355]  _copy_from_user+0x2e/0xd0
[  733.745891][T15355]  __tun_chr_ioctl+0x4bc/0x4760
[  733.750731][T15355]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  733.757222][T15355]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  733.763739][T15355]  ? __pfx___tun_chr_ioctl+0x10/0x10
[  733.769024][T15355]  ? selinux_file_ioctl+0x180/0x270
[  733.774213][T15355]  ? selinux_file_ioctl+0xb4/0x270
[  733.779313][T15355]  ? __pfx_tun_chr_ioctl+0x10/0x10
[  733.784417][T15355]  __x64_sys_ioctl+0x18f/0x220
[  733.789173][T15355]  do_syscall_64+0xcd/0x250
[  733.793665][T15355]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.799551][T15355] RIP: 0033:0x7f1e1117e719
[  733.803969][T15355] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.823584][T15355] RSP: 002b:00007f1e11f71038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  733.831984][T15355] RAX: ffffffffffffffda RBX: 00007f1e11336130 RCX: 00007f1e1117e719
[  733.839945][T15355] RDX: 0000000020000180 RSI: 00000000400454ca RDI: 0000000000000005
[  733.847901][T15355] RBP: 00007f1e11f71090 R08: 0000000000000000 R09: 0000000000000000
[  733.855861][T15355] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.863818][T15355] R13: 0000000000000000 R14: 00007f1e11336130 R15: 00007ffe3f08ffb8
[  733.871784][T15355]  </TASK>
[  733.874860][    C0] vkms_vblank_simulate: vblank timer overrun
[  735.395694][T15361] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2339'.
[  735.420417][T13621] usb 2-1: USB disconnect, device number 46
[  735.428511][T13621] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  735.438564][T13621] cp210x 2-1:0.0: device disconnected
[  735.575552][T15364] team0: entered promiscuous mode
[  735.580687][T15364] team_slave_0: entered promiscuous mode
[  735.586455][T15364] team_slave_1: entered promiscuous mode
[  735.793284][T15358] team0: left promiscuous mode
[  735.798106][T15358] team_slave_0: left promiscuous mode
[  735.805022][T15358] team_slave_1: left promiscuous mode
[  738.859161][T15412] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2352'.
[  741.062392][T15439] xt_socket: unknown flags 0x4
[  742.819486][ T5874] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  742.979563][ T5874] usb 6-1: Using ep0 maxpacket: 16
[  743.119149][ T5874] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  743.164744][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.222714][ T5874] usb 6-1: Product: syz
[  743.275173][ T5874] usb 6-1: Manufacturer: syz
[  743.337730][ T5874] usb 6-1: SerialNumber: syz
[  743.455436][ T5874] r8152-cfgselector 6-1: Unknown version 0x0000
[  743.461904][ T5874] r8152-cfgselector 6-1: config 0 descriptor??
[  743.670897][ T5874] r8152-cfgselector 6-1: Needed 1 retries to read version
[  743.905732][   T25] r8152-cfgselector 6-1: USB disconnect, device number 46
[  744.882256][T15485] netlink: 'syz.1.2376': attribute type 10 has an invalid length.
[  744.893197][T15485] bond0: (slave bond_slave_0): Releasing backup interface
[  745.218523][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  745.218537][   T29] audit: type=1400 audit(2000000285.304:790): avc:  denied  { write } for  pid=15494 comm="syz.5.2380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  745.218628][T15495] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2380'.
[  745.224665][   T29] audit: type=1400 audit(2000000285.304:791): avc:  denied  { nlmsg_write } for  pid=15494 comm="syz.5.2380" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  745.274744][    C1] vkms_vblank_simulate: vblank timer overrun
[  746.844652][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  746.851293][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  747.634889][T15520] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  747.648325][T15520] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  747.939510][ T5874] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  748.110834][   T25] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  748.386670][   T25] usb 2-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  748.460553][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.543809][   T25] usb 2-1: Product: syz
[  748.548041][   T25] usb 2-1: Manufacturer: syz
[  748.552819][   T25] usb 2-1: SerialNumber: syz
[  748.558817][   T25] usb 2-1: config 0 descriptor??
[  748.566193][   T25] gspca_main: sq905c-2.14.0 probing 2770:9052
[  748.622999][ T5874] usb 4-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[  748.632164][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.640737][ T5874] usb 4-1: Product: syz
[  748.644912][ T5874] usb 4-1: Manufacturer: syz
[  748.649556][ T5874] usb 4-1: SerialNumber: syz
[  748.656611][ T5874] usb 4-1: config 0 descriptor??
[  748.664152][ T5874] gspca_main: sq905c-2.14.0 probing 2770:9052
[  748.953695][T15541] block nbd5: not configured, cannot reconfigure
[  749.025630][   T25] gspca_sq905c: sq905c_read: usb_control_msg failed (-32)
[  749.033044][   T25] sq905c 2-1:0.0: Reading version command failed
[  749.042458][   T25] sq905c 2-1:0.0: probe with driver sq905c failed with error -32
[  749.232355][ T5874] gspca_sq905c: sq905c_read: usb_control_msg failed (-32)
[  749.239627][ T5874] sq905c 4-1:0.0: Reading version command failed
[  749.245992][ T5874] sq905c 4-1:0.0: probe with driver sq905c failed with error -32
[  749.247827][   T25] usb 2-1: USB disconnect, device number 47
[  749.271581][ T5874] usb 4-1: USB disconnect, device number 33
[  749.327751][T15543] xt_socket: unknown flags 0x4
[  749.824164][   T29] audit: type=1400 audit(2000000289.904:792): avc:  denied  { append } for  pid=15548 comm="syz.3.2397" name="kvm" dev="devtmpfs" ino=84 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:kvm_device_t tclass=chr_file permissive=1
[  749.922808][T15560] sp0: Synchronizing with TNC
[  749.935919][T15560] sp0: Found TNC
[  750.074485][T15565] tmpfs: Bad value for 'mpol'
[  750.079256][   T29] audit: type=1400 audit(2000000290.164:793): avc:  denied  { mounton } for  pid=15561 comm="syz.5.2400" path="/456/file0" dev="fuse" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fusefs_t tclass=dir permissive=1
[  751.009560][T15577] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2404'.
[  751.018648][T15577] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2404'.
[  751.973828][   T29] audit: type=1400 audit(2000000292.064:794): avc:  denied  { listen } for  pid=15592 comm="syz.5.2409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  751.996033][   T29] audit: type=1400 audit(2000000292.084:795): avc:  denied  { accept } for  pid=15592 comm="syz.5.2409" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  752.649657][T15601] team0: entered promiscuous mode
[  752.654771][T15601] team_slave_0: entered promiscuous mode
[  752.661038][T15601] team_slave_1: entered promiscuous mode
[  753.275240][T15598] team0: left promiscuous mode
[  753.280355][T15598] team_slave_0: left promiscuous mode
[  753.285907][T15598] team_slave_1: left promiscuous mode
[  754.285138][T15618] netlink: 830 bytes leftover after parsing attributes in process `syz.5.2417'.
[  754.823832][T15624] FAULT_INJECTION: forcing a failure.
[  754.823832][T15624] name failslab, interval 1, probability 0, space 0, times 0
[  754.837554][T15624] CPU: 0 UID: 0 PID: 15624 Comm: syz.3.2418 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  754.848314][T15624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  754.858349][T15624] Call Trace:
[  754.861613][T15624]  <TASK>
[  754.864521][T15624]  dump_stack_lvl+0x16c/0x1f0
[  754.869174][T15624]  should_fail_ex+0x497/0x5b0
[  754.873828][T15624]  ? fs_reclaim_acquire+0xae/0x150
[  754.878915][T15624]  should_failslab+0xc2/0x120
[  754.883571][T15624]  kmem_cache_alloc_lru_noprof+0x72/0x2f0
[  754.889266][T15624]  ? __d_alloc+0x31/0xaa0
[  754.893574][T15624]  __d_alloc+0x31/0xaa0
[  754.897708][T15624]  d_alloc+0x4a/0x1e0
[  754.901666][T15624]  d_alloc_parallel+0xe9/0x12b0
[  754.906510][T15624]  ? __pfx_d_alloc_parallel+0x10/0x10
[  754.911858][T15624]  ? lockdep_init_map_type+0x16d/0x7d0
[  754.917294][T15624]  ? lock_acquire.part.0+0x11b/0x380
[  754.922554][T15624]  ? lockdep_init_map_type+0x16d/0x7d0
[  754.928000][T15624]  __lookup_slow+0x194/0x460
[  754.932567][T15624]  ? __pfx___lookup_slow+0x10/0x10
[  754.937667][T15624]  ? walk_component+0x342/0x5b0
[  754.942537][T15624]  ? lookup_fast+0x155/0x540
[  754.947129][T15624]  walk_component+0x350/0x5b0
[  754.951785][T15624]  path_lookupat+0x17f/0x770
[  754.956355][T15624]  filename_lookup+0x1e5/0x5b0
[  754.961091][T15624]  ? find_held_lock+0x2d/0x110
[  754.965841][T15624]  ? __pfx_filename_lookup+0x10/0x10
[  754.971112][T15624]  ? getname_flags.part.0+0x1c5/0x550
[  754.976461][T15624]  user_path_at+0x3a/0x60
[  754.980776][T15624]  __x64_sys_chdir+0xbf/0x270
[  754.985438][T15624]  ? ksys_write+0x1ad/0x260
[  754.989923][T15624]  ? __pfx___x64_sys_chdir+0x10/0x10
[  754.995201][T15624]  do_syscall_64+0xcd/0x250
[  754.999682][T15624]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.005553][T15624] RIP: 0033:0x7f1e1117e719
[  755.010031][T15624] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.029612][T15624] RSP: 002b:00007f1e11fb3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000050
[  755.037999][T15624] RAX: ffffffffffffffda RBX: 00007f1e11335f80 RCX: 00007f1e1117e719
[  755.045957][T15624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000200000c0
[  755.053909][T15624] RBP: 00007f1e11fb3090 R08: 0000000000000000 R09: 0000000000000000
[  755.061854][T15624] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.069801][T15624] R13: 0000000000000000 R14: 00007f1e11335f80 R15: 00007ffe3f08ffb8
[  755.077752][T15624]  </TASK>
[  755.098453][T13621] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  755.282686][T13621] usb 6-1: Using ep0 maxpacket: 8
[  755.314058][T13621] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13
[  755.337925][T13621] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  755.347286][T13621] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  755.357976][T13621] usb 6-1: Product: syz
[  755.362267][T13621] usb 6-1: Manufacturer: syz
[  755.366943][T13621] usb 6-1: SerialNumber: syz
[  755.386672][T13621] usb 6-1: config 0 descriptor??
[  755.410398][T13621] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  755.419653][   T25] usb 4-1: new full-speed USB device number 34 using dummy_hcd
[  755.609677][   T25] usb 4-1: config 0 interface 0 altsetting 65 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  755.621093][   T25] usb 4-1: config 0 interface 0 altsetting 65 endpoint 0x81 has invalid wMaxPacketSize 0
[  755.631035][   T25] usb 4-1: config 0 interface 0 has no altsetting 0
[  755.637866][   T25] usb 4-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  755.647994][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.699581][   T25] usb 4-1: config 0 descriptor??
[  755.713093][   T25] usbhid 4-1:0.0: can't add hid device: -22
[  755.719228][   T25] usbhid 4-1:0.0: probe with driver usbhid failed with error -22
[  755.930235][ T5876] usb 4-1: USB disconnect, device number 34
[  756.560073][T13621] gspca_zc3xx: reg_w_i err -71
[  756.687424][T15640] team0: entered promiscuous mode
[  756.692624][T15640] team_slave_0: entered promiscuous mode
[  756.698813][T15640] team_slave_1: entered promiscuous mode
[  757.229865][T13621] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  757.236592][T13621] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  757.276414][T13621] usb 6-1: USB disconnect, device number 47
[  757.289794][T15635] team0: left promiscuous mode
[  757.294575][T15635] team_slave_0: left promiscuous mode
[  757.300039][T15635] team_slave_1: left promiscuous mode
[  757.915998][T15653] IPVS: set_ctl: invalid protocol: 51 100.1.1.1:20000
[  758.528707][T15661] netlink: 87 bytes leftover after parsing attributes in process `syz.5.2432'.
[  758.566200][T15663] xt_socket: unknown flags 0x4
[  758.660297][T13621] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  758.707274][T15668] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2432'.
[  758.847730][T13621] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  758.858852][T13621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  758.926134][T13621] usb 2-1: Product: syz
[  758.959631][T13621] usb 2-1: Manufacturer: syz
[  759.004188][T13621] usb 2-1: SerialNumber: syz
[  759.109981][T13621] usb 2-1: config 0 descriptor??
[  759.549837][T13621] usb 2-1: Firmware: major: 78, minor: 70, hardware type: UNKNOWN (36)
[  759.762520][T13621] usb 2-1: Firmware: build 
[  760.053539][T13621] usb 2-1: failed to fetch extended address, random address set
[  760.108385][T13621] usb 2-1: atusb_probe: initialization failed, error = -524
[  760.132451][T13621] atusb 2-1:0.0: probe with driver atusb failed with error -524
[  760.157913][T13621] usb 2-1: USB disconnect, device number 48
[  760.854692][   T29] audit: type=1400 audit(2000000300.944:796): avc:  denied  { create } for  pid=15682 comm="syz.1.2437" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_scsitransport_socket permissive=1
[  760.883043][   T29] audit: type=1400 audit(2000000300.974:797): avc:  denied  { mount } for  pid=15684 comm="syz.5.2438" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  761.769139][T15691] FAULT_INJECTION: forcing a failure.
[  761.769139][T15691] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  761.769862][   T29] audit: type=1400 audit(2000000301.854:798): avc:  denied  { ioctl } for  pid=15690 comm="syz.5.2440" path="socket:[48183]" dev="sockfs" ino=48183 ioctlcmd=0x89e0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  761.786571][T15691] CPU: 1 UID: 0 PID: 15691 Comm: syz.5.2440 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  761.818399][T15691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  761.818413][T15691] Call Trace:
[  761.818419][T15691]  <TASK>
[  761.818425][T15691]  dump_stack_lvl+0x16c/0x1f0
[  761.818446][T15691]  should_fail_ex+0x497/0x5b0
[  761.818466][T15691]  _copy_from_user+0x2e/0xd0
[  761.818484][T15691]  kcm_ioctl+0x2c1/0x1250
[  761.818502][T15691]  ? __pfx_kcm_ioctl+0x10/0x10
[  761.818522][T15691]  sock_do_ioctl+0x116/0x280
[  761.818544][T15691]  ? __pfx_sock_do_ioctl+0x10/0x10
[  761.818568][T15691]  ? ioctl_has_perm.constprop.0.isra.0+0x2ea/0x460
[  761.818587][T15691]  ? ioctl_has_perm.constprop.0.isra.0+0x2f3/0x460
[  761.818607][T15691]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  761.818628][T15691]  sock_ioctl+0x228/0x6c0
[  761.818650][T15691]  ? __pfx_sock_ioctl+0x10/0x10
[  761.818675][T15691]  ? selinux_file_ioctl+0x180/0x270
[  761.818692][T15691]  ? selinux_file_ioctl+0xb4/0x270
[  761.818710][T15691]  ? __pfx_sock_ioctl+0x10/0x10
[  761.818731][T15691]  __x64_sys_ioctl+0x18f/0x220
[  761.818752][T15691]  do_syscall_64+0xcd/0x250
[  761.818768][T15691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.818789][T15691] RIP: 0033:0x7f150b97e719
[  761.818802][T15691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.818821][T15691] RSP: 002b:00007f150c80b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  761.818837][T15691] RAX: ffffffffffffffda RBX: 00007f150bb35f80 RCX: 00007f150b97e719
[  761.818847][T15691] RDX: 0000000020000040 RSI: 00000000000089e0 RDI: 0000000000000005
[  761.818856][T15691] RBP: 00007f150c80b090 R08: 0000000000000000 R09: 0000000000000000
[  761.818865][T15691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  761.818875][T15691] R13: 0000000000000000 R14: 00007f150bb35f80 R15: 00007ffcd8d40678
[  761.818893][T15691]  </TASK>
[  761.908155][   T29] audit: type=1400 audit(2000000301.994:799): avc:  denied  { connect } for  pid=15692 comm="syz.1.2439" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rds_socket permissive=1
[  762.208762][    C0] vkms_vblank_simulate: vblank timer overrun
[  762.633128][T15714] FAULT_INJECTION: forcing a failure.
[  762.633128][T15714] name failslab, interval 1, probability 0, space 0, times 0
[  762.664247][T15714] CPU: 1 UID: 0 PID: 15714 Comm: syz.3.2446 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  762.675042][T15714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  762.685101][T15714] Call Trace:
[  762.688378][T15714]  <TASK>
[  762.691309][T15714]  dump_stack_lvl+0x16c/0x1f0
[  762.695995][T15714]  should_fail_ex+0x497/0x5b0
[  762.700688][T15714]  ? fs_reclaim_acquire+0xae/0x150
[  762.705805][T15714]  should_failslab+0xc2/0x120
[  762.710488][T15714]  kmem_cache_alloc_noprof+0x6e/0x2f0
[  762.715869][T15714]  ? security_file_alloc+0x34/0x2b0
[  762.721409][T15714]  security_file_alloc+0x34/0x2b0
[  762.726441][T15714]  init_file+0x93/0x230
[  762.730606][T15714]  alloc_empty_file+0x91/0x1e0
[  762.735378][T15714]  alloc_file_pseudo+0x147/0x210
[  762.740315][T15714]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  762.745751][T15714]  ? do_raw_spin_lock+0x12d/0x2c0
[  762.750760][T15714]  __anon_inode_getfile+0x136/0x3d0
[  762.755937][T15714]  ? __pfx___anon_inode_getfile+0x10/0x10
[  762.761627][T15714]  ? alloc_fd+0x2d7/0x6c0
[  762.765935][T15714]  do_epoll_create+0x31b/0x470
[  762.770673][T15714]  __x64_sys_epoll_create+0x45/0x70
[  762.775860][T15714]  do_syscall_64+0xcd/0x250
[  762.780339][T15714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  762.786209][T15714] RIP: 0033:0x7f1e1117e719
[  762.790598][T15714] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  762.810178][T15714] RSP: 002b:00007f1e11fb3038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d5
[  762.818561][T15714] RAX: ffffffffffffffda RBX: 00007f1e11335f80 RCX: 00007f1e1117e719
[  762.826506][T15714] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000e463
[  762.834461][T15714] RBP: 00007f1e11fb3090 R08: 0000000000000000 R09: 0000000000000000
[  762.842413][T15714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  762.850361][T15714] R13: 0000000000000000 R14: 00007f1e11335f80 R15: 00007ffe3f08ffb8
[  762.858316][T15714]  </TASK>
[  762.941807][T13621] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  763.119459][T13621] usb 2-1: Using ep0 maxpacket: 8
[  763.126090][T13621] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  763.136394][T13621] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  763.150086][T13621] usb 2-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  763.159363][T13621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.167748][T13621] usb 2-1: Product: syz
[  763.172214][T13621] usb 2-1: Manufacturer: syz
[  763.176814][T13621] usb 2-1: SerialNumber: syz
[  763.187447][T13621] usb 2-1: config 0 descriptor??
[  763.413441][T13621] usb 2-1: USB disconnect, device number 49
[  764.056355][T15725] FAULT_INJECTION: forcing a failure.
[  764.056355][T15725] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  764.089434][T15725] CPU: 1 UID: 0 PID: 15725 Comm: syz.1.2450 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  764.100229][T15725] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  764.110376][T15725] Call Trace:
[  764.113659][T15725]  <TASK>
[  764.116589][T15725]  dump_stack_lvl+0x16c/0x1f0
[  764.121269][T15725]  should_fail_ex+0x497/0x5b0
[  764.125952][T15725]  _copy_to_user+0x32/0xd0
[  764.130376][T15725]  simple_read_from_buffer+0xd0/0x160
[  764.135758][T15725]  proc_fail_nth_read+0x198/0x270
[  764.140800][T15725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  764.146357][T15725]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  764.151911][T15725]  vfs_read+0x1df/0xbe0
[  764.156077][T15725]  ? __fget_files+0x23a/0x3f0
[  764.160773][T15725]  ? fdget_pos+0x24c/0x360
[  764.165197][T15725]  ? __pfx_lock_release+0x10/0x10
[  764.170225][T15725]  ? trace_lock_acquire+0x14a/0x1d0
[  764.175437][T15725]  ? __pfx_vfs_read+0x10/0x10
[  764.180123][T15725]  ? __pfx___mutex_lock+0x10/0x10
[  764.185140][T15725]  ? __fget_files+0x244/0x3f0
[  764.189818][T15725]  ksys_read+0x12f/0x260
[  764.194058][T15725]  ? __pfx_ksys_read+0x10/0x10
[  764.198820][T15725]  do_syscall_64+0xcd/0x250
[  764.203307][T15725]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  764.209190][T15725] RIP: 0033:0x7f11b5b7d15c
[  764.213586][T15725] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  764.233176][T15725] RSP: 002b:00007f11b3ff6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  764.241585][T15725] RAX: ffffffffffffffda RBX: 00007f11b5d35f80 RCX: 00007f11b5b7d15c
[  764.249540][T15725] RDX: 000000000000000f RSI: 00007f11b3ff60a0 RDI: 0000000000000008
[  764.257491][T15725] RBP: 00007f11b3ff6090 R08: 0000000000000000 R09: 0000000000000000
[  764.265443][T15725] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  764.273395][T15725] R13: 0000000000000000 R14: 00007f11b5d35f80 R15: 00007ffe425599b8
[  764.281358][T15725]  </TASK>
[  764.973172][T15740] FAULT_INJECTION: forcing a failure.
[  764.973172][T15740] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  764.986442][T15740] CPU: 1 UID: 0 PID: 15740 Comm: syz.1.2453 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  764.997204][T15740] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  765.007252][T15740] Call Trace:
[  765.010525][T15740]  <TASK>
[  765.013453][T15740]  dump_stack_lvl+0x16c/0x1f0
[  765.018134][T15740]  should_fail_ex+0x497/0x5b0
[  765.022815][T15740]  _copy_from_user+0x2e/0xd0
[  765.027415][T15740]  kstrtouint_from_user+0xd7/0x1c0
[  765.032525][T15740]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  765.038248][T15740]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  765.043889][T15740]  proc_fail_nth_write+0x84/0x250
[  765.048913][T15740]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  765.054551][T15740]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  765.060181][T15740]  vfs_write+0x24c/0x1150
[  765.064518][T15740]  ? __fget_files+0x23a/0x3f0
[  765.069200][T15740]  ? fdget_pos+0x24c/0x360
[  765.073616][T15740]  ? __pfx_lock_release+0x10/0x10
[  765.078636][T15740]  ? trace_lock_acquire+0x14a/0x1d0
[  765.083841][T15740]  ? __pfx_vfs_write+0x10/0x10
[  765.088609][T15740]  ? __pfx___mutex_lock+0x10/0x10
[  765.093640][T15740]  ? __fget_files+0x244/0x3f0
[  765.098330][T15740]  ksys_write+0x12f/0x260
[  765.102657][T15740]  ? __pfx_ksys_write+0x10/0x10
[  765.107511][T15740]  do_syscall_64+0xcd/0x250
[  765.112016][T15740]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  765.117916][T15740] RIP: 0033:0x7f11b5b7d1ff
[  765.122327][T15740] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  765.141933][T15740] RSP: 002b:00007f11b3fb4030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  765.150351][T15740] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f11b5b7d1ff
[  765.158318][T15740] RDX: 0000000000000001 RSI: 00007f11b3fb40a0 RDI: 0000000000000006
[  765.166285][T15740] RBP: 00007f11b3fb4090 R08: 0000000000000000 R09: 0000000000000000
[  765.174252][T15740] R10: 0000000000002140 R11: 0000000000000293 R12: 0000000000000001
[  765.182220][T15740] R13: 0000000000000000 R14: 00007f11b5d36130 R15: 00007ffe425599b8
[  765.190204][T15740]  </TASK>
[  766.259455][T15757] xt_CT: You must specify a L4 protocol and not use inversions on it
[  767.221607][T15760] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2459'.
[  769.390810][T15781] netlink: 87 bytes leftover after parsing attributes in process `syz.3.2465'.
[  769.630279][T15788] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2465'.
[  770.909965][ T5876] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  770.979336][T15802] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2472'.
[  771.169764][ T5876] usb 6-1: Using ep0 maxpacket: 8
[  771.239277][ T5876] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=18.37
[  771.248610][ T5876] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.256785][ T5876] usb 6-1: Product: syz
[  771.261073][ T5876] usb 6-1: Manufacturer: syz
[  771.265678][ T5876] usb 6-1: SerialNumber: syz
[  771.272385][ T5876] usb 6-1: config 0 descriptor??
[  771.279886][ T5876] radio-si470x 6-1:0.0: could not find interrupt in endpoint
[  771.289548][ T5876] radio-si470x 6-1:0.0: probe with driver radio-si470x failed with error -5
[  771.534610][   T29] audit: type=1400 audit(2000000311.574:800): avc:  denied  { append } for  pid=15797 comm="syz.5.2471" name="fb0" dev="devtmpfs" ino=629 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:framebuf_device_t tclass=chr_file permissive=1
[  771.558737][    C0] vkms_vblank_simulate: vblank timer overrun
[  771.671497][T15808] fuse: Bad value for 'group_id'
[  771.726853][T15808] fuse: Bad value for 'group_id'
[  771.741130][ T5876] radio-raremono 6-1:0.0: this is not Thanko's Raremono.
[  771.756119][ T5876] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  771.799944][ T5876] usb 6-1: USB disconnect, device number 48
[  772.264538][T15818] netlink: 87 bytes leftover after parsing attributes in process `syz.1.2477'.
[  772.444144][T15821] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2477'.
[  772.770360][T15823] input: syz1 as /devices/virtual/input/input83
[  772.949975][ T5879] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  773.196157][ T5879] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  773.212113][ T5879] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  773.353129][T15831] block nbd5: not configured, cannot reconfigure
[  773.359598][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.380524][ T5879] usb 4-1: config 0 descriptor??
[  773.959768][ T5879] keytouch 0003:0926:3333.002D: fixing up Keytouch IEC report descriptor
[  773.974829][ T5879] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.002D/input/input84
[  774.156813][ T5879] keytouch 0003:0926:3333.002D: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  774.173250][    C1] usb 4-1: input irq status -75 received
[  774.542160][ T5876] usb 4-1: USB disconnect, device number 35
[  774.804162][T15850] tmpfs: Bad value for 'mpol'
[  775.149483][ T5879] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  775.329567][ T5879] usb 6-1: Using ep0 maxpacket: 8
[  775.338955][ T5879] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  775.352233][ T5879] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  775.362734][   T29] audit: type=1400 audit(2000000315.454:801): avc:  denied  { map } for  pid=15857 comm="syz.3.2489" path="socket:[48006]" dev="sockfs" ino=48006 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  775.388455][ T5879] usb 6-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  775.398413][ T5879] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.407219][ T5879] usb 6-1: Product: syz
[  775.414541][ T5879] usb 6-1: Manufacturer: syz
[  775.419148][ T5879] usb 6-1: SerialNumber: syz
[  775.426228][ T5879] usb 6-1: config 0 descriptor??
[  775.816937][ T5879] usb 6-1: USB disconnect, device number 49
[  775.946266][T15864] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2491'.
[  777.408750][T15874] block nbd3: not configured, cannot reconfigure
[  777.464085][ T5874] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  777.473222][   T29] audit: type=1400 audit(2000000317.564:802): avc:  denied  { write } for  pid=15879 comm="syz.3.2497" name="rtc0" dev="devtmpfs" ino=921 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:clock_device_t tclass=chr_file permissive=1
[  777.473417][T15877] xt_socket: unknown flags 0x4
[  777.496230][    C0] vkms_vblank_simulate: vblank timer overrun
[  777.522457][   T29] audit: type=1400 audit(2000000317.614:803): avc:  denied  { mount } for  pid=15879 comm="syz.3.2497" name="/" dev="ramfs" ino=48571 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  777.573340][   T29] audit: type=1400 audit(2000000317.664:804): avc:  denied  { unmount } for  pid=5832 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ramfs_t tclass=filesystem permissive=1
[  777.623872][ T5874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  777.641467][ T5874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  777.665591][ T5874] usb 2-1: New USB device found, idVendor=1d34, idProduct=000a, bcdDevice= 0.00
[  777.687588][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.732342][ T5874] usb 2-1: config 0 descriptor??
[  777.880975][T15885] team0: entered promiscuous mode
[  777.886124][T15885] team_slave_0: entered promiscuous mode
[  777.892218][T15885] team_slave_1: entered promiscuous mode
[  778.337637][ T5874] hid-led 0003:1D34:000A.002E: unknown main item tag 0x0
[  778.345107][ T5874] hid-led 0003:1D34:000A.002E: unknown main item tag 0x0
[  778.352230][ T5874] hid-led 0003:1D34:000A.002E: unknown main item tag 0x0
[  778.359274][ T5874] hid-led 0003:1D34:000A.002E: unknown main item tag 0x0
[  778.366494][ T5874] hid-led 0003:1D34:000A.002E: unknown main item tag 0x0
[  778.452522][T15882] team0: left promiscuous mode
[  778.457325][T15882] team_slave_0: left promiscuous mode
[  778.463439][T15882] team_slave_1: left promiscuous mode
[  778.563522][   T29] audit: type=1400 audit(2000000318.654:805): avc:  denied  { sys_nice } for  pid=15888 comm="syz.3.2500" capability=23  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=cap_userns permissive=1
[  778.697359][T15893] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2501'.
[  779.210393][T15899] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2502'.
[  779.731492][ T5874] hid-led 0003:1D34:000A.002E: probe with driver hid-led failed with error -71
[  779.745137][ T5874] usb 2-1: USB disconnect, device number 50
[  780.169526][ T5874] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  780.240143][T15910] team0: entered promiscuous mode
[  780.245261][T15910] team_slave_0: entered promiscuous mode
[  780.251609][T15910] team_slave_1: entered promiscuous mode
[  780.430945][T13621] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  780.609431][T13621] usb 6-1: Using ep0 maxpacket: 8
[  780.623350][T13621] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  780.678333][T13621] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  780.696779][T13621] usb 6-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  780.706106][T13621] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.718070][T13621] usb 6-1: Product: syz
[  780.722548][T13621] usb 6-1: Manufacturer: syz
[  780.727322][T13621] usb 6-1: SerialNumber: syz
[  780.738382][T13621] usb 6-1: config 0 descriptor??
[  780.806313][T15907] team0: left promiscuous mode
[  780.810606][ T5874] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  780.811195][T15907] team_slave_0: left promiscuous mode
[  780.827911][T15907] team_slave_1: left promiscuous mode
[  780.829442][ T5874] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  780.842504][ T5874] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.853301][ T5874] usb 2-1: config 0 descriptor??
[  780.964581][T13621] usb 6-1: USB disconnect, device number 50
[  781.269439][ T5874] keytouch 0003:0926:3333.002F: fixing up Keytouch IEC report descriptor
[  781.279163][ T5874] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.002F/input/input85
[  781.353180][ T5874] keytouch 0003:0926:3333.002F: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  781.491783][    C0] usb 2-1: input irq status -75 received
[  781.705778][T13621] usb 2-1: USB disconnect, device number 51
[  782.245093][T15928] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2511'.
[  783.096313][   T29] audit: type=1400 audit(2000000323.164:806): avc:  denied  { getopt } for  pid=15934 comm="syz.5.2514" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  783.739589][ T5879] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  783.943790][ T5879] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  783.955943][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.982107][ T5879] usb 2-1: Product: syz
[  783.986292][ T5879] usb 2-1: Manufacturer: syz
[  784.005834][ T5879] usb 2-1: SerialNumber: syz
[  784.021003][ T5879] usb 2-1: config 0 descriptor??
[  784.397334][T15961] team0: entered promiscuous mode
[  784.402541][T15961] team_slave_0: entered promiscuous mode
[  784.408811][T15961] team_slave_1: entered promiscuous mode
[  784.733061][ T5879] usb 2-1: Firmware version (0.0) predates our first public release.
[  784.806576][ T5879] usb 2-1: Please update to version 0.2 or newer
[  785.347277][T15953] team0: left promiscuous mode
[  785.352172][T15953] team_slave_0: left promiscuous mode
[  785.357637][T15953] team_slave_1: left promiscuous mode
[  785.379571][ T5879] usb 2-1: USB disconnect, device number 52
[  785.708185][T15974] FAULT_INJECTION: forcing a failure.
[  785.708185][T15974] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  785.721787][T15974] CPU: 1 UID: 0 PID: 15974 Comm: syz.1.2523 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  785.732546][T15974] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  785.742597][T15974] Call Trace:
[  785.745870][T15974]  <TASK>
[  785.748796][T15974]  dump_stack_lvl+0x16c/0x1f0
[  785.753476][T15974]  should_fail_ex+0x497/0x5b0
[  785.758157][T15974]  _copy_to_iter+0x2a1/0x1560
[  785.762840][T15974]  ? __pfx__copy_to_iter+0x10/0x10
[  785.767953][T15974]  ? __virt_addr_valid+0x1a4/0x590
[  785.773069][T15974]  ? __virt_addr_valid+0x5e/0x590
[  785.778091][T15974]  ? __phys_addr_symbol+0x30/0x80
[  785.783116][T15974]  ? __check_object_size+0x488/0x710
[  785.788404][T15974]  seq_read_iter+0xd00/0x12b0
[  785.793093][T15974]  proc_reg_read_iter+0x118/0x310
[  785.798123][T15974]  vfs_read+0x87f/0xbe0
[  785.802288][T15974]  ? __pfx_vfs_read+0x10/0x10
[  785.806981][T15974]  ? __pfx___mutex_lock+0x10/0x10
[  785.812030][T15974]  ksys_read+0x12f/0x260
[  785.816280][T15974]  ? __pfx_ksys_read+0x10/0x10
[  785.821061][T15974]  do_syscall_64+0xcd/0x250
[  785.825567][T15974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  785.831468][T15974] RIP: 0033:0x7f11b5b7e719
[  785.835882][T15974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  785.855496][T15974] RSP: 002b:00007f11b3fb4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  785.863913][T15974] RAX: ffffffffffffffda RBX: 00007f11b5d36130 RCX: 00007f11b5b7e719
[  785.871880][T15974] RDX: 0000000000002020 RSI: 0000000020000ac0 RDI: 0000000000000003
[  785.879848][T15974] RBP: 00007f11b3fb4090 R08: 0000000000000000 R09: 0000000000000000
[  785.887815][T15974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  785.895780][T15974] R13: 0000000000000001 R14: 00007f11b5d36130 R15: 00007ffe425599b8
[  785.903762][T15974]  </TASK>
[  787.109649][ T5879] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  787.617376][ T5879] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  787.628949][ T5879] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  787.638193][ T5879] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.694729][ T5879] usb 4-1: config 0 descriptor??
[  787.698144][T15998] block nbd1: not configured, cannot reconfigure
[  788.191226][ T5879] keytouch 0003:0926:3333.0030: fixing up Keytouch IEC report descriptor
[  788.201837][ T5879] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0030/input/input86
[  788.389977][ T5879] keytouch 0003:0926:3333.0030: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  788.468996][T16005] xt_socket: unknown flags 0x4
[  788.638418][ T5876] usb 4-1: USB disconnect, device number 36
[  788.648463][T13621] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  788.975305][T13621] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  788.984517][T13621] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.002865][T13621] usb 2-1: Product: syz
[  789.007134][T13621] usb 2-1: Manufacturer: syz
[  789.033105][T13621] usb 2-1: SerialNumber: syz
[  789.203804][T13621] usb 2-1: config 0 descriptor??
[  789.669989][T16016] tmpfs: Bad value for 'mpol'
[  789.753951][T13621] usb 2-1: Firmware version (0.0) predates our first public release.
[  789.763141][T13621] usb 2-1: Please update to version 0.2 or newer
[  789.793876][T13621] usb 2-1: USB disconnect, device number 53
[  789.959488][ T5936] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  790.111715][ T5936] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  790.123224][ T5936] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  790.132569][ T5936] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  790.142436][ T5936] usb 6-1: config 0 descriptor??
[  790.578848][ T5936] keytouch 0003:0926:3333.0031: fixing up Keytouch IEC report descriptor
[  790.734358][ T5936] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0031/input/input87
[  790.776200][    C0] usb 6-1: input irq status -75 received
[  791.196251][ T5936] keytouch 0003:0926:3333.0031: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  791.317950][ T5936] usb 6-1: USB disconnect, device number 51
[  791.729462][ T5872] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  791.889523][ T5872] usb 4-1: Using ep0 maxpacket: 8
[  791.896507][ T5872] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  791.912761][ T5872] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  791.933745][ T5872] usb 4-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  791.946049][ T5872] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.956824][T16041] dummy0: entered promiscuous mode
[  791.962502][ T5872] usb 4-1: Product: syz
[  791.969693][ T5872] usb 4-1: Manufacturer: syz
[  791.974313][ T5872] usb 4-1: SerialNumber: syz
[  791.985192][ T5872] usb 4-1: config 0 descriptor??
[  792.219468][ T5936] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  792.219684][ T5872] usb 4-1: USB disconnect, device number 37
[  792.369689][ T5936] usb 6-1: Using ep0 maxpacket: 8
[  792.376288][ T5936] usb 6-1: config 0 has an invalid interface number: 143 but max is 0
[  792.385785][ T5936] usb 6-1: config 0 has no interface number 0
[  792.392872][ T5936] usb 6-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b
[  792.409465][ T5936] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.430370][ T5936] usb 6-1: config 0 descriptor??
[  792.542146][ T5936] viperboard 6-1:0.143: version 0.00 found at bus 006 address 052
[  792.564801][ T5936] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100
[  792.577353][ T5936] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5
[  792.649214][ T5936] usb 6-1: USB disconnect, device number 52
[  792.746808][   T29] audit: type=1400 audit(2000000332.834:807): avc:  denied  { connect } for  pid=16044 comm="syz.1.2545" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=llc_socket permissive=1
[  795.337404][T16075] xt_socket: unknown flags 0x4
[  796.196469][ T5199] udevd[5199]: worker [13444] /devices/virtual/nfc/nfc2 is taking a long time
[  796.689484][ T5872] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  797.339415][ T5872] usb 4-1: Using ep0 maxpacket: 32
[  797.346329][ T5872] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 32, changing to 9
[  797.357832][ T5872] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  797.367903][ T5872] usb 4-1: config 0 interface 0 has no altsetting 0
[  797.374852][ T5872] usb 4-1: New USB device found, idVendor=056a, idProduct=00c4, bcdDevice= 0.00
[  797.384133][ T5872] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  797.409935][ T5872] usb 4-1: config 0 descriptor??
[  797.679571][T13621] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  797.843996][ T5872] wacom 0003:056A:00C4.0032: unknown main item tag 0x0
[  797.852552][T13621] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  797.868636][T13621] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  797.878217][ T5872] wacom 0003:056A:00C4.0032: hidraw0: USB HID v0.00 Device [HID 056a:00c4] on usb-dummy_hcd.3-1/input0
[  797.889689][T13621] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  797.902902][T13621] usb 2-1: config 0 descriptor??
[  798.117514][T11995] usb 4-1: USB disconnect, device number 38
[  798.321340][T13621] keytouch 0003:0926:3333.0033: fixing up Keytouch IEC report descriptor
[  798.346450][T13621] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0033/input/input91
[  798.584047][    C1] usb 2-1: input irq status -75 received
[  798.622751][T13621] keytouch 0003:0926:3333.0033: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  798.818866][T11995] usb 2-1: USB disconnect, device number 54
[  800.260581][   T29] audit: type=1400 audit(2000000339.854:808): avc:  denied  { watch watch_reads } for  pid=16118 comm="syz.3.2567" path=2F6D656D66643A2D42D54E49C56A9A08202864656C6574656429 dev="tmpfs" ino=285 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  800.294342][T16124] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2566'.
[  801.100559][   T29] audit: type=1400 audit(2000000341.194:809): avc:  denied  { map } for  pid=16126 comm="syz.1.2569" path="/proc/1829/task/1830/numa_maps" dev="proc" ino=49119 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=file permissive=1
[  801.323492][   T29] audit: type=1400 audit(2000000341.394:810): avc:  denied  { unmount } for  pid=5821 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  802.159779][T11995] usb 6-1: new high-speed USB device number 53 using dummy_hcd
[  802.405774][T11995] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  802.415218][T11995] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.423272][T11995] usb 6-1: Product: syz
[  802.427425][T11995] usb 6-1: Manufacturer: syz
[  802.432116][T11995] usb 6-1: SerialNumber: syz
[  802.438248][T11995] usb 6-1: config 0 descriptor??
[  802.526801][T16163] netlink: 'syz.3.2580': attribute type 8 has an invalid length.
[  802.534696][T16163] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.2580'.
[  802.971440][T11995] usb 6-1: Firmware: major: 78, minor: 70, hardware type: UNKNOWN (36)
[  803.337593][T11995] usb 6-1: failed to fetch extended address, random address set
[  803.415848][T11995] usb 6-1: atusb_probe: initialization failed, error = -524
[  803.512174][T11995] atusb 6-1:0.0: probe with driver atusb failed with error -524
[  803.807712][T11995] usb 6-1: USB disconnect, device number 53
[  803.911422][T16173] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  803.939614][   T29] audit: type=1400 audit(2000000344.024:811): avc:  denied  { getopt } for  pid=16170 comm="syz.3.2582" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  804.496779][T16177] netlink: 87 bytes leftover after parsing attributes in process `syz.5.2584'.
[  804.555428][T16180] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2583'.
[  804.559997][T16179] netlink: 87 bytes leftover after parsing attributes in process `syz.3.2585'.
[  804.681110][T16183] netlink: 80 bytes leftover after parsing attributes in process `syz.5.2584'.
[  805.202215][T16180] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2583'.
[  805.231471][T16180] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[  805.649203][T16180] CPU: 1 UID: 0 PID: 16180 Comm: syz.1.2583 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  805.660099][T16180] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  805.670151][T16180] Call Trace:
[  805.673421][T16180]  <TASK>
[  805.676332][T16180]  dump_stack_lvl+0x16c/0x1f0
[  805.681003][T16180]  sysfs_warn_dup+0x7f/0xa0
[  805.685504][T16180]  sysfs_do_create_link_sd+0x124/0x140
[  805.690956][T16180]  sysfs_create_link+0x61/0xc0
[  805.695710][T16180]  device_add+0x62e/0x1a70
[  805.700110][T16180]  ? __pfx_device_add+0x10/0x10
[  805.704939][T16180]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  805.710816][T16180]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  805.716793][T16180]  wiphy_register+0x2101/0x2d00
[  805.721634][T16180]  ? __pfx_wiphy_register+0x10/0x10
[  805.726817][T16180]  ? ieee80211_register_hw+0x2842/0x41b0
[  805.732434][T16180]  ieee80211_register_hw+0x2aaa/0x41b0
[  805.737891][T16180]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  805.743685][T16180]  ? __asan_memset+0x23/0x50
[  805.748267][T16180]  ? __hrtimer_init+0x106/0x2c0
[  805.753112][T16180]  mac80211_hwsim_new_radio+0x304e/0x54d0
[  805.758840][T16180]  ? trace_kmalloc+0x2d/0xe0
[  805.763413][T16180]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  805.769456][T16180]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  805.774715][T16180]  ? __asan_memcpy+0x3c/0x60
[  805.779279][T16180]  hwsim_new_radio_nl+0xb42/0x12b0
[  805.784368][T16180]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  805.789909][T16180]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  805.797255][T16180]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  805.804602][T16180]  genl_family_rcv_msg_doit+0x202/0x2f0
[  805.810137][T16180]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  805.816184][T16180]  ? bpf_lsm_capable+0x9/0x10
[  805.820837][T16180]  ? security_capable+0x7e/0x260
[  805.825755][T16180]  ? ns_capable+0xd7/0x110
[  805.830148][T16180]  genl_rcv_msg+0x565/0x800
[  805.834627][T16180]  ? __pfx_genl_rcv_msg+0x10/0x10
[  805.839628][T16180]  ? lockdep_hardirqs_on+0x7c/0x110
[  805.844809][T16180]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  805.850334][T16180]  netlink_rcv_skb+0x16b/0x440
[  805.855071][T16180]  ? __pfx_genl_rcv_msg+0x10/0x10
[  805.860070][T16180]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  805.865336][T16180]  ? down_read+0xc9/0x330
[  805.869641][T16180]  ? __pfx_down_read+0x10/0x10
[  805.874382][T16180]  ? rcu_is_watching+0x12/0xc0
[  805.879123][T16180]  genl_rcv+0x28/0x40
[  805.883079][T16180]  netlink_unicast+0x53c/0x7f0
[  805.887816][T16180]  ? __pfx_netlink_unicast+0x10/0x10
[  805.893073][T16180]  ? const_folio_flags.constprop.0+0x56/0x150
[  805.899120][T16180]  netlink_sendmsg+0x8b8/0xd70
[  805.903860][T16180]  ? __pfx_netlink_sendmsg+0x10/0x10
[  805.909123][T16180]  ____sys_sendmsg+0xaaf/0xc90
[  805.913878][T16180]  ? copy_msghdr_from_user+0x10b/0x160
[  805.919311][T16180]  ? __pfx_____sys_sendmsg+0x10/0x10
[  805.924578][T16180]  ? __pfx___lock_acquire+0x10/0x10
[  805.929752][T16180]  ___sys_sendmsg+0x135/0x1e0
[  805.934405][T16180]  ? __pfx____sys_sendmsg+0x10/0x10
[  805.939585][T16180]  ? lock_acquire+0x2f/0xb0
[  805.944060][T16180]  ? __fget_files+0x40/0x3f0
[  805.948632][T16180]  ? fdget+0x176/0x210
[  805.952682][T16180]  __sys_sendmsg+0x117/0x1f0
[  805.957247][T16180]  ? __pfx___sys_sendmsg+0x10/0x10
[  805.962336][T16180]  ? __x64_sys_futex+0x1e1/0x4c0
[  805.967259][T16180]  do_syscall_64+0xcd/0x250
[  805.971736][T16180]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  805.977605][T16180] RIP: 0033:0x7f11b5b7e719
[  805.981996][T16180] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  806.001578][T16180] RSP: 002b:00007f11b3fd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  806.009965][T16180] RAX: ffffffffffffffda RBX: 00007f11b5d36058 RCX: 00007f11b5b7e719
[  806.017910][T16180] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007
[  806.025855][T16180] RBP: 00007f11b5bf175e R08: 0000000000000000 R09: 0000000000000000
[  806.033801][T16180] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  806.041745][T16180] R13: 0000000000000000 R14: 00007f11b5d36058 R15: 00007ffe425599b8
[  806.049699][T16180]  </TASK>
[  807.078264][T16201] block nbd5: not configured, cannot reconfigure
[  807.510670][   T25] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  807.656172][T16209] team0: entered promiscuous mode
[  807.661322][T16209] team_slave_0: entered promiscuous mode
[  807.667535][T16209] team_slave_1: entered promiscuous mode
[  807.904622][   T25] usb 2-1: device descriptor read/64, error -71
[  808.189520][   T25] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  808.246382][T16206] team0: left promiscuous mode
[  808.251211][T16206] team_slave_0: left promiscuous mode
[  808.256660][T16206] team_slave_1: left promiscuous mode
[  808.321747][   T25] usb 2-1: device descriptor read/64, error -71
[  808.328355][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  808.334867][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  808.429890][   T25] usb usb2-port1: attempt power cycle
[  808.439491][T11995] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  808.590631][T11995] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  808.609422][T11995] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  808.618454][T11995] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.651417][T11995] usb 6-1: config 0 descriptor??
[  808.779467][   T25] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  808.799837][   T25] usb 2-1: device descriptor read/8, error -71
[  809.039464][   T25] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  809.059839][   T25] usb 2-1: device descriptor read/8, error -71
[  809.063252][T11995] keytouch 0003:0926:3333.0034: fixing up Keytouch IEC report descriptor
[  809.076197][T11995] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0034/input/input92
[  809.154075][T11995] keytouch 0003:0926:3333.0034: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  809.169712][   T25] usb usb2-port1: unable to enumerate USB device
[  809.293748][    C0] usb 6-1: input irq status -75 received
[  809.423802][T16224] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2596'.
[  809.498211][T16224] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2596'.
[  809.533349][   T25] usb 6-1: USB disconnect, device number 54
[  809.541259][T16224] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[  809.549115][T16224] CPU: 0 UID: 0 PID: 16224 Comm: syz.3.2596 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  809.559870][T16224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  809.569912][T16224] Call Trace:
[  809.573176][T16224]  <TASK>
[  809.576090][T16224]  dump_stack_lvl+0x16c/0x1f0
[  809.580757][T16224]  sysfs_warn_dup+0x7f/0xa0
[  809.585247][T16224]  sysfs_do_create_link_sd+0x124/0x140
[  809.590695][T16224]  sysfs_create_link+0x61/0xc0
[  809.595447][T16224]  device_add+0x62e/0x1a70
[  809.599851][T16224]  ? __pfx_device_add+0x10/0x10
[  809.604686][T16224]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  809.610572][T16224]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  809.616549][T16224]  wiphy_register+0x2101/0x2d00
[  809.621391][T16224]  ? __pfx_wiphy_register+0x10/0x10
[  809.626580][T16224]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  809.632643][T16224]  ieee80211_register_hw+0x2aaa/0x41b0
[  809.638102][T16224]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  809.643908][T16224]  ? __asan_memset+0x23/0x50
[  809.648481][T16224]  ? __hrtimer_init+0x106/0x2c0
[  809.653318][T16224]  mac80211_hwsim_new_radio+0x304e/0x54d0
[  809.659034][T16224]  ? trace_kmalloc+0x2d/0xe0
[  809.663617][T16224]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  809.669669][T16224]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  809.674940][T16224]  ? __asan_memcpy+0x3c/0x60
[  809.679516][T16224]  hwsim_new_radio_nl+0xb42/0x12b0
[  809.684618][T16224]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  809.690155][T16224]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  809.697513][T16224]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  809.704874][T16224]  genl_family_rcv_msg_doit+0x202/0x2f0
[  809.710408][T16224]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  809.716466][T16224]  ? netlink_ns_capable+0xfa/0x130
[  809.721569][T16224]  ? __sanitizer_cov_trace_pc+0x56/0x70
[  809.727110][T16224]  genl_rcv_msg+0x565/0x800
[  809.731606][T16224]  ? __pfx_genl_rcv_msg+0x10/0x10
[  809.736619][T16224]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  809.742159][T16224]  netlink_rcv_skb+0x16b/0x440
[  809.746905][T16224]  ? __pfx_genl_rcv_msg+0x10/0x10
[  809.751918][T16224]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  809.757197][T16224]  ? down_read+0xc9/0x330
[  809.761513][T16224]  ? __pfx_down_read+0x10/0x10
[  809.766263][T16224]  ? rcu_is_watching+0x12/0xc0
[  809.771017][T16224]  genl_rcv+0x28/0x40
[  809.774982][T16224]  netlink_unicast+0x53c/0x7f0
[  809.779732][T16224]  ? __pfx_netlink_unicast+0x10/0x10
[  809.785006][T16224]  netlink_sendmsg+0x8b8/0xd70
[  809.789759][T16224]  ? __pfx_netlink_sendmsg+0x10/0x10
[  809.795034][T16224]  ____sys_sendmsg+0xaaf/0xc90
[  809.799789][T16224]  ? copy_msghdr_from_user+0x10b/0x160
[  809.805235][T16224]  ? __pfx_____sys_sendmsg+0x10/0x10
[  809.810526][T16224]  ? __pfx___lock_acquire+0x10/0x10
[  809.815719][T16224]  ___sys_sendmsg+0x135/0x1e0
[  809.820391][T16224]  ? __pfx____sys_sendmsg+0x10/0x10
[  809.825593][T16224]  ? lock_acquire+0x2f/0xb0
[  809.830086][T16224]  ? __fget_files+0x40/0x3f0
[  809.834701][T16224]  ? fdget+0x176/0x210
[  809.838787][T16224]  __sys_sendmsg+0x117/0x1f0
[  809.843375][T16224]  ? __pfx___sys_sendmsg+0x10/0x10
[  809.848477][T16224]  ? __x64_sys_futex+0x1e1/0x4c0
[  809.853414][T16224]  do_syscall_64+0xcd/0x250
[  809.857904][T16224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  809.863791][T16224] RIP: 0033:0x7f1e1117e719
[  809.868191][T16224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  809.887783][T16224] RSP: 002b:00007f1e11f92038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  809.896185][T16224] RAX: ffffffffffffffda RBX: 00007f1e11336058 RCX: 00007f1e1117e719
[  809.904142][T16224] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007
[  809.912097][T16224] RBP: 00007f1e111f175e R08: 0000000000000000 R09: 0000000000000000
[  809.920053][T16224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  809.928008][T16224] R13: 0000000000000000 R14: 00007f1e11336058 R15: 00007ffe3f08ffb8
[  809.935989][T16224]  </TASK>
[  816.343065][T16290] team0: entered promiscuous mode
[  816.348183][T16290] team_slave_0: entered promiscuous mode
[  816.354568][T16290] team_slave_1: entered promiscuous mode
[  816.921408][T16287] team0: left promiscuous mode
[  816.926182][T16287] team_slave_0: left promiscuous mode
[  816.931698][T16287] team_slave_1: left promiscuous mode
[  818.017887][ T5936] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  818.320134][ T5936] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  818.331589][ T5936] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  818.345792][ T5936] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.425637][ T5936] usb 6-1: config 0 descriptor??
[  818.881650][ T5936] keytouch 0003:0926:3333.0035: fixing up Keytouch IEC report descriptor
[  818.892071][ T5936] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0035/input/input93
[  819.173129][ T5936] keytouch 0003:0926:3333.0035: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  819.416333][T16325] team0: entered promiscuous mode
[  819.421690][T16325] team_slave_0: entered promiscuous mode
[  819.427713][T16325] team_slave_1: entered promiscuous mode
[  819.984834][T16322] team0: left promiscuous mode
[  819.989677][T16322] team_slave_0: left promiscuous mode
[  819.995109][T16322] team_slave_1: left promiscuous mode
[  820.209068][   T25] usb 6-1: USB disconnect, device number 55
[  820.649041][T16333] fuse: Bad value for 'group_id'
[  820.654190][T16333] fuse: Bad value for 'group_id'
[  821.497543][T16344] netlink: 87 bytes leftover after parsing attributes in process `syz.1.2630'.
[  821.629779][   T25] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  821.671377][T16347] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2630'.
[  821.794469][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  821.895856][   T25] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  821.981823][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  822.142995][   T25] usb 6-1: config 0 descriptor??
[  822.389923][T16353] block nbd1: not configured, cannot reconfigure
[  822.612948][   T25] keytouch 0003:0926:3333.0036: fixing up Keytouch IEC report descriptor
[  822.646828][   T25] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0036/input/input94
[  822.689668][T13621] usb 4-1: new full-speed USB device number 39 using dummy_hcd
[  822.788668][   T25] keytouch 0003:0926:3333.0036: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  822.825741][    C1] usb 6-1: input irq status -75 received
[  822.853187][T13621] usb 4-1: device descriptor read/64, error -71
[  823.152975][T13621] usb 4-1: new full-speed USB device number 40 using dummy_hcd
[  823.339693][T13621] usb 4-1: device descriptor read/64, error -71
[  823.386227][T16216] usb 6-1: USB disconnect, device number 56
[  823.457253][T13621] usb usb4-port1: attempt power cycle
[  823.615639][T16364] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2636'.
[  823.689908][T16364] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2636'.
[  823.723434][T16364] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[  823.731639][T16364] CPU: 0 UID: 0 PID: 16364 Comm: syz.1.2636 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  823.742495][T16364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  823.752532][T16364] Call Trace:
[  823.755791][T16364]  <TASK>
[  823.758697][T16364]  dump_stack_lvl+0x16c/0x1f0
[  823.763369][T16364]  sysfs_warn_dup+0x7f/0xa0
[  823.767849][T16364]  sysfs_do_create_link_sd+0x124/0x140
[  823.773288][T16364]  sysfs_create_link+0x61/0xc0
[  823.778030][T16364]  device_add+0x62e/0x1a70
[  823.782428][T16364]  ? __pfx_device_add+0x10/0x10
[  823.787267][T16364]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  823.793150][T16364]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  823.799130][T16364]  wiphy_register+0x2101/0x2d00
[  823.803975][T16364]  ? __pfx_wiphy_register+0x10/0x10
[  823.809165][T16364]  ? ieee80211_init_rate_ctrl_alg+0x125/0x6b0
[  823.815227][T16364]  ieee80211_register_hw+0x2aaa/0x41b0
[  823.820686][T16364]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  823.826524][T16364]  ? mac80211_hwsim_new_radio+0x3046/0x54d0
[  823.832425][T16364]  mac80211_hwsim_new_radio+0x304e/0x54d0
[  823.838148][T16364]  ? trace_kmalloc+0x2d/0xe0
[  823.842735][T16364]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  823.848809][T16364]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  823.854102][T16364]  ? __asan_memcpy+0x3c/0x60
[  823.858686][T16364]  hwsim_new_radio_nl+0xb42/0x12b0
[  823.863789][T16364]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  823.869334][T16364]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  823.876702][T16364]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  823.884078][T16364]  genl_family_rcv_msg_doit+0x202/0x2f0
[  823.889615][T16364]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  823.895671][T16364]  ? bpf_lsm_capable+0x9/0x10
[  823.900335][T16364]  ? security_capable+0x7e/0x260
[  823.905265][T16364]  ? ns_capable+0xd7/0x110
[  823.909670][T16364]  genl_rcv_msg+0x565/0x800
[  823.914162][T16364]  ? __pfx_genl_rcv_msg+0x10/0x10
[  823.919172][T16364]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  823.924723][T16364]  netlink_rcv_skb+0x16b/0x440
[  823.929477][T16364]  ? __pfx_genl_rcv_msg+0x10/0x10
[  823.934493][T16364]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  823.939773][T16364]  ? down_read+0xc9/0x330
[  823.944089][T16364]  ? __pfx_down_read+0x10/0x10
[  823.948838][T16364]  ? rcu_is_watching+0x12/0xc0
[  823.953639][T16364]  genl_rcv+0x28/0x40
[  823.957617][T16364]  netlink_unicast+0x53c/0x7f0
[  823.962377][T16364]  ? __pfx_netlink_unicast+0x10/0x10
[  823.967659][T16364]  ? const_folio_flags.constprop.0+0x56/0x150
[  823.973725][T16364]  netlink_sendmsg+0x8b8/0xd70
[  823.978497][T16364]  ? __pfx_netlink_sendmsg+0x10/0x10
[  823.983776][T16364]  ? __sanitizer_cov_trace_pc+0xc/0x70
[  823.989233][T16364]  ____sys_sendmsg+0xaaf/0xc90
[  823.993992][T16364]  ? copy_msghdr_from_user+0x10b/0x160
[  823.999440][T16364]  ? __pfx_____sys_sendmsg+0x10/0x10
[  824.004722][T16364]  ? __pfx___lock_acquire+0x10/0x10
[  824.009908][T16364]  ___sys_sendmsg+0x135/0x1e0
[  824.014577][T16364]  ? __pfx____sys_sendmsg+0x10/0x10
[  824.019788][T16364]  ? lock_acquire+0x2f/0xb0
[  824.024287][T16364]  ? __fget_files+0x40/0x3f0
[  824.028877][T16364]  ? fdget+0x176/0x210
[  824.032939][T16364]  __sys_sendmsg+0x117/0x1f0
[  824.037528][T16364]  ? __pfx___sys_sendmsg+0x10/0x10
[  824.042633][T16364]  ? __pfx___schedule+0x10/0x10
[  824.047487][T16364]  do_syscall_64+0xcd/0x250
[  824.051978][T16364]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.057871][T16364] RIP: 0033:0x7f11b5b7e719
[  824.062286][T16364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  824.081879][T16364] RSP: 002b:00007f11b3fd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  824.090291][T16364] RAX: ffffffffffffffda RBX: 00007f11b5d36058 RCX: 00007f11b5b7e719
[  824.098247][T16364] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007
[  824.106201][T16364] RBP: 00007f11b5bf175e R08: 0000000000000000 R09: 0000000000000000
[  824.114156][T16364] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  824.122123][T16364] R13: 0000000000000000 R14: 00007f11b5d36058 R15: 00007ffe425599b8
[  824.130088][T16364]  </TASK>
[  824.133192][    C0] vkms_vblank_simulate: vblank timer overrun
[  824.186754][T13621] usb 4-1: new full-speed USB device number 41 using dummy_hcd
[  824.223462][T13621] usb 4-1: device descriptor read/8, error -71
[  824.509579][T13621] usb 4-1: new full-speed USB device number 42 using dummy_hcd
[  824.541903][T13621] usb 4-1: device descriptor read/8, error -71
[  824.650767][T13621] usb usb4-port1: unable to enumerate USB device
[  825.080520][T16375] fuse: Unknown parameter 'grOup_id'
[  825.584501][T16379] FAULT_INJECTION: forcing a failure.
[  825.584501][T16379] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  825.601831][T16379] CPU: 0 UID: 0 PID: 16379 Comm: syz.3.2641 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  825.612616][T16379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  825.622675][T16379] Call Trace:
[  825.625936][T16379]  <TASK>
[  825.628847][T16379]  dump_stack_lvl+0x16c/0x1f0
[  825.633514][T16379]  should_fail_ex+0x497/0x5b0
[  825.638212][T16379]  _copy_from_user+0x2e/0xd0
[  825.642817][T16379]  sctp_getsockopt+0x1923/0x74a0
[  825.647767][T16379]  ? avc_has_perm_noaudit+0x119/0x3a0
[  825.653148][T16379]  ? __pfx_lock_release+0x10/0x10
[  825.658160][T16379]  ? trace_lock_acquire+0x14a/0x1d0
[  825.663347][T16379]  ? __pfx_mark_lock+0x10/0x10
[  825.668098][T16379]  ? __pfx_sctp_getsockopt+0x10/0x10
[  825.673371][T16379]  ? __lock_acquire+0x163e/0x3ce0
[  825.678395][T16379]  ? find_held_lock+0x2d/0x110
[  825.683148][T16379]  ? __might_fault+0x13b/0x190
[  825.687901][T16379]  ? __pfx_lock_release+0x10/0x10
[  825.692909][T16379]  ? trace_lock_acquire+0x14a/0x1d0
[  825.698095][T16379]  ? lock_acquire+0x2f/0xb0
[  825.702580][T16379]  ? __might_fault+0xe3/0x190
[  825.707245][T16379]  ? __might_fault+0xe3/0x190
[  825.711910][T16379]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  825.717792][T16379]  ? do_sock_getsockopt+0x3fe/0x800
[  825.722979][T16379]  do_sock_getsockopt+0x3fe/0x800
[  825.727994][T16379]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  825.733528][T16379]  ? __fget_files+0x244/0x3f0
[  825.738204][T16379]  __sys_getsockopt+0x1a1/0x270
[  825.743041][T16379]  ? __pfx___sys_getsockopt+0x10/0x10
[  825.748398][T16379]  ? fput+0x30/0x390
[  825.752279][T16379]  ? ksys_write+0x1ad/0x260
[  825.756764][T16379]  ? __pfx_ksys_write+0x10/0x10
[  825.761601][T16379]  __x64_sys_getsockopt+0xbd/0x160
[  825.766698][T16379]  ? do_syscall_64+0x91/0x250
[  825.771359][T16379]  ? lockdep_hardirqs_on+0x7c/0x110
[  825.776547][T16379]  do_syscall_64+0xcd/0x250
[  825.781037][T16379]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.786926][T16379] RIP: 0033:0x7f1e1117e719
[  825.791324][T16379] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  825.810920][T16379] RSP: 002b:00007f1e11fb3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  825.819316][T16379] RAX: ffffffffffffffda RBX: 00007f1e11335f80 RCX: 00007f1e1117e719
[  825.827273][T16379] RDX: 0000000000000000 RSI: 0000000000000084 RDI: 0000000000000003
[  825.835228][T16379] RBP: 00007f1e11fb3090 R08: 0000000020000040 R09: 0000000000000000
[  825.843183][T16379] R10: 0000000020000000 R11: 0000000000000246 R12: 0000000000000001
[  825.851136][T16379] R13: 0000000000000000 R14: 00007f1e11335f80 R15: 00007ffe3f08ffb8
[  825.859102][T16379]  </TASK>
[  825.862137][    C0] vkms_vblank_simulate: vblank timer overrun
[  826.549623][T13621] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  826.762564][T13621] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  826.789435][T13621] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  826.815958][T13621] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  826.835154][T13621] usb 6-1: config 0 descriptor??
[  827.611910][T13621] keytouch 0003:0926:3333.0037: fixing up Keytouch IEC report descriptor
[  827.628622][T13621] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.0037/input/input95
[  827.864792][T13621] keytouch 0003:0926:3333.0037: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[  828.428383][T16403] usb 6-1: USB disconnect, device number 57
[  830.122655][T16429] netlink: 87 bytes leftover after parsing attributes in process `syz.1.2656'.
[  830.322461][T16436] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2656'.
[  830.352811][T16437] xt_socket: unknown flags 0x4
[  831.644689][T16446] netlink: 87 bytes leftover after parsing attributes in process `syz.1.2660'.
[  831.825978][T16452] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2660'.
[  832.881274][T16463] team0: entered promiscuous mode
[  832.886397][T16463] team_slave_0: entered promiscuous mode
[  832.892672][T16463] team_slave_1: entered promiscuous mode
[  833.449932][T16455] team0: left promiscuous mode
[  833.454777][T16455] team_slave_0: left promiscuous mode
[  833.460341][T16455] team_slave_1: left promiscuous mode
[  836.213196][T16403] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  836.525932][T16403] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  836.600651][T16403] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  836.701595][T16403] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  836.773186][T16403] usb 2-1: config 0 descriptor??
[  837.267764][T16403] keytouch 0003:0926:3333.0038: fixing up Keytouch IEC report descriptor
[  837.330385][T16403] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0038/input/input96
[  837.388448][T16510] netlink: 87 bytes leftover after parsing attributes in process `syz.5.2678'.
[  837.415554][T16403] keytouch 0003:0926:3333.0038: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  837.759367][    C1] usb 2-1: input irq status -75 received
[  837.967148][T16216] usb 2-1: USB disconnect, device number 59
[  839.608111][T16542] netlink: 87 bytes leftover after parsing attributes in process `syz.3.2689'.
[  839.651611][T16543] block nbd1: not configured, cannot reconfigure
[  840.909596][ T5936] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  841.115326][ T5936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  841.137556][T16567] block nbd5: not configured, cannot reconfigure
[  841.140459][ T5936] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  841.166603][ T5936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  841.352275][ T5936] usb 2-1: config 0 descriptor??
[  841.780672][ T5936] keytouch 0003:0926:3333.0039: fixing up Keytouch IEC report descriptor
[  841.795969][ T5936] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0039/input/input97
[  841.799287][T16581] netlink: 87 bytes leftover after parsing attributes in process `syz.5.2703'.
[  841.863739][ T5936] keytouch 0003:0926:3333.0039: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  842.452060][    C0] usb 2-1: input irq status -75 received
[  842.681951][ T5936] usb 2-1: USB disconnect, device number 60
[  842.955039][T16592] block nbd3: not configured, cannot reconfigure
[  843.292059][T16598] netlink: 'syz.3.2708': attribute type 8 has an invalid length.
[  843.299886][T16598] netlink: 161700 bytes leftover after parsing attributes in process `syz.3.2708'.
[  844.640210][T16618] xt_socket: unknown flags 0x4
[  847.265488][   T29] audit: type=1400 audit(2000000387.354:812): avc:  denied  { map } for  pid=16639 comm="syz.3.2721" path="socket:[51147]" dev="sockfs" ino=51147 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[  847.389593][ T5914] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  847.549434][ T5914] usb 6-1: Using ep0 maxpacket: 16
[  847.568710][ T5914] usb 6-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  847.612955][ T5914] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  847.717303][ T5914] usb 6-1: config 0 descriptor??
[  848.238532][ T5914] aquacomputer_d5next 0003:0C70:F0B6.003A: hidraw0: USB HID v0.00 Device [HID 0c70:f0b6] on usb-dummy_hcd.5-1/input0
[  848.439808][ T5914] usb 6-1: USB disconnect, device number 58
[  850.169151][T16691] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2734'.
[  850.198292][T16691] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.2734'.
[  850.214177][T16691] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[  850.222094][T16691] CPU: 0 UID: 0 PID: 16691 Comm: syz.3.2734 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  850.232845][T16691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  850.242883][T16691] Call Trace:
[  850.246136][T16691]  <TASK>
[  850.249042][T16691]  dump_stack_lvl+0x16c/0x1f0
[  850.253736][T16691]  sysfs_warn_dup+0x7f/0xa0
[  850.258227][T16691]  sysfs_do_create_link_sd+0x124/0x140
[  850.263672][T16691]  sysfs_create_link+0x61/0xc0
[  850.268427][T16691]  device_add+0x62e/0x1a70
[  850.272858][T16691]  ? __pfx_device_add+0x10/0x10
[  850.277773][T16691]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  850.283649][T16691]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  850.289612][T16691]  wiphy_register+0x2101/0x2d00
[  850.294450][T16691]  ? __pfx_wiphy_register+0x10/0x10
[  850.299629][T16691]  ? ieee80211_register_hw+0x2842/0x41b0
[  850.305257][T16691]  ? kasan_check_range+0x105/0x1a0
[  850.310361][T16691]  ieee80211_register_hw+0x2aaa/0x41b0
[  850.315806][T16691]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  850.321589][T16691]  ? net_generic+0xea/0x2a0
[  850.326072][T16691]  ? __asan_memset+0x23/0x50
[  850.330637][T16691]  ? __hrtimer_init+0x106/0x2c0
[  850.335467][T16691]  mac80211_hwsim_new_radio+0x304e/0x54d0
[  850.341172][T16691]  ? trace_kmalloc+0x2d/0xe0
[  850.345747][T16691]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  850.351789][T16691]  ? hwsim_new_radio_nl+0x9ff/0x12b0
[  850.357060][T16691]  ? __asan_memcpy+0x3c/0x60
[  850.361638][T16691]  hwsim_new_radio_nl+0xb42/0x12b0
[  850.366728][T16691]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  850.372256][T16691]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1aa/0x290
[  850.379602][T16691]  ? genl_family_rcv_msg_attrs_parse.constprop.0+0x1b4/0x290
[  850.386950][T16691]  genl_family_rcv_msg_doit+0x202/0x2f0
[  850.392473][T16691]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  850.398516][T16691]  ? bpf_lsm_capable+0x9/0x10
[  850.403167][T16691]  ? security_capable+0x7e/0x260
[  850.408084][T16691]  ? ns_capable+0xd7/0x110
[  850.412478][T16691]  genl_rcv_msg+0x565/0x800
[  850.416959][T16691]  ? __pfx_genl_rcv_msg+0x10/0x10
[  850.421969][T16691]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  850.427506][T16691]  netlink_rcv_skb+0x16b/0x440
[  850.432245][T16691]  ? __pfx_genl_rcv_msg+0x10/0x10
[  850.437245][T16691]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  850.442506][T16691]  ? down_read+0xc9/0x330
[  850.446809][T16691]  ? __pfx_down_read+0x10/0x10
[  850.451544][T16691]  ? rcu_is_watching+0x12/0xc0
[  850.456285][T16691]  genl_rcv+0x28/0x40
[  850.460242][T16691]  netlink_unicast+0x53c/0x7f0
[  850.464981][T16691]  ? __pfx_netlink_unicast+0x10/0x10
[  850.470241][T16691]  ? const_folio_flags.constprop.0+0x56/0x150
[  850.476288][T16691]  netlink_sendmsg+0x8b8/0xd70
[  850.481039][T16691]  ? __pfx_netlink_sendmsg+0x10/0x10
[  850.486302][T16691]  ____sys_sendmsg+0xaaf/0xc90
[  850.491045][T16691]  ? copy_msghdr_from_user+0x10b/0x160
[  850.496478][T16691]  ? __pfx_____sys_sendmsg+0x10/0x10
[  850.501744][T16691]  ? __pfx___lock_acquire+0x10/0x10
[  850.506917][T16691]  ___sys_sendmsg+0x135/0x1e0
[  850.511571][T16691]  ? __pfx____sys_sendmsg+0x10/0x10
[  850.516748][T16691]  ? lock_acquire+0x2f/0xb0
[  850.521223][T16691]  ? __fget_files+0x40/0x3f0
[  850.525795][T16691]  ? fdget+0x176/0x210
[  850.529842][T16691]  __sys_sendmsg+0x117/0x1f0
[  850.534405][T16691]  ? __pfx___sys_sendmsg+0x10/0x10
[  850.539494][T16691]  ? __x64_sys_futex+0x1e1/0x4c0
[  850.544416][T16691]  do_syscall_64+0xcd/0x250
[  850.548897][T16691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.554767][T16691] RIP: 0033:0x7f1e1117e719
[  850.559156][T16691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  850.578742][T16691] RSP: 002b:00007f1e11f92038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  850.587129][T16691] RAX: ffffffffffffffda RBX: 00007f1e11336058 RCX: 00007f1e1117e719
[  850.595084][T16691] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007
[  850.603028][T16691] RBP: 00007f1e111f175e R08: 0000000000000000 R09: 0000000000000000
[  850.610983][T16691] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  850.618926][T16691] R13: 0000000000000000 R14: 00007f1e11336058 R15: 00007ffe3f08ffb8
[  850.626878][T16691]  </TASK>
[  850.629902][    C0] vkms_vblank_simulate: vblank timer overrun
[  850.841805][T16216] usb 2-1: new full-speed USB device number 61 using dummy_hcd
[  850.989521][T16216] usb 2-1: device descriptor read/64, error -71
[  851.699510][T16216] usb 2-1: new full-speed USB device number 62 using dummy_hcd
[  851.839468][T16216] usb 2-1: device descriptor read/64, error -71
[  851.950247][T16216] usb usb2-port1: attempt power cycle
[  852.089462][ T5936] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  852.244389][ T5936] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  852.257116][ T5936] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  852.268905][ T5936] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  852.278684][ T5936] usb 4-1: config 0 descriptor??
[  852.286154][ T5936] pwc: Askey VC010 type 2 USB webcam detected.
[  852.299636][T16216] usb 2-1: new full-speed USB device number 63 using dummy_hcd
[  852.320143][T16216] usb 2-1: device descriptor read/8, error -71
[  852.490409][ T5936] pwc: send_video_command error -71
[  852.495665][ T5936] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  852.503268][ T5936] Philips webcam 4-1:0.0: probe with driver Philips webcam failed with error -71
[  852.514258][ T5936] usb 4-1: USB disconnect, device number 43
[  852.579517][T16216] usb 2-1: new full-speed USB device number 64 using dummy_hcd
[  852.599992][T16216] usb 2-1: device descriptor read/8, error -71
[  852.711126][T16216] usb usb2-port1: unable to enumerate USB device
[  852.959450][ T5914] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  853.130646][ T5914] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  853.144909][ T5914] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  853.169452][ T5914] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.192344][ T5914] usb 4-1: config 0 descriptor??
[  853.205954][ T5914] pwc: Askey VC010 type 2 USB webcam detected.
[  853.359244][T16717] xt_socket: unknown flags 0x4
[  853.609413][ T5914] pwc: recv_control_msg error -32 req 02 val 2b00
[  853.619954][ T5914] pwc: recv_control_msg error -32 req 02 val 2700
[  853.632645][ T5914] pwc: recv_control_msg error -32 req 02 val 2c00
[  853.642054][ T5914] pwc: recv_control_msg error -32 req 04 val 1000
[  853.652738][ T5914] pwc: recv_control_msg error -32 req 04 val 1300
[  853.664880][ T5914] pwc: recv_control_msg error -32 req 04 val 1400
[  853.675333][ T5914] pwc: recv_control_msg error -32 req 02 val 2000
[  853.685806][ T5914] pwc: recv_control_msg error -32 req 02 val 2100
[  853.697486][ T5914] pwc: recv_control_msg error -32 req 04 val 1500
[  853.710657][ T5914] pwc: recv_control_msg error -32 req 02 val 2500
[  853.722185][ T5914] pwc: recv_control_msg error -32 req 02 val 2400
[  853.734811][ T5914] pwc: recv_control_msg error -32 req 02 val 2600
[  853.747440][ T5914] pwc: recv_control_msg error -32 req 02 val 2900
[  853.760164][ T5914] pwc: recv_control_msg error -32 req 02 val 2800
[  853.774717][ T5914] pwc: recv_control_msg error -32 req 04 val 1100
[  853.793625][ T5914] pwc: Registered as video103.
[  853.816457][ T5914] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input98
[  853.995690][T16723] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2744'.
[  854.175605][T16723] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.2744'.
[  854.212323][T16723] sysfs: cannot create duplicate filename '/class/ieee80211/ü!'
[  854.220379][T16723] CPU: 0 UID: 0 PID: 16723 Comm: syz.1.2744 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  854.231154][T16723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  854.241214][T16723] Call Trace:
[  854.244519][T16723]  <TASK>
[  854.247438][T16723]  dump_stack_lvl+0x16c/0x1f0
[  854.252116][T16723]  sysfs_warn_dup+0x7f/0xa0
[  854.256609][T16723]  sysfs_do_create_link_sd+0x124/0x140
[  854.262061][T16723]  sysfs_create_link+0x61/0xc0
[  854.266812][T16723]  device_add+0x62e/0x1a70
[  854.271219][T16723]  ? __pfx_device_add+0x10/0x10
[  854.276058][T16723]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  854.281948][T16723]  ? ieee80211_set_bitrate_flags+0x249/0x6a0
[  854.287926][T16723]  wiphy_register+0x2101/0x2d00
[  854.292783][T16723]  ? __pfx_wiphy_register+0x10/0x10
[  854.297973][T16723]  ? ieee80211_register_hw+0x2a80/0x41b0
[  854.303601][T16723]  ieee80211_register_hw+0x2aaa/0x41b0
[  854.309060][T16723]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  854.314878][T16723]  ? mac80211_hwsim_new_radio+0x3046/0x54d0
[  854.320762][T16723]  mac80211_hwsim_new_radio+0x304e/0x54d0
[  854.326481][T16723]  ? kasan_check_range+0x111/0x1a0
[  854.331582][T16723]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  854.337635][T16723]  ? __asan_memcpy+0x3c/0x60
[  854.342214][T16723]  hwsim_new_radio_nl+0xb42/0x12b0
[  854.347325][T16723]  ? mark_held_locks+0x9f/0xe0
[  854.352074][T16723]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  854.357613][T16723]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  854.363148][T16723]  genl_family_rcv_msg_doit+0x202/0x2f0
[  854.368683][T16723]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  854.374742][T16723]  ? ns_capable+0xd7/0x110
[  854.379143][T16723]  ? netlink_ns_capable+0xf5/0x130
[  854.384248][T16723]  genl_rcv_msg+0x565/0x800
[  854.388753][T16723]  ? __pfx_genl_rcv_msg+0x10/0x10
[  854.393768][T16723]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  854.399305][T16723]  netlink_rcv_skb+0x16b/0x440
[  854.404054][T16723]  ? __pfx_genl_rcv_msg+0x10/0x10
[  854.409067][T16723]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  854.414343][T16723]  ? down_read+0xc9/0x330
[  854.418658][T16723]  ? __pfx_down_read+0x10/0x10
[  854.423406][T16723]  ? rcu_is_watching+0x12/0xc0
[  854.428161][T16723]  genl_rcv+0x28/0x40
[  854.432127][T16723]  netlink_unicast+0x53c/0x7f0
[  854.436877][T16723]  ? __pfx_netlink_unicast+0x10/0x10
[  854.442146][T16723]  ? const_folio_flags.constprop.0+0x56/0x150
[  854.448203][T16723]  netlink_sendmsg+0x8b8/0xd70
[  854.452956][T16723]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.458228][T16723]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.463498][T16723]  ? ____sys_sendmsg+0x600/0xc90
[  854.468431][T16723]  ____sys_sendmsg+0xaaf/0xc90
[  854.473191][T16723]  ? copy_msghdr_from_user+0x10b/0x160
[  854.478635][T16723]  ? __pfx_____sys_sendmsg+0x10/0x10
[  854.483912][T16723]  ? find_held_lock+0x2d/0x110
[  854.488684][T16723]  ___sys_sendmsg+0x135/0x1e0
[  854.493350][T16723]  ? __pfx____sys_sendmsg+0x10/0x10
[  854.498535][T16723]  ? lockdep_hardirqs_on+0x7c/0x110
[  854.503762][T16723]  __sys_sendmsg+0x117/0x1f0
[  854.508341][T16723]  ? __pfx___sys_sendmsg+0x10/0x10
[  854.513456][T16723]  do_syscall_64+0xcd/0x250
[  854.517948][T16723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.523831][T16723] RIP: 0033:0x7f11b5b7e719
[  854.528231][T16723] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.547837][T16723] RSP: 002b:00007f11b3fd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  854.556234][T16723] RAX: ffffffffffffffda RBX: 00007f11b5d36058 RCX: 00007f11b5b7e719
[  854.564209][T16723] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000007
[  854.572165][T16723] RBP: 00007f11b5bf175e R08: 0000000000000000 R09: 0000000000000000
[  854.580118][T16723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  854.588073][T16723] R13: 0000000000000000 R14: 00007f11b5d36058 R15: 00007ffe425599b8
[  854.596039][T16723]  </TASK>
[  854.599081][    C0] vkms_vblank_simulate: vblank timer overrun
[  854.656053][ T5914] usb 4-1: USB disconnect, device number 44
[  854.733039][   T29] audit: type=1400 audit(2000000394.824:813): avc:  denied  { accept } for  pid=16725 comm="syz.1.2745" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1
[  857.639601][   T45] usb 4-1: new full-speed USB device number 45 using dummy_hcd
[  857.846538][   T45] usb 4-1: unable to get BOS descriptor or descriptor too short
[  857.877221][   T45] usb 4-1: not running at top speed; connect to a high speed hub
[  857.894203][   T45] usb 4-1: config 64 has an invalid interface number: 16 but max is 0
[  857.933724][   T45] usb 4-1: config 64 has no interface number 0
[  857.972734][   T45] usb 4-1: config 64 interface 16 altsetting 6 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  858.003519][   T45] usb 4-1: config 64 interface 16 altsetting 6 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  858.060462][   T45] usb 4-1: config 64 interface 16 altsetting 6 endpoint 0x8F has invalid maxpacket 73, setting to 64
[  858.066207][ T5876] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  858.073945][   T45] usb 4-1: config 64 interface 16 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  858.092285][   T45] usb 4-1: config 64 interface 16 has no altsetting 0
[  858.100719][   T45] usb 4-1: New USB device found, idVendor=040b, idProduct=6521, bcdDevice=3c.11
[  858.110244][   T45] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  858.118230][   T45] usb 4-1: Product: syz
[  858.122472][   T45] usb 4-1: Manufacturer: syz
[  858.127056][   T45] usb 4-1: SerialNumber: syz
[  858.134145][T16754] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  858.239441][ T5876] usb 6-1: Using ep0 maxpacket: 8
[  858.245808][ T5876] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  858.310983][ T5876] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  858.321208][ T5876] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  858.332075][ T5876] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  858.341346][ T5876] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  858.350182][ T5876] usb 6-1: Product: syz
[  858.354432][ T5876] usb 6-1: Manufacturer: syz
[  858.359036][ T5876] usb 6-1: SerialNumber: syz
[  858.409470][   T45] rc_core: IR keymap rc-xbox-dvd not found
[  858.415326][   T45] Registered IR keymap rc-empty
[  858.422045][   T45] rc rc0: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:64.16/rc/rc0
[  858.432315][   T45] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:64.16/rc/rc0/input99
[  858.447809][   T45] usb 4-1: USB disconnect, device number 45
[  858.453803][    C1] xbox_remote 4-1:64.16: xbox_remote_irq_in: usb_submit_urb()=-19
[  858.569464][T16403] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  858.579602][ T5876] usb 6-1: 0:2 : does not exist
[  858.589312][ T5876] usb 6-1: USB disconnect, device number 59
[  858.742919][T16403] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  858.752047][T16403] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  858.760074][T16403] usb 2-1: Product: syz
[  858.761570][T13261] udevd[13261]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  858.764216][T16403] usb 2-1: Manufacturer: syz
[  858.764233][T16403] usb 2-1: SerialNumber: syz
[  858.790349][T16403] usb 2-1: config 0 descriptor??
[  859.276859][T16403] usb 2-1: Firmware: major: 78, minor: 70, hardware type: UNKNOWN (36)
[  859.490636][T16403] usb 2-1: failed to fetch extended address, random address set
[  859.501818][T16403] usb 2-1: atusb_probe: initialization failed, error = -524
[  859.551292][T16403] atusb 2-1:0.0: probe with driver atusb failed with error -524
[  859.576881][T16403] usb 2-1: USB disconnect, device number 65
[  860.649917][T16216] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  861.233542][T16216] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  861.244816][T16216] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  861.253947][T16216] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  861.264992][T16216] usb 2-1: config 0 descriptor??
[  861.339533][ T5876] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  861.489474][ T5876] usb 4-1: Using ep0 maxpacket: 8
[  861.496605][ T5876] usb 4-1: too many configurations: 249, using maximum allowed: 8
[  861.518930][ T5876] usb 4-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=b3.ff
[  861.528878][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2
[  861.537132][ T5876] usb 4-1: Product: syz
[  861.548582][ T5876] usb 4-1: Manufacturer: syz
[  861.554690][ T5876] usb 4-1: SerialNumber: syz
[  861.662642][ T5876] usb 4-1: config 0 descriptor??
[  861.769655][T16216] keytouch 0003:0926:3333.003B: fixing up Keytouch IEC report descriptor
[  861.905707][T16216] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.003B/input/input100
[  861.919767][    C0] usb 2-1: input irq status -75 received
[  861.994091][T16216] keytouch 0003:0926:3333.003B: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  862.031035][T16794] netlink: 116 bytes leftover after parsing attributes in process `syz.3.2769'.
[  862.062524][ T5876] mdc800 4-1:0.0: probe fails -> wrong Number of Configuration
[  862.077305][ T5876] usb 4-1: USB disconnect, device number 46
[  862.132258][ T5914] usb 2-1: USB disconnect, device number 66
[  862.556925][T16808] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  863.071116][   T29] audit: type=1400 audit(2000000403.164:814): avc:  denied  { write } for  pid=16813 comm="syz.1.2776" name="usbmon0" dev="devtmpfs" ino=721 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  863.786545][T16818] ubi0: attaching mtd0
[  863.823880][T16818] ubi0: scanning is finished
[  863.828671][T16818] ubi0: empty MTD device detected
[  863.908699][   T29] audit: type=1326 audit(2000000403.994:815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16819 comm="syz.5.2777" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f150b97e719 code=0x0
[  864.043715][   T29] audit: type=1400 audit(2000000404.134:816): avc:  denied  { map } for  pid=16819 comm="syz.5.2777" path="/dev/full" dev="devtmpfs" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:null_device_t tclass=chr_file permissive=1
[  864.061075][T16818] ubi0 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt0d", error -4
[  865.039904][T16840] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2783'.
[  865.075848][T16840] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2783'.
[  865.193407][   T29] audit: type=1326 audit(2000000405.284:817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=16838 comm="syz.3.2783" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e1117e719 code=0x0
[  866.819061][T16862] team0: entered promiscuous mode
[  866.824218][T16862] team_slave_0: entered promiscuous mode
[  866.830288][T16862] team_slave_1: entered promiscuous mode
[  867.421521][T16857] team0: left promiscuous mode
[  867.426413][T16857] team_slave_0: left promiscuous mode
[  867.433914][T16857] team_slave_1: left promiscuous mode
[  868.220350][T16216] usb 6-1: new full-speed USB device number 60 using dummy_hcd
[  868.461362][T16216] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  868.471596][T16216] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  868.483349][T16216] usb 6-1: New USB device found, idVendor=1e71, idProduct=2010, bcdDevice= 0.00
[  868.492493][T16216] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.506872][T16216] usb 6-1: config 0 descriptor??
[  868.742311][ T5876] usb 6-1: USB disconnect, device number 60
[  868.779735][T16216] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  868.956077][T16216] usb 4-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  868.966150][T16216] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  868.976016][T16216] usb 4-1: Product: syz
[  868.982029][T16216] usb 4-1: Manufacturer: syz
[  868.986726][T16216] usb 4-1: SerialNumber: syz
[  868.994994][T16216] usb 4-1: config 0 descriptor??
[  869.418948][T16216] usb 4-1: Firmware version (0.0) predates our first public release.
[  869.441014][T16216] usb 4-1: Please update to version 0.2 or newer
[  869.494264][T16216] usb 4-1: USB disconnect, device number 47
[  869.722638][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  869.731528][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  870.990994][   T30] INFO: task syz-executor:5825 blocked for more than 143 seconds.
[  870.998882][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  871.006721][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  871.015452][   T30] task:syz-executor    state:D stack:22448 pid:5825  tgid:5825  ppid:1      flags:0x00004006
[  871.025979][   T30] Call Trace:
[  871.254542][   T30]  <TASK>
[  871.292931][   T30]  __schedule+0xe55/0x5740
[  871.325732][T16909] netlink: 87 bytes leftover after parsing attributes in process `syz.3.2803'.
[  871.361399][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  871.397994][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  871.410616][   T30]  ? __pfx___schedule+0x10/0x10
[  871.415505][   T30]  ? schedule+0x298/0x350
[  871.424688][   T30]  ? __pfx_lock_release+0x10/0x10
[  871.432288][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  871.437536][   T30]  ? lock_acquire+0x2f/0xb0
[  871.443985][   T30]  ? schedule+0x1fd/0x350
[  871.448339][   T30]  schedule+0xe7/0x350
[  871.454530][   T30]  schedule_preempt_disabled+0x13/0x30
[  871.466000][   T30]  __mutex_lock+0x5b8/0x9c0
[  871.475731][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  871.486051][   T30]  ? rfkill_unregister+0xde/0x2c0
[  871.495945][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  871.506308][   T30]  ? device_del+0x6b6/0x9f0
[  871.515643][   T30]  ? __pfx_device_del+0x10/0x10
[  871.524135][   T30]  ? _raw_read_unlock+0x28/0x50
[  871.529290][   T30]  ? rfkill_unregister+0xde/0x2c0
[  871.534736][   T30]  rfkill_unregister+0xde/0x2c0
[  871.580777][   T30]  hci_unregister_dev+0x323/0x620
[  871.650201][   T30]  ? __pfx_vhci_release+0x10/0x10
[  871.655384][   T30]  vhci_release+0x79/0xf0
[  871.659880][   T30]  __fput+0x3f6/0xb60
[  871.663924][   T30]  task_work_run+0x14e/0x250
[  871.668593][   T30]  ? __pfx_task_work_run+0x10/0x10
[  871.683724][   T30]  ? do_raw_spin_unlock+0x172/0x230
[  871.689146][   T30]  do_exit+0xadd/0x2d70
[  871.693504][   T30]  ? get_signal+0x8f2/0x2770
[  871.698215][   T30]  ? __pfx_do_exit+0x10/0x10
[  871.716908][   T30]  ? do_raw_spin_lock+0x12d/0x2c0
[  871.727427][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  871.738374][   T30]  do_group_exit+0xd3/0x2a0
[  871.747380][   T30]  get_signal+0x25fb/0x2770
[  871.757394][   T30]  ? __pfx_child_wait_callback+0x10/0x10
[  871.769556][   T30]  ? __pfx_get_signal+0x10/0x10
[  871.782634][   T30]  ? __do_sys_wait4+0xd2/0x170
[  871.792726][   T30]  arch_do_signal_or_restart+0x90/0x7e0
[  871.803731][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  871.816460][   T30]  syscall_exit_to_user_mode+0x150/0x2a0
[  871.829642][   T30]  do_syscall_64+0xda/0x250
[  871.839533][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  871.850761][   T30] RIP: 0033:0x7f2912f74997
[  871.860457][   T30] RSP: 002b:00007ffe03c3b750 EFLAGS: 00000293 ORIG_RAX: 000000000000003d
[  871.876457][   T30] RAX: fffffffffffffe00 RBX: 0000000000000678 RCX: 00007f2912f74997
[  871.890985][   T30] RDX: 0000000040000000 RSI: 00007ffe03c3b7ac RDI: 00000000ffffffff
[  871.908542][   T30] RBP: 00007ffe03c3b7ac R08: 0000000000000000 R09: 00007f2913dc4080
[  871.924166][   T30] R10: 0000000000000000 R11: 0000000000000293 R12: 00005555672f75eb
[  871.940813][   T30] R13: 00005555672f7590 R14: 00000000000ad6ac R15: 00007ffe03c3b800
[  871.955264][   T30]  </TASK>
[  871.962795][   T30] INFO: task kworker/1:4:5875 blocked for more than 144 seconds.
[  871.980932][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  871.992905][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  872.015870][   T30] task:kworker/1:4     state:D stack:17856 pid:5875  tgid:5875  ppid:2      flags:0x00004000
[  872.034302][   T30] Workqueue: events rfkill_global_led_trigger_worker
[  872.050104][   T30] Call Trace:
[  872.059298][   T30]  <TASK>
[  872.067544][   T30]  __schedule+0xe55/0x5740
[  872.080762][   T30]  ? __pfx_mark_lock+0x10/0x10
[  872.095381][   T30]  ? lock_acquire.part.0+0x11b/0x380
[  872.109424][   T30]  ? find_held_lock+0x2d/0x110
[  872.114400][   T30]  ? __pfx___schedule+0x10/0x10
[  872.119681][   T30]  ? schedule+0x298/0x350
[  872.124611][   T30]  ? __pfx_lock_release+0x10/0x10
[  872.131167][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  872.137721][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  872.144176][   T30]  schedule+0xe7/0x350
[  872.148610][   T30]  schedule_preempt_disabled+0x13/0x30
[  872.155196][   T30]  __mutex_lock+0x5b8/0x9c0
[  872.166128][   T30]  ? lock_acquire+0x2f/0xb0
[  872.172665][   T30]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[  872.179188][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  872.185997][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  872.194848][   T30]  ? process_one_work+0x921/0x1ba0
[  872.202125][   T30]  ? rfkill_global_led_trigger_worker+0x1b/0x160
[  872.210208][   T30]  rfkill_global_led_trigger_worker+0x1b/0x160
[  872.217361][   T30]  process_one_work+0x9c5/0x1ba0
[  872.232745][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  872.243038][   T30]  ? __pfx_process_one_work+0x10/0x10
[  872.249612][   T30]  ? assign_work+0x1a0/0x250
[  872.254435][   T30]  worker_thread+0x6c8/0xf00
[  872.259205][   T30]  ? __pfx_worker_thread+0x10/0x10
[  872.265155][   T30]  kthread+0x2c1/0x3a0
[  872.271505][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  872.276843][   T30]  ? __pfx_kthread+0x10/0x10
[  872.282246][   T30]  ret_from_fork+0x45/0x80
[  872.286914][   T30]  ? __pfx_kthread+0x10/0x10
[  872.292033][   T30]  ret_from_fork_asm+0x1a/0x30
[  872.297474][   T30]  </TASK>
[  872.300838][   T30] INFO: task udevd:13444 blocked for more than 144 seconds.
[  872.308363][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  872.316694][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  872.326410][   T30] task:udevd           state:D stack:25568 pid:13444 tgid:13444 ppid:5199   flags:0x00000002
[  872.337108][   T30] Call Trace:
[  872.341148][   T30]  <TASK>
[  872.344286][   T30]  __schedule+0xe55/0x5740
[  872.350807][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  872.356234][   T30]  ? lockdep_hardirqs_on_prepare+0x391/0x420
[  872.362755][   T30]  ? __pfx___schedule+0x10/0x10
[  872.367996][   T30]  ? schedule+0x298/0x350
[  872.373377][   T30]  ? __pfx_lock_release+0x10/0x10
[  872.378844][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  872.391092][   T30]  ? lock_acquire+0x2f/0xb0
[  872.396122][   T30]  ? schedule+0x1fd/0x350
[  872.402653][   T30]  schedule+0xe7/0x350
[  872.406834][   T30]  schedule_preempt_disabled+0x13/0x30
[  872.413553][   T30]  __mutex_lock+0x5b8/0x9c0
[  872.418252][   T30]  ? uevent_show+0x188/0x3b0
[  872.424470][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  872.433922][   T30]  ? uevent_show+0x188/0x3b0
[  872.438693][   T30]  uevent_show+0x188/0x3b0
[  872.446579][   T30]  ? __pfx_uevent_show+0x10/0x10
[  872.453166][   T30]  dev_attr_show+0x53/0xe0
[  872.458588][   T30]  ? __pfx_dev_attr_show+0x10/0x10
[  872.464572][   T30]  sysfs_kf_seq_show+0x23e/0x410
[  872.470134][   T30]  seq_read_iter+0x4f4/0x12b0
[  872.475695][   T30]  kernfs_fop_read_iter+0x414/0x580
[  872.485365][   T30]  ? rw_verify_area+0xd0/0x700
[  872.490512][   T30]  vfs_read+0x87f/0xbe0
[  872.499567][   T30]  ? __pfx_vfs_read+0x10/0x10
[  872.504312][   T30]  ? kvm_sched_clock_read+0x11/0x20
[  872.511385][   T30]  ? sched_clock+0x38/0x60
[  872.517242][   T30]  ? sched_clock_cpu+0x6d/0x4d0
[  872.535509][   T30]  ksys_read+0x12f/0x260
[  872.540744][   T30]  ? __pfx_ksys_read+0x10/0x10
[  872.545872][   T30]  ? trace_csd_function_exit+0x173/0x1f0
[  872.554045][   T30]  ? __pfx___rdmsr_safe_on_cpu+0x10/0x10
[  872.560564][   T30]  do_syscall_64+0xcd/0x250
[  872.566020][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  872.574768][   T30] RIP: 0033:0x7f0bc8716b6a
[  872.580219][   T30] RSP: 002b:00007ffe84b07238 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  872.590111][   T30] RAX: ffffffffffffffda RBX: 000055651ab9f8e0 RCX: 00007f0bc8716b6a
[  872.598326][   T30] RDX: 0000000000001000 RSI: 000055651abad720 RDI: 0000000000000008
[  872.607239][   T30] RBP: 000055651ab9f8e0 R08: 0000000000000008 R09: 0000000001000000
[  872.615764][   T30] R10: 000000000000010f R11: 0000000000000246 R12: 0000000000000000
[  872.624169][   T30] R13: 0000000000003fff R14: 00007ffe84b07718 R15: 000000000000000a
[  872.632578][   T30]  </TASK>
[  872.635904][   T30] INFO: task kworker/1:2:13620 blocked for more than 145 seconds.
[  872.646485][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  872.654435][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  872.664925][   T30] task:kworker/1:2     state:D stack:22272 pid:13620 tgid:13620 ppid:2      flags:0x00004000
[  872.684489][   T30] Workqueue: events rfkill_sync_work
[  872.701683][   T30] Call Trace:
[  872.714454][   T30]  <TASK>
[  872.719608][   T30]  __schedule+0xe55/0x5740
[  872.729744][   T30]  ? __pfx_mark_lock+0x10/0x10
[  872.736517][   T30]  ? lock_acquire.part.0+0x11b/0x380
[  872.747968][   T30]  ? find_held_lock+0x2d/0x110
[  872.757042][   T30]  ? __pfx___schedule+0x10/0x10
[  872.762683][   T30]  ? schedule+0x298/0x350
[  872.767205][   T30]  ? __pfx_lock_release+0x10/0x10
[  872.773008][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  872.778534][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  872.784181][   T30]  schedule+0xe7/0x350
[  872.789001][   T30]  schedule_preempt_disabled+0x13/0x30
[  872.797164][   T30]  __mutex_lock+0x5b8/0x9c0
[  872.803204][   T30]  ? nfc_dev_down+0x2d/0x2e0
[  872.808656][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  872.815197][   T30]  ? find_held_lock+0x2d/0x110
[  872.822291][   T30]  ? rfkill_set_block+0x198/0x560
[  872.828561][   T30]  ? __pfx_lock_release+0x10/0x10
[  872.834054][   T30]  ? nfc_dev_down+0x2d/0x2e0
[  872.841892][   T30]  nfc_dev_down+0x2d/0x2e0
[  872.847264][   T30]  nfc_rfkill_set_block+0x39/0xe0
[  872.852710][   T30]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[  872.859292][   T30]  rfkill_set_block+0x203/0x560
[  872.864625][   T30]  rfkill_sync+0x10a/0x1c0
[  872.869060][   T30]  rfkill_sync_work+0x27/0x40
[  872.874854][   T30]  process_one_work+0x9c5/0x1ba0
[  872.880037][   T30]  ? __pfx_lock_acquire.part.0+0x10/0x10
[  872.885849][   T30]  ? __pfx_process_one_work+0x10/0x10
[  872.892815][   T30]  ? assign_work+0x1a0/0x250
[  872.898203][   T30]  worker_thread+0x6c8/0xf00
[  872.904859][   T30]  ? __pfx_worker_thread+0x10/0x10
[  872.910514][   T30]  kthread+0x2c1/0x3a0
[  872.914601][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  872.923714][   T30]  ? __pfx_kthread+0x10/0x10
[  872.928329][   T30]  ret_from_fork+0x45/0x80
[  872.933223][   T30]  ? __pfx_kthread+0x10/0x10
[  872.937894][   T30]  ret_from_fork_asm+0x1a/0x30
[  872.946075][   T30]  </TASK>
[  872.949208][   T30] INFO: task syz.0.2243:15039 blocked for more than 145 seconds.
[  872.958964][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  872.970739][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  872.982108][   T30] task:syz.0.2243      state:D stack:26400 pid:15039 tgid:15038 ppid:5829   flags:0x00004004
[  872.993436][   T30] Call Trace:
[  872.996725][   T30]  <TASK>
[  873.002704][   T30]  __schedule+0xe55/0x5740
[  873.007150][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.012716][   T30]  ? lockdep_hardirqs_on_prepare+0x391/0x420
[  873.018793][   T30]  ? __pfx___schedule+0x10/0x10
[  873.025341][   T30]  ? schedule+0x298/0x350
[  873.029909][   T30]  ? __pfx_lock_release+0x10/0x10
[  873.034999][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.040672][   T30]  ? lock_acquire+0x2f/0xb0
[  873.045232][   T30]  ? schedule+0x1fd/0x350
[  873.049885][   T30]  schedule+0xe7/0x350
[  873.053968][   T30]  schedule_preempt_disabled+0x13/0x30
[  873.059821][   T30]  __mutex_lock+0x5b8/0x9c0
[  873.064333][   T30]  ? __pfx___debug_object_init+0x10/0x10
[  873.070356][   T30]  ? rfkill_register+0x3a/0xb40
[  873.075226][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  873.080696][   T30]  ? lockdep_init_map_type+0x16d/0x7d0
[  873.086199][   T30]  ? __init_waitqueue_head+0xca/0x150
[  873.091711][   T30]  ? rfkill_register+0x3a/0xb40
[  873.096582][   T30]  ? rfkill_alloc+0x25b/0x330
[  873.101329][   T30]  rfkill_register+0x3a/0xb40
[  873.106065][   T30]  hci_register_dev+0x3cc/0xc60
[  873.110993][   T30]  hci_uart_tty_ioctl+0x7d0/0xc10
[  873.116020][   T30]  ? __pfx_hci_uart_tty_ioctl+0x10/0x10
[  873.121631][   T30]  tty_ioctl+0x6ee/0x15d0
[  873.125961][   T30]  ? __pfx_tty_ioctl+0x10/0x10
[  873.130804][   T30]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[  873.137668][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.142972][   T30]  ? selinux_file_ioctl+0x180/0x270
[  873.148181][   T30]  ? selinux_file_ioctl+0xb4/0x270
[  873.153525][   T30]  ? __pfx_tty_ioctl+0x10/0x10
[  873.158289][   T30]  __x64_sys_ioctl+0x18f/0x220
[  873.163129][   T30]  do_syscall_64+0xcd/0x250
[  873.167631][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.173572][   T30] RIP: 0033:0x7f137077e719
[  873.177999][   T30] RSP: 002b:00007f13715ed038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  873.186482][   T30] RAX: ffffffffffffffda RBX: 00007f1370935f80 RCX: 00007f137077e719
[  873.194495][   T30] RDX: 0000000000000004 RSI: 00000000400455c8 RDI: 0000000000000003
[  873.202537][   T30] RBP: 00007f13707f175e R08: 0000000000000000 R09: 0000000000000000
[  873.210541][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  873.218489][   T30] R13: 0000000000000000 R14: 00007f1370935f80 R15: 00007ffcaef1ebc8
[  873.226573][   T30]  </TASK>
[  873.229707][   T30] INFO: task syz.4.2248:15048 blocked for more than 145 seconds.
[  873.237418][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  873.245109][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  873.253817][   T30] task:syz.4.2248      state:D stack:24960 pid:15048 tgid:15048 ppid:5825   flags:0x00004004
[  873.264178][   T30] Call Trace:
[  873.267453][   T30]  <TASK>
[  873.270456][   T30]  __schedule+0xe55/0x5740
[  873.274898][   T30]  ? __pfx___schedule+0x10/0x10
[  873.279851][   T30]  ? schedule+0x298/0x350
[  873.284195][   T30]  ? __pfx_lock_release+0x10/0x10
[  873.289222][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.294478][   T30]  ? lock_acquire+0x2f/0xb0
[  873.298991][   T30]  ? schedule+0x1fd/0x350
[  873.303398][   T30]  schedule+0xe7/0x350
[  873.307486][   T30]  schedule_timeout+0x258/0x2a0
[  873.312449][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  873.317825][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  873.323087][   T30]  __wait_for_common+0x3e1/0x600
[  873.328027][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  873.333460][   T30]  ? __pfx___wait_for_common+0x10/0x10
[  873.338923][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.344200][   T30]  ? lock_acquire+0x2f/0xb0
[  873.348698][   T30]  ? __flush_work+0x46d/0xc30
[  873.354891][   T30]  __flush_work+0x776/0xc30
[  873.359469][   T30]  ? __pfx___flush_work+0x10/0x10
[  873.364494][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  873.369961][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  873.374987][   T30]  ? __pfx___might_resched+0x10/0x10
[  873.380348][   T30]  __cancel_work_sync+0x10c/0x130
[  873.385373][   T30]  rfkill_unregister+0x95/0x2c0
[  873.390282][   T30]  nfc_unregister_device+0x94/0x330
[  873.395482][   T30]  ? __pfx_virtual_ncidev_close+0x10/0x10
[  873.401273][   T30]  virtual_ncidev_close+0x4b/0xa0
[  873.406305][   T30]  __fput+0x3f6/0xb60
[  873.410361][   T30]  task_work_run+0x14e/0x250
[  873.414957][   T30]  ? __pfx_task_work_run+0x10/0x10
[  873.420154][   T30]  syscall_exit_to_user_mode+0x27b/0x2a0
[  873.425799][   T30]  do_syscall_64+0xda/0x250
[  873.430382][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.436278][   T30] RIP: 0033:0x7f2912f7e719
[  873.440759][   T30] RSP: 002b:00007ffe03c3b548 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  873.449170][   T30] RAX: 0000000000000000 RBX: 00007f2913137a80 RCX: 00007f2912f7e719
[  873.457173][   T30] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[  873.465235][   T30] RBP: 00007f2913137a80 R08: 00007f2913122000 R09: 00007ffe03c3b83f
[  873.478275][   T30] R10: 00000000005f102c R11: 0000000000000246 R12: 00000000000ad9f0
[  873.486499][   T30] R13: 00007ffe03c3b650 R14: 0000000000000032 R15: ffffffffffffffff
[  873.494631][   T30]  </TASK>
[  873.497666][   T30] INFO: task syz-executor:15245 blocked for more than 145 seconds.
[  873.505613][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  873.513274][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  873.521964][   T30] task:syz-executor    state:D stack:27712 pid:15245 tgid:15245 ppid:1      flags:0x00004000
[  873.532168][   T30] Call Trace:
[  873.535425][   T30]  <TASK>
[  873.538338][   T30]  __schedule+0xe55/0x5740
[  873.542816][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.548017][   T30]  ? __pfx_mark_lock+0x10/0x10
[  873.552998][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.558199][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.564036][   T30]  ? __pfx___schedule+0x10/0x10
[  873.568898][   T30]  ? schedule+0x298/0x350
[  873.573305][   T30]  ? __pfx_lock_release+0x10/0x10
[  873.578363][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.583645][   T30]  ? lock_acquire+0x2f/0xb0
[  873.588148][   T30]  ? schedule+0x1fd/0x350
[  873.592671][   T30]  schedule+0xe7/0x350
[  873.596726][   T30]  schedule_preempt_disabled+0x13/0x30
[  873.602309][   T30]  __mutex_lock+0x5b8/0x9c0
[  873.606812][   T30]  ? __pfx___debug_object_init+0x10/0x10
[  873.612499][   T30]  ? rfkill_register+0x3a/0xb40
[  873.617354][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  873.622452][   T30]  ? lockdep_init_map_type+0x16d/0x7d0
[  873.627911][   T30]  ? __init_waitqueue_head+0xca/0x150
[  873.633319][   T30]  ? rfkill_register+0x3a/0xb40
[  873.638175][   T30]  ? rfkill_alloc+0x25b/0x330
[  873.642937][   T30]  rfkill_register+0x3a/0xb40
[  873.647618][   T30]  hci_register_dev+0x3cc/0xc60
[  873.652521][   T30]  __vhci_create_device+0x344/0x7d0
[  873.657719][   T30]  vhci_write+0x2c3/0x470
[  873.662129][   T30]  vfs_write+0x5ae/0x1150
[  873.666462][   T30]  ? __pfx_vhci_write+0x10/0x10
[  873.671410][   T30]  ? __pfx_vfs_write+0x10/0x10
[  873.676200][   T30]  ? find_held_lock+0x2d/0x110
[  873.681052][   T30]  ? __pfx_lock_release+0x10/0x10
[  873.686081][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.691359][   T30]  ksys_write+0x12f/0x260
[  873.695703][   T30]  ? __pfx_ksys_write+0x10/0x10
[  873.700789][   T30]  ? do_user_addr_fault+0x83d/0x13f0
[  873.706069][   T30]  do_syscall_64+0xcd/0x250
[  873.710638][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.716552][   T30] RIP: 0033:0x7f23e8b7d1c0
[  873.721051][   T30] RSP: 002b:00007ffc38da84b8 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  873.729535][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f23e8b7d1c0
[  873.737518][   T30] RDX: 0000000000000002 RSI: 00007ffc38da84ca RDI: 00000000000000ca
[  873.745596][   T30] RBP: 00007f23e8d36a38 R08: 0000000000000000 R09: 00007f23e986d6c0
[  873.753622][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  873.761654][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  873.769712][   T30]  </TASK>
[  873.772733][   T30] INFO: task syz-executor:15252 blocked for more than 146 seconds.
[  873.780718][   T30]       Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  873.789180][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  873.798140][   T30] task:syz-executor    state:D stack:27952 pid:15252 tgid:15252 ppid:1      flags:0x00000000
[  873.808397][   T30] Call Trace:
[  873.811856][   T30]  <TASK>
[  873.814786][   T30]  __schedule+0xe55/0x5740
[  873.819192][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.824459][   T30]  ? __pfx_mark_lock+0x10/0x10
[  873.829226][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.834660][   T30]  ? __pfx___lock_acquire+0x10/0x10
[  873.839910][   T30]  ? __pfx___schedule+0x10/0x10
[  873.844857][   T30]  ? schedule+0x298/0x350
[  873.849168][   T30]  ? __pfx_lock_release+0x10/0x10
[  873.854238][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.859594][   T30]  ? lock_acquire+0x2f/0xb0
[  873.864079][   T30]  ? schedule+0x1fd/0x350
[  873.868394][   T30]  schedule+0xe7/0x350
[  873.872513][   T30]  schedule_preempt_disabled+0x13/0x30
[  873.878165][   T30]  __mutex_lock+0x5b8/0x9c0
[  873.882712][   T30]  ? __pfx___debug_object_init+0x10/0x10
[  873.888428][   T30]  ? rfkill_register+0x3a/0xb40
[  873.893314][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  873.898332][   T30]  ? lockdep_init_map_type+0x16d/0x7d0
[  873.903928][   T30]  ? __init_waitqueue_head+0xca/0x150
[  873.909304][   T30]  ? rfkill_register+0x3a/0xb40
[  873.914187][   T30]  ? rfkill_alloc+0x25b/0x330
[  873.919069][   T30]  rfkill_register+0x3a/0xb40
[  873.923944][   T30]  hci_register_dev+0x3cc/0xc60
[  873.928800][   T30]  __vhci_create_device+0x344/0x7d0
[  873.934036][   T30]  vhci_write+0x2c3/0x470
[  873.938437][   T30]  vfs_write+0x5ae/0x1150
[  873.942790][   T30]  ? __pfx_vhci_write+0x10/0x10
[  873.947693][   T30]  ? __pfx_vfs_write+0x10/0x10
[  873.952510][   T30]  ? find_held_lock+0x2d/0x110
[  873.957456][   T30]  ? __pfx_lock_release+0x10/0x10
[  873.962547][   T30]  ? trace_lock_acquire+0x14a/0x1d0
[  873.967819][   T30]  ksys_write+0x12f/0x260
[  873.972211][   T30]  ? __pfx_ksys_write+0x10/0x10
[  873.977129][   T30]  ? do_user_addr_fault+0x83d/0x13f0
[  873.982461][   T30]  do_syscall_64+0xcd/0x250
[  873.986975][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  873.993029][   T30] RIP: 0033:0x7efdd9d7d1c0
[  873.997424][   T30] RSP: 002b:00007ffe50efb708 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
[  874.005863][   T30] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007efdd9d7d1c0
[  874.013934][   T30] RDX: 0000000000000002 RSI: 00007ffe50efb71a RDI: 00000000000000ca
[  874.021930][   T30] RBP: 00007efdd9f36a38 R08: 0000000000000000 R09: 00007efddaa6d6c0
[  874.030311][   T30] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000c
[  874.038293][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  874.046373][   T30]  </TASK>
[  874.049576][   T30] 
[  874.049576][   T30] Showing all locks held in the system:
[  874.057297][   T30] 1 lock held by khungtaskd/30:
[  874.062214][   T30]  #0: ffffffff8e1b8340 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x7f/0x390
[  874.072276][   T30] 2 locks held by getty/5587:
[  874.076932][   T30]  #0: ffff888031d1d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  874.086714][   T30]  #1: ffffc900032232f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0xfba/0x1480
[  874.096996][   T30] 1 lock held by syz-executor/5825:
[  874.102225][   T30]  #0: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_unregister+0xde/0x2c0
[  874.112502][   T30] 3 locks held by kworker/1:4/5875:
[  874.117690][   T30]  #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  874.128163][   T30]  #1: ffffc9000327fd80 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  874.141350][   T30]  #2: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_global_led_trigger_worker+0x1b/0x160
[  874.152798][   T30] 4 locks held by udevd/13444:
[  874.157632][   T30]  #0: ffff888033b59790 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xd8/0x12b0
[  874.166576][   T30]  #1: ffff888058311488 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x4d/0x240
[  874.176076][   T30]  #2: ffff888063dd00f8 (kn->active#5){++++}-{0:0}, at: kernfs_seq_start+0x71/0x240
[  874.185598][   T30]  #3: ffff88807e87c100 (&dev->mutex){....}-{3:3}, at: uevent_show+0x188/0x3b0
[  874.194708][   T30] 4 locks held by kworker/1:2/13620:
[  874.200204][   T30]  #0: ffff88801b078948 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x129b/0x1ba0
[  874.210709][   T30]  #1: ffffc900043e7d80 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_one_work+0x921/0x1ba0
[  874.222512][   T30]  #2: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_sync_work+0x1b/0x40
[  874.232489][   T30]  #3: ffff88807e87c100 (&dev->mutex){....}-{3:3}, at: nfc_dev_down+0x2d/0x2e0
[  874.241510][   T30] 2 locks held by syz.0.2243/15039:
[  874.246703][   T30]  #0: ffff888032a150a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[  874.256653][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.266642][   T30] 1 lock held by syz.4.2248/15048:
[  874.271771][   T30]  #0: ffff88807e87c100 (&dev->mutex){....}-{3:3}, at: nfc_unregister_device+0x60/0x330
[  874.281548][   T30] 2 locks held by syz-executor/15245:
[  874.286904][   T30]  #0: ffff88807d8f7918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_write+0x2b7/0x470
[  874.296307][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.306262][   T30] 2 locks held by syz-executor/15252:
[  874.311664][   T30]  #0: ffff888062f18118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_write+0x2b7/0x470
[  874.321092][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.331043][   T30] 2 locks held by syz-executor/15979:
[  874.336401][   T30]  #0: ffff888062d2c918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_write+0x2b7/0x470
[  874.345850][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.355952][   T30] 2 locks held by syz-executor/15990:
[  874.361525][   T30]  #0: ffff8880789c6118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_write+0x2b7/0x470
[  874.371008][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.381015][   T30] 2 locks held by syz-executor/16643:
[  874.386382][   T30]  #0: ffff888065445918 (&data->open_mutex){+.+.}-{3:3}, at: vhci_write+0x2b7/0x470
[  874.395842][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.405794][   T30] 2 locks held by syz-executor/16660:
[  874.411168][   T30]  #0: ffff88802b625118 (&data->open_mutex){+.+.}-{3:3}, at: vhci_write+0x2b7/0x470
[  874.420598][   T30]  #1: ffffffff90370c48 (rfkill_global_mutex){+.+.}-{3:3}, at: rfkill_register+0x3a/0xb40
[  874.430573][   T30] 
[  874.432887][   T30] =============================================
[  874.432887][   T30] 
[  874.441338][   T30] NMI backtrace for cpu 0
[  874.445653][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  874.456155][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  874.466195][   T30] Call Trace:
[  874.469463][   T30]  <TASK>
[  874.472380][   T30]  dump_stack_lvl+0x116/0x1f0
[  874.477045][   T30]  nmi_cpu_backtrace+0x27b/0x390
[  874.481970][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  874.487955][   T30]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[  874.493938][   T30]  watchdog+0xf0c/0x1240
[  874.498174][   T30]  ? __pfx_watchdog+0x10/0x10
[  874.502841][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  874.508049][   T30]  ? __kthread_parkme+0x148/0x220
[  874.513066][   T30]  ? __pfx_watchdog+0x10/0x10
[  874.517727][   T30]  kthread+0x2c1/0x3a0
[  874.521781][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  874.526968][   T30]  ? __pfx_kthread+0x10/0x10
[  874.531546][   T30]  ret_from_fork+0x45/0x80
[  874.535947][   T30]  ? __pfx_kthread+0x10/0x10
[  874.540522][   T30]  ret_from_fork_asm+0x1a/0x30
[  874.545282][   T30]  </TASK>
[  874.548679][   T30] Sending NMI from CPU 0 to CPUs 1:
[  874.553918][    C1] NMI backtrace for cpu 1
[  874.553930][    C1] CPU: 1 UID: 0 PID: 6267 Comm: kworker/u8:10 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  874.553946][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  874.553955][    C1] Workqueue: events_unbound toggle_allocation_gate
[  874.553974][    C1] RIP: 0010:insn_get_prefixes+0x11f/0x12f0
[  874.553989][    C1] Code: 4c 89 e0 4c 89 e2 48 c1 e8 03 83 e2 07 42 0f b6 04 38 38 d0 7f 08 84 c0 0f 85 8e 10 00 00 48 8d bd 20 8e cd 8c 41 0f b6 1c 24 <48> 89 fa 48 89 f9 48 c1 ea 03 83 e1 07 42 0f b6 14 3a 38 ca 7f 08
[  874.554001][    C1] RSP: 0018:ffffc900035df7e0 EFLAGS: 00000246
[  874.554012][    C1] RAX: 0000000000000000 RBX: 000000000000000f RCX: ffffffff8b17a4ad
[  874.554020][    C1] RDX: 0000000000000006 RSI: ffffffff8b17a435 RDI: ffffffff8ccd8e20
[  874.554029][    C1] RBP: 0000000000000000 R08: 0000000000000007 R09: 0000000000000005
[  874.554038][    C1] R10: 0000000000000000 R11: 0000000000000000 R12: ffffffff81e4c0c6
[  874.554046][    C1] R13: ffffffff81e4c0c6 R14: ffffffff81e4c0c7 R15: dffffc0000000000
[  874.554056][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  874.554070][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  874.554080][    C1] CR2: 00007f150bb09178 CR3: 000000000df7c000 CR4: 00000000003526f0
[  874.554089][    C1] DR0: fffffffffffffffc DR1: 0000000000000000 DR2: 0000000000000002
[  874.554097][    C1] DR3: 0000000000000800 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  874.554106][    C1] Call Trace:
[  874.554110][    C1]  <NMI>
[  874.554115][    C1]  ? nmi_cpu_backtrace+0x1d8/0x390
[  874.554134][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  874.554154][    C1]  ? nmi_handle+0x1a9/0x5c0
[  874.554168][    C1]  ? insn_get_prefixes+0x11f/0x12f0
[  874.554181][    C1]  ? default_do_nmi+0x6a/0x160
[  874.554197][    C1]  ? exc_nmi+0x170/0x1e0
[  874.554213][    C1]  ? end_repeat_nmi+0xf/0x53
[  874.554225][    C1]  ? __kmalloc_node_noprof+0xe7/0x430
[  874.554241][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554255][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554272][    C1]  ? insn_get_prefixes+0x16d/0x12f0
[  874.554284][    C1]  ? insn_get_prefixes+0xf5/0x12f0
[  874.554296][    C1]  ? insn_get_prefixes+0x11f/0x12f0
[  874.554308][    C1]  ? insn_get_prefixes+0x11f/0x12f0
[  874.554332][    C1]  ? insn_get_prefixes+0x11f/0x12f0
[  874.554345][    C1]  </NMI>
[  874.554349][    C1]  <TASK>
[  874.554354][    C1]  ? __kmalloc_node_noprof+0xf5/0x430
[  874.554369][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554385][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554400][    C1]  insn_get_opcode+0x80/0xed0
[  874.554411][    C1]  ? __pfx___lock_acquire+0x10/0x10
[  874.554424][    C1]  ? inat_get_opcode_attribute+0xc/0x60
[  874.554442][    C1]  ? insn_get_opcode+0x5e/0xed0
[  874.554455][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554470][    C1]  insn_get_modrm+0x84/0x720
[  874.554481][    C1]  ? lock_acquire.part.0+0x11b/0x380
[  874.554494][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554509][    C1]  insn_get_displacement+0x322/0x980
[  874.554522][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554537][    C1]  insn_get_immediate+0x84/0x1dd0
[  874.554549][    C1]  ? __asan_memset+0x23/0x50
[  874.554562][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554577][    C1]  insn_decode+0x21d/0x320
[  874.554590][    C1]  arch_jump_entry_size+0xb3/0x150
[  874.554607][    C1]  ? __pfx_arch_jump_entry_size+0x10/0x10
[  874.554624][    C1]  ? __mutex_lock+0x1a6/0x9c0
[  874.554639][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554653][    C1]  ? __kmalloc_node_noprof+0xf5/0x430
[  874.554668][    C1]  ? __kmalloc_node_noprof+0xe6/0x430
[  874.554685][    C1]  ? __kmalloc_node_noprof+0x272/0x430
[  874.554700][    C1]  __jump_label_patch+0x85/0x400
[  874.554718][    C1]  arch_jump_label_transform_queue+0x7e/0x120
[  874.554737][    C1]  __jump_label_update+0x125/0x420
[  874.554752][    C1]  jump_label_update+0x1d7/0x400
[  874.554765][    C1]  static_key_enable_cpuslocked+0x1b7/0x270
[  874.554779][    C1]  static_key_enable+0x1a/0x20
[  874.554791][    C1]  toggle_allocation_gate+0xfc/0x260
[  874.554806][    C1]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  874.554820][    C1]  ? trace_lock_acquire+0x14a/0x1d0
[  874.554837][    C1]  ? process_one_work+0x921/0x1ba0
[  874.554850][    C1]  ? lock_acquire+0x2f/0xb0
[  874.554861][    C1]  ? process_one_work+0x921/0x1ba0
[  874.554874][    C1]  process_one_work+0x9c5/0x1ba0
[  874.554889][    C1]  ? __pfx_nsim_dev_trap_report_work+0x10/0x10
[  874.554911][    C1]  ? __pfx_process_one_work+0x10/0x10
[  874.554925][    C1]  ? assign_work+0x1a0/0x250
[  874.554945][    C1]  worker_thread+0x6c8/0xf00
[  874.554960][    C1]  ? __kthread_parkme+0x148/0x220
[  874.554976][    C1]  ? __pfx_worker_thread+0x10/0x10
[  874.554988][    C1]  kthread+0x2c1/0x3a0
[  874.555001][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  874.555018][    C1]  ? __pfx_kthread+0x10/0x10
[  874.555034][    C1]  ret_from_fork+0x45/0x80
[  874.555045][    C1]  ? __pfx_kthread+0x10/0x10
[  874.555060][    C1]  ret_from_fork_asm+0x1a/0x30
[  874.555081][    C1]  </TASK>
[  875.048548][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  875.055396][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  875.065875][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  875.075925][   T30] Call Trace:
[  875.079185][   T30]  <TASK>
[  875.082098][   T30]  dump_stack_lvl+0x3d/0x1f0
[  875.086677][   T30]  panic+0x71d/0x800
[  875.090561][   T30]  ? __pfx_panic+0x10/0x10
[  875.094962][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  875.100339][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  875.106306][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  875.111664][   T30]  ? watchdog+0xd76/0x1240
[  875.116062][   T30]  ? watchdog+0xd69/0x1240
[  875.120464][   T30]  watchdog+0xd87/0x1240
[  875.124689][   T30]  ? __pfx_watchdog+0x10/0x10
[  875.129351][   T30]  ? lockdep_hardirqs_on+0x7c/0x110
[  875.134561][   T30]  ? __kthread_parkme+0x148/0x220
[  875.139574][   T30]  ? __pfx_watchdog+0x10/0x10
[  875.144234][   T30]  kthread+0x2c1/0x3a0
[  875.148286][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  875.153471][   T30]  ? __pfx_kthread+0x10/0x10
[  875.158045][   T30]  ret_from_fork+0x45/0x80
[  875.162441][   T30]  ? __pfx_kthread+0x10/0x10
[  875.167035][   T30]  ret_from_fork_asm+0x1a/0x30
[  875.171792][   T30]  </TASK>
[  875.174983][   T30] Kernel Offset: disabled
[  875.179284][   T30] Rebooting in 86400 seconds..