last executing test programs:

2m6.112169159s ago: executing program 3 (id=621):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
r5 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURB(r6, 0x4008550c, &(0x7f0000000380))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0xffffff0a, &(0x7f0000000080)=[{&(0x7f0000000040)="c018030029000b12d25a80648c2594f90124fc60100c020000040000053582c137153e370248078000f01700d1bd", 0x33fe0}], 0x1}, 0x0)

2m4.872460724s ago: executing program 3 (id=624):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @dest_unreach={0x3, 0x9, 0x0, 0x0, 0x0, 0x81, {0x5, 0x4, 0x3, 0x5, 0x40, 0x64, 0x7, 0x8, 0x6, 0x4, @loopback, @private=0xa010101}}}}}}, 0x0)

2m3.814904769s ago: executing program 3 (id=626):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x1)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_getscheduler(r1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_emit_ethernet(0x64, 0x0, 0x0)
shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x4ffe2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24000800}, 0x40054)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x62, &(0x7f0000000340)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x54, 0x0, 0x0, 0xe, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x10, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x3, 0xb, "0000002d240c0378cf"}, @fastopen={0x22, 0x4, "9922"}, @mptcp=@synack={0x1e, 0x10, 0x1, 0x2, 0xa, 0x7, 0xe3}, @sack={0x5, 0x2}, @timestamp={0x8, 0xa, 0x8, 0xffffffff}]}}}}}}}, 0x0)
r5 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f00000002c0)={0x2, @pix_mp={0xfffffffc, 0x493, 0x3234564e, 0x9, 0x1, [{0x8, 0x2}, {0xff, 0x76c88}, {0x76cb03cd}, {0x5, 0x7}, {0x7, 0x7e1}, {0x10000}, {0x1, 0x6}, {0x1, 0x1}], 0x7, 0x7}})
ioctl$SIOCAX25ADDUID(r0, 0x89e1, &(0x7f0000000240)={0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0xee00})
r6 = socket(0xa, 0x5, 0x0)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000080), 0x10)

2m3.810097538s ago: executing program 0 (id=636):
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be12020506050e0204094300090007000c200a0000000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c", 0x47, 0x0, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000100)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf000201065001ffffff0000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042402024424383345b668b57a905448ec2b17913d7b38bd8f2d41e74b4ada3a04e2e36cd27e7a1416e6d9fd27a9f878c4b2c653b3b87dd389964ee62988e32c0d8e7d82ad206a95be1d9edef875237dbaff5963db537a6778a085d4a649aae9941821b62554c792c970e2246561a1030b05adff10910ca791c947a102884521d9c6638eb97ce2239036989776ed626ae8d481"], 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x34, r2, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}]}, 0x34}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5b}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0xc, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
pselect6(0x40, &(0x7f0000000340)={0xb6, 0x9, 0xfff, 0x3, 0x1d, 0x7, 0x100, 0x8000000000000001}, &(0x7f0000000380)={0x0, 0x1, 0x2, 0x81, 0x2, 0x6, 0x2, 0x1}, &(0x7f00000003c0)={0x0, 0xd8, 0x101, 0x9b3e, 0x2875, 0x4, 0xffffffffc6fde9fd, 0x4}, &(0x7f0000000400)={0x0, 0x3938700}, &(0x7f00000004c0)={&(0x7f0000000440)={[0x4]}, 0x8})
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$alg(0x26, 0x5, 0x0)
ioctl$SIOCGSTAMPNS(r8, 0x8907, &(0x7f0000000300))
bind$alg(r8, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r9 = accept$alg(r8, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x10)
sendmmsg$alg(r9, &(0x7f0000001bc0)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001c00)="5985d20392a438a118753a61ccd1d0e83101f02653a3db12a8785d9bcc59b58251f9ae571dc6a2d023b82407fbb8ae52a24b445059869df6095b826013c10bb7745d9edc0ef211452945180b52cc3986fb74d70cdc0194be37b376d2d4798d4e4463d042b1a462e80d80915fcffca56f2e0f5a6b6bff7e43eb6c80c1a8e85c077f4e980c3aa7b4b34562044059224e7280a86d55356ca279765d0943a185ac585ba7355885a40b0f4d02e5afe7b154deb20048d62307273f7069b86987af5b7fd9272d1ed5a9891e493deafa8a98f30c86803d00028221b891d3ae3437e26e9e0bbb0c152036ffebc06c5aa3fe55480e68414e7283793c5f93bf95ee471bf2b70abf696bb304bbecce852fd81439df022489675c1827a96f824378a80ce5338143bbc8fc3b1955bba34f2121cf485212c7cd8b50d81382605d28573b46b376e1092560f6d76c8ee2c4ebd9cf88665cec5acd5c2bb34ed1ce0338a7c1c8583914be1ef3a054e91f35a82147c0ef819f7971e12c18c5314df9e06bbbea133f82e638fd4646fb6a517fe75130f65392e8e1456fff3ae5cc7298b7bd6e7ea141808b4b4ec6930e7ee97e802a9a5c37c7bfaf6f8fd113b1e713e9d07cf0ddddf91965c29dbcc7a6478a071efe498458ee8428baeacd171ca321a88863d747ae8ba633f835401e66c831bec8d66ede3a6be8c9d6cd2e543df191a661d934e115c49db11cd3382aa4c378ea27b37078e4dbd52d5237873388f0b114dbcd77332e3cae456d8a96465a763709b9e33255b9648f186ae462f585dd729676a66e5dcba00b76ef82b9926d820d1f81f2ef2bdedb9727bc9b8420a16af0a3d49bfabaf53637b5712cd1efcfecefea443d99749398406a15af44464330fcc7ae05bc1319a403f17320384adf670171b10572b7a3c29224327d4da0cc98605adb69b143b75f495c3ee34b0e2df6119cdecfc9c14adac77c00225ba394a33c2031f7fd6fd5c51603133fd282b714d0206a61dcbfd9826847751c0828c7258b75739fc0f26cb4f5037652f608bfd156660b8ca43069fdfd27dc658b768b0842a71bd2191064e7c343710b26b4f94900dea847881b9269a250b165aa5b32cb02e853e01df7283f5aae557f555cdd110ffa52c5c702cb214934c5aa8a99c87b2ec9dd6717693827029ad477fa822c84c83303d04a6db313af73b83ef53d0caae2a0de16e13746d092a2e6260638245c57bf2904740ef4d4385b3fd888ea17795c712dbce6a559c71a8425deab805f99ec9f16cf268c5c6cb6cbbefe71115e62c85e9a0940b96a19a49b4a9373250c5b7a2446b4393aaa144ba32a9a0fff5cffc515d48691911a84ef869af3c3b08db4d8e44279b8ecf0753e88e5405897b4050db08c254cf0ff5b69a045bc62049218a573c6a395148454953a72768ddbd4326a0d247a0a4571ea894875a2f899f47487c3d2b62e51d8239633d3421fd79b0c32d05b99256614accf64ee6e2d51a3bdd221e79d6475e6ac68159923977200feba975e290d768d7255416a06c8f161fa39f7a04c4651d420f1d96703cb3773bd2a2a0c37b1603151c4cc47f0699900849509534f8ec5131cfee5d96d598e28d571328ca037a34ba31aa5e6d51fe2604f8316545f129f0ae8e0856888d3315ed22f6246852df12d67e3a64e7891df946b81495189341e9401406037cfb31490fcff4fc0406f2f70e2cabcd0fb8adeec4be909526dfa252a5aee0435df3a07e0897b86eaff8dd190f466b2a81e8a37ffb577bfb5feddefb292809c1d925c2f9cf27380dc78e74d74ceb1d31ebe84bbd2e6ce48dded3c55203966896ad1458d3d3095b9bacf250416ee27aa73a5c5d6ec6b2c9c323759ffe97df44481f796f4762e3245c0a88fd129dbafde688f2c57445665c623025a76748a9931a7f67c53faa4a155c9ba5caa38986462e48db7c580749bd372955244c9d4a17631f24b9b64036de9e97147b7056dcb54652fca36a037d0c3f754a303c594d8e04f706fe75e8f19607e6cc94ac60d83b4fc620a00b52605323391f3e005dcdb9be443b59d89760b605f32c07bef27a326863e07d770e7bb2853354f6404a83d099559e5a25849bd16c6381354ec45df14e3e16099a0cc299256118be93e47c025b01a2fe899c81411c8f6b74808562ecb2f91b8688b1617b93516b29162bf71db6e2dbee1ba98fba3cf6e7f56d90fbf017d2d81d2411515d73272bc167a55770deacb3d79dcfa1cb9c27e27585b521d3900e4fb280c1ba1f9e956bd1326bf162255f66b0189ae648a402e48cc61fdd20fd3a09070c88167730bf80b34cecfcb37a4046552d1b345f66c97fb67f1993990e55e43ee58372455864de62d636d836477fca1ca355bce2eed04ca30751ad642e61862d1e29886b9acc5be9d6ab7e6eab7c89a7ebde051116ae5f12432caa8228c4dddb5221f7f5fafeef8d397ee0c7d94dfcd2fade21947c98bd89b071f4e24dfb43b46f1db5f1276d8d71e3cccca479cb612be6bd02e6f188403b85022ed0e9d42f9c4531a11659bfd144b4a49b6659be2a548658a66d7faa44622742d7c42d7f90caa2ca3a24d10c993a9b1c814f4e0b735615cbd9c00d6bf444d0ae1071f2b74023d2e53b9d2b79f6ddaeadcef3bcc5d13971b7f9c7e72d1a431e1d79234e1dab13ee758f741777d836905c7873de0192ecda15d3a224331fc2222f6793edd69da51befe4f772ec696e4e4e5deba877b52b91d8b7de4fd151e1009134cebf4a353e6219b21f131487b3fba0f4b7e39626c5c7583ed5073086ff735ce19cb786e8d1bf359b4c3a7bc29bbf9d441d914d7e842b88f0868d0f6a6fd41624271ad5e166d677ea5109b6c8e9d2fdfff9e944e9c9ad50b3cde7e3f229e2bbf81c6aaa7b7c8e5700362000b6509942bbed25253e0833a5f7a71975b780472ed6f3da3a2ba162f20b3b90d4a084acbb137129bbd9b65f3e9ba6886241d80ee90dcf7d64050d52e8550f21262a88395ca06b83a5b5d9c05426582c86fe7753019a71ecc84c59fae3239d195246306f153b301629fbc6bd6e3fbc6aff7d35d79c5c8046b61ec70e2b7356c9400477778990364091be2b74bdab711f5561ff137021fdf9e82a35fd5bf85673bbb2944cf1f36a2e25fa4dd948525621f7a14dc3c8d1e1f1ec9d334dddcf7f9487f3d3ec60106becfddc15ece3850215aa3231a543264263757c6417adde58eb6b624096ac5c7b96e4e294cc935ad9315669d03b80522e5b7f6207e325cc5e9a33cdd8d5512aa388e452674a936826d47f23097d33c4e4a1f2f0802a2b9be2a608f2f0ff27f6b041d70d268f848687d45e6e510691ad516c7d7038d4153fb30415e425a4cb9d879aee8ffbca65df46876151af9a583d9a3fb331fb1b616a8007fddba31bee77e420172cd2a2a140a3376db47d7336d958bfa6f4ae80f78310c9043a184258dbaa9bba0c2482d7eb70c2bd94d52587fb92fd80c58110b05ad6eb1623009cd263deb3cb219bfde713ef738dfed0b1c6254177d939e8c358cc69ddfa3e31aa4c3cbfe384d96749217ff3b2b45a15f34403fe327aa2f805d1eaf7ee7f187070032eceba18a11e4ccf7c2e3a4d5c72d1db7b0bb5dc2354ae7eb27dedb91a5571203835b482353950220ad39f21334135c6fdd22a71c6119ce5dfa292a71ad296b141663210872c192aa228e21068d717235f1186234de39e69e5904ead38314ef69b86a656371d9987d327a7064fc6e1acd7f822165b1e42da9bff573db1eaf2563552bf6dbb6591031883f5cf7e22d1f2e2522e5bb88fc4bdece187d7f2612886a7f314895d43dd2c9e1b731aec39014028590ea0c76f1cd7d71c96ed45ce31d5e38f38a36a95d54708875dd99d8612275450a700251c7f21742d31b9be6de5fcf63b7b639ff746f31537694b3005ddf6cc8375f25bd782bc784943b72bd19f938a449fe0a617b5b1430a4d506e3bf0a1f118b6e45e9e6a3515efd9ecd1a964c5459921b01a0cacf0d4e4659f06ee2e53123a2241b583072f91af6b82f51fa14622ead00697b2f511e7f54cc4e8b015bd03b4ebae849ec9f7738d945450ff8363aee60678b80a86e93326f6a87d73b1a114f6f6186e2a4365d66d5b74df15280c4060ec847da5a1baf1706e7a373f2ec73ad755bffdd5813cf5ce8cf8b07d4ac8b324293b7248145b35b13fe638f902c5e8147084c221591cefa221573080f49ed7b3479e9c81c4ec2e5e8df89ce0266f6023327aae85f74fc70085398ca9749a1b8467d3d2d7bdcfc4bb9af62721a4cf55a5d2600210eeda03de3b9353725eb991583d7226debf7e3d4b06d89c41599b3687d56571c6c810882e1060510b0e6480b4e3d8705c858e24897dd8bd936f9a16bd626b98dd55696aa2dea3c0a12a6b12f5befba90ea487134453b5a8e863b5446565730e9d84e019d664654568c3448bbddd8cccc15e4615addae0d732dafe6f54b229cd5689396720d0010dfea3f9e6d9793b51be5c4e39659e8eb604ec15ee7ae2a2961a8b815d9417795cdde0702d6cf7dcdc16f02365d7eee5dfc7a0a9ea3957672f00a209fb845e782777ef9e5c9e7aa7926bb93c3486a8612e222ddc9709d9a2acef6c60db859c4fd39f365bb22f90edd04f891fd3ccdff35c5eac56ec49d02063a7859aa14c938d575fb85cc26a3f3fb3ef4d8ce576e927dc54c27702aff904e133a6869ac4384ca6ce273d1a7f3b4ffb570dd097e607ade8eb8ca1d436733262b527c508e4ff7e09bb56432c36a38065c582210252efc06aa0d3fe0ea99e97e6ee88f80ad33bcb2cd0570b8f97488bfe09d4560b9ab44ec7ea5726d291460ab46d32922c1b37067425ff9abc8a4bf810879114dc266a575e1ddcbfd6ef2c51b624091b3ebe68ededfd94f883ae674b1f00be817a559b3c6376aa68f039628ae425191b7c7ba60e73b0fa3c4fe5533b4f8fe0b21f61a5f9e520e22cdbebd929048552b6d8d1d5c18fa9900b7786462e7e4d738e57485e9a6dd14a0fd37f0256613317df8ec3518c7eee50c59070a7276f8b0575426887f2cb5be122cc766a25a07132ef01611d0c2d3f16de29a8c0f39a3a5a3e9596b61fdd3dff97b95ff67b4798ddbc4b14e518bcc52cdd2d87605ce9d9c5f2a6d4e11d2f94575b0d5de72d0b97d0a2cf32b5465c6a4ddb62d61b97f2331341c9d448ec775180f858394f2c0b2ee982b9f867d73f97d0e0e3b275ef49c7c262c4d6f5fac787edafaa8b79410b1288a0b52afd93c8584ff9d61eddfa0cada98bd3c200fc708078098764bbe304c44d62eff132415a917c022c9f7466318017da7b4649eb0fae58fcb716a1f295d84dd9ec14218beb0372c041aaa4421a8f75eaef5115f0f32aca8fd30fde0e9e08972e23faf5381eb18c626c0ce920261461c3dfe7f1e8b35ca16f7283de3af4bba5c384e256cd369568214101a8e27c94531a81fe4fba595a4455f8724eebea716d1a4940b3d787fc4bd6ad8aa403fceb74f316fb5a816890646338efb6f13aba195f127aa1b1107bf303b1f997c74d6f4f664d708f58c3b3ca063825405ad7a61260debf4b220443b6537f5ae94820ec62901944cc9023e655f82e0e31a13f351ed0336cbcfda8ae0b20025fb33e49f011f6aa708140cffefbd06f9b90fefc6f9d79f67495ff0b1a2f1ff075eda3fdd800088fc0583dc0e1e9f7f02673da61cc4466a2559d70cd90e453b11449442eb11f444e1203bc38754f7ad0d93bb91e40f9cd490d2dd5d7e2571c460718f94d4c61751c119fe", 0xff9}, {&(0x7f0000000540)}], 0x2, &(0x7f0000000840), 0x0, 0x81}], 0x1, 0x20041001)
recvmsg(r9, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000002c40)=""/4088, 0xff8}, {0x0}], 0x2}, 0x2)
setsockopt(r0, 0x84, 0x7f, 0x0, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000200), 0x4)

2m1.309485832s ago: executing program 2 (id=629):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="0200000001000000000000000400060000000000100004000000000020000000000000006619044886e7669f810f365f4deda5d41202f1a7a432a0da8084617d5c0fa281bb7604352335377c357a8949d4cdfb526c62b1fd16aa66fd496d7f4ee1485d4e4b9a66734debeb7637868b6e3f86a0dba830850c"], 0x24, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000180)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000080)='./file2\x00')
mkdir(&(0x7f0000000440)='./file1\x00', 0xb0)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
ioctl$SIOCAX25GETUID(r1, 0x89e0, &(0x7f0000000480)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})

2m0.847882891s ago: executing program 2 (id=630):
openat$fb0(0xffffffffffffff9c, 0x0, 0x100, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fcntl$getownex(r3, 0x10, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_IOAS_MAP(r4, 0x3b85, 0x0)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r4, 0x3ba0, &(0x7f0000000040)={0x48, 0x5, r5, 0x0, 0xffffffffffffffff, 0x1})
r6 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000140)=0x2000)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x1000000000000000)

2m0.129129809s ago: executing program 0 (id=631):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = fcntl$dupfd(r0, 0x406, r1)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000000c0), r2)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r2, &(0x7f0000000400)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000300)={&(0x7f0000000100)={0x1c4, r3, 0x100, 0x70bd2c, 0x25dfdbfe, {}, [{@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5}}, {@pci={{0x8}, {0x11}}, {0xd}, {0x5, 0x83, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5}}, {@nsim={{0x3a}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x8000}, 0x810)
bind$unix(r1, &(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e)
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000340)="a836", 0x2}], 0x1}, 0x4040001)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000180)='/dev/comedi4\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0xab, @loopback, 0x10001}, 0x1c)
openat$sndseq(0xffffffffffffff9c, 0x0, 0xe0c81)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r6 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
recvmsg$unix(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
close(0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x4e22, 0x7, @loopback, 0x23}, 0x1c)

1m51.919741884s ago: executing program 0 (id=635):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_connect(0x3, 0x1c, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12011001daa18c4089612d187301010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r4 = openat$cgroup_devices(r3, &(0x7f0000000000)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r4, &(0x7f0000000140)=ANY=[@ANYBLOB='b *:4\tw\nr'], 0xa)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
landlock_restrict_self(0xffffffffffffffff, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r5, &(0x7f00000025c0)={0x0, 0x0, &(0x7f0000002580)={&(0x7f0000002540)={0x2c, 0x2, 0x3, 0x301, 0x0, 0x0, {0x0, 0x0, 0x2}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1, 0x0, 0x1e}}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x14000}, 0x20000000)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r6=>0x0})
bind$can_j1939(r1, &(0x7f0000000100)={0x1d, r6, 0x2, {0x3}}, 0x18)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r1)
r7 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x29, 0x14, &(0x7f0000000100), 0x120)
setsockopt$sock_attach_bpf(r7, 0x29, 0x15, &(0x7f0000000100), 0x3d)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00'})

1m51.903453892s ago: executing program 1 (id=640):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
r4 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r5 = fcntl$dupfd(r4, 0x0, r4)
ioctl$USBDEVFS_SUBMITURB(r5, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURB(r5, 0x4008550c, &(0x7f0000000380))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r3, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
writev(r6, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
socket$kcm(0x10, 0x3, 0x10)
r7 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r7, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x4f, 0x4f, 0x43, 0x50, 0x4f]}, 0x2e)

1m51.777133262s ago: executing program 2 (id=641):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000000000)='system.posix_acl_default\x00', &(0x7f0000000200)=ANY=[@ANYBLOB="0200000001000000000000000400060000000000100004000000000020000000000000006619044886e7669f810f365f4deda5d41202f1a7a432a0da8084617d5c0fa281bb7604352335377c357a8949d4cdfb526c62b1fd16aa66fd496d7f4ee1485d4e4b9a66734debeb7637868b6e3f86a0dba830850c"], 0x24, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000000180)='./file1\x00', 0x6000, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000080)='./file2\x00')
mkdir(&(0x7f0000000440)='./file1\x00', 0xb0)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0x1)
ioctl$SIOCAX25GETUID(r1, 0x89e0, &(0x7f0000000480)={0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}})

1m50.392673798s ago: executing program 1 (id=642):
sendto$inet6(0xffffffffffffffff, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be12020506050e0204094300090007000c200a0000000d0085a168d0bf46d32345653600648d0a00120002000a0000005ade4a460c", 0x47, 0x0, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000100)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf000201065001ffffff0000020d00000524060001082400a9b30d240f010a0000000300ff000606241a05001407240a050905580c240c00000000a90c0900030424020204240200042402024424383345b668b57a905448ec2b17913d7b38bd8f2d41e74b4ada3a04e2e36cd27e7a1416e6d9fd27a9f878c4b2c653b3b87dd389964ee62988e32c0d8e7d82ad206a95be1d9edef875237dbaff5963db537a6778a085d4a649aae9941821b62554c792c970e2246561a1030b05adff10910ca791c947a102884521d9c6638eb97ce2239036989776ed626ae8d481"], 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)={0x34, r2, 0x1, 0x0, 0x0, {0x23}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_AUTONEG={0x5, 0x2, 0x1}]}, 0x34}}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5b}, 0x94)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0xc, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x28}}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
pselect6(0x40, &(0x7f0000000340)={0xb6, 0x9, 0xfff, 0x3, 0x1d, 0x7, 0x100, 0x8000000000000001}, &(0x7f0000000380)={0x0, 0x1, 0x2, 0x81, 0x2, 0x6, 0x2, 0x1}, &(0x7f00000003c0)={0x0, 0xd8, 0x101, 0x9b3e, 0x2875, 0x4, 0xffffffffc6fde9fd, 0x4}, &(0x7f0000000400)={0x0, 0x3938700}, &(0x7f00000004c0)={&(0x7f0000000440)={[0x4]}, 0x8})
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000001a300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = socket$alg(0x26, 0x5, 0x0)
ioctl$SIOCGSTAMPNS(r8, 0x8907, &(0x7f0000000300))
bind$alg(r8, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
r9 = accept$alg(r8, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r8, 0x117, 0x1, &(0x7f0000000480)="b19ccccf84f531d9ec214627c11430c1", 0x10)
sendmmsg$alg(r9, &(0x7f0000001bc0)=[{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001c00)="5985d20392a438a118753a61ccd1d0e83101f02653a3db12a8785d9bcc59b58251f9ae571dc6a2d023b82407fbb8ae52a24b445059869df6095b826013c10bb7745d9edc0ef211452945180b52cc3986fb74d70cdc0194be37b376d2d4798d4e4463d042b1a462e80d80915fcffca56f2e0f5a6b6bff7e43eb6c80c1a8e85c077f4e980c3aa7b4b34562044059224e7280a86d55356ca279765d0943a185ac585ba7355885a40b0f4d02e5afe7b154deb20048d62307273f7069b86987af5b7fd9272d1ed5a9891e493deafa8a98f30c86803d00028221b891d3ae3437e26e9e0bbb0c152036ffebc06c5aa3fe55480e68414e7283793c5f93bf95ee471bf2b70abf696bb304bbecce852fd81439df022489675c1827a96f824378a80ce5338143bbc8fc3b1955bba34f2121cf485212c7cd8b50d81382605d28573b46b376e1092560f6d76c8ee2c4ebd9cf88665cec5acd5c2bb34ed1ce0338a7c1c8583914be1ef3a054e91f35a82147c0ef819f7971e12c18c5314df9e06bbbea133f82e638fd4646fb6a517fe75130f65392e8e1456fff3ae5cc7298b7bd6e7ea141808b4b4ec6930e7ee97e802a9a5c37c7bfaf6f8fd113b1e713e9d07cf0ddddf91965c29dbcc7a6478a071efe498458ee8428baeacd171ca321a88863d747ae8ba633f835401e66c831bec8d66ede3a6be8c9d6cd2e543df191a661d934e115c49db11cd3382aa4c378ea27b37078e4dbd52d5237873388f0b114dbcd77332e3cae456d8a96465a763709b9e33255b9648f186ae462f585dd729676a66e5dcba00b76ef82b9926d820d1f81f2ef2bdedb9727bc9b8420a16af0a3d49bfabaf53637b5712cd1efcfecefea443d99749398406a15af44464330fcc7ae05bc1319a403f17320384adf670171b10572b7a3c29224327d4da0cc98605adb69b143b75f495c3ee34b0e2df6119cdecfc9c14adac77c00225ba394a33c2031f7fd6fd5c51603133fd282b714d0206a61dcbfd9826847751c0828c7258b75739fc0f26cb4f5037652f608bfd156660b8ca43069fdfd27dc658b768b0842a71bd2191064e7c343710b26b4f94900dea847881b9269a250b165aa5b32cb02e853e01df7283f5aae557f555cdd110ffa52c5c702cb214934c5aa8a99c87b2ec9dd6717693827029ad477fa822c84c83303d04a6db313af73b83ef53d0caae2a0de16e13746d092a2e6260638245c57bf2904740ef4d4385b3fd888ea17795c712dbce6a559c71a8425deab805f99ec9f16cf268c5c6cb6cbbefe71115e62c85e9a0940b96a19a49b4a9373250c5b7a2446b4393aaa144ba32a9a0fff5cffc515d48691911a84ef869af3c3b08db4d8e44279b8ecf0753e88e5405897b4050db08c254cf0ff5b69a045bc62049218a573c6a395148454953a72768ddbd4326a0d247a0a4571ea894875a2f899f47487c3d2b62e51d8239633d3421fd79b0c32d05b99256614accf64ee6e2d51a3bdd221e79d6475e6ac68159923977200feba975e290d768d7255416a06c8f161fa39f7a04c4651d420f1d96703cb3773bd2a2a0c37b1603151c4cc47f0699900849509534f8ec5131cfee5d96d598e28d571328ca037a34ba31aa5e6d51fe2604f8316545f129f0ae8e0856888d3315ed22f6246852df12d67e3a64e7891df946b81495189341e9401406037cfb31490fcff4fc0406f2f70e2cabcd0fb8adeec4be909526dfa252a5aee0435df3a07e0897b86eaff8dd190f466b2a81e8a37ffb577bfb5feddefb292809c1d925c2f9cf27380dc78e74d74ceb1d31ebe84bbd2e6ce48dded3c55203966896ad1458d3d3095b9bacf250416ee27aa73a5c5d6ec6b2c9c323759ffe97df44481f796f4762e3245c0a88fd129dbafde688f2c57445665c623025a76748a9931a7f67c53faa4a155c9ba5caa38986462e48db7c580749bd372955244c9d4a17631f24b9b64036de9e97147b7056dcb54652fca36a037d0c3f754a303c594d8e04f706fe75e8f19607e6cc94ac60d83b4fc620a00b52605323391f3e005dcdb9be443b59d89760b605f32c07bef27a326863e07d770e7bb2853354f6404a83d099559e5a25849bd16c6381354ec45df14e3e16099a0cc299256118be93e47c025b01a2fe899c81411c8f6b74808562ecb2f91b8688b1617b93516b29162bf71db6e2dbee1ba98fba3cf6e7f56d90fbf017d2d81d2411515d73272bc167a55770deacb3d79dcfa1cb9c27e27585b521d3900e4fb280c1ba1f9e956bd1326bf162255f66b0189ae648a402e48cc61fdd20fd3a09070c88167730bf80b34cecfcb37a4046552d1b345f66c97fb67f1993990e55e43ee58372455864de62d636d836477fca1ca355bce2eed04ca30751ad642e61862d1e29886b9acc5be9d6ab7e6eab7c89a7ebde051116ae5f12432caa8228c4dddb5221f7f5fafeef8d397ee0c7d94dfcd2fade21947c98bd89b071f4e24dfb43b46f1db5f1276d8d71e3cccca479cb612be6bd02e6f188403b85022ed0e9d42f9c4531a11659bfd144b4a49b6659be2a548658a66d7faa44622742d7c42d7f90caa2ca3a24d10c993a9b1c814f4e0b735615cbd9c00d6bf444d0ae1071f2b74023d2e53b9d2b79f6ddaeadcef3bcc5d13971b7f9c7e72d1a431e1d79234e1dab13ee758f741777d836905c7873de0192ecda15d3a224331fc2222f6793edd69da51befe4f772ec696e4e4e5deba877b52b91d8b7de4fd151e1009134cebf4a353e6219b21f131487b3fba0f4b7e39626c5c7583ed5073086ff735ce19cb786e8d1bf359b4c3a7bc29bbf9d441d914d7e842b88f0868d0f6a6fd41624271ad5e166d677ea5109b6c8e9d2fdfff9e944e9c9ad50b3cde7e3f229e2bbf81c6aaa7b7c8e5700362000b6509942bbed25253e0833a5f7a71975b780472ed6f3da3a2ba162f20b3b90d4a084acbb137129bbd9b65f3e9ba6886241d80ee90dcf7d64050d52e8550f21262a88395ca06b83a5b5d9c05426582c86fe7753019a71ecc84c59fae3239d195246306f153b301629fbc6bd6e3fbc6aff7d35d79c5c8046b61ec70e2b7356c9400477778990364091be2b74bdab711f5561ff137021fdf9e82a35fd5bf85673bbb2944cf1f36a2e25fa4dd948525621f7a14dc3c8d1e1f1ec9d334dddcf7f9487f3d3ec60106becfddc15ece3850215aa3231a543264263757c6417adde58eb6b624096ac5c7b96e4e294cc935ad9315669d03b80522e5b7f6207e325cc5e9a33cdd8d5512aa388e452674a936826d47f23097d33c4e4a1f2f0802a2b9be2a608f2f0ff27f6b041d70d268f848687d45e6e510691ad516c7d7038d4153fb30415e425a4cb9d879aee8ffbca65df46876151af9a583d9a3fb331fb1b616a8007fddba31bee77e420172cd2a2a140a3376db47d7336d958bfa6f4ae80f78310c9043a184258dbaa9bba0c2482d7eb70c2bd94d52587fb92fd80c58110b05ad6eb1623009cd263deb3cb219bfde713ef738dfed0b1c6254177d939e8c358cc69ddfa3e31aa4c3cbfe384d96749217ff3b2b45a15f34403fe327aa2f805d1eaf7ee7f187070032eceba18a11e4ccf7c2e3a4d5c72d1db7b0bb5dc2354ae7eb27dedb91a5571203835b482353950220ad39f21334135c6fdd22a71c6119ce5dfa292a71ad296b141663210872c192aa228e21068d717235f1186234de39e69e5904ead38314ef69b86a656371d9987d327a7064fc6e1acd7f822165b1e42da9bff573db1eaf2563552bf6dbb6591031883f5cf7e22d1f2e2522e5bb88fc4bdece187d7f2612886a7f314895d43dd2c9e1b731aec39014028590ea0c76f1cd7d71c96ed45ce31d5e38f38a36a95d54708875dd99d8612275450a700251c7f21742d31b9be6de5fcf63b7b639ff746f31537694b3005ddf6cc8375f25bd782bc784943b72bd19f938a449fe0a617b5b1430a4d506e3bf0a1f118b6e45e9e6a3515efd9ecd1a964c5459921b01a0cacf0d4e4659f06ee2e53123a2241b583072f91af6b82f51fa14622ead00697b2f511e7f54cc4e8b015bd03b4ebae849ec9f7738d945450ff8363aee60678b80a86e93326f6a87d73b1a114f6f6186e2a4365d66d5b74df15280c4060ec847da5a1baf1706e7a373f2ec73ad755bffdd5813cf5ce8cf8b07d4ac8b324293b7248145b35b13fe638f902c5e8147084c221591cefa221573080f49ed7b3479e9c81c4ec2e5e8df89ce0266f6023327aae85f74fc70085398ca9749a1b8467d3d2d7bdcfc4bb9af62721a4cf55a5d2600210eeda03de3b9353725eb991583d7226debf7e3d4b06d89c41599b3687d56571c6c810882e1060510b0e6480b4e3d8705c858e24897dd8bd936f9a16bd626b98dd55696aa2dea3c0a12a6b12f5befba90ea487134453b5a8e863b5446565730e9d84e019d664654568c3448bbddd8cccc15e4615addae0d732dafe6f54b229cd5689396720d0010dfea3f9e6d9793b51be5c4e39659e8eb604ec15ee7ae2a2961a8b815d9417795cdde0702d6cf7dcdc16f02365d7eee5dfc7a0a9ea3957672f00a209fb845e782777ef9e5c9e7aa7926bb93c3486a8612e222ddc9709d9a2acef6c60db859c4fd39f365bb22f90edd04f891fd3ccdff35c5eac56ec49d02063a7859aa14c938d575fb85cc26a3f3fb3ef4d8ce576e927dc54c27702aff904e133a6869ac4384ca6ce273d1a7f3b4ffb570dd097e607ade8eb8ca1d436733262b527c508e4ff7e09bb56432c36a38065c582210252efc06aa0d3fe0ea99e97e6ee88f80ad33bcb2cd0570b8f97488bfe09d4560b9ab44ec7ea5726d291460ab46d32922c1b37067425ff9abc8a4bf810879114dc266a575e1ddcbfd6ef2c51b624091b3ebe68ededfd94f883ae674b1f00be817a559b3c6376aa68f039628ae425191b7c7ba60e73b0fa3c4fe5533b4f8fe0b21f61a5f9e520e22cdbebd929048552b6d8d1d5c18fa9900b7786462e7e4d738e57485e9a6dd14a0fd37f0256613317df8ec3518c7eee50c59070a7276f8b0575426887f2cb5be122cc766a25a07132ef01611d0c2d3f16de29a8c0f39a3a5a3e9596b61fdd3dff97b95ff67b4798ddbc4b14e518bcc52cdd2d87605ce9d9c5f2a6d4e11d2f94575b0d5de72d0b97d0a2cf32b5465c6a4ddb62d61b97f2331341c9d448ec775180f858394f2c0b2ee982b9f867d73f97d0e0e3b275ef49c7c262c4d6f5fac787edafaa8b79410b1288a0b52afd93c8584ff9d61eddfa0cada98bd3c200fc708078098764bbe304c44d62eff132415a917c022c9f7466318017da7b4649eb0fae58fcb716a1f295d84dd9ec14218beb0372c041aaa4421a8f75eaef5115f0f32aca8fd30fde0e9e08972e23faf5381eb18c626c0ce920261461c3dfe7f1e8b35ca16f7283de3af4bba5c384e256cd369568214101a8e27c94531a81fe4fba595a4455f8724eebea716d1a4940b3d787fc4bd6ad8aa403fceb74f316fb5a816890646338efb6f13aba195f127aa1b1107bf303b1f997c74d6f4f664d708f58c3b3ca063825405ad7a61260debf4b220443b6537f5ae94820ec62901944cc9023e655f82e0e31a13f351ed0336cbcfda8ae0b20025fb33e49f011f6aa708140cffefbd06f9b90fefc6f9d79f67495ff0b1a2f1ff075eda3fdd800088fc0583dc0e1e9f7f02673da61cc4466a2559d70cd90e453b11449442eb11f444e1203bc38754f7ad0d93bb91e40f9cd490d2dd5d7e2571c460718f94d4c61751c119fe", 0xff9}, {&(0x7f0000000540)}], 0x2, &(0x7f0000000840), 0x0, 0x81}], 0x1, 0x20041001)
recvmsg(r9, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000002c40)=""/4088, 0xff8}, {0x0}], 0x2}, 0x2)
setsockopt(r0, 0x84, 0x7f, 0x0, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r0, 0x29, 0x1, &(0x7f0000000200), 0x4)

1m50.071063188s ago: executing program 3 (id=643):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
ioctl$TIOCL_GETMOUSEREPORTING(0xffffffffffffffff, 0x5412, &(0x7f00000000c0)=0x13)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
rseq(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x3}, 0x20, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
bpf$ITER_CREATE(0xb, 0x0, 0x0)

1m48.752340131s ago: executing program 2 (id=644):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000280)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000180)='W', 0x1}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x4)
recvmsg(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000006c0)=""/4096, 0x1000}, {0x0}], 0x2}, 0x2)
sendmsg$inet(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

1m48.598121462s ago: executing program 4 (id=645):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000001c0)="d8000000100081044e81f782db44b904021d080006000000e8fe55a1180015000600142603600e120a000d85c8af0401a80016000a003a40f8ff07000000000007b2984ec69559ffbcaa76e2631f77c05f0003003a00004dcf5c0461c1a1b36f94007134cf6ee08000a0e408e8d8e752a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025cc049e00360db70100000040fad95667e006dcdf63951f215ce29bf1d809d5e1cace81ed0bf70fe1b42a9ecb", 0xd8}], 0x1}, 0x4000800)

1m48.094690214s ago: executing program 4 (id=646):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x4, [@func={0x2, 0x0, 0x0, 0xc, 0x2}, @func_proto]}, {0x0, [0x0, 0x5f]}}, 0x0, 0x34}, 0x20)
r5 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
ioctl$USBDEVFS_REAPURB(r6, 0x4008550c, &(0x7f0000000380))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r4, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x1}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x20c02)
writev(r7, &(0x7f0000000000)=[{&(0x7f0000000040)="aefdda9d240303005a90f57f07703aeff0f64eb9ee07962c220a2e11b44e65d76641cb010852f426072a", 0x2a}], 0x1)
socket$kcm(0x10, 0x3, 0x10)
write$binfmt_register(0xffffffffffffffff, &(0x7f0000000140)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x9, 0x3a, '+\'', 0x3a, '', 0x3a, './file2', 0x3a, [0x4f, 0x4f, 0x43, 0x50, 0x4f]}, 0x2e)

1m48.077350679s ago: executing program 0 (id=656):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1f, 0x19, &(0x7f0000000500)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x7e}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @snprintf={{}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb3}}]}, &(0x7f00000000c0)='GPL\x00', 0x3, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xebfb}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r2}, 0xc)

1m46.409791926s ago: executing program 1 (id=647):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
capset(&(0x7f0000000040)={0x20080522}, 0x0)
socket$caif_seqpacket(0x25, 0x5, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000840)={0x0, 0x1, 0x4000, 0x1000, &(0x7f0000ffe000/0x1000)=nil})
r2 = open(&(0x7f0000000000)='./file0\x00', 0x280041, 0x40)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0xffffffffffffffff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text32={0x20, &(0x7f0000000140)="f36dc744240015000000640f1899000000004424020e000000c744240636880000000f0114240f01dfb9b8020000b8494d0000ba000000000f30c4c37d044a08040fff090f8e43d399ad66baf80cb802028e8cef4141bafc0c66b8010066efc4c1e956c80fc77cc187", 0x69}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)={0x5, 0x0, [{0x886, 0x0, 0x5}, {0x0, 0x0, 0x1de5}, {0x4b6, 0x0, 0x219}, {0xb92, 0x0, 0xff}, {0xac5, 0x0, 0x6d}]})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, 0x0}], 0x1, 0x6fcef00345e8684, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
ppoll(&(0x7f00000001c0)=[{r5, 0x218}], 0x1, 0x0, 0x0, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(0xffffffffffffffff, 0xc0096616, &(0x7f00000000c0)={0x3, [0x0, 0x0, 0x0]})
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r6, 0x84, 0x1d, &(0x7f0000000140)={0x1, [<r7=>0x0]}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f00000003c0)={r7, @in6={{0xa, 0x4e20, 0x9, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8001}}}, 0x84)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000300)={r5, 0x58, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r8=>0x0}}, 0x10)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="640000000206010200000000000000000000000015000300686173683a69702c706f72742c6e6574000000000900020073797a32000000000500040000000000140007800800124000000000050015002200000005000500020000000500010006"], 0x64}}, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_DESTROY(r10, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=ANY=[@ANYBLOB="280000000306010489011f7b0a698fc407001f000900020073797a32000000000500010007"], 0x28}, 0x1, 0x0, 0x0, 0x800}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)=@delqdisc={0x24, 0x25, 0x0, 0x70ad26, 0x25dfdbfc, {0x0, 0x0, 0x0, r8, {0xe, 0x9}, {0xfff1, 0x9}, {0xffff, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000054}, 0x48010)
r11 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x8542dbcedab6e34d, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r11, 0xc004500a, &(0x7f0000000000)=0xffff0018)

1m45.171294901s ago: executing program 0 (id=648):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8e}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0/file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r3, 0x0, 0xf, &(0x7f0000000140)=0x31, 0x4)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r4}, 0x94)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000ffc000/0x4000)=nil)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x840)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r6, 0x6, 0x14, &(0x7f00000013c0)=0x80000000001, 0x4)
connect$inet6(r6, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r6, &(0x7f00000002c0)="e8", 0xfffffffffffffd79, 0x2000c850, 0x0, 0x4d)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup3(r6, r7, 0x0)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x0, 0x12, r7, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000001f00)=""/4106, 0xfffffffffffffccb, 0x0, 0x0}, &(0x7f0000000080)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000001380)=0x40)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, 0x0, 0x0)

1m45.127637016s ago: executing program 4 (id=649):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0x4, 0x4, 0x2}, 0x50)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000080)={r0, &(0x7f0000000040)}, 0x20)

1m44.580419437s ago: executing program 2 (id=650):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x4c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @masq={{0x9}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_MASQ_REG_PROTO_MIN={0x8, 0x2, 0x1, 0x0, 0xb}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x74}}, 0x0)

1m42.983109708s ago: executing program 4 (id=651):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0xf, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xbf21, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x10000000}, {0x85, 0x0, 0x0, 0xc7}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000}, 0x94)

1m42.982702545s ago: executing program 4 (id=652):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="8c0000000906010200000000000000000200ffff08000940000000390900020073797a310000000005000100070000005c0008801c000780180001801400"], 0x8c}, 0x1, 0x0, 0x0, 0x10000182}, 0x4000080)

1m42.655282044s ago: executing program 3 (id=653):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmsg$inet_sctp(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="30000000000000008400000001000000f7ff000000000000f935000008000000060000000500000007000000", @ANYRES32=0x0, @ANYBLOB="18000000000000008400000097"], 0x98, 0x8001}, 0x4810)

1m42.65499299s ago: executing program 4 (id=654):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030c00000000070000823b3b670200"], 0x60}, 0x1, 0x7}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c1"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m42.638834839s ago: executing program 1 (id=655):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001440)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@enum={0x1}]}, {0x0, [0x61, 0x3]}}, 0x0, 0x28, 0x0, 0x1, 0x15}, 0x28)

1m41.898361863s ago: executing program 3 (id=657):
r0 = socket$kcm(0x11, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xe, 0xd, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x22}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

1m41.898068076s ago: executing program 1 (id=658):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000000301010400000000000017993d51000024000180"], 0x38}}, 0x0)

1m41.897920443s ago: executing program 1 (id=659):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000007c0)="52aa3ad0d1b0e6fd2b5992f7c7c15a976e35c19e0f532648b6a71503d9eab7b5308cc873825b7d694162b28c9dec20af12407a5bd9cdcbcb5fb1a7cb1547e3df27aa68e100a19e038da3781c6fd38beba8aad8f91eff5de49ebb49fe6b23e1d6a0a63140a3e396f96ec09566f1755b8c5fe21686ee62dd4eb39e471d01b58baf878dc2458d449d39c957c4147df880bd6233496cb9204d0ab08d26942176b593d317bc61efb26539e34aaf5a05e564f0ae52bba6248c07bc32a3ff75a8bb017cf407bddf30a6e597528e97c63ad807ca37d05d71826522100b8f740402f2e27334a20c18f0e3c8398eaa288ce7cb346a68f249e62453e1a946850efc806069c9342ec3416e607e36819b5f84cdb7399888adfae8d2aafeac74d0a4157f0078b546aa8e11", 0x124}], 0x1}, 0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a54000000090a010400000000000000000a0000040900010073797a310000000008000a40fffffffc0900020073797a31000000000800054000000003080003400000001408000840"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m41.413883055s ago: executing program 0 (id=660):
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="16", 0x1}], 0x1}, 0xc0004)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000280)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x20048014)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
sendmsg$kcm(r0, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000180)="9b", 0x34000}], 0x1}, 0x4)

1m36.841335463s ago: executing program 2 (id=661):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}], 0x18}, 0xe900)

1m23.096580993s ago: executing program 32 (id=659):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f00000007c0)="52aa3ad0d1b0e6fd2b5992f7c7c15a976e35c19e0f532648b6a71503d9eab7b5308cc873825b7d694162b28c9dec20af12407a5bd9cdcbcb5fb1a7cb1547e3df27aa68e100a19e038da3781c6fd38beba8aad8f91eff5de49ebb49fe6b23e1d6a0a63140a3e396f96ec09566f1755b8c5fe21686ee62dd4eb39e471d01b58baf878dc2458d449d39c957c4147df880bd6233496cb9204d0ab08d26942176b593d317bc61efb26539e34aaf5a05e564f0ae52bba6248c07bc32a3ff75a8bb017cf407bddf30a6e597528e97c63ad807ca37d05d71826522100b8f740402f2e27334a20c18f0e3c8398eaa288ce7cb346a68f249e62453e1a946850efc806069c9342ec3416e607e36819b5f84cdb7399888adfae8d2aafeac74d0a4157f0078b546aa8e11", 0x124}], 0x1}, 0x4000000)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a54000000090a010400000000000000000a0000040900010073797a310000000008000a40fffffffc0900020073797a31000000000800054000000003080003400000001408000840"], 0x7c}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m15.220566454s ago: executing program 33 (id=657):
r0 = socket$kcm(0x11, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0xe, 0xd, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x22}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0x14, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000001780)={&(0x7f00000003c0)=@caif, 0x80, 0x0}, 0x0)

57.101534491s ago: executing program 34 (id=654):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000100)=ANY=[@ANYBLOB="020300030c00000000070000823b3b670200"], 0x60}, 0x1, 0x7}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x55}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c1"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1100}, 0x48)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008000140"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

38.901953166s ago: executing program 35 (id=660):
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="16", 0x1}], 0x1}, 0xc0004)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001000)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000300000000000c00095000000000000002ba728041598d6fbd30cb599e83d24bd8137a3aa81e0ed139a85d36bb3019d13bd2321af3c2bd67ce68f15c0ec71d0e6adfefcf1d8f7faf75e0f226bd917060000007142fa9ea4318123751c0a0e168c1886d0d4d35379bd223ec839bc16ee988e6e0dc8cedf3ceb9fbfbf9b0a49ef42d430f6296b72a83438810720a159cda90363db3d221e152dfca64057ff3c4744aeaccd3641110bec4e9027a0c8055bbfc3a96d2e8910c2c39e4babe802f5ab3e89cf6c662ed40000000022278d00031e5388ee5c867ddd58211d6ece3ccb0cd2b6d3cffd962867a3a2f624f992daa94a6a556f3218ce740068725c37074e468ee207d2f73902ebcfcf49822775985bf31b715f5888b24efa190000000000000000000000000000ddffffff020000000000000000ddffffff0000b27cf3d1848a54d7132be1bfb0adf9deab3323aa9fdfb52faf9cb09c3bfd09000000b91ab219ef00bb7b3de8f67ffcad3f6c3c2b1f03550000000000001cf41ab11f12fb1e0a494034007de7c6592df1a6c64d8f20a67745409e011f1264d43f153b3d34889f40159e800ea2474b540500a30b23bcee46762e2093bcc9eae5ee3e980026c96f80ee1a00000000740750fa4d9aaa705989b8e673e3296e52d337c56abf112874ec51d6fe048ba6866adebab53168770a71ad901ace383e41d277b103923a9d961f7a2591dbe4a912ffaf6f658f3f9cd16286744f83a83f138f8f92efd92239eafcc5c1b3f97a297c9e49a0c3300ef7b7fb5f09e0c8a868a353409e34d3e82279637599f35ad3f7ffffff3cac394c7bbdcd0e0eb52162e0c410ade7000026a4e739c60f03cc4146a77af02c1d4cefd4a2b94c0aed8477dfa8ceefb467f05c6977c78cdbf3f704ec73754910fe050038ec9e47de89298b7bf4d769ccc18eedd9068ca1457870eb30d219e23ccc8e06dddeb61799257ab5000013c86ba99523d61a00000000c270246c878d01160e6c07bf6cf8809c3a0d062357ba2515567230a6f8b2ad1e1f4933545fc3c741374211663f6b63b1dd044dd0a2768e825972fc4300001467c89fa0f82e8440105051e5510a33dcda5e4e202bd622549c4cffffff501d3a5dd7143fbf221fff161c12ca389cbe0000000000000fff2ecf631c6c5fd9c26a54d43fa050b88d1d43a8645bd9109b7e07869bba7131421c0f397073943330baafd243c0c6ffe673bab4113be7664e08bdd7115c61afcb718cf3c4680b2f6c7a8400e378a9b15bc20f49e298727340e87cdefb40e56e9cfad9931b8c552b2c7c503f3d0e7ab0e958adb8629aeec90e6d1857da822e40009995ae166deb9856291a43a6f7eb2e32cefbf463789eaf79b8d4c22be89f44b032dad13007b82e6044f643fc8cd07ae636a5dbe9864a117d27326850a7c3b570863f532c218b10af13d7be94987005088a83880ccab9c9920c2d2af8c5e13d52c83ac3fa7c3ae6c08384865b66d2204c2e4f3ae200f279b512b4dcb5dd9cba16b62040bf8702ae12c77e6e34991af603e3856a346cf708feeb708ab22b560cf8a4a6f31ba6d9b8cb0908000000000000001a342c010000000000e667a7592b33406f1f71c739b55db91d2309dc7ae401005f52053a39e7307c09ff3ac3e820b01c57dd74d4aafc4c383a17bc1de5347bb71ca16dcbbbaa2935ae662082b56cf666e63a759e0ef3ea7af6881513be94b362e15ffca8ec453b3a2a67be70c17b0f9c2eac765816c30c2e7133dca1c7669522e8dff8bc570a93fbdb688c3aef810000007a6ea6b11163392a19d87995b51cb6febd5f34a34998d2010fd5facf68c4f84e2f66e27c81a149d7b331983d3b74444953fc1216dfec10b724be3733c26f12538376e177ffef6fd2020000000000000008e4919a463d5332a2546032a3c06b94f168e8fc4bda0c294723fe306f26c477af4b926644672985fab7cc67bc5b5f5d38cdd8df95147ebe1cd88b0a4c6cde9951be10ba7dfddfefb238fac2303cc8982f1e55b005afcfea5eb037248fefad6bb02c162ce92ab17744c8ec3d2e80cf3205d36699fd381bc81231fb5e12e45f3059f361d08d6a6d019ebf105eaf43083c29512bcedd79ca9bf24e063d0c273ed70a2b70be521ea27dc8cf3c9bdf83b93405db07e82e2db484f8673e0e97dd7e8a872148613c3a04f3d67f4375ba5c7f1b00ffffff7f000000000801f71d79d812ced782646b5f79c8fc08bb5c11020108d702edd2ea9c96cf0d2d48aa5fc0a7bf1b51afd85350ad00b78c598fa8701b000884de790b54e5ab2e8ff0c7ae23e0b6eeac95c4c2eef2e5eb1d019d52099fbd404e8ece970f67856ba7e960bd8b1e4105ce7e31f7c9c3e3fa61aaa967b90087e91d703e98535b107b8f4653be4c46a3a1adb07d226952b8573b417018316fa96e2b8e7370baa16d4122c863709b08d4639a19a46ac90ac48a13ee9bcaa875fc700000000000003b40dc5c745fe2491e8425e600000000000000000000000000000000000000000000000000000000000000250318a44ad31baac0520a913301e630ae540f3289aebde8633f6f450c0738e16df6c7f1e0832a2a16fe6e39959735758248032cdf7320c6dc87b01e3f9a7811b200000000ae189de4b9b25f7c7a9c070000002af1c06315270de4a6605e4b4b58bef76fac54f11b84bd7bcd6b6a485edfb7684c770a39b38b08e18a51a4d4e66ca21c06a4b4198e1bc2ef990c9ba911efed626e5ee341a17bf8132b09000000d31df213c802d74797056fd3bca8b2d6cb134437cba0193ba4360bdcc98aad2560aa48291c4eb9d4e08ad7a9c5f04be1ab597124d84dfc7bd8cca8f68154a0ed356e773a797ca6d66748857b4abbf8830abeea2a46342e6a7378173cb29d5cdcd698a0203f78116b710008000000000000007c2d86b94472807c10eb9a8e2fb8bd79fe3a8316deff3ee641c9a080a2173642e673a672279bae4e7e28055da9497d7edb53be6e80482bd4d9a74b8dd4221fff0f0000705d7257ff7f76c78ba0b44ec0bdfa0d32d7042059b13a079639f14f9032b856d892ad6af5124c9c3130485e9682ff1f3c54e475d5bb496aef4bb537d7e191dfdeba109fdcf7864763f87a6d711cf52e520a6ce30e134c55e0caac037209d2f14fcddd00000000000000000000000000000000e609893bdce015e8ccfb36399844db61f6171b0b0e845e48728450c6ba4f7098f8e000676b59ab9f851f3ab77847ce05c89411277ec69c409b7ec50a3337a78675f38a568612c235ab5f2cd6d035d5f5f6a693c381adbbf7b37e37292783b2c7efe7d3a067906552f76d419e0300000000000000000000008f3a20b49fe7636806867283e35cff8d00e7b251bab3cf6377a24f8e8d4bda7503674bc94bf7f4d2fa6f25944bf0a186436d9f6831995976328a1fdc78492c65c1434855dc35c3cf7cf9610c5387794443c99b304799114132362849c3fa85d6379729ff9094933db0cfbe8887c50b87e1469fdf454cef4cbc5f7bf384000000000000a4e8c1a25f47c440144a9776be6cb40aafdb9d3cc8f6a6050974e1c4000000000000008b753f4e1bef9556efcc087a99dbf231167013a4b2eaf6338a0b100c98a331dffc09"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r2 = socket$kcm(0x2, 0x1, 0x0)
sendmsg$inet(r2, &(0x7f0000000fc0)={&(0x7f0000000280)={0x2, 0x4001, @empty}, 0x10, 0x0}, 0x20048014)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000040)={r2, r1})
sendmsg$kcm(r0, &(0x7f0000002080)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000180)="9b", 0x34000}], 0x1}, 0x4)

19.55945233s ago: executing program 36 (id=661):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000b40)={&(0x7f0000000080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10, 0x0, 0x0, &(0x7f0000000100)=[@ip_tos_u8={{0x11, 0x0, 0x1, 0xff}}], 0x18}, 0xe900)

0s ago: executing program 6 (id=663):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x6, 0x4, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x1f, 0x2c}]}, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

kernel console output (not intermixed with test programs):

ror: local softirq work is pending, handler #80!!!
[  140.933271][ T1237] pwc: recv_control_msg error -71 req 04 val 1400
[  140.934235][ T1237] pwc: recv_control_msg error -71 req 02 val 2000
[  140.936947][ T1237] pwc: recv_control_msg error -71 req 02 val 2100
[  140.938054][ T1237] pwc: recv_control_msg error -71 req 04 val 1500
[  140.938676][ T1237] pwc: recv_control_msg error -71 req 02 val 2500
[  140.939631][ T1237] pwc: recv_control_msg error -71 req 02 val 2400
[  140.949746][ T1237] pwc: recv_control_msg error -71 req 02 val 2600
[  140.953531][ T1237] pwc: recv_control_msg error -71 req 02 val 2900
[  140.956819][ T1237] pwc: recv_control_msg error -71 req 02 val 2800
[  140.957475][ T1237] pwc: recv_control_msg error -71 req 04 val 1100
[  140.957940][ T1237] pwc: recv_control_msg error -71 req 04 val 1200
[  142.261295][ T6328] netlink: 16 bytes leftover after parsing attributes in process `syz.4.91'.
[  142.733312][ T1237] pwc: Registered as video103.
[  143.566385][ T1237] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6
[  143.609950][ T5921] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  143.626533][ T1237] usb 2-1: USB disconnect, device number 3
[  144.727232][   T37] audit: type=1326 audit(1759082035.684:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  144.727637][   T37] audit: type=1326 audit(1759082035.694:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  144.727882][   T37] audit: type=1326 audit(1759082035.714:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  144.728097][   T37] audit: type=1326 audit(1759082035.714:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6341 comm="syz.2.97" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  146.287667][ T6365] FAULT_INJECTION: forcing a failure.
[  146.287667][ T6365] name failslab, interval 1, probability 0, space 0, times 0
[  146.287699][ T6365] CPU: 0 UID: 0 PID: 6365 Comm: syz.0.102 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  146.287720][ T6365] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  146.287731][ T6365] Call Trace:
[  146.287738][ T6365]  <TASK>
[  146.287746][ T6365]  dump_stack_lvl+0x189/0x250
[  146.287776][ T6365]  ? __pfx____ratelimit+0x10/0x10
[  146.287801][ T6365]  ? __pfx_dump_stack_lvl+0x10/0x10
[  146.287824][ T6365]  ? __pfx__printk+0x10/0x10
[  146.287849][ T6365]  ? __pfx___might_resched+0x10/0x10
[  146.287866][ T6365]  ? fs_reclaim_acquire+0x7d/0x100
[  146.287888][ T6365]  should_fail_ex+0x46c/0x600
[  146.287915][ T6365]  ? __alloc_skb+0x112/0x2d0
[  146.287937][ T6365]  should_failslab+0xa8/0x100
[  146.287961][ T6365]  ? __alloc_skb+0x112/0x2d0
[  146.287981][ T6365]  kmem_cache_alloc_node_noprof+0x77/0x330
[  146.288009][ T6365]  __alloc_skb+0x112/0x2d0
[  146.288036][ T6365]  netlink_sendmsg+0x5c6/0xb30
[  146.288068][ T6365]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.288099][ T6365]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  146.288116][ T6365]  ? __pfx_netlink_sendmsg+0x10/0x10
[  146.288140][ T6365]  __sock_sendmsg+0x21c/0x270
[  146.288165][ T6365]  ____sys_sendmsg+0x534/0x820
[  146.288188][ T6365]  ? __pfx_____sys_sendmsg+0x10/0x10
[  146.288215][ T6365]  ? import_iovec+0x74/0xa0
[  146.288246][ T6365]  ___sys_sendmsg+0x21f/0x2a0
[  146.288265][ T6365]  ? __pfx____sys_sendmsg+0x10/0x10
[  146.288318][ T6365]  ? __fget_files+0x2a/0x420
[  146.288340][ T6365]  ? __fget_files+0x3a6/0x420
[  146.288371][ T6365]  __sys_sendmmsg+0x22d/0x430
[  146.288395][ T6365]  ? __pfx___sys_sendmmsg+0x10/0x10
[  146.288423][ T6365]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  146.288458][ T6365]  ? ksys_write+0x230/0x260
[  146.288482][ T6365]  ? __pfx_ksys_write+0x10/0x10
[  146.288499][ T6365]  ? rcu_is_watching+0x15/0xb0
[  146.288530][ T6365]  __x64_sys_sendmmsg+0xa0/0xc0
[  146.288551][ T6365]  do_syscall_64+0xfa/0x3b0
[  146.288567][ T6365]  ? lockdep_hardirqs_on+0x9c/0x150
[  146.288590][ T6365]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.288607][ T6365]  ? clear_bhb_loop+0x60/0xb0
[  146.288628][ T6365]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  146.288645][ T6365] RIP: 0033:0x7fb40dc0eec9
[  146.288661][ T6365] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  146.288674][ T6365] RSP: 002b:00007fb40be76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  146.288693][ T6365] RAX: ffffffffffffffda RBX: 00007fb40de65fa0 RCX: 00007fb40dc0eec9
[  146.288706][ T6365] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  146.288718][ T6365] RBP: 00007fb40be76090 R08: 0000000000000000 R09: 0000000000000000
[  146.288729][ T6365] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  146.288740][ T6365] R13: 00007fb40de66038 R14: 00007fb40de65fa0 R15: 00007ffee01b7ad8
[  146.288768][ T6365]  </TASK>
[  146.669992][ T5956] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  147.398745][ T5956] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  147.398775][ T5956] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.398794][ T5956] usb 5-1: Product: syz
[  147.398808][ T5956] usb 5-1: Manufacturer: syz
[  147.398822][ T5956] usb 5-1: SerialNumber: syz
[  148.482559][ T5956] usb 5-1: config 0 descriptor??
[  149.918456][   T37] audit: type=1326 audit(1759082040.914:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6388 comm="syz.2.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  149.918749][   T37] audit: type=1326 audit(1759082040.914:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6388 comm="syz.2.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  149.919068][   T37] audit: type=1326 audit(1759082040.914:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6388 comm="syz.2.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  149.919322][   T37] audit: type=1326 audit(1759082040.914:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6388 comm="syz.2.110" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c8321eec9 code=0x7ffc0000
[  150.402416][ T6397] FAULT_INJECTION: forcing a failure.
[  150.402416][ T6397] name failslab, interval 1, probability 0, space 0, times 0
[  150.402449][ T6397] CPU: 0 UID: 0 PID: 6397 Comm: syz.1.112 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  150.402469][ T6397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  150.402483][ T6397] Call Trace:
[  150.402490][ T6397]  <TASK>
[  150.402498][ T6397]  dump_stack_lvl+0x189/0x250
[  150.402527][ T6397]  ? __pfx____ratelimit+0x10/0x10
[  150.402552][ T6397]  ? __pfx_dump_stack_lvl+0x10/0x10
[  150.402575][ T6397]  ? __pfx__printk+0x10/0x10
[  150.402600][ T6397]  ? __pfx___might_resched+0x10/0x10
[  150.402618][ T6397]  ? fs_reclaim_acquire+0x7d/0x100
[  150.402639][ T6397]  should_fail_ex+0x46c/0x600
[  150.402667][ T6397]  ? __alloc_skb+0x112/0x2d0
[  150.402689][ T6397]  should_failslab+0xa8/0x100
[  150.402713][ T6397]  ? __alloc_skb+0x112/0x2d0
[  150.402733][ T6397]  kmem_cache_alloc_node_noprof+0x77/0x330
[  150.402763][ T6397]  __alloc_skb+0x112/0x2d0
[  150.402790][ T6397]  netlink_sendmsg+0x5c6/0xb30
[  150.402824][ T6397]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.402860][ T6397]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  150.402877][ T6397]  ? __pfx_netlink_sendmsg+0x10/0x10
[  150.402901][ T6397]  __sock_sendmsg+0x21c/0x270
[  150.402926][ T6397]  ____sys_sendmsg+0x508/0x820
[  150.402950][ T6397]  ? __pfx_____sys_sendmsg+0x10/0x10
[  150.402978][ T6397]  ? import_iovec+0x74/0xa0
[  150.403003][ T6397]  ___sys_sendmsg+0x21f/0x2a0
[  150.403024][ T6397]  ? __pfx____sys_sendmsg+0x10/0x10
[  150.403079][ T6397]  ? __fget_files+0x2a/0x420
[  150.403101][ T6397]  ? __fget_files+0x3a6/0x420
[  150.403134][ T6397]  __x64_sys_sendmsg+0x1a1/0x260
[  150.403155][ T6397]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  150.403183][ T6397]  ? __pfx_ksys_write+0x10/0x10
[  150.403202][ T6397]  ? rcu_is_watching+0x15/0xb0
[  150.403231][ T6397]  ? do_syscall_64+0xbe/0x3b0
[  150.403253][ T6397]  do_syscall_64+0xfa/0x3b0
[  150.403267][ T6397]  ? lockdep_hardirqs_on+0x9c/0x150
[  150.403291][ T6397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.403308][ T6397]  ? clear_bhb_loop+0x60/0xb0
[  150.403329][ T6397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  150.403346][ T6397] RIP: 0033:0x7f322523eec9
[  150.403362][ T6397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  150.403375][ T6397] RSP: 002b:00007f32234a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  150.403395][ T6397] RAX: ffffffffffffffda RBX: 00007f3225495fa0 RCX: 00007f322523eec9
[  150.403408][ T6397] RDX: 0000000024000000 RSI: 0000200000000100 RDI: 0000000000000003
[  150.403420][ T6397] RBP: 00007f32234a6090 R08: 0000000000000000 R09: 0000000000000000
[  150.403431][ T6397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  150.403455][ T6397] R13: 00007f3225496038 R14: 00007f3225495fa0 R15: 00007ffd5a9c6a88
[  150.403485][ T6397]  </TASK>
[  150.841265][ T5956] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  150.841548][ T5956] asix 5-1:0.0: probe with driver asix failed with error -71
[  150.887287][ T5956] usb 5-1: USB disconnect, device number 3
[  151.194510][ T6400] FAULT_INJECTION: forcing a failure.
[  151.194510][ T6400] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  151.194632][ T6400] CPU: 0 UID: 0 PID: 6400 Comm: syz.2.113 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  151.194653][ T6400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  151.194664][ T6400] Call Trace:
[  151.194671][ T6400]  <TASK>
[  151.194680][ T6400]  dump_stack_lvl+0x189/0x250
[  151.194709][ T6400]  ? __pfx____ratelimit+0x10/0x10
[  151.194734][ T6400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  151.194757][ T6400]  ? __pfx__printk+0x10/0x10
[  151.194777][ T6400]  ? __might_fault+0xb0/0x130
[  151.194812][ T6400]  should_fail_ex+0x46c/0x600
[  151.194841][ T6400]  _copy_from_user+0x2d/0xb0
[  151.194864][ T6400]  copy_bpf_fprog_from_user+0x15c/0x2b0
[  151.194888][ T6400]  ? __pfx_copy_bpf_fprog_from_user+0x10/0x10
[  151.194918][ T6400]  sk_setsockopt+0x1830/0x2a70
[  151.194951][ T6400]  ? __pfx_sk_setsockopt+0x10/0x10
[  151.194972][ T6400]  ? __lock_acquire+0xab9/0xd20
[  151.195018][ T6400]  ? __fget_files+0x2a/0x420
[  151.195044][ T6400]  ? __fget_files+0x2a/0x420
[  151.195064][ T6400]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  151.195086][ T6400]  do_sock_setsockopt+0x11b/0x1b0
[  151.195108][ T6400]  __x64_sys_setsockopt+0x145/0x1b0
[  151.195132][ T6400]  do_syscall_64+0xfa/0x3b0
[  151.195148][ T6400]  ? lockdep_hardirqs_on+0x9c/0x150
[  151.195171][ T6400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.195189][ T6400]  ? clear_bhb_loop+0x60/0xb0
[  151.195210][ T6400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  151.195227][ T6400] RIP: 0033:0x7f4c8321eec9
[  151.195243][ T6400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  151.195257][ T6400] RSP: 002b:00007f4c8145d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  151.195276][ T6400] RAX: ffffffffffffffda RBX: 00007f4c83476090 RCX: 00007f4c8321eec9
[  151.195289][ T6400] RDX: 000000000000001a RSI: 0000000000000001 RDI: 0000000000000003
[  151.195300][ T6400] RBP: 00007f4c8145d090 R08: 0000000000000010 R09: 0000000000000000
[  151.195311][ T6400] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  151.195322][ T6400] R13: 00007f4c83476128 R14: 00007f4c83476090 R15: 00007ffd9a1a5558
[  151.195353][ T6400]  </TASK>
[  153.629967][ T6126] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  154.819974][ T6126] usb 5-1: Using ep0 maxpacket: 32
[  154.825439][ T6126] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[  154.825466][ T6126] usb 5-1: config 0 has an invalid interface number: 130 but max is 0
[  154.825483][ T6126] usb 5-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[  154.825501][ T6126] usb 5-1: config 0 has no interface number 0
[  154.825515][ T6126] usb 5-1: config 0 has no interface number 1
[  154.825575][ T6126] usb 5-1: config 0 interface 2 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  154.825601][ T6126] usb 5-1: config 0 interface 2 has no altsetting 0
[  154.825615][ T6126] usb 5-1: config 0 interface 130 has no altsetting 0
[  154.860038][ T6126] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=f0.3f
[  154.860067][ T6126] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  154.860086][ T6126] usb 5-1: Product: syz
[  154.860103][ T6126] usb 5-1: Manufacturer: syz
[  154.860117][ T6126] usb 5-1: SerialNumber: syz
[  154.955511][ T6126] usb 5-1: config 0 descriptor??
[  155.333947][ T6126] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  155.350808][ T6126] usb 5-1: invalid MIDI in EP 0
[  155.419986][ T6436] FAULT_INJECTION: forcing a failure.
[  155.419986][ T6436] name failslab, interval 1, probability 0, space 0, times 0
[  155.420041][ T6436] CPU: 0 UID: 0 PID: 6436 Comm: syz.3.123 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  155.420063][ T6436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  155.420074][ T6436] Call Trace:
[  155.420081][ T6436]  <TASK>
[  155.420090][ T6436]  dump_stack_lvl+0x189/0x250
[  155.420122][ T6436]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.420145][ T6436]  ? __pfx__printk+0x10/0x10
[  155.420179][ T6436]  should_fail_ex+0x46c/0x600
[  155.420277][ T6436]  ? dup_fd+0x55/0xb90
[  155.420303][ T6436]  should_failslab+0xa8/0x100
[  155.420331][ T6436]  ? dup_fd+0x55/0xb90
[  155.420348][ T6436]  kmem_cache_alloc_noprof+0x6e/0x310
[  155.420377][ T6436]  dup_fd+0x55/0xb90
[  155.420399][ T6436]  ? __rcu_read_unlock+0x84/0xe0
[  155.420423][ T6436]  ? copy_fs_struct+0x1c8/0x270
[  155.420446][ T6436]  ksys_unshare+0x450/0x8c0
[  155.420477][ T6436]  ? __pfx_ksys_unshare+0x10/0x10
[  155.420513][ T6436]  __x64_sys_unshare+0x38/0x50
[  155.420537][ T6436]  do_syscall_64+0xfa/0x3b0
[  155.420556][ T6436]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.420573][ T6436]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  155.420590][ T6436]  ? clear_bhb_loop+0x60/0xb0
[  155.420611][ T6436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.420628][ T6436] RIP: 0033:0x7f917ecbeec9
[  155.420645][ T6436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.420658][ T6436] RSP: 002b:00007f917cedc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000110
[  155.420677][ T6436] RAX: ffffffffffffffda RBX: 00007f917ef16180 RCX: 00007f917ecbeec9
[  155.420690][ T6436] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002c020400
[  155.420701][ T6436] RBP: 00007f917cedc090 R08: 0000000000000000 R09: 0000000000000000
[  155.420712][ T6436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  155.420723][ T6436] R13: 00007f917ef16218 R14: 00007f917ef16180 R15: 00007ffebfc6a558
[  155.420752][ T6436]  </TASK>
[  156.194724][ T6126] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -22
[  156.544717][ T6126] usb 5-1: USB disconnect, device number 4
[  156.920784][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  156.949925][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  156.951076][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  158.167548][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  158.169893][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  158.178889][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805be9f400: rx timeout, send abort
[  158.179967][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  158.181267][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  158.189910][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  158.812122][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805be9f400: abort rx timeout. Force session deactivation
[  162.851701][ T6480] syz.2.135 uses obsolete (PF_INET,SOCK_PACKET)
[  164.104686][   T37] audit: type=1326 audit(1759082054.694:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6495 comm="syz.0.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  164.104739][   T37] audit: type=1326 audit(1759082054.694:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6495 comm="syz.0.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  164.104780][   T37] audit: type=1326 audit(1759082054.694:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6495 comm="syz.0.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  164.104819][   T37] audit: type=1326 audit(1759082054.694:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6495 comm="syz.0.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  164.104913][   T37] audit: type=1326 audit(1759082054.694:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6495 comm="syz.0.140" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  164.461831][ T6508] FAULT_INJECTION: forcing a failure.
[  164.461831][ T6508] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  164.461864][ T6508] CPU: 1 UID: 0 PID: 6508 Comm: syz.4.144 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  164.461884][ T6508] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  164.461893][ T6508] Call Trace:
[  164.461900][ T6508]  <TASK>
[  164.461908][ T6508]  dump_stack_lvl+0x189/0x250
[  164.461936][ T6508]  ? __pfx____ratelimit+0x10/0x10
[  164.461960][ T6508]  ? __pfx_dump_stack_lvl+0x10/0x10
[  164.461982][ T6508]  ? __pfx__printk+0x10/0x10
[  164.462012][ T6508]  should_fail_ex+0x46c/0x600
[  164.462065][ T6508]  _copy_to_user+0x31/0xb0
[  164.462089][ T6508]  simple_read_from_buffer+0xe1/0x170
[  164.462115][ T6508]  proc_fail_nth_read+0x1b6/0x220
[  164.462136][ T6508]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  164.462156][ T6508]  ? rw_verify_area+0x2ac/0x4e0
[  164.462177][ T6508]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  164.462196][ T6508]  vfs_read+0x203/0xa30
[  164.462223][ T6508]  ? __pfx_vfs_read+0x10/0x10
[  164.462244][ T6508]  ? do_sys_openat2+0x154/0x1c0
[  164.462266][ T6508]  ? kmem_cache_free+0x195/0x510
[  164.462300][ T6508]  ksys_read+0x14b/0x260
[  164.462322][ T6508]  ? __pfx_ksys_read+0x10/0x10
[  164.462345][ T6508]  ? do_syscall_64+0xbe/0x3b0
[  164.462366][ T6508]  do_syscall_64+0xfa/0x3b0
[  164.462381][ T6508]  ? lockdep_hardirqs_on+0x9c/0x150
[  164.462404][ T6508]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.462421][ T6508]  ? clear_bhb_loop+0x60/0xb0
[  164.462442][ T6508]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  164.462458][ T6508] RIP: 0033:0x7f6f9e4ed8dc
[  164.462473][ T6508] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  164.462487][ T6508] RSP: 002b:00007f6f9c756030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  164.462506][ T6508] RAX: ffffffffffffffda RBX: 00007f6f9e745fa0 RCX: 00007f6f9e4ed8dc
[  164.462520][ T6508] RDX: 000000000000000f RSI: 00007f6f9c7560a0 RDI: 0000000000000004
[  164.462531][ T6508] RBP: 00007f6f9c756090 R08: 0000000000000000 R09: 0000000000000000
[  164.462542][ T6508] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  164.462552][ T6508] R13: 00007f6f9e746038 R14: 00007f6f9e745fa0 R15: 00007ffc04fe2158
[  164.462581][ T6508]  </TASK>
[  170.060351][ T1237] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  170.085635][ T6126] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  170.827694][   T37] audit: type=1326 audit(1759082061.824:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6540 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  170.827982][   T37] audit: type=1326 audit(1759082061.824:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6540 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  170.828220][   T37] audit: type=1326 audit(1759082061.824:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6540 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  170.828554][   T37] audit: type=1326 audit(1759082061.824:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6540 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  170.828716][   T37] audit: type=1326 audit(1759082061.824:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6540 comm="syz.0.154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  174.672248][ T6576] af_packet: tpacket_rcv: packet too big, clamped from 3956 to 3952. macoff=96
[  176.071449][ T6126] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  177.358500][ T6126] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  177.358532][ T6126] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.358550][ T6126] usb 3-1: Product: syz
[  177.358563][ T6126] usb 3-1: Manufacturer: syz
[  177.358576][ T6126] usb 3-1: SerialNumber: syz
[  177.383884][ T6126] usb 3-1: config 0 descriptor??
[  180.718449][ T6126] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  180.718741][ T6126] asix 3-1:0.0: probe with driver asix failed with error -71
[  180.736617][ T6126] usb 3-1: USB disconnect, device number 4
[  181.217199][ T6617] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  181.260774][ T6617] overlayfs: failed lookup in lower (/, name='file0', err=-66): unsupported object type
[  181.297988][ T6618] FAULT_INJECTION: forcing a failure.
[  181.297988][ T6618] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  181.298019][ T6618] CPU: 1 UID: 0 PID: 6618 Comm: syz.2.175 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  181.298037][ T6618] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  181.298046][ T6618] Call Trace:
[  181.298053][ T6618]  <TASK>
[  181.298061][ T6618]  dump_stack_lvl+0x189/0x250
[  181.298087][ T6618]  ? __pfx____ratelimit+0x10/0x10
[  181.298112][ T6618]  ? __pfx_dump_stack_lvl+0x10/0x10
[  181.298135][ T6618]  ? __pfx__printk+0x10/0x10
[  181.298168][ T6618]  should_fail_ex+0x46c/0x600
[  181.298197][ T6618]  _copy_to_user+0x31/0xb0
[  181.298218][ T6618]  simple_read_from_buffer+0xe1/0x170
[  181.298242][ T6618]  proc_fail_nth_read+0x1b6/0x220
[  181.298262][ T6618]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  181.298280][ T6618]  ? rw_verify_area+0x2ac/0x4e0
[  181.298298][ T6618]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  181.298316][ T6618]  vfs_read+0x203/0xa30
[  181.298341][ T6618]  ? __pfx_vfs_read+0x10/0x10
[  181.298357][ T6618]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  181.298387][ T6618]  ? mutex_lock_nested+0x154/0x1d0
[  181.298403][ T6618]  ? fdget_pos+0x253/0x320
[  181.298432][ T6618]  ksys_read+0x14b/0x260
[  181.298452][ T6618]  ? __pfx_ksys_read+0x10/0x10
[  181.298469][ T6618]  ? rcu_is_watching+0x15/0xb0
[  181.298499][ T6618]  ? do_syscall_64+0xbe/0x3b0
[  181.298518][ T6618]  do_syscall_64+0xfa/0x3b0
[  181.298532][ T6618]  ? lockdep_hardirqs_on+0x9c/0x150
[  181.298554][ T6618]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.298579][ T6618]  ? clear_bhb_loop+0x60/0xb0
[  181.298600][ T6618]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  181.298616][ T6618] RIP: 0033:0x7f4c8321d8dc
[  181.298637][ T6618] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  181.298649][ T6618] RSP: 002b:00007f4c8147e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  181.298667][ T6618] RAX: ffffffffffffffda RBX: 00007f4c83475fa0 RCX: 00007f4c8321d8dc
[  181.298680][ T6618] RDX: 000000000000000f RSI: 00007f4c8147e0a0 RDI: 0000000000000004
[  181.298689][ T6618] RBP: 00007f4c8147e090 R08: 0000000000000000 R09: 0000000000000000
[  181.298700][ T6618] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  181.298710][ T6618] R13: 00007f4c83476038 R14: 00007f4c83475fa0 R15: 00007ffd9a1a5558
[  181.298739][ T6618]  </TASK>
[  182.684200][ T6630] netlink: 24 bytes leftover after parsing attributes in process `syz.0.180'.
[  183.845872][ T6637] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  183.953011][ T6644] netlink: 24 bytes leftover after parsing attributes in process `syz.0.180'.
[  185.567454][ T5921] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  185.727572][ T5921] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  185.727602][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.727629][ T5921] usb 2-1: Product: syz
[  185.727643][ T5921] usb 2-1: Manufacturer: syz
[  185.727656][ T5921] usb 2-1: SerialNumber: syz
[  185.917356][ T5921] usb 2-1: config 0 descriptor??
[  186.123686][ T6670] netlink: 12 bytes leftover after parsing attributes in process `syz.0.187'.
[  186.951320][ T6047] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  187.169043][ T6665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  187.177816][ T6665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  188.281006][ T5921] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  188.281311][ T5921] asix 2-1:0.0: probe with driver asix failed with error -71
[  188.478849][ T5921] usb 2-1: USB disconnect, device number 4
[  189.373317][ T6665] syz.2.186 (6665) used greatest stack depth: 16760 bytes left
[  189.574101][ T6047] usb 3-1: unable to get BOS descriptor or descriptor too short
[  189.575251][ T6047] usb 3-1: unable to read config index 0 descriptor/start: -71
[  189.575285][ T6047] usb 3-1: can't read configurations, error -71
[  190.883611][ T6047] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  191.052656][ T6047] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  191.052686][ T6047] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 66
[  191.052752][ T6047] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.052792][ T6047] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  191.052814][ T6047] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  191.055367][ T6047] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  191.055395][ T6047] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.055413][ T6047] usb 3-1: Product: syz
[  191.055426][ T6047] usb 3-1: Manufacturer: syz
[  191.055437][ T6047] usb 3-1: SerialNumber: syz
[  191.802997][ T5914] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  192.061060][ T5914] usb 5-1: Using ep0 maxpacket: 16
[  192.180029][ T5914] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  192.180089][ T5914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  192.180116][ T5914] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  192.180137][ T5914] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  192.180158][ T5914] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  192.255082][ T5914] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  192.255113][ T5914] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  192.255132][ T5914] usb 5-1: Manufacturer: syz
[  192.354948][ T5914] usb 5-1: config 0 descriptor??
[  192.479372][ T6047] cdc_ncm 3-1:1.0: failed GET_NTB_PARAMETERS
[  192.479566][ T6047] cdc_ncm 3-1:1.0: bind() failure
[  192.547484][ T6047] usb 3-1: USB disconnect, device number 6
[  193.146695][ T6718] netlink: 12 bytes leftover after parsing attributes in process `syz.3.199'.
[  193.297552][ T6721] netlink: 12 bytes leftover after parsing attributes in process `syz.1.200'.
[  193.492144][ T5914] rc_core: IR keymap rc-hauppauge not found
[  193.492164][ T5914] Registered IR keymap rc-empty
[  193.492923][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  193.510851][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  193.538895][ T5914] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  193.559591][ T5914] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input7
[  194.003978][ T6728] FAULT_INJECTION: forcing a failure.
[  194.003978][ T6728] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.004014][ T6728] CPU: 0 UID: 0 PID: 6728 Comm: syz.2.204 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  194.004042][ T6728] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  194.004052][ T6728] Call Trace:
[  194.004059][ T6728]  <TASK>
[  194.004067][ T6728]  dump_stack_lvl+0x189/0x250
[  194.004096][ T6728]  ? __pfx____ratelimit+0x10/0x10
[  194.004121][ T6728]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.004143][ T6728]  ? __pfx__printk+0x10/0x10
[  194.004178][ T6728]  should_fail_ex+0x46c/0x600
[  194.004207][ T6728]  _copy_to_user+0x31/0xb0
[  194.004231][ T6728]  simple_read_from_buffer+0xe1/0x170
[  194.004259][ T6728]  proc_fail_nth_read+0x1b6/0x220
[  194.004281][ T6728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  194.004303][ T6728]  ? rw_verify_area+0x2ac/0x4e0
[  194.004323][ T6728]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  194.004351][ T6728]  vfs_read+0x203/0xa30
[  194.004380][ T6728]  ? __pfx_vfs_read+0x10/0x10
[  194.004397][ T6728]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  194.004431][ T6728]  ? mutex_lock_nested+0x154/0x1d0
[  194.004450][ T6728]  ? fdget_pos+0x253/0x320
[  194.004482][ T6728]  ksys_read+0x14b/0x260
[  194.004501][ T6728]  ? __sanitizer_cov_trace_pc+0x6c/0x80
[  194.004524][ T6728]  ? __pfx_ksys_read+0x10/0x10
[  194.004541][ T6728]  ? fput+0xa0/0xd0
[  194.004562][ T6728]  ? do_syscall_64+0xbe/0x3b0
[  194.004584][ T6728]  do_syscall_64+0xfa/0x3b0
[  194.004601][ T6728]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.004618][ T6728]  ? asm_sysvec_irq_work+0x1a/0x20
[  194.004634][ T6728]  ? clear_bhb_loop+0x60/0xb0
[  194.004656][ T6728]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.004672][ T6728] RIP: 0033:0x7f4c8321d8dc
[  194.004688][ T6728] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  194.004701][ T6728] RSP: 002b:00007f4c8147e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  194.004720][ T6728] RAX: ffffffffffffffda RBX: 00007f4c83475fa0 RCX: 00007f4c8321d8dc
[  194.004733][ T6728] RDX: 000000000000000f RSI: 00007f4c8147e0a0 RDI: 0000000000000006
[  194.004744][ T6728] RBP: 00007f4c8147e090 R08: 0000000000000000 R09: 0000000000000000
[  194.004755][ T6728] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.004766][ T6728] R13: 00007f4c83476038 R14: 00007f4c83475fa0 R15: 00007ffd9a1a5558
[  194.004796][ T6728]  </TASK>
[  194.642514][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  194.642714][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  194.962545][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.051651][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.070100][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.090160][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.112189][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.143635][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.160162][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.189542][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.200149][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.464316][ T5914] mceusb 5-1:0.0: Error: mce write submit urb error = -90
[  195.486435][ T5914] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  195.486460][ T5914] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  195.502729][ T5914] usb 5-1: USB disconnect, device number 5
[  196.150035][ T1233] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  196.242106][ T6751] overlayfs: overlapping lowerdir path
[  196.301547][ T6752] trusted_key: encrypted_key: insufficient parameters specified
[  196.308094][ T6752] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  196.354024][ T1233] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  196.354055][ T1233] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.354075][ T1233] usb 2-1: Product: syz
[  196.354089][ T1233] usb 2-1: Manufacturer: syz
[  196.354103][ T1233] usb 2-1: SerialNumber: syz
[  196.443376][ T1233] usb 2-1: config 0 descriptor??
[  197.516572][ T6765] FAULT_INJECTION: forcing a failure.
[  197.516572][ T6765] name failslab, interval 1, probability 0, space 0, times 0
[  197.516605][ T6765] CPU: 0 UID: 0 PID: 6765 Comm: syz.2.211 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  197.516626][ T6765] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  197.516635][ T6765] Call Trace:
[  197.516643][ T6765]  <TASK>
[  197.516651][ T6765]  dump_stack_lvl+0x189/0x250
[  197.516680][ T6765]  ? __pfx____ratelimit+0x10/0x10
[  197.516705][ T6765]  ? __pfx_dump_stack_lvl+0x10/0x10
[  197.516728][ T6765]  ? __pfx__printk+0x10/0x10
[  197.516753][ T6765]  ? __pfx___might_resched+0x10/0x10
[  197.516771][ T6765]  ? fs_reclaim_acquire+0x7d/0x100
[  197.516791][ T6765]  should_fail_ex+0x46c/0x600
[  197.516819][ T6765]  ? __alloc_skb+0x112/0x2d0
[  197.516842][ T6765]  should_failslab+0xa8/0x100
[  197.516865][ T6765]  ? __alloc_skb+0x112/0x2d0
[  197.516884][ T6765]  kmem_cache_alloc_node_noprof+0x77/0x330
[  197.516914][ T6765]  __alloc_skb+0x112/0x2d0
[  197.516940][ T6765]  netlink_sendmsg+0x5c6/0xb30
[  197.516971][ T6765]  ? __pfx_netlink_sendmsg+0x10/0x10
[  197.517001][ T6765]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  197.517018][ T6765]  ? __pfx_netlink_sendmsg+0x10/0x10
[  197.517041][ T6765]  __sock_sendmsg+0x21c/0x270
[  197.517066][ T6765]  ____sys_sendmsg+0x508/0x820
[  197.517090][ T6765]  ? __pfx_____sys_sendmsg+0x10/0x10
[  197.517117][ T6765]  ? import_iovec+0x74/0xa0
[  197.517141][ T6765]  ___sys_sendmsg+0x21f/0x2a0
[  197.517161][ T6765]  ? __pfx____sys_sendmsg+0x10/0x10
[  197.517213][ T6765]  ? __fget_files+0x2a/0x420
[  197.517243][ T6765]  ? __fget_files+0x3a6/0x420
[  197.517274][ T6765]  __x64_sys_sendmsg+0x1a1/0x260
[  197.517295][ T6765]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  197.517322][ T6765]  ? __pfx_ksys_write+0x10/0x10
[  197.517340][ T6765]  ? rcu_is_watching+0x15/0xb0
[  197.517369][ T6765]  ? do_syscall_64+0xbe/0x3b0
[  197.517394][ T6765]  do_syscall_64+0xfa/0x3b0
[  197.517409][ T6765]  ? lockdep_hardirqs_on+0x9c/0x150
[  197.517432][ T6765]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.517450][ T6765]  ? clear_bhb_loop+0x60/0xb0
[  197.517470][ T6765]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  197.517487][ T6765] RIP: 0033:0x7f4c8321eec9
[  197.517503][ T6765] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  197.517516][ T6765] RSP: 002b:00007f4c8147e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  197.517535][ T6765] RAX: ffffffffffffffda RBX: 00007f4c83475fa0 RCX: 00007f4c8321eec9
[  197.517548][ T6765] RDX: 0000000020040000 RSI: 0000200000000000 RDI: 0000000000000003
[  197.517560][ T6765] RBP: 00007f4c8147e090 R08: 0000000000000000 R09: 0000000000000000
[  197.517570][ T6765] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  197.517580][ T6765] R13: 00007f4c83476038 R14: 00007f4c83475fa0 R15: 00007ffd9a1a5558
[  197.517609][ T6765]  </TASK>
[  197.906712][ T6772] netlink: 40 bytes leftover after parsing attributes in process `syz.2.212'.
[  198.676944][   T37] audit: type=1326 audit(1759082089.664:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.677498][ T1233] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  198.677769][ T1233] asix 2-1:0.0: probe with driver asix failed with error -71
[  198.700375][ T1233] usb 2-1: USB disconnect, device number 5
[  198.736219][   T37] audit: type=1326 audit(1759082089.714:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.736268][   T37] audit: type=1326 audit(1759082089.734:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.736307][   T37] audit: type=1326 audit(1759082089.734:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.736344][   T37] audit: type=1326 audit(1759082089.734:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.736382][   T37] audit: type=1326 audit(1759082089.734:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.736420][   T37] audit: type=1326 audit(1759082089.734:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.736457][   T37] audit: type=1326 audit(1759082089.734:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.739145][   T37] audit: type=1326 audit(1759082089.734:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  198.739190][   T37] audit: type=1326 audit(1759082089.734:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6767 comm="syz.4.213" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  199.033345][ T6778] netlink: 'syz.2.215': attribute type 1 has an invalid length.
[  199.033366][ T6778] netlink: 'syz.2.215': attribute type 2 has an invalid length.
[  199.034694][ T6778] netlink: 'syz.2.215': attribute type 1 has an invalid length.
[  199.034710][ T6778] netlink: 'syz.2.215': attribute type 2 has an invalid length.
[  199.430454][ T5929] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  199.582921][ T5929] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  199.582950][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.610755][ T5929] usb 2-1: config 0 descriptor??
[  199.850325][ T5929] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  199.925231][ T1233] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  200.291317][ T1233] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  200.291394][ T1233] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  200.291459][ T1233] usb 1-1: config 220 has no interface number 2
[  200.292545][ T1233] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  200.292620][ T1233] usb 1-1: config 220 interface 0 has no altsetting 0
[  200.292686][ T1233] usb 1-1: config 220 interface 76 has no altsetting 0
[  200.292758][ T1233] usb 1-1: config 220 interface 1 has no altsetting 0
[  200.675977][ T1233] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  200.676008][ T1233] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.676027][ T1233] usb 1-1: Product: syz
[  200.676041][ T1233] usb 1-1: Manufacturer: syz
[  200.676055][ T1233] usb 1-1: SerialNumber: syz
[  201.207179][ T1233] usb 1-1: selecting invalid altsetting 0
[  201.224045][ T6796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  201.227317][ T6796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  202.099899][ T1233] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  202.099944][ T1233] usb 1-1: No valid video chain found.
[  202.157699][ T1233] usb 1-1: selecting invalid altsetting 0
[  202.157739][ T1233] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  202.174163][ T1233] usb 1-1: USB disconnect, device number 4
[  202.823368][ T5929] [drm:udl_init] *ERROR* Selecting channel failed
[  202.864227][ T6810] FAULT_INJECTION: forcing a failure.
[  202.864227][ T6810] name failslab, interval 1, probability 0, space 0, times 0
[  202.864257][ T6810] CPU: 1 UID: 0 PID: 6810 Comm: syz.3.224 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  202.864278][ T6810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  202.864288][ T6810] Call Trace:
[  202.864295][ T6810]  <TASK>
[  202.864303][ T6810]  dump_stack_lvl+0x189/0x250
[  202.864330][ T6810]  ? __pfx____ratelimit+0x10/0x10
[  202.864353][ T6810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.864374][ T6810]  ? __pfx__printk+0x10/0x10
[  202.864399][ T6810]  ? __pfx___might_resched+0x10/0x10
[  202.864416][ T6810]  ? fs_reclaim_acquire+0x7d/0x100
[  202.864437][ T6810]  should_fail_ex+0x46c/0x600
[  202.864473][ T6810]  ? __alloc_skb+0x112/0x2d0
[  202.864494][ T6810]  should_failslab+0xa8/0x100
[  202.864516][ T6810]  ? __alloc_skb+0x112/0x2d0
[  202.864535][ T6810]  kmem_cache_alloc_node_noprof+0x77/0x330
[  202.864563][ T6810]  __alloc_skb+0x112/0x2d0
[  202.864589][ T6810]  netlink_sendmsg+0x5c6/0xb30
[  202.864620][ T6810]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.864648][ T6810]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  202.864664][ T6810]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.864687][ T6810]  __sock_sendmsg+0x21c/0x270
[  202.864709][ T6810]  ____sys_sendmsg+0x534/0x820
[  202.864732][ T6810]  ? __pfx_____sys_sendmsg+0x10/0x10
[  202.864763][ T6810]  ? import_iovec+0x74/0xa0
[  202.864788][ T6810]  ___sys_sendmsg+0x21f/0x2a0
[  202.864808][ T6810]  ? __pfx____sys_sendmsg+0x10/0x10
[  202.864856][ T6810]  ? __fget_files+0x2a/0x420
[  202.864874][ T6810]  ? __fget_files+0x3a6/0x420
[  202.864902][ T6810]  __sys_sendmmsg+0x22d/0x430
[  202.864923][ T6810]  ? __pfx___sys_sendmmsg+0x10/0x10
[  202.864949][ T6810]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  202.864984][ T6810]  ? ksys_write+0x230/0x260
[  202.865006][ T6810]  ? __pfx_ksys_write+0x10/0x10
[  202.865023][ T6810]  ? rcu_is_watching+0x15/0xb0
[  202.865051][ T6810]  __x64_sys_sendmmsg+0xa0/0xc0
[  202.865071][ T6810]  do_syscall_64+0xfa/0x3b0
[  202.865087][ T6810]  ? lockdep_hardirqs_on+0x9c/0x150
[  202.865109][ T6810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.865126][ T6810]  ? clear_bhb_loop+0x60/0xb0
[  202.865146][ T6810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.865162][ T6810] RIP: 0033:0x7f917ecbeec9
[  202.865177][ T6810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.865191][ T6810] RSP: 002b:00007f917cf1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  202.865210][ T6810] RAX: ffffffffffffffda RBX: 00007f917ef15fa0 RCX: 00007f917ecbeec9
[  202.865222][ T6810] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  202.865234][ T6810] RBP: 00007f917cf1e090 R08: 0000000000000000 R09: 0000000000000000
[  202.865245][ T6810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.865255][ T6810] R13: 00007f917ef16038 R14: 00007f917ef15fa0 R15: 00007ffebfc6a558
[  202.865283][ T6810]  </TASK>
[  203.186943][ T5929] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[  203.186967][ T5929] [drm] Initialized udl on minor 2
[  203.206357][ T5929] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  203.208892][ T5929] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  203.229446][ T5929] usb 2-1: USB disconnect, device number 6
[  203.238303][   T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  203.250784][   T10] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffed
[  203.251129][   T10] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[  203.686924][ T6820] netlink: 40 bytes leftover after parsing attributes in process `syz.0.225'.
[  204.885003][   T37] kauditd_printk_skb: 14 callbacks suppressed
[  204.885020][   T37] audit: type=1326 audit(1759082095.884:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  204.885063][   T37] audit: type=1326 audit(1759082095.884:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  204.885102][   T37] audit: type=1326 audit(1759082095.884:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  204.885140][   T37] audit: type=1326 audit(1759082095.884:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  204.885185][   T37] audit: type=1326 audit(1759082095.884:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  205.028866][   T37] audit: type=1326 audit(1759082096.024:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  205.028916][   T37] audit: type=1326 audit(1759082096.024:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  205.028955][   T37] audit: type=1326 audit(1759082096.024:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  205.251439][   T37] audit: type=1326 audit(1759082096.254:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  205.251491][   T37] audit: type=1326 audit(1759082096.254:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6828 comm="syz.1.229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  206.757883][ T6846] capability: warning: `syz.1.235' uses deprecated v2 capabilities in a way that may be insecure
[  207.252844][ T6844] FAULT_INJECTION: forcing a failure.
[  207.252844][ T6844] name failslab, interval 1, probability 0, space 0, times 0
[  207.252865][ T6844] CPU: 1 UID: 0 PID: 6844 Comm: syz.0.234 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  207.252877][ T6844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  207.252883][ T6844] Call Trace:
[  207.252887][ T6844]  <TASK>
[  207.252891][ T6844]  dump_stack_lvl+0x189/0x250
[  207.252910][ T6844]  ? __pfx____ratelimit+0x10/0x10
[  207.252926][ T6844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  207.252939][ T6844]  ? __pfx__printk+0x10/0x10
[  207.252953][ T6844]  ? __pfx___might_resched+0x10/0x10
[  207.252966][ T6844]  should_fail_ex+0x46c/0x600
[  207.252983][ T6844]  should_failslab+0xa8/0x100
[  207.252998][ T6844]  __kmalloc_noprof+0xcb/0x430
[  207.253010][ T6844]  ? tomoyo_encode+0x28b/0x550
[  207.253026][ T6844]  tomoyo_encode+0x28b/0x550
[  207.253042][ T6844]  tomoyo_realpath_from_path+0x58d/0x5d0
[  207.253061][ T6844]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  207.253072][ T6844]  tomoyo_path_number_perm+0x1e8/0x5a0
[  207.253084][ T6844]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  207.253098][ T6844]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  207.253113][ T6844]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.253130][ T6844]  ? __lock_acquire+0xab9/0xd20
[  207.253154][ T6844]  ? __fget_files+0x2a/0x420
[  207.253169][ T6844]  ? __fget_files+0x2a/0x420
[  207.253181][ T6844]  ? __fget_files+0x3a6/0x420
[  207.253193][ T6844]  ? __fget_files+0x2a/0x420
[  207.253207][ T6844]  security_file_ioctl+0xcb/0x2d0
[  207.253220][ T6844]  __se_sys_ioctl+0x47/0x170
[  207.253233][ T6844]  do_syscall_64+0xfa/0x3b0
[  207.253241][ T6844]  ? lockdep_hardirqs_on+0x9c/0x150
[  207.253254][ T6844]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.253272][ T6844]  ? clear_bhb_loop+0x60/0xb0
[  207.253283][ T6844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.253292][ T6844] RIP: 0033:0x7fb40dc0eec9
[  207.253302][ T6844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  207.253310][ T6844] RSP: 002b:00007fb40be76038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  207.253321][ T6844] RAX: ffffffffffffffda RBX: 00007fb40de65fa0 RCX: 00007fb40dc0eec9
[  207.253328][ T6844] RDX: 00002000000002c0 RSI: 00000000c0306201 RDI: 0000000000000007
[  207.253335][ T6844] RBP: 00007fb40be76090 R08: 0000000000000000 R09: 0000000000000000
[  207.253341][ T6844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.253346][ T6844] R13: 00007fb40de66038 R14: 00007fb40de65fa0 R15: 00007ffee01b7ad8
[  207.253362][ T6844]  </TASK>
[  207.253373][ T6844] ERROR: Out of memory at tomoyo_realpath_from_path.
[  208.150965][ T6857] FAULT_INJECTION: forcing a failure.
[  208.150965][ T6857] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.150995][ T6857] CPU: 0 UID: 0 PID: 6857 Comm: syz.0.237 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  208.151015][ T6857] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  208.151025][ T6857] Call Trace:
[  208.151032][ T6857]  <TASK>
[  208.151040][ T6857]  dump_stack_lvl+0x189/0x250
[  208.151068][ T6857]  ? __pfx____ratelimit+0x10/0x10
[  208.151093][ T6857]  ? __pfx_dump_stack_lvl+0x10/0x10
[  208.151115][ T6857]  ? __pfx__printk+0x10/0x10
[  208.151148][ T6857]  should_fail_ex+0x46c/0x600
[  208.151178][ T6857]  _copy_to_user+0x31/0xb0
[  208.151201][ T6857]  simple_read_from_buffer+0xe1/0x170
[  208.151228][ T6857]  proc_fail_nth_read+0x1b6/0x220
[  208.151249][ T6857]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.151270][ T6857]  ? rw_verify_area+0x2ac/0x4e0
[  208.151290][ T6857]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  208.151310][ T6857]  vfs_read+0x203/0xa30
[  208.151339][ T6857]  ? __pfx_vfs_read+0x10/0x10
[  208.151355][ T6857]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  208.151386][ T6857]  ? mutex_lock_nested+0x154/0x1d0
[  208.151405][ T6857]  ? fdget_pos+0x253/0x320
[  208.151436][ T6857]  ksys_read+0x14b/0x260
[  208.151458][ T6857]  ? __pfx_ksys_read+0x10/0x10
[  208.151484][ T6857]  ? do_syscall_64+0xbe/0x3b0
[  208.151505][ T6857]  do_syscall_64+0xfa/0x3b0
[  208.151523][ T6857]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.151539][ T6857]  ? asm_sysvec_call_function_single+0x1a/0x20
[  208.151556][ T6857]  ? clear_bhb_loop+0x60/0xb0
[  208.151577][ T6857]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.151593][ T6857] RIP: 0033:0x7fb40dc0d8dc
[  208.151609][ T6857] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  208.151622][ T6857] RSP: 002b:00007fb40be55030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  208.151641][ T6857] RAX: ffffffffffffffda RBX: 00007fb40de66090 RCX: 00007fb40dc0d8dc
[  208.151654][ T6857] RDX: 000000000000000f RSI: 00007fb40be550a0 RDI: 0000000000000007
[  208.151665][ T6857] RBP: 00007fb40be55090 R08: 0000000000000000 R09: 0000000000000000
[  208.151676][ T6857] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[  208.151687][ T6857] R13: 00007fb40de66128 R14: 00007fb40de66090 R15: 00007ffee01b7ad8
[  208.151717][ T6857]  </TASK>
[  208.485102][ T6861] netlink: 40 bytes leftover after parsing attributes in process `syz.2.238'.
[  211.250296][ T6886] process 'syz.3.245' launched '/dev/fd/4' with NULL argv: empty string added
[  211.548804][ T6689] usb 2-1: new low-speed USB device number 7 using dummy_hcd
[  211.817859][ T6689] usb 2-1: device descriptor read/64, error -71
[  212.467281][ T5844] Bluetooth: hci4: command 0x0406 tx timeout
[  212.467502][ T5844] Bluetooth: hci1: command 0x0406 tx timeout
[  212.467624][ T5844] Bluetooth: hci0: command 0x0406 tx timeout
[  212.467648][ T5844] Bluetooth: hci2: command 0x0406 tx timeout
[  212.467670][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  213.260077][ T6689] usb 2-1: new low-speed USB device number 8 using dummy_hcd
[  213.389973][ T6689] usb 2-1: device descriptor read/64, error -71
[  213.511443][ T6689] usb usb2-port1: attempt power cycle
[  215.730689][ T6912] tmpfs: Unsupported parameter 'huge'
[  215.829852][ T6915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.252'.
[  215.830199][ T6915] netlink: 4 bytes leftover after parsing attributes in process `syz.3.252'.
[  216.869959][ T6689] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  217.154498][ T6689] usb 2-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  217.154528][ T6689] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.154547][ T6689] usb 2-1: Product: syz
[  217.154561][ T6689] usb 2-1: Manufacturer: syz
[  217.154574][ T6689] usb 2-1: SerialNumber: syz
[  217.793332][ T6689] usb 2-1: config 0 descriptor??
[  218.728488][ T6689] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  218.728769][ T6689] asix 2-1:0.0: probe with driver asix failed with error -71
[  218.886250][ T6689] usb 2-1: USB disconnect, device number 9
[  222.194131][ T6966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.263'.
[  222.345884][ T6966] netlink: 4 bytes leftover after parsing attributes in process `syz.4.263'.
[  224.289999][   T44] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  224.447341][   T44] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  224.447372][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  224.447391][   T44] usb 5-1: Product: syz
[  224.447405][   T44] usb 5-1: Manufacturer: syz
[  224.447419][   T44] usb 5-1: SerialNumber: syz
[  224.480723][ T6991] 9pnet_fd: p9_fd_create_unix (6991): problem connecting socket: ./file0: -111
[  224.533454][   T44] usb 5-1: config 0 descriptor??
[  225.933398][ T7004] FAULT_INJECTION: forcing a failure.
[  225.933398][ T7004] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  225.933430][ T7004] CPU: 0 UID: 0 PID: 7004 Comm: syz.1.277 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  225.933451][ T7004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  225.933461][ T7004] Call Trace:
[  225.933469][ T7004]  <TASK>
[  225.933477][ T7004]  dump_stack_lvl+0x189/0x250
[  225.933507][ T7004]  ? __pfx____ratelimit+0x10/0x10
[  225.933532][ T7004]  ? __pfx_dump_stack_lvl+0x10/0x10
[  225.933555][ T7004]  ? __pfx__printk+0x10/0x10
[  225.933574][ T7004]  ? __might_fault+0xb0/0x130
[  225.933608][ T7004]  should_fail_ex+0x46c/0x600
[  225.933637][ T7004]  _copy_from_user+0x2d/0xb0
[  225.933659][ T7004]  __sys_bpf+0x1ed/0x870
[  225.933686][ T7004]  ? __pfx___sys_bpf+0x10/0x10
[  225.933720][ T7004]  ? ksys_write+0x230/0x260
[  225.933744][ T7004]  ? __pfx_ksys_write+0x10/0x10
[  225.933761][ T7004]  ? rcu_is_watching+0x15/0xb0
[  225.933794][ T7004]  __x64_sys_bpf+0x7c/0x90
[  225.933814][ T7004]  do_syscall_64+0xfa/0x3b0
[  225.933830][ T7004]  ? lockdep_hardirqs_on+0x9c/0x150
[  225.933852][ T7004]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.933869][ T7004]  ? clear_bhb_loop+0x60/0xb0
[  225.933890][ T7004]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  225.933907][ T7004] RIP: 0033:0x7f322523eec9
[  225.933923][ T7004] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  225.933936][ T7004] RSP: 002b:00007f32234a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  225.933955][ T7004] RAX: ffffffffffffffda RBX: 00007f3225495fa0 RCX: 00007f322523eec9
[  225.933968][ T7004] RDX: 0000000000000020 RSI: 0000200000000740 RDI: 0000000000000008
[  225.933980][ T7004] RBP: 00007f32234a6090 R08: 0000000000000000 R09: 0000000000000000
[  225.933990][ T7004] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  225.934001][ T7004] R13: 00007f3225496038 R14: 00007f3225495fa0 R15: 00007ffd5a9c6a88
[  225.934031][ T7004]  </TASK>
[  226.050590][   T44] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  226.050894][   T44] asix 5-1:0.0: probe with driver asix failed with error -71
[  226.245081][   T44] usb 5-1: USB disconnect, device number 6
[  227.923723][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.283'.
[  227.924127][ T7026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.283'.
[  234.450862][ T7093] FAULT_INJECTION: forcing a failure.
[  234.450862][ T7093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  234.450895][ T7093] CPU: 0 UID: 0 PID: 7093 Comm: syz.4.300 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  234.450916][ T7093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  234.450926][ T7093] Call Trace:
[  234.450933][ T7093]  <TASK>
[  234.450941][ T7093]  dump_stack_lvl+0x189/0x250
[  234.450969][ T7093]  ? __pfx____ratelimit+0x10/0x10
[  234.450994][ T7093]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.451016][ T7093]  ? __pfx__printk+0x10/0x10
[  234.451047][ T7093]  should_fail_ex+0x46c/0x600
[  234.451076][ T7093]  _copy_from_user+0x2d/0xb0
[  234.451098][ T7093]  copy_from_sockptr+0x5e/0xa0
[  234.451121][ T7093]  packet_setsockopt+0x444/0x12c0
[  234.451140][ T7093]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  234.451164][ T7093]  ? __pfx_packet_setsockopt+0x10/0x10
[  234.451189][ T7093]  ? __lock_acquire+0xab9/0xd20
[  234.451230][ T7093]  ? __fget_files+0x2a/0x420
[  234.451255][ T7093]  ? __fget_files+0x2a/0x420
[  234.451274][ T7093]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  234.451291][ T7093]  ? __pfx_packet_setsockopt+0x10/0x10
[  234.451313][ T7093]  do_sock_setsockopt+0x179/0x1b0
[  234.451335][ T7093]  __x64_sys_setsockopt+0x145/0x1b0
[  234.451357][ T7093]  do_syscall_64+0xfa/0x3b0
[  234.451373][ T7093]  ? lockdep_hardirqs_on+0x9c/0x150
[  234.451395][ T7093]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.451412][ T7093]  ? clear_bhb_loop+0x60/0xb0
[  234.451433][ T7093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.451449][ T7093] RIP: 0033:0x7f6f9e4eeec9
[  234.451465][ T7093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.451478][ T7093] RSP: 002b:00007f6f9c756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  234.451497][ T7093] RAX: ffffffffffffffda RBX: 00007f6f9e745fa0 RCX: 00007f6f9e4eeec9
[  234.451510][ T7093] RDX: 0000000000000014 RSI: 0000000000000107 RDI: 0000000000000004
[  234.451521][ T7093] RBP: 00007f6f9c756090 R08: 0000000000000004 R09: 0000000000000000
[  234.451531][ T7093] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  234.451552][ T7093] R13: 00007f6f9e746038 R14: 00007f6f9e745fa0 R15: 00007ffc04fe2158
[  234.451581][ T7093]  </TASK>
[  241.434938][ T7147] tty tty3: ldisc open failed (-12), clearing slot 2
[  243.199796][   T10] libceph: connect (1)[c::]:6789 error -101
[  243.212379][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  243.445337][   T10] libceph: connect (1)[c::]:6789 error -101
[  243.445548][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  243.447078][ T7140] ceph: No mds server is up or the cluster is laggy
[  243.480283][ T7166] netlink: 'syz.1.318': attribute type 10 has an invalid length.
[  244.243163][    T9] libceph: connect (1)[c::]:6789 error -101
[  244.243304][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  245.855762][ T7166] team0: Port device dummy0 added
[  245.871347][ T5928] libceph: connect (1)[c::]:6789 error -101
[  245.871579][ T5928] libceph: mon0 (1)[c::]:6789 connect error
[  247.510505][ T7197] FAULT_INJECTION: forcing a failure.
[  247.510505][ T7197] name failslab, interval 1, probability 0, space 0, times 0
[  247.510786][ T7197] CPU: 1 UID: 0 PID: 7197 Comm: syz.3.326 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  247.510808][ T7197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  247.510826][ T7197] Call Trace:
[  247.510837][ T7197]  <TASK>
[  247.510845][ T7197]  dump_stack_lvl+0x189/0x250
[  247.510874][ T7197]  ? __pfx____ratelimit+0x10/0x10
[  247.510899][ T7197]  ? __pfx_dump_stack_lvl+0x10/0x10
[  247.510921][ T7197]  ? __pfx__printk+0x10/0x10
[  247.510945][ T7197]  ? __pfx___might_resched+0x10/0x10
[  247.510963][ T7197]  ? fs_reclaim_acquire+0x7d/0x100
[  247.510984][ T7197]  should_fail_ex+0x46c/0x600
[  247.511012][ T7197]  ? __alloc_skb+0x112/0x2d0
[  247.511035][ T7197]  should_failslab+0xa8/0x100
[  247.511058][ T7197]  ? __alloc_skb+0x112/0x2d0
[  247.511078][ T7197]  kmem_cache_alloc_node_noprof+0x77/0x330
[  247.511107][ T7197]  __alloc_skb+0x112/0x2d0
[  247.511134][ T7197]  netlink_sendmsg+0x5c6/0xb30
[  247.511167][ T7197]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.511205][ T7197]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  247.511223][ T7197]  ? __pfx_netlink_sendmsg+0x10/0x10
[  247.511247][ T7197]  __sock_sendmsg+0x21c/0x270
[  247.511271][ T7197]  ____sys_sendmsg+0x508/0x820
[  247.511295][ T7197]  ? __pfx_____sys_sendmsg+0x10/0x10
[  247.511322][ T7197]  ? import_iovec+0x74/0xa0
[  247.511347][ T7197]  ___sys_sendmsg+0x21f/0x2a0
[  247.511368][ T7197]  ? __pfx____sys_sendmsg+0x10/0x10
[  247.511422][ T7197]  ? __fget_files+0x2a/0x420
[  247.511444][ T7197]  ? __fget_files+0x3a6/0x420
[  247.511477][ T7197]  __x64_sys_sendmsg+0x1a1/0x260
[  247.511498][ T7197]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  247.511526][ T7197]  ? __pfx_ksys_write+0x10/0x10
[  247.511552][ T7197]  ? do_syscall_64+0xbe/0x3b0
[  247.511573][ T7197]  do_syscall_64+0xfa/0x3b0
[  247.511592][ T7197]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.511609][ T7197]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  247.511625][ T7197]  ? clear_bhb_loop+0x60/0xb0
[  247.511646][ T7197]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  247.511663][ T7197] RIP: 0033:0x7f917ecbeec9
[  247.511679][ T7197] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  247.511693][ T7197] RSP: 002b:00007f917cedc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  247.511712][ T7197] RAX: ffffffffffffffda RBX: 00007f917ef16180 RCX: 00007f917ecbeec9
[  247.511725][ T7197] RDX: 0000000000000000 RSI: 0000200000000380 RDI: 0000000000000009
[  247.511737][ T7197] RBP: 00007f917cedc090 R08: 0000000000000000 R09: 0000000000000000
[  247.511748][ T7197] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  247.511758][ T7197] R13: 00007f917ef16218 R14: 00007f917ef16180 R15: 00007ffebfc6a558
[  247.511786][ T7197]  </TASK>
[  248.527867][ T7208] FAULT_INJECTION: forcing a failure.
[  248.527867][ T7208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.527901][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: syz.3.330 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  248.527922][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  248.527933][ T7208] Call Trace:
[  248.527940][ T7208]  <TASK>
[  248.527949][ T7208]  dump_stack_lvl+0x189/0x250
[  248.527978][ T7208]  ? __pfx____ratelimit+0x10/0x10
[  248.528003][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.528027][ T7208]  ? __pfx__printk+0x10/0x10
[  248.528061][ T7208]  should_fail_ex+0x46c/0x600
[  248.528090][ T7208]  _copy_to_user+0x31/0xb0
[  248.528115][ T7208]  simple_read_from_buffer+0xe1/0x170
[  248.528150][ T7208]  proc_fail_nth_read+0x1b6/0x220
[  248.528173][ T7208]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.528195][ T7208]  ? rw_verify_area+0x2ac/0x4e0
[  248.528215][ T7208]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  248.528235][ T7208]  vfs_read+0x203/0xa30
[  248.528268][ T7208]  ? __pfx_vfs_read+0x10/0x10
[  248.528286][ T7208]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  248.528317][ T7208]  ? mutex_lock_nested+0x154/0x1d0
[  248.528336][ T7208]  ? fdget_pos+0x253/0x320
[  248.528368][ T7208]  ksys_read+0x14b/0x260
[  248.528390][ T7208]  ? __pfx_ksys_read+0x10/0x10
[  248.528408][ T7208]  ? rcu_is_watching+0x15/0xb0
[  248.528438][ T7208]  ? do_syscall_64+0xbe/0x3b0
[  248.528459][ T7208]  do_syscall_64+0xfa/0x3b0
[  248.528475][ T7208]  ? lockdep_hardirqs_on+0x9c/0x150
[  248.528498][ T7208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.528516][ T7208]  ? clear_bhb_loop+0x60/0xb0
[  248.528538][ T7208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.528554][ T7208] RIP: 0033:0x7f917ecbd8dc
[  248.528570][ T7208] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  248.528584][ T7208] RSP: 002b:00007f917cf1e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  248.528603][ T7208] RAX: ffffffffffffffda RBX: 00007f917ef15fa0 RCX: 00007f917ecbd8dc
[  248.528616][ T7208] RDX: 000000000000000f RSI: 00007f917cf1e0a0 RDI: 0000000000000004
[  248.528627][ T7208] RBP: 00007f917cf1e090 R08: 0000000000000000 R09: 0000000000000000
[  248.528638][ T7208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.528648][ T7208] R13: 00007f917ef16038 R14: 00007f917ef15fa0 R15: 00007ffebfc6a558
[  248.528679][ T7208]  </TASK>
[  249.598163][ T7219] netlink: 'syz.1.331': attribute type 2 has an invalid length.
[  249.598237][ T7219] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.331'.
[  249.598305][ T7219] nbd: must specify at least one socket
[  250.035317][ T7213] overlayfs: failed to resolve './file0': -2
[  250.247957][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.334'.
[  250.328525][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.497423][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.656437][    C1] vkms_vblank_simulate: vblank timer overrun
[  250.719620][    C1] vkms_vblank_simulate: vblank timer overrun
[  251.443014][    C1] vkms_vblank_simulate: vblank timer overrun
[  251.759918][    C1] vkms_vblank_simulate: vblank timer overrun
[  251.953749][    C1] vkms_vblank_simulate: vblank timer overrun
[  252.558390][    C1] vkms_vblank_simulate: vblank timer overrun
[  252.606086][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.120086][ T5929] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  253.135931][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.285718][ T7250] tmpfs: Cannot retroactively limit size
[  253.385620][ T5929] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  253.385658][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.385677][ T5929] usb 5-1: Product: syz
[  253.385690][ T5929] usb 5-1: Manufacturer: syz
[  253.385703][ T5929] usb 5-1: SerialNumber: syz
[  253.478307][ T5929] usb 5-1: config 0 descriptor??
[  253.562777][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.697885][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.854153][    C1] vkms_vblank_simulate: vblank timer overrun
[  253.911351][ T6047] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  254.178549][ T6047] usb 4-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  254.178636][ T6047] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.178657][ T6047] usb 4-1: Product: syz
[  254.178671][ T6047] usb 4-1: Manufacturer: syz
[  254.178685][ T6047] usb 4-1: SerialNumber: syz
[  254.299865][ T6047] usb 4-1: config 0 descriptor??
[  254.320108][ T5929] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  254.320465][ T5929] asix 5-1:0.0: probe with driver asix failed with error -71
[  254.378452][ T5929] usb 5-1: USB disconnect, device number 7
[  254.507941][    C1] vkms_vblank_simulate: vblank timer overrun
[  254.828522][    C1] vkms_vblank_simulate: vblank timer overrun
[  255.117810][    C1] vkms_vblank_simulate: vblank timer overrun
[  255.890141][ T7278] netlink: 'syz.1.348': attribute type 2 has an invalid length.
[  255.890190][ T7278] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.348'.
[  255.890243][ T7278] nbd: must specify at least one socket
[  256.331435][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  256.331511][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  256.384599][ T6047] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  256.384874][ T6047] asix 4-1:0.0: probe with driver asix failed with error -71
[  256.413488][ T6047] usb 4-1: USB disconnect, device number 4
[  256.596326][ T7282] overlayfs: failed to resolve './file0': -2
[  256.813192][ T7289] netlink: 8 bytes leftover after parsing attributes in process `syz.1.354'.
[  258.918838][ T7302] netlink: 68 bytes leftover after parsing attributes in process `syz.3.357'.
[  261.553471][ T7331] netlink: 'syz.4.362': attribute type 2 has an invalid length.
[  261.553493][ T7331] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.362'.
[  261.553509][ T7331] nbd: must specify at least one socket
[  261.962492][ T7340] overlayfs: failed to clone upperpath
[  262.262647][ T7344] Illegal XDP return value 4294967274 on prog  (id 118) dev syz_tun, expect packet loss!
[  263.457731][ T7358] netlink: 8 bytes leftover after parsing attributes in process `syz.2.371'.
[  265.761440][ T7377] netlink: 64 bytes leftover after parsing attributes in process `syz.1.376'.
[  265.960125][ T6689] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  266.138252][ T6689] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  266.140070][ T6689] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.140094][ T6689] usb 5-1: Product: syz
[  266.140108][ T6689] usb 5-1: Manufacturer: syz
[  266.140129][ T6689] usb 5-1: SerialNumber: syz
[  266.199668][ T6689] usb 5-1: config 0 descriptor??
[  266.356743][ T7384] netlink: 'syz.3.377': attribute type 2 has an invalid length.
[  266.356794][ T7384] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.377'.
[  266.356865][ T7384] nbd: must specify at least one socket
[  267.009130][ T7386] overlayfs: failed to clone upperpath
[  269.059960][ T6689] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  269.060236][ T6689] asix 5-1:0.0: probe with driver asix failed with error -71
[  269.103744][ T6689] usb 5-1: USB disconnect, device number 8
[  270.276855][ T7412] Bluetooth: MGMT ver 1.23
[  270.417657][ T7420] netlink: 'syz.2.385': attribute type 3 has an invalid length.
[  270.417678][ T7420] netlink: 'syz.2.385': attribute type 1 has an invalid length.
[  270.417691][ T7420] netlink: 220 bytes leftover after parsing attributes in process `syz.2.385'.
[  271.582454][   T37] kauditd_printk_skb: 22 callbacks suppressed
[  271.582467][   T37] audit: type=1326 audit(1759082162.584:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7416 comm="syz.2.385" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4c8321eec9 code=0x0
[  272.163943][ T7432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.389'.
[  272.300120][ T5849] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  272.322438][ T5849] Bluetooth: hci0: command 0x0406 tx timeout
[  275.203038][ T7452] netlink: 'syz.2.391': attribute type 2 has an invalid length.
[  275.203062][ T7452] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.391'.
[  275.203079][ T7452] nbd: must specify at least one socket
[  276.207752][ T7467] FAULT_INJECTION: forcing a failure.
[  276.207752][ T7467] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  276.207813][ T7467] CPU: 0 UID: 0 PID: 7467 Comm: syz.4.394 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  276.207835][ T7467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  276.207847][ T7467] Call Trace:
[  276.207854][ T7467]  <TASK>
[  276.207862][ T7467]  dump_stack_lvl+0x189/0x250
[  276.207891][ T7467]  ? __pfx____ratelimit+0x10/0x10
[  276.207917][ T7467]  ? __pfx_dump_stack_lvl+0x10/0x10
[  276.207941][ T7467]  ? __pfx__printk+0x10/0x10
[  276.207975][ T7467]  should_fail_ex+0x46c/0x600
[  276.208005][ T7467]  strncpy_from_user+0x36/0x290
[  276.208032][ T7467]  getname_flags+0xf3/0x540
[  276.208061][ T7467]  __x64_sys_execveat+0xad/0xe0
[  276.208085][ T7467]  do_syscall_64+0xfa/0x3b0
[  276.208104][ T7467]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.208121][ T7467]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  276.208137][ T7467]  ? clear_bhb_loop+0x60/0xb0
[  276.208159][ T7467]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.208176][ T7467] RIP: 0033:0x7f6f9e4eeec9
[  276.208192][ T7467] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  276.208207][ T7467] RSP: 002b:00007f6f9c714038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  276.208227][ T7467] RAX: ffffffffffffffda RBX: 00007f6f9e746180 RCX: 00007f6f9e4eeec9
[  276.208241][ T7467] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000005
[  276.208252][ T7467] RBP: 00007f6f9c714090 R08: 0000000000001000 R09: 0000000000000000
[  276.208264][ T7467] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  276.208275][ T7467] R13: 00007f6f9e746218 R14: 00007f6f9e746180 R15: 00007ffc04fe2158
[  276.208305][ T7467]  </TASK>
[  276.799950][ T6126] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  277.569972][ T6126] usb 4-1: Using ep0 maxpacket: 32
[  277.571487][ T7473] sctp: [Deprecated]: syz.4.400 (pid 7473) Use of int in max_burst socket option.
[  277.571487][ T7473] Use struct sctp_assoc_value instead
[  279.188250][ T6126] usb 4-1: unable to read config index 0 descriptor/start: -71
[  279.188301][ T6126] usb 4-1: can't read configurations, error -71
[  279.344219][ T7483] netlink: 16 bytes leftover after parsing attributes in process `syz.1.404'.
[  279.450350][ T7489] netlink: 8 bytes leftover after parsing attributes in process `syz.3.406'.
[  279.682049][    C0] vkms_vblank_simulate: vblank timer overrun
[  280.242546][    C0] vkms_vblank_simulate: vblank timer overrun
[  280.408701][    C0] vkms_vblank_simulate: vblank timer overrun
[  280.817125][    C0] vkms_vblank_simulate: vblank timer overrun
[  281.111836][    C0] vkms_vblank_simulate: vblank timer overrun
[  281.415582][    C0] vkms_vblank_simulate: vblank timer overrun
[  281.739653][ T7513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.410'.
[  281.739918][ T7513] netlink: 4 bytes leftover after parsing attributes in process `syz.1.410'.
[  281.778511][    C0] vkms_vblank_simulate: vblank timer overrun
[  282.489549][    C0] vkms_vblank_simulate: vblank timer overrun
[  282.709077][    C0] vkms_vblank_simulate: vblank timer overrun
[  283.185540][    C0] vkms_vblank_simulate: vblank timer overrun
[  283.601720][    C0] vkms_vblank_simulate: vblank timer overrun
[  286.912193][ T7558] netlink: 8 bytes leftover after parsing attributes in process `syz.2.422'.
[  289.455673][ T7581] fuse: Bad value for 'fd'
[  289.650132][ T6689] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  289.982780][ T7589] overlayfs: failed to clone upperpath
[  290.102603][ T6689] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[  290.102630][ T6689] usb 4-1: config 0 has no interface number 0
[  290.108372][ T6689] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  290.108401][ T6689] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.108420][ T6689] usb 4-1: Product: syz
[  290.108433][ T6689] usb 4-1: Manufacturer: syz
[  290.108447][ T6689] usb 4-1: SerialNumber: syz
[  290.117574][ T6689] usb 4-1: config 0 descriptor??
[  290.941947][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  291.145754][   T10] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  291.145784][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.145804][   T10] usb 3-1: Product: syz
[  291.145818][   T10] usb 3-1: Manufacturer: syz
[  291.145831][   T10] usb 3-1: SerialNumber: syz
[  291.191528][   T10] usb 3-1: config 0 descriptor??
[  291.556650][ T6689] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  291.556683][ T6689] asix 4-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71
[  291.556960][ T6689] asix 4-1:0.251: probe with driver asix failed with error -71
[  291.577111][ T6689] usb 4-1: USB disconnect, device number 7
[  292.382714][ T7606] netlink: 'syz.3.435': attribute type 10 has an invalid length.
[  292.820039][ T5956] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  293.117051][   T10] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  293.117333][   T10] asix 3-1:0.0: probe with driver asix failed with error -71
[  293.165834][   T10] usb 3-1: USB disconnect, device number 8
[  293.228026][ T5956] usb 4-1: Using ep0 maxpacket: 16
[  293.241329][ T5956] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  293.241361][ T5956] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  293.241397][ T5956] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  293.241418][ T5956] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.215958][ T5956] usb 4-1: config 0 descriptor??
[  294.436666][ T7622] netlink: 8 bytes leftover after parsing attributes in process `syz.4.441'.
[  295.670127][ T5956] usbhid 4-1:0.0: can't add hid device: -71
[  295.670268][ T5956] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  295.716650][ T5956] usb 4-1: USB disconnect, device number 8
[  297.560466][ T7656] FAULT_INJECTION: forcing a failure.
[  297.560466][ T7656] name failslab, interval 1, probability 0, space 0, times 0
[  297.560489][ T7656] CPU: 1 UID: 0 PID: 7656 Comm: syz.4.452 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  297.560501][ T7656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  297.560508][ T7656] Call Trace:
[  297.560512][ T7656]  <TASK>
[  297.560516][ T7656]  dump_stack_lvl+0x189/0x250
[  297.560536][ T7656]  ? __pfx____ratelimit+0x10/0x10
[  297.560552][ T7656]  ? __pfx_dump_stack_lvl+0x10/0x10
[  297.560565][ T7656]  ? __pfx__printk+0x10/0x10
[  297.560579][ T7656]  ? __pfx___might_resched+0x10/0x10
[  297.560590][ T7656]  ? fs_reclaim_acquire+0x7d/0x100
[  297.560602][ T7656]  should_fail_ex+0x46c/0x600
[  297.560619][ T7656]  should_failslab+0xa8/0x100
[  297.560633][ T7656]  __kmalloc_noprof+0xcb/0x430
[  297.560645][ T7656]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  297.560662][ T7656]  tomoyo_realpath_from_path+0xe3/0x5d0
[  297.560677][ T7656]  ? tomoyo_domain+0xda/0x130
[  297.560693][ T7656]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  297.560704][ T7656]  tomoyo_path_number_perm+0x1e8/0x5a0
[  297.560717][ T7656]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  297.560730][ T7656]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  297.560745][ T7656]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.560763][ T7656]  ? __lock_acquire+0xab9/0xd20
[  297.560787][ T7656]  ? __fget_files+0x2a/0x420
[  297.560802][ T7656]  ? __fget_files+0x2a/0x420
[  297.560813][ T7656]  ? __fget_files+0x3a6/0x420
[  297.560825][ T7656]  ? __fget_files+0x2a/0x420
[  297.560840][ T7656]  security_file_ioctl+0xcb/0x2d0
[  297.560854][ T7656]  __se_sys_ioctl+0x47/0x170
[  297.560867][ T7656]  do_syscall_64+0xfa/0x3b0
[  297.560877][ T7656]  ? lockdep_hardirqs_on+0x9c/0x150
[  297.560893][ T7656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.560902][ T7656]  ? clear_bhb_loop+0x60/0xb0
[  297.560914][ T7656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  297.560924][ T7656] RIP: 0033:0x7f6f9e4eeec9
[  297.560933][ T7656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  297.560941][ T7656] RSP: 002b:00007f6f9c756038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  297.560953][ T7656] RAX: ffffffffffffffda RBX: 00007f6f9e745fa0 RCX: 00007f6f9e4eeec9
[  297.560960][ T7656] RDX: 0000200000000480 RSI: 00000000000089e0 RDI: 0000000000000004
[  297.560969][ T7656] RBP: 00007f6f9c756090 R08: 0000000000000000 R09: 0000000000000000
[  297.560975][ T7656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  297.560981][ T7656] R13: 00007f6f9e746038 R14: 00007f6f9e745fa0 R15: 00007ffc04fe2158
[  297.560998][ T7656]  </TASK>
[  297.561002][ T7656] ERROR: Out of memory at tomoyo_realpath_from_path.
[  298.310506][    T9] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  298.491093][    T9] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  298.491123][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.491142][    T9] usb 5-1: Product: syz
[  298.491155][    T9] usb 5-1: Manufacturer: syz
[  298.491169][    T9] usb 5-1: SerialNumber: syz
[  298.547441][    T9] usb 5-1: config 0 descriptor??
[  299.801922][ T7671] FAULT_INJECTION: forcing a failure.
[  299.801922][ T7671] name failslab, interval 1, probability 0, space 0, times 0
[  299.801956][ T7671] CPU: 1 UID: 0 PID: 7671 Comm: syz.3.457 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  299.801968][ T7671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  299.801975][ T7671] Call Trace:
[  299.801980][ T7671]  <TASK>
[  299.801985][ T7671]  dump_stack_lvl+0x189/0x250
[  299.802017][ T7671]  ? __pfx____ratelimit+0x10/0x10
[  299.802042][ T7671]  ? __pfx_dump_stack_lvl+0x10/0x10
[  299.802066][ T7671]  ? __pfx__printk+0x10/0x10
[  299.802092][ T7671]  ? __pfx___might_resched+0x10/0x10
[  299.802110][ T7671]  ? fs_reclaim_acquire+0x7d/0x100
[  299.802130][ T7671]  should_fail_ex+0x46c/0x600
[  299.802148][ T7671]  ? __alloc_skb+0x112/0x2d0
[  299.802161][ T7671]  should_failslab+0xa8/0x100
[  299.802179][ T7671]  ? __alloc_skb+0x112/0x2d0
[  299.802199][ T7671]  kmem_cache_alloc_node_noprof+0x77/0x330
[  299.802230][ T7671]  __alloc_skb+0x112/0x2d0
[  299.802257][ T7671]  kcm_sendmsg+0x2662/0x2ad0
[  299.802289][ T7671]  ? __lock_acquire+0xab9/0xd20
[  299.802303][ T7671]  ? smack_socket_sendmsg+0x1a7/0x520
[  299.802318][ T7671]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  299.802337][ T7671]  ? is_bpf_text_address+0x26/0x2b0
[  299.802366][ T7671]  ? __pfx_kcm_sendmsg+0x10/0x10
[  299.802394][ T7671]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  299.802412][ T7671]  ? __pfx_kcm_sendmsg+0x10/0x10
[  299.802432][ T7671]  __sock_sendmsg+0x21c/0x270
[  299.802457][ T7671]  ____sys_sendmsg+0x508/0x820
[  299.802472][ T7671]  ? __pfx_____sys_sendmsg+0x10/0x10
[  299.802487][ T7671]  ? import_iovec+0x74/0xa0
[  299.802501][ T7671]  ___sys_sendmsg+0x21f/0x2a0
[  299.802516][ T7671]  ? __pfx____sys_sendmsg+0x10/0x10
[  299.802573][ T7671]  ? __fget_files+0x2a/0x420
[  299.802595][ T7671]  ? __fget_files+0x3a6/0x420
[  299.802628][ T7671]  __x64_sys_sendmsg+0x1a1/0x260
[  299.802640][ T7671]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  299.802655][ T7671]  ? __pfx_ksys_write+0x10/0x10
[  299.802670][ T7671]  ? do_syscall_64+0xbe/0x3b0
[  299.802687][ T7671]  do_syscall_64+0xfa/0x3b0
[  299.802703][ T7671]  ? lockdep_hardirqs_on+0x9c/0x150
[  299.802725][ T7671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.802743][ T7671]  ? clear_bhb_loop+0x60/0xb0
[  299.802764][ T7671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.802781][ T7671] RIP: 0033:0x7f917ecbeec9
[  299.802802][ T7671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  299.802811][ T7671] RSP: 002b:00007f917cf1e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  299.802822][ T7671] RAX: ffffffffffffffda RBX: 00007f917ef15fa0 RCX: 00007f917ecbeec9
[  299.802830][ T7671] RDX: 0000000000000001 RSI: 0000200000000400 RDI: 0000000000000003
[  299.802836][ T7671] RBP: 00007f917cf1e090 R08: 0000000000000000 R09: 0000000000000000
[  299.802842][ T7671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  299.802853][ T7671] R13: 00007f917ef16038 R14: 00007f917ef15fa0 R15: 00007ffebfc6a558
[  299.802882][ T7671]  </TASK>
[  301.517755][    T9] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  301.518041][    T9] asix 5-1:0.0: probe with driver asix failed with error -71
[  302.500176][ T7686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.462'.
[  303.100873][    T9] usb 5-1: USB disconnect, device number 9
[  303.699982][   T10] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  303.830036][ T5956] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  303.840277][   T10] usb 3-1: device descriptor read/64, error -71
[  303.927961][ T7705] overlayfs: failed to clone upperpath
[  303.960595][ T5956] usb 5-1: device descriptor read/64, error -71
[  304.100107][   T10] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  304.226636][ T7707] netlink: 8 bytes leftover after parsing attributes in process `syz.1.467'.
[  304.235791][   T10] usb 3-1: device descriptor read/64, error -71
[  304.349949][   T10] usb usb3-port1: attempt power cycle
[  304.437406][ T5956] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  304.569943][ T5956] usb 5-1: device descriptor read/64, error -71
[  304.680513][ T5956] usb usb5-port1: attempt power cycle
[  305.464652][   T10] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  305.480869][   T10] usb 3-1: device descriptor read/8, error -71
[  305.672435][ T5956] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  305.705676][ T5956] usb 5-1: device descriptor read/8, error -71
[  305.740018][   T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  305.764402][   T10] usb 3-1: device descriptor read/8, error -71
[  305.870608][   T10] usb usb3-port1: unable to enumerate USB device
[  306.270100][ T5956] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  308.254039][ T5956] usb 5-1: device descriptor read/8, error -71
[  308.477355][ T5956] usb usb5-port1: unable to enumerate USB device
[  308.857115][ T7738] netlink: 8 bytes leftover after parsing attributes in process `syz.3.476'.
[  310.109468][ T7743] overlayfs: failed to clone upperpath
[  311.013664][ T7753] netlink: 112 bytes leftover after parsing attributes in process `syz.0.479'.
[  311.134619][ T7755] netlink: 4 bytes leftover after parsing attributes in process `syz.4.480'.
[  314.623236][ T7783] netlink: 10 bytes leftover after parsing attributes in process `syz.4.487'.
[  315.897703][   T37] audit: type=1326 audit(1759082206.874:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7793 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  315.897760][   T37] audit: type=1326 audit(1759082206.874:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7793 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  315.897801][   T37] audit: type=1326 audit(1759082206.874:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7793 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  315.897840][   T37] audit: type=1326 audit(1759082206.874:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7793 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  315.897879][   T37] audit: type=1326 audit(1759082206.874:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7793 comm="syz.1.491" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f322523eec9 code=0x7ffc0000
[  316.463146][ T7802] netlink: 24 bytes leftover after parsing attributes in process `syz.0.494'.
[  317.167716][ T7825] netlink: 'syz.4.497': attribute type 2 has an invalid length.
[  317.167766][ T7825] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.497'.
[  317.167836][ T7825] nbd: must specify at least one socket
[  317.598216][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  317.598292][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  318.342005][ T7829] FAULT_INJECTION: forcing a failure.
[  318.342005][ T7829] name failslab, interval 1, probability 0, space 0, times 0
[  318.342044][ T7829] CPU: 0 UID: 0 PID: 7829 Comm: syz.4.499 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  318.342071][ T7829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  318.342082][ T7829] Call Trace:
[  318.342089][ T7829]  <TASK>
[  318.342097][ T7829]  dump_stack_lvl+0x189/0x250
[  318.342125][ T7829]  ? __pfx____ratelimit+0x10/0x10
[  318.342150][ T7829]  ? __pfx_dump_stack_lvl+0x10/0x10
[  318.342173][ T7829]  ? __pfx__printk+0x10/0x10
[  318.342198][ T7829]  ? __pfx___might_resched+0x10/0x10
[  318.342216][ T7829]  ? fs_reclaim_acquire+0x7d/0x100
[  318.342238][ T7829]  should_fail_ex+0x46c/0x600
[  318.342266][ T7829]  ? __alloc_skb+0x112/0x2d0
[  318.342289][ T7829]  should_failslab+0xa8/0x100
[  318.342312][ T7829]  ? __alloc_skb+0x112/0x2d0
[  318.342332][ T7829]  kmem_cache_alloc_node_noprof+0x77/0x330
[  318.342361][ T7829]  __alloc_skb+0x112/0x2d0
[  318.342389][ T7829]  netlink_sendmsg+0x5c6/0xb30
[  318.342422][ T7829]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.342453][ T7829]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  318.342472][ T7829]  ? __pfx_netlink_sendmsg+0x10/0x10
[  318.342495][ T7829]  __sock_sendmsg+0x21c/0x270
[  318.342520][ T7829]  ____sys_sendmsg+0x508/0x820
[  318.342544][ T7829]  ? __pfx_____sys_sendmsg+0x10/0x10
[  318.342572][ T7829]  ? import_iovec+0x74/0xa0
[  318.342597][ T7829]  ___sys_sendmsg+0x21f/0x2a0
[  318.342618][ T7829]  ? __pfx____sys_sendmsg+0x10/0x10
[  318.342673][ T7829]  ? __fget_files+0x2a/0x420
[  318.342695][ T7829]  ? __fget_files+0x3a6/0x420
[  318.342728][ T7829]  __x64_sys_sendmsg+0x1a1/0x260
[  318.342749][ T7829]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  318.342777][ T7829]  ? __pfx_ksys_write+0x10/0x10
[  318.342796][ T7829]  ? rcu_is_watching+0x15/0xb0
[  318.342826][ T7829]  ? do_syscall_64+0xbe/0x3b0
[  318.342847][ T7829]  do_syscall_64+0xfa/0x3b0
[  318.342863][ T7829]  ? lockdep_hardirqs_on+0x9c/0x150
[  318.342886][ T7829]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.342905][ T7829]  ? clear_bhb_loop+0x60/0xb0
[  318.342932][ T7829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.342949][ T7829] RIP: 0033:0x7f6f9e4eeec9
[  318.342966][ T7829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.342981][ T7829] RSP: 002b:00007f6f9c756038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.343002][ T7829] RAX: ffffffffffffffda RBX: 00007f6f9e745fa0 RCX: 00007f6f9e4eeec9
[  318.343014][ T7829] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000003
[  318.343026][ T7829] RBP: 00007f6f9c756090 R08: 0000000000000000 R09: 0000000000000000
[  318.343038][ T7829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.343049][ T7829] R13: 00007f6f9e746038 R14: 00007f6f9e745fa0 R15: 00007ffc04fe2158
[  318.343079][ T7829]  </TASK>
[  318.808263][ T7833] netlink: 8 bytes leftover after parsing attributes in process `syz.0.501'.
[  321.452213][ T7848] overlayfs: failed to clone upperpath
[  321.532583][   T44] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  322.303987][   T44] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  322.304020][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.304039][   T44] usb 3-1: Product: syz
[  322.304054][   T44] usb 3-1: Manufacturer: syz
[  322.304068][   T44] usb 3-1: SerialNumber: syz
[  322.498170][   T44] usb 3-1: config 0 descriptor??
[  322.945992][   T37] audit: type=1326 audit(1759082213.934:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7853 comm="syz.0.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  322.946050][   T37] audit: type=1326 audit(1759082213.934:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7853 comm="syz.0.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  322.946091][   T37] audit: type=1326 audit(1759082213.934:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7853 comm="syz.0.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  322.946131][   T37] audit: type=1326 audit(1759082213.934:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7853 comm="syz.0.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  322.946171][   T37] audit: type=1326 audit(1759082213.934:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7853 comm="syz.0.507" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  323.548526][ T7862] netlink: 'syz.4.509': attribute type 2 has an invalid length.
[  323.548671][ T7862] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.509'.
[  323.548762][ T7862] nbd: must specify at least one socket
[  325.498402][   T44] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  325.498679][   T44] asix 3-1:0.0: probe with driver asix failed with error -71
[  325.610282][   T44] usb 3-1: USB disconnect, device number 13
[  325.629239][ T7884] netlink: 8 bytes leftover after parsing attributes in process `syz.4.517'.
[  327.685536][ T7893] overlayfs: failed to clone upperpath
[  329.966299][ T7914] netlink: 'syz.4.522': attribute type 2 has an invalid length.
[  329.966322][ T7914] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.522'.
[  329.966340][ T7914] nbd: must specify at least one socket
[  330.146042][   T37] audit: type=1326 audit(1759082221.144:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7908 comm="syz.0.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  330.146094][   T37] audit: type=1326 audit(1759082221.144:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7908 comm="syz.0.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  330.146681][   T37] audit: type=1326 audit(1759082221.144:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7908 comm="syz.0.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  330.146724][   T37] audit: type=1326 audit(1759082221.144:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7908 comm="syz.0.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  330.146763][   T37] audit: type=1326 audit(1759082221.144:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7908 comm="syz.0.521" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  330.590264][ T5914] usb 3-1: new low-speed USB device number 14 using dummy_hcd
[  330.745937][ T5914] usb 3-1: unable to get BOS descriptor or descriptor too short
[  330.747674][ T5914] usb 3-1: config 1 interface 0 altsetting 108 endpoint 0x81 has invalid maxpacket 16, setting to 8
[  330.747708][ T5914] usb 3-1: config 1 interface 0 has no altsetting 0
[  330.751525][ T5914] usb 3-1: string descriptor 0 read error: -22
[  330.751689][ T5914] usb 3-1: New USB device found, idVendor=05ac, idProduct=0263, bcdDevice= 0.40
[  330.751711][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.763038][ T7910] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  330.807244][ T5914] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input8
[  330.833453][ T5956] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  330.997939][ T5956] usb 5-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  330.997976][ T5956] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.997996][ T5956] usb 5-1: Product: syz
[  330.998011][ T5956] usb 5-1: Manufacturer: syz
[  330.998025][ T5956] usb 5-1: SerialNumber: syz
[  331.015416][ T5956] usb 5-1: config 0 descriptor??
[  331.265447][ T7591] udevd[7591]: Error opening device "/dev/input/event4": No such file or directory
[  331.265595][ T7591] udevd[7591]: Unable to EVIOCGABS device "/dev/input/event4"
[  331.265734][ T7591] udevd[7591]: Unable to EVIOCGABS device "/dev/input/event4"
[  331.268122][ T7591] udevd[7591]: Unable to EVIOCGABS device "/dev/input/event4"
[  331.268252][ T7591] udevd[7591]: Unable to EVIOCGABS device "/dev/input/event4"
[  332.856277][ T7946] overlayfs: failed to clone upperpath
[  333.006717][   T10] usb 3-1: USB disconnect, device number 14
[  333.179312][ T7949] netlink: 8 bytes leftover after parsing attributes in process `syz.1.532'.
[  333.433008][ T5956] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  333.433348][ T5956] asix 5-1:0.0: probe with driver asix failed with error -71
[  333.450264][ T5956] usb 5-1: USB disconnect, device number 14
[  335.384170][ T7960] netlink: 'syz.3.535': attribute type 2 has an invalid length.
[  335.384194][ T7960] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.535'.
[  335.384212][ T7960] nbd: must specify at least one socket
[  336.762832][   T37] audit: type=1326 audit(1759082227.764:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7968 comm="syz.3.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  336.762886][   T37] audit: type=1326 audit(1759082227.764:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7968 comm="syz.3.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  336.763551][   T37] audit: type=1326 audit(1759082227.764:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7968 comm="syz.3.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  336.763596][   T37] audit: type=1326 audit(1759082227.764:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7968 comm="syz.3.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  336.763635][   T37] audit: type=1326 audit(1759082227.764:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7968 comm="syz.3.537" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  336.775738][ T7976] netlink: 'syz.1.540': attribute type 17 has an invalid length.
[  336.775760][ T7976] netlink: 152 bytes leftover after parsing attributes in process `syz.1.540'.
[  336.776368][ T7976] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  337.072399][ T7987] overlayfs: failed to clone upperpath
[  339.917408][ T8008] netlink: 'syz.4.547': attribute type 2 has an invalid length.
[  339.917458][ T8008] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.547'.
[  339.917536][ T8008] nbd: must specify at least one socket
[  340.670862][ T8014] netlink: 8 bytes leftover after parsing attributes in process `syz.1.550'.
[  342.510041][ T5956] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  342.624393][ T8029] overlayfs: failed to clone upperpath
[  342.666747][ T5956] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  342.666778][ T5956] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.666796][ T5956] usb 3-1: Product: syz
[  342.666809][ T5956] usb 3-1: Manufacturer: syz
[  342.666823][ T5956] usb 3-1: SerialNumber: syz
[  342.712359][ T5956] usb 3-1: config 0 descriptor??
[  344.390493][   T37] audit: type=1326 audit(1759082235.384:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8044 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  344.391007][   T37] audit: type=1326 audit(1759082235.394:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8044 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  344.391320][   T37] audit: type=1326 audit(1759082235.394:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8044 comm="syz.0.558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  345.827339][ T5956] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  345.827599][ T5956] asix 3-1:0.0: probe with driver asix failed with error -71
[  345.857589][ T5956] usb 3-1: USB disconnect, device number 15
[  346.274553][ T8059] netlink: 'syz.1.560': attribute type 2 has an invalid length.
[  346.274577][ T8059] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.560'.
[  346.274594][ T8059] nbd: must specify at least one socket
[  347.260746][ T8069] FAULT_INJECTION: forcing a failure.
[  347.260746][ T8069] name failslab, interval 1, probability 0, space 0, times 0
[  347.260779][ T8069] CPU: 1 UID: 0 PID: 8069 Comm: syz.4.566 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  347.260800][ T8069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  347.260811][ T8069] Call Trace:
[  347.260818][ T8069]  <TASK>
[  347.260826][ T8069]  dump_stack_lvl+0x189/0x250
[  347.260871][ T8069]  ? __pfx____ratelimit+0x10/0x10
[  347.260895][ T8069]  ? __pfx_dump_stack_lvl+0x10/0x10
[  347.260918][ T8069]  ? __pfx__printk+0x10/0x10
[  347.260942][ T8069]  ? __pfx___might_resched+0x10/0x10
[  347.260959][ T8069]  ? fs_reclaim_acquire+0x7d/0x100
[  347.260980][ T8069]  should_fail_ex+0x46c/0x600
[  347.261007][ T8069]  ? __alloc_skb+0x112/0x2d0
[  347.261029][ T8069]  should_failslab+0xa8/0x100
[  347.261052][ T8069]  ? __alloc_skb+0x112/0x2d0
[  347.261071][ T8069]  kmem_cache_alloc_node_noprof+0x77/0x330
[  347.261099][ T8069]  __alloc_skb+0x112/0x2d0
[  347.261125][ T8069]  netlink_sendmsg+0x5c6/0xb30
[  347.261157][ T8069]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.261187][ T8069]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  347.261205][ T8069]  ? __pfx_netlink_sendmsg+0x10/0x10
[  347.261229][ T8069]  __sock_sendmsg+0x21c/0x270
[  347.261254][ T8069]  ____sys_sendmsg+0x508/0x820
[  347.261279][ T8069]  ? __pfx_____sys_sendmsg+0x10/0x10
[  347.261312][ T8069]  ? import_iovec+0x74/0xa0
[  347.261337][ T8069]  ___sys_sendmsg+0x21f/0x2a0
[  347.261358][ T8069]  ? __pfx____sys_sendmsg+0x10/0x10
[  347.261412][ T8069]  ? __fget_files+0x2a/0x420
[  347.261433][ T8069]  ? __fget_files+0x3a6/0x420
[  347.261466][ T8069]  __x64_sys_sendmsg+0x1a1/0x260
[  347.261488][ T8069]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  347.261516][ T8069]  ? __pfx_ksys_write+0x10/0x10
[  347.261543][ T8069]  ? do_syscall_64+0xbe/0x3b0
[  347.261565][ T8069]  do_syscall_64+0xfa/0x3b0
[  347.261581][ T8069]  ? lockdep_hardirqs_on+0x9c/0x150
[  347.261604][ T8069]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.261621][ T8069]  ? clear_bhb_loop+0x60/0xb0
[  347.261643][ T8069]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  347.261660][ T8069] RIP: 0033:0x7f6f9e4eeec9
[  347.261677][ T8069] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  347.261692][ T8069] RSP: 002b:00007f6f9c756038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  347.261711][ T8069] RAX: ffffffffffffffda RBX: 00007f6f9e745fa0 RCX: 00007f6f9e4eeec9
[  347.261724][ T8069] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000003
[  347.261736][ T8069] RBP: 00007f6f9c756090 R08: 0000000000000000 R09: 0000000000000000
[  347.261747][ T8069] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  347.261758][ T8069] R13: 00007f6f9e746038 R14: 00007f6f9e745fa0 R15: 00007ffc04fe2158
[  347.261789][ T8069]  </TASK>
[  347.926408][   T37] audit: type=1326 audit(1759082238.914:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8072 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  347.926464][   T37] audit: type=1326 audit(1759082238.914:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8072 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  347.926507][   T37] audit: type=1326 audit(1759082238.914:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8072 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  347.926548][   T37] audit: type=1326 audit(1759082238.914:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8072 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  347.926587][   T37] audit: type=1326 audit(1759082238.914:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8072 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6f9e4eeec9 code=0x7ffc0000
[  348.152094][ T8077] netlink: 8 bytes leftover after parsing attributes in process `syz.1.570'.
[  348.159702][ T8083] FAULT_INJECTION: forcing a failure.
[  348.159702][ T8083] name failslab, interval 1, probability 0, space 0, times 0
[  348.159734][ T8083] CPU: 0 UID: 0 PID: 8083 Comm: syz.2.568 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  348.159755][ T8083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  348.159767][ T8083] Call Trace:
[  348.159774][ T8083]  <TASK>
[  348.159781][ T8083]  dump_stack_lvl+0x189/0x250
[  348.159814][ T8083]  ? __pfx____ratelimit+0x10/0x10
[  348.159836][ T8083]  ? __pfx_dump_stack_lvl+0x10/0x10
[  348.159857][ T8083]  ? __pfx__printk+0x10/0x10
[  348.159879][ T8083]  ? __pfx___might_resched+0x10/0x10
[  348.159897][ T8083]  ? fs_reclaim_acquire+0x7d/0x100
[  348.159916][ T8083]  should_fail_ex+0x46c/0x600
[  348.159943][ T8083]  ? __alloc_skb+0x112/0x2d0
[  348.159971][ T8083]  should_failslab+0xa8/0x100
[  348.159994][ T8083]  ? __alloc_skb+0x112/0x2d0
[  348.160012][ T8083]  kmem_cache_alloc_node_noprof+0x77/0x330
[  348.160040][ T8083]  __alloc_skb+0x112/0x2d0
[  348.160064][ T8083]  netlink_sendmsg+0x5c6/0xb30
[  348.160096][ T8083]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.160125][ T8083]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  348.160142][ T8083]  ? __pfx_netlink_sendmsg+0x10/0x10
[  348.160164][ T8083]  __sock_sendmsg+0x21c/0x270
[  348.160189][ T8083]  ____sys_sendmsg+0x508/0x820
[  348.160212][ T8083]  ? __pfx_____sys_sendmsg+0x10/0x10
[  348.160240][ T8083]  ? import_iovec+0x74/0xa0
[  348.160265][ T8083]  ___sys_sendmsg+0x21f/0x2a0
[  348.160285][ T8083]  ? __pfx____sys_sendmsg+0x10/0x10
[  348.160340][ T8083]  ? __fget_files+0x2a/0x420
[  348.160361][ T8083]  ? __fget_files+0x3a6/0x420
[  348.160399][ T8083]  __x64_sys_sendmsg+0x1a1/0x260
[  348.160420][ T8083]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  348.160446][ T8083]  ? __pfx_ksys_write+0x10/0x10
[  348.160465][ T8083]  ? rcu_is_watching+0x15/0xb0
[  348.160494][ T8083]  ? do_syscall_64+0xbe/0x3b0
[  348.160515][ T8083]  do_syscall_64+0xfa/0x3b0
[  348.160531][ T8083]  ? lockdep_hardirqs_on+0x9c/0x150
[  348.160554][ T8083]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.160572][ T8083]  ? clear_bhb_loop+0x60/0xb0
[  348.160597][ T8083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  348.160615][ T8083] RIP: 0033:0x7f4c8321eec9
[  348.160631][ T8083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  348.160646][ T8083] RSP: 002b:00007f4c8147e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  348.160666][ T8083] RAX: ffffffffffffffda RBX: 00007f4c83475fa0 RCX: 00007f4c8321eec9
[  348.160680][ T8083] RDX: 0000000000000090 RSI: 00002000000002c0 RDI: 0000000000000003
[  348.160691][ T8083] RBP: 00007f4c8147e090 R08: 0000000000000000 R09: 0000000000000000
[  348.160703][ T8083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  348.160714][ T8083] R13: 00007f4c83476038 R14: 00007f4c83475fa0 R15: 00007ffd9a1a5558
[  348.160744][ T8083]  </TASK>
[  350.977279][ T8101] netlink: 'syz.0.575': attribute type 2 has an invalid length.
[  350.977302][ T8101] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.575'.
[  350.977320][ T8101] nbd: must specify at least one socket
[  355.440758][   T37] audit: type=1326 audit(1759082246.444:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8128 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  355.440818][   T37] audit: type=1326 audit(1759082246.444:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8128 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  355.441756][   T37] audit: type=1326 audit(1759082246.444:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8128 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  355.441800][   T37] audit: type=1326 audit(1759082246.444:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8128 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  355.441841][   T37] audit: type=1326 audit(1759082246.444:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8128 comm="syz.3.585" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  357.465892][ T8148] netlink: 'syz.2.588': attribute type 2 has an invalid length.
[  357.465913][ T8148] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.588'.
[  357.465930][ T8148] nbd: must specify at least one socket
[  358.272367][ T8155] netlink: 8 bytes leftover after parsing attributes in process `syz.2.594'.
[  359.459044][ T8162] netlink: 4 bytes leftover after parsing attributes in process `syz.4.591'.
[  359.970019][   T10] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  360.832156][   T10] usb 4-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  360.832188][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.832208][   T10] usb 4-1: Product: syz
[  360.832222][   T10] usb 4-1: Manufacturer: syz
[  360.832236][   T10] usb 4-1: SerialNumber: syz
[  360.897414][   T10] usb 4-1: config 0 descriptor??
[  363.401913][   T10] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  363.402206][   T10] asix 4-1:0.0: probe with driver asix failed with error -71
[  363.759923][   T10] usb 4-1: USB disconnect, device number 9
[  365.277628][   T37] audit: type=1326 audit(1759082256.274:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.0.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  365.277682][   T37] audit: type=1326 audit(1759082256.274:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.0.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  365.277723][   T37] audit: type=1326 audit(1759082256.274:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.0.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  365.277763][   T37] audit: type=1326 audit(1759082256.274:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.0.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  365.277804][   T37] audit: type=1326 audit(1759082256.274:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8197 comm="syz.0.604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb40dc0eec9 code=0x7ffc0000
[  365.608562][ T8206] netlink: 'syz.4.605': attribute type 2 has an invalid length.
[  365.608644][ T8206] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.605'.
[  365.608721][ T8206] nbd: must specify at least one socket
[  366.674742][ T8210] netlink: 8 bytes leftover after parsing attributes in process `syz.4.609'.
[  371.319477][ T8238] netlink: 8 bytes leftover after parsing attributes in process `syz.4.615'.
[  374.200731][ T8254] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  374.803494][ T8262] netlink: 'syz.3.621': attribute type 2 has an invalid length.
[  374.803591][ T8262] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.621'.
[  374.803664][ T8262] nbd: must specify at least one socket
[  377.751803][ T8280] netlink: 'syz.4.625': attribute type 2 has an invalid length.
[  377.751827][ T8280] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.625'.
[  377.751845][ T8280] nbd: must specify at least one socket
[  377.774203][ T8277] netlink: 8 bytes leftover after parsing attributes in process `syz.0.636'.
[  379.033817][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  379.033902][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  380.157723][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.304926][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.750534][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.829415][    C1] vkms_vblank_simulate: vblank timer overrun
[  381.986715][    C1] vkms_vblank_simulate: vblank timer overrun
[  382.454278][    C1] vkms_vblank_simulate: vblank timer overrun
[  385.279848][    C0] sched: DL replenish lagged too much
[  388.613300][ T8341] netlink: 'syz.4.639': attribute type 2 has an invalid length.
[  388.613324][ T8341] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.639'.
[  388.613343][ T8341] nbd: must specify at least one socket
[  390.082541][ T8349] netlink: 8 bytes leftover after parsing attributes in process `syz.1.642'.
[  392.118032][ T8356] netlink: 'syz.4.645': attribute type 58 has an invalid length.
[  392.118055][ T8356] netlink: 152 bytes leftover after parsing attributes in process `syz.4.645'.
[  392.661406][   T37] audit: type=1326 audit(1759082283.664:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8353 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  392.661458][   T37] audit: type=1326 audit(1759082283.664:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8353 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  392.661498][   T37] audit: type=1326 audit(1759082283.664:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8353 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  393.233064][   T37] audit: type=1326 audit(1759082284.214:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8353 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  393.233116][   T37] audit: type=1326 audit(1759082284.214:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8353 comm="syz.3.643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f917ecbeec9 code=0x7ffc0000
[  398.106848][ T8396] netlink: 32 bytes leftover after parsing attributes in process `syz.1.658'.
[  398.246566][ T8398] netlink: 8 bytes leftover after parsing attributes in process `syz.1.659'.
[  443.753398][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  443.761662][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  443.763443][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  443.764628][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  443.765374][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  444.593049][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  444.617359][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  452.895970][ T5849] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  453.234619][ T5849] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  453.235154][ T5849] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  453.236251][ T5849] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  453.236857][ T5849] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  460.782355][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  461.540851][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  461.546190][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  464.456763][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  466.459107][ T5849] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  468.553507][   T59] Bluetooth: hci5: command tx timeout
[  471.144886][   T59] Bluetooth: hci5: command tx timeout
[  473.214079][   T59] Bluetooth: hci5: command tx timeout
[  476.104584][   T59] Bluetooth: hci5: command tx timeout
[  477.373542][ T5842] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  477.382426][ T5842] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  477.383590][ T5842] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  477.385117][ T5842] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  477.385880][ T5842] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  480.539696][   T59] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  480.746111][   T59] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  480.926143][   T59] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  482.062899][ T5849] Bluetooth: hci7: command tx timeout
[  483.037288][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  484.210730][ T5842] Bluetooth: hci7: command tx timeout
[  485.431640][ T5849] Bluetooth: hci6: command 0x0c14 tx timeout
[  485.431645][ T8437] Bluetooth: hci6: Opcode 0x0c14 failed: -110
[  486.434597][   T59] Bluetooth: hci7: command tx timeout
[  488.989889][ T5842] Bluetooth: hci7: command tx timeout
[  493.824259][   T59] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  494.291323][   T59] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  494.296096][   T59] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  494.339031][   T59] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  494.358735][   T59] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  497.316818][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  497.317279][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  497.317689][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  497.318835][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  497.319613][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  507.467246][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  507.475586][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  516.006135][ T5842] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  516.596999][ T5842] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  517.094180][ T5155] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  517.096018][ T5155] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  517.105204][ T5155] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  517.129897][ T8460] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  517.131116][ T8460] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  517.131909][ T8460] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  519.664743][   T59] Bluetooth: hci8: Opcode 0x1005 failed: -110
[  521.076933][ T8460] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  521.309218][ T5842] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  521.331935][ T5842] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  522.699565][ T8460] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  523.367155][ T5842] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  523.769711][ T5842] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  524.789493][ T5842] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  524.794342][ T5842] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  524.795523][ T5842] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  524.796271][ T5842] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  544.683936][ T5155] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  544.715220][ T5155] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  544.717800][ T5155] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  544.719019][ T5155] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  544.719847][ T5155] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  551.825881][   T59] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  551.850772][   T59] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  553.100694][   T59] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  553.103856][   T59] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  553.105333][   T59] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  564.996128][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  565.004319][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  570.244361][ T8474] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  570.536110][ T8474] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  570.748383][ T8477] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  570.755747][ T8477] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  570.763243][ T8477] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  593.777223][ T5155] Bluetooth: hci5: command tx timeout
[  602.245764][ T8459] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  603.726509][ T8481] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  604.659386][ T8459] Bluetooth: hci13: Opcode 0x0c03 failed: -110
[  605.577938][ T8486] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  605.584910][ T8487] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  605.585804][ T8487] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  605.590676][ T8487] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  607.849887][ T5155] Bluetooth: hci7: command 0x0406 tx timeout
[  607.856982][ T8487] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  607.891094][ T8487] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  609.631297][ T5155] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  609.632218][ T5155] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  615.817309][ T8482] Bluetooth: hci12: Opcode 0x0c1a failed: -110
[  621.320060][ T8481] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  623.274088][ T8484] Bluetooth: hci13: Opcode 0x0c03 failed: -110
[  624.771436][ T5155] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  624.998688][ T5155] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  625.230450][ T5155] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  625.231638][ T5155] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  625.233140][ T5155] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  631.517060][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[  631.526227][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[  632.739566][ T5155] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  634.440613][ T5155] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  635.122018][ T5155] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  637.139232][ T5155] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  638.145821][ T5155] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  664.026847][ T8495] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  666.559279][ T8495] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  666.654593][ T8495] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  666.655912][ T8495] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  666.656795][ T8495] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  680.817313][   T38] INFO: task kworker/u9:3:5842 blocked for more than 147 seconds.
[  680.817338][   T38]       Not tainted syzkaller #0
[  680.817348][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  680.817358][   T38] task:kworker/u9:3    state:D stack:22888 pid:5842  tgid:5[  680.817358][   T38] task:kworker/u9:3    state:D stack:22888 pid:5842  tgid:5842  ppid:2      task_flags:0x4208060 flags:0x00004000
[  680.817405][   T38] Workqueue: hci9 hci_rx_work
[  680.817443][   T38] Call Trace:
[  680.817450][   T38]  <TASK>
[  680.817463][   T38]  __schedule+0x16f3/0x4c20
[  680.817517][   T38]  ? __pfx___schedule+0x10/0x10
[  680.817559][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  680.817588][   T38]  rt_mutex_schedule+0x77/0xf0
[  680.817607][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  680.817629][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  680.817668][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  680.817693][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  680.817715][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  680.817734][   T38]  ? __lock_acquire+0xab9/0xd20
[  680.817768][   T38]  ? hci_remote_features_evt+0x516/0x8e0
[  680.817803][   T38]  ? hci_remote_features_evt+0x516/0x8e0
[  680.817823][   T38]  mutex_lock_nested+0x16a/0x1d0
[  680.817850][   T38]  hci_remote_features_evt+0x516/0x8e0
[  680.817878][   T38]  ? __pfx_hci_remote_features_evt+0x10/0x10
[  680.817914][   T38]  hci_event_packet+0x7e3/0x1200
[  680.817938][   T38]  ? __pfx_hci_remote_features_evt+0x10/0x10
[  680.817963][   T38]  ? __pfx_hci_event_packet+0x10/0x10
[  680.817990][   T38]  ? __pfx_migrate_enable+0x10/0x10
[  680.818020][   T38]  ? hci_send_to_monitor+0xe2/0x570
[  680.818048][   T38]  hci_rx_work+0x46a/0xe80
[  680.818078][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  680.818102][   T38]  process_scheduled_works+0xae1/0x17b0
[  680.818154][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  680.818194][   T38]  worker_thread+0x8a0/0xda0
[  680.818243][   T38]  kthread+0x711/0x8a0
[  680.818270][   T38]  ? __pfx_worker_thread+0x10/0x10
[  680.818291][   T38]  ? __pfx_kthread+0x10/0x10
[  680.818321][   T38]  ? __pfx_kthread+0x10/0x10
[  680.818345][   T38]  ret_from_fork+0x436/0x7d0
[  680.818371][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  680.818399][   T38]  ? __switch_to_asm+0x39/0x70
[  680.818415][   T38]  ? __switch_to_asm+0x33/0x70
[  680.818431][   T38]  ? __pfx_kthread+0x10/0x10
[  680.818455][   T38]  ret_from_fork_asm+0x1a/0x30
[  680.818490][   T38]  </TASK>
[  680.818541][   T38] INFO: task kworker/u9:4:8460 blocked for more than 147 seconds.
[  680.818555][   T38]       Not tainted syzkaller #0
[  680.818564][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  680.818573][   T38] task:kworker/u9:4    state:D stack:27208 pid:8460  tgid:8460  ppid:2      task_flags:0x4208060 flags:0x00004000
[  680.818618][   T38] Workqueue: hci8 hci_rx_work
[  680.818637][   T38] Call Trace:
[  680.818643][   T38]  <TASK>
[  680.818654][   T38]  __schedule+0x16f3/0x4c20
[  680.818704][   T38]  ? __pfx___schedule+0x10/0x10
[  680.818746][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  680.818774][   T38]  rt_mutex_schedule+0x77/0xf0
[  680.818792][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  680.818813][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  680.818852][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  680.818876][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  680.818899][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  680.818918][   T38]  ? __lock_acquire+0xab9/0xd20
[  680.818950][   T38]  ? hci_remote_features_evt+0x516/0x8e0
[  680.818992][   T38]  ? hci_remote_features_evt+0x516/0x8e0
[  680.819012][   T38]  mutex_lock_nested+0x16a/0x1d0
[  680.819039][   T38]  hci_remote_features_evt+0x516/0x8e0
[  680.819067][   T38]  ? __pfx_hci_remote_features_evt+0x10/0x10
[  680.819103][   T38]  hci_event_packet+0x7e3/0x1200
[  680.819127][   T38]  ? __pfx_hci_remote_features_evt+0x10/0x10
[  680.819152][   T38]  ? __pfx_hci_event_packet+0x10/0x10
[  680.819173][   T38]  ? __pfx_migrate_enable+0x10/0x10
[  680.819202][   T38]  ? hci_send_to_monitor+0xe2/0x570
[  680.819229][   T38]  hci_rx_work+0x46a/0xe80
[  680.819258][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  680.819282][   T38]  process_scheduled_works+0xae1/0x17b0
[  680.819334][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  680.819373][   T38]  worker_thread+0x8a0/0xda0
[  680.819397][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  680.819431][   T38]  ? __kthread_parkme+0x7b/0x200
[  680.819463][   T38]  kthread+0x711/0x8a0
[  680.819490][   T38]  ? __pfx_worker_thread+0x10/0x10
[  680.819511][   T38]  ? __pfx_kthread+0x10/0x10
[  680.819540][   T38]  ? __pfx_kthread+0x10/0x10
[  680.819565][   T38]  ret_from_fork+0x436/0x7d0
[  680.819589][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  680.819618][   T38]  ? __switch_to_asm+0x39/0x70
[  680.819634][   T38]  ? __switch_to_asm+0x33/0x70
[  680.819650][   T38]  ? __pfx_kthread+0x10/0x10
[  680.819674][   T38]  ret_from_fork_asm+0x1a/0x30
[  680.819708][   T38]  </TASK>
[  680.819737][   T38] 
[  680.819737][   T38] Showing all locks held in the system:
[  680.819747][   T38] 5 locks held by kworker/u8:1/13:
[  680.819757][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.884250][   T38]  #1: ffffc90000127bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.884314][   T38]  #2: ffff88805de20898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.884364][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.884410][   T38]  #4: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  680.884457][   T38] 4 locks held by pr/legacy/17:
[  680.884469][   T38] 2 locks held by rcuc/1/28:
[  680.884479][   T38]  #0: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.884523][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.884569][   T38] 1 lock held by khungtaskd/38:
[  680.884579][   T38]  #0: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  680.884623][   T38] 5 locks held by kworker/u8:2/43:
[  680.884633][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.884678][   T38]  #1: ffffc90000b47bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.884723][   T38]  #2: ffff88805d8c0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.884768][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.884811][   T38]  #4: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.884855][   T38] 4 locks held by kworker/1:1/44:
[  680.884865][   T38]  #0: ffff888059cd2938 ((wq_completion)wg-crypt-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.884914][   T38]  #1: ffffc90000b57bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.884959][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.885015][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.885067][   T38] 5 locks held by kworker/u8:3/57:
[  680.885077][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.885122][   T38]  #1: ffffc9000123fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.885167][   T38]  #2: ffff88805cd70898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.885213][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.885339][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.885388][   T38] 4 locks held by kworker/u9:0/59:
[  680.885398][   T38]  #0: ffff88803647a938 ((wq_completion)hci10#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.885446][   T38]  #1: ffffc9000125fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.885490][   T38]  #2: ffff888028c0c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.885536][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.885583][   T38] 5 locks held by kworker/u8:4/67:
[  680.885593][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.885638][   T38]  #1: ffffc9000152fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.885683][   T38]  #2: ffff88805cfa0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.885730][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.885774][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.885824][   T38] 3 locks held by kworker/u8:5/152:
[  680.885833][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.885880][   T38]  #1: ffffc90003a2fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.885924][   T38]  #2: ffff88805e140898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.885977][   T38] 5 locks held by kworker/u8:6/1167:
[  680.885989][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.886033][   T38]  #1: ffffc90004bf7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.886117][   T38]  #2: ffff88805d4f0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.886155][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.886196][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.886240][   T38] 5 locks held by kworker/u8:7/1215:
[  680.886250][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.886295][   T38]  #1: ffffc90004e77bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.886337][   T38]  #2: ffff88805d210898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.886380][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.886424][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.886469][   T38] 4 locks held by kworker/1:2/1233:
[  680.886480][   T38]  #0: ffff88805a010938 ((wq_completion)wg-crypt-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.886529][   T38]  #1: ffffc90004ef7bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.886574][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.886617][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.886664][   T38] 5 locks held by kworker/u8:8/1446:
[  680.886675][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.886721][   T38]  #1: ffffc90005477bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.886766][   T38]  #2: ffff88805dc40898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.886812][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.886856][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.886900][   T38] 2 locks held by kworker/u8:11/1592:
[  680.886922][   T38] 5 locks held by kworker/u8:12/2954:
[  680.886933][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.886988][   T38]  #1: ffffc9000d22fbc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.887034][   T38]  #2: ffff88805d960898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.887079][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.887122][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.887167][   T38] 4 locks held by kworker/u9:1/5155:
[  680.887178][   T38]  #0: ffff888023d06938 ((wq_completion)hci15#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.887226][   T38]  #1: ffffc90010437bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.887271][   T38]  #2: ffff8880568a00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.887315][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.887362][   T38] 2 locks held by getty/5596:
[  680.887372][   T38]  #0: ffff88823bf3e8a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  680.887413][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1410
[  680.887458][   T38] 2 locks held by dhcpcd/5625:
[  680.887470][   T38] 3 locks held by syz-executor/5824:
[  680.887480][   T38]  #0: ffff88803dfa21d0 (sk_lock-AF_INET){+.+.}-{0:0}, at: tcp_recvmsg+0xd3/0x560
[  680.887527][   T38]  #1: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.887571][   T38]  #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.887616][   T38] 4 locks held by syz-executor/5839:
[  680.887626][   T38]  #0: ffff88802fba0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  680.887671][   T38]  #1: ffff88802fba00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  680.887718][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  680.887760][   T38]  #3: ffff888029145b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x70/0x680
[  680.887806][   T38] 4 locks held by kworker/u9:3/5842:
[  680.887816][   T38]  #0: ffff8880562b7938 ((wq_completion)hci9#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.887865][   T38]  #1: ffffc90004ab7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.887911][   T38]  #2: ffff88806a21c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.887955][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.888008][   T38] 2 locks held by syz-executor/5845:
[  680.888018][   T38]  #0: ffff88803c540e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  680.888062][   T38]  #1: ffff88803c5400a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  680.888108][   T38] 4 locks held by kworker/u9:6/5849:
[  680.888119][   T38]  #0: ffff88805e4f3138 ((wq_completion)hci6#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.888167][   T38]  #1: ffffc90004b47bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.888211][   T38]  #2: ffff8880267300a8 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xb1/0x1500
[  680.888258][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_connect_cfm+0x2c/0x140
[  680.888304][   T38] 3 locks held by syz-executor/5850:
[  680.888315][   T38]  #0: ffff888028340e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  680.888359][   T38]  #1: ffff8880283400a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  680.888406][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  680.888452][   T38] 2 locks held by napi/wg2-0/5898:
[  680.888463][   T38]  #0: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.888507][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.888553][   T38] 2 locks held by napi/wg0-0/5901:
[  680.888563][   T38]  #0: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.888607][   T38]  #1: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.888653][   T38] 4 locks held by kworker/1:4/5914:
[  680.888663][   T38]  #0: ffff888059cd2938 ((wq_completion)wg-crypt-wg1#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.888712][   T38]  #1: ffffc90004fe7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.888771][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.888815][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.888861][   T38] 2 locks held by napi/wg2-0/5926:
[  680.888871][   T38]  #0: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.888916][   T38]  #1: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.888991][   T38] 4 locks held by kworker/0:5/5928:
[  680.889002][   T38]  #0: ffff888059cd3d38 ((wq_completion)wg-crypt-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.889051][   T38]  #1: ffffc900050e7bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.889110][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.889154][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.889200][   T38] 4 locks held by kworker/1:5/5956:
[  680.889216][   T38]  #0: ffff888059cd1138 ((wq_completion)wg-crypt-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.889269][   T38]  #1: ffffc900051c7bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.889315][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.889358][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.889404][   T38] 4 locks held by kworker/0:8/6038:
[  680.889415][   T38]  #0: ffff888059c2dd38 ((wq_completion)wg-kex-wg0#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.889463][   T38]  #1: ffffc90005427bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.889522][   T38]  #2: ffff8880316895f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x1c7/0xb00
[  680.889569][   T38]  #3: ffff88805b8783f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_consume_response+0x267/0xb00
[  680.889616][   T38] 4 locks held by kworker/u8:13/6079:
[  680.889626][   T38]  #0: ffff88814d2c9138 ((wq_completion)bat_events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.889672][   T38]  #1: ffffc900055c7bc0 ((work_completion)(&(&bat_priv->tt.work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.889718][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.889763][   T38]  #3: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.923021][   T38] 7 locks held by kworker/u8:14/6081:
[  680.923041][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.923095][   T38]  #1: ffffc900055e7bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.923142][   T38]  #2: ffff88805b77f300 (&devlink->lock_key#2){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  680.923197][   T38]  #3: ffff88805b747d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  680.923244][   T38]  #4: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  680.923289][   T38]  #5: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.923334][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.923378][   T38] 5 locks held by kworker/u8:15/6082:
[  680.923388][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.923433][   T38]  #1: ffffc900055f7bc0 ((work_completion)(&rdev->wiphy_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.923478][   T38]  #2: ffff88805cce0898 (&rdev->wiphy.mtx){+.+.}-{4:4}, at: cfg80211_wiphy_work+0xc4/0x470
[  680.923526][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.923569][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.923614][   T38] 6 locks held by kworker/u8:16/6083:
[  680.923625][   T38]  #0: ffff88803aade938 ((wq_completion)wg-kex-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.923674][   T38]  #1: ffffc90005617bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.923720][   T38]  #2: ffff8880316895f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  680.923766][   T38]  #3: ffff88805b8783f8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  680.923809][   T38]  #4: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.923851][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.923895][   T38] 5 locks held by kworker/1:7/6126:
[  680.923906][   T38]  #0: ffff888059cdc138 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.923963][   T38]  #1: ffffc90005627bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.924022][   T38]  #2: ffff88805b87d8b8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_begin_session+0x38/0xbe0
[  680.924067][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.924111][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.924155][   T38] 7 locks held by kworker/u8:17/6183:
[  680.924166][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.924209][   T38]  #1: ffffc90005767bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.924255][   T38]  #2: ffff88805bcf5300 (&devlink->lock_key#5){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  680.924306][   T38]  #3: ffff88805bb5bd20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  680.924354][   T38]  #4: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  680.924398][   T38]  #5: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.924442][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.924487][   T38] 5 locks held by kworker/u8:19/6185:
[  680.924498][   T38] 4 locks held by kworker/1:8/6689:
[  680.924508][   T38]  #0: ffff888059c2e138 ((wq_completion)wg-crypt-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.924557][   T38]  #1: ffffc9000cd7fbc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.924603][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.924647][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.924692][   T38] 4 locks held by kworker/1:9/7150:
[  680.924702][   T38]  #0: ffff888059c2f538 ((wq_completion)wg-crypt-wg0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.924747][   T38]  #1: ffffc90005697bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.924806][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.924850][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.924895][   T38] 2 locks held by kworker/0:13/8329:
[  680.924906][   T38]  #0: ffff888019898538 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.924950][   T38]  #1: ffffc9000d5cfbc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.925000][   T38] 4 locks held by kworker/0:14/8330:
[  680.925011][   T38]  #0: ffff888059cdc138 ((wq_completion)wg-kex-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.925060][   T38]  #1: ffffc9000d5afbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.925118][   T38]  #2: ffff88803186d5f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x115/0x970
[  680.925164][   T38]  #3: ffff88805b87d8b8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_response+0x126/0x970
[  680.925207][   T38] 3 locks held by syz.4.654/8389:
[  680.925218][   T38]  #0: ffff8880303ece80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[  680.925262][   T38]  #1: ffff8880303ec0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[  680.925309][   T38]  #2: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_hash_flush+0xa1/0x230
[  680.925352][   T38] 1 lock held by syz.1.659/8398:
[  680.925363][   T38]  #0: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[  680.925411][   T38] 7 locks held by kworker/u8:21/8404:
[  680.925421][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.925465][   T38]  #1: ffffc90004907bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.925511][   T38]  #2: ffff88805b4ee300 (&devlink->lock_key){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  680.925559][   T38]  #3: ffff88805b455920 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  680.925607][   T38]  #4: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  680.925650][   T38]  #5: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.925693][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.925738][   T38] 4 locks held by kworker/1:11/8409:
[  680.925749][   T38]  #0: ffff888059cd3d38 ((wq_completion)wg-crypt-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.925798][   T38]  #1: ffffc9000cd47bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.925857][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.925900][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.925945][   T38] 4 locks held by kworker/1:14/8412:
[  680.925961][   T38]  #0: ffff888059c2f538 ((wq_completion)wg-crypt-wg0){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.926006][   T38]  #1: ffffc9000caa7bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.926050][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.926094][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.926139][   T38] 4 locks held by kworker/1:16/8414:
[  680.926149][   T38]  #0: ffff888059cd1138 ((wq_completion)wg-crypt-wg1#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.926198][   T38]  #1: ffffc9000ca87bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.926256][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.926300][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.926345][   T38] 4 locks held by kworker/1:17/8415:
[  680.926355][   T38]  #0: ffff888059cd3d38 ((wq_completion)wg-crypt-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.926403][   T38]  #1: ffffc9000ca77bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.926448][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.926492][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.926536][   T38] 4 locks held by kworker/u8:22/8416:
[  680.926547][   T38]  #0: ffff88803604d138 ((wq_completion)wg-kex-wg1#9){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.926596][   T38]  #1: ffffc90004957bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.926642][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.926685][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.926731][   T38] 5 locks held by kworker/1:21/8422:
[  680.926741][   T38]  #0: ffff888019899938 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.926786][   T38]  #1: ffffc9000c5cfbc0 ((work_completion)(&(&gc_work->dwork)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.926831][   T38]  #2: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: gc_worker+0x274/0x13f0
[  680.926875][   T38]  #3: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.926918][   T38]  #4: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.926968][   T38] 4 locks held by kworker/1:23/8424:
[  680.926978][   T38]  #0: ffff88805a120938 ((wq_completion)wg-crypt-wg2#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.927027][   T38]  #1: ffffc9000bdcfbc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.927073][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.927116][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.927159][   T38] 4 locks held by kworker/1:25/8426:
[  680.927168][   T38]  #0: ffff888059cdcd38 ((wq_completion)wg-crypt-wg2#3){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.927210][   T38]  #1: ffffc9000b5cfbc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.927251][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.927290][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.927331][   T38] 4 locks held by kworker/1:27/8428:
[  680.927341][   T38]  #0: ffff888059cdc538 ((wq_completion)wg-crypt-wg2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.927385][   T38]  #1: ffffc9000b1c7bc0 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.927429][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.927473][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.927518][   T38] 7 locks held by kworker/u8:23/8430:
[  680.927529][   T38]  #0: ffff888019881138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.927573][   T38]  #1: ffffc9000b1a7bc0 ((work_completion)(&(&nsim_dev->trap_data->trap_report_dw)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.927619][   T38]  #2: ffff888037499300 (&devlink->lock_key#4){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xbc0
[  680.927671][   T38]  #3: ffff888023ca1d20 (&nsim_trap_data->trap_lock){+.+.}-{3:3}, at: nsim_dev_trap_report_work+0x1ad/0xbc0
[  680.927719][   T38]  #4: ffffffff8d9a8dc0 (rcu_read_lock){....}-{1:3}, at: rt_spin_lock+0x1bb/0x2c0
[  680.927763][   T38]  #5: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.927806][   T38]  #6: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.927851][   T38] 2 locks held by syz-executor/8444:
[  680.927861][   T38]  #0: ffffffff8ecc69a0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x304/0x4d0
[  680.927907][   T38]  #1: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: register_nexthop_notifier+0x80/0x210
[  680.927965][   T38] 5 locks held by kworker/u9:2/8459:
[  680.927976][   T38]  #0: ffff888034d79138 ((wq_completion)hci7){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.928020][   T38]  #1: ffffc90004b57bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.928064][   T38]  #2: ffff888031468e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  680.928107][   T38]  #3: ffff8880314680a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  680.928153][   T38]  #4: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  680.928200][   T38] 4 locks held by kworker/u9:4/8460:
[  680.928210][   T38]  #0: ffff8880562af138 ((wq_completion)hci8#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.928258][   T38]  #1: ffffc9000d43fbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.928303][   T38]  #2: ffff88805755c0a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.928347][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.928392][   T38] 3 locks held by kworker/u8:25/8463:
[  680.928403][   T38]  #0: ffff88814cc7b138 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.928448][   T38]  #1: ffffc9000cfffbc0 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.928493][   T38]  #2: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  680.928538][   T38] 2 locks held by kworker/0:19/8465:
[  680.928549][   T38] 6 locks held by kworker/u8:26/8468:
[  680.928559][   T38]  #0: ffff888032608138 ((wq_completion)wg-kex-wg0#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.928608][   T38]  #1: ffffc90004a87bc0 ((work_completion)(&peer->transmit_handshake_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.928655][   T38]  #2: ffff8880323595f8 (&wg->static_identity.lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x10a/0x7e0
[  680.928699][   T38]  #3: ffff88805b87ede8 (&handshake->lock){++++}-{4:4}, at: wg_noise_handshake_create_initiation+0x11b/0x7e0
[  680.928743][   T38]  #4: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.928786][   T38]  #5: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.928831][   T38] 4 locks held by kworker/u9:5/8474:
[  680.928842][   T38]  #0: ffff888064753138 ((wq_completion)hci11#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.928891][   T38]  #1: ffffc9000cfbfbc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.928935][   T38]  #2: ffff8880607280a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.928986][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.929030][   T38] 5 locks held by kworker/u9:7/8477:
[  680.929041][   T38]  #0: ffff8880327ec138 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.929085][   T38]  #1: ffffc900049b7bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.929130][   T38]  #2: ffff8880386b0e80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d4/0x3a0
[  680.929173][   T38]  #3: ffff8880386b00a8 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[  680.929219][   T38]  #4: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x310
[  680.929266][   T38] 4 locks held by kworker/1:29/8480:
[  680.929277][   T38]  #0: ffff88805a102138 ((wq_completion)wg-crypt-wg1#5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.929325][   T38]  #1: ffffc90005d07bc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.929384][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.929428][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.929472][   T38] 1 lock held by syz-executor/8485:
[  680.929483][   T38]  #0: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  680.929526][   T38] 4 locks held by kworker/u9:9/8486:
[  680.929536][   T38]  #0: ffff888074748138 ((wq_completion)hci2#4){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.929584][   T38]  #1: ffffc90004887bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.929628][   T38]  #2: ffff8880755500a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.929673][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.929718][   T38] 4 locks held by kworker/u9:10/8487:
[  680.929728][   T38]  #0: ffff888029a02938 ((wq_completion)hci14#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.929777][   T38]  #1: ffffc9000a9a7bc0 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.986845][   T38]  #2: ffff8880330440a8 (&hdev->lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x9b/0x8e0
[  680.986894][   T38]  #3: ffffffff8ee3b358 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_remote_features_evt+0x516/0x8e0
[  680.986940][   T38] 3 locks held by syz-executor/8491:
[  680.986961][   T38]  #0: ffff888024da2350 (sk_lock-AF_NETLINK){+.+.}-{0:0}, at: netlink_insert+0xd3/0x1370
[  680.987007][   T38]  #1: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.987053][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.987098][   T38] 3 locks held by udevd/8494:
[  680.987107][   T38]  #0: ffff88805c1631b8 (&sb->s_type->i_mutex_key#10){+.+.}-{4:4}, at: sock_close+0x9b/0x240
[  680.987156][   T38]  #1: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.987198][   T38]  #2: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.987243][   T38] 1 lock held by syz-executor/8499:
[  680.987253][   T38]  #0: ffffffff8ecd38b8 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[  680.987297][   T38] 2 locks held by syz-executor/8500:
[  680.987308][   T38] 1 lock held by syz-executor/8503:
[  680.987319][   T38] 1 lock held by syz-executor/8504:
[  680.987329][   T38] 4 locks held by kworker/1:30/8506:
[  680.987339][   T38]  #0: ffff888059cd3d38 ((wq_completion)wg-crypt-wg2#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.987388][   T38]  #1: ffffc9000d52fbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.987447][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.987491][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.987535][   T38] 4 locks held by kworker/1:31/8507:
[  680.987545][   T38]  #0: ffff888059c2e138 ((wq_completion)wg-crypt-wg0#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  680.987605][   T38]  #1: ffffc90003dbfbc0 ((work_completion)(&({ do { const void *__vpp_verify = (typeof((worker) + 0))((void *)0); (void)__vpp_verify; } while (0); ({ unsigned long __ptr; __ptr = (unsigned long) ((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker)))); (typeof((__typeof_unqual__(*((worker))) *)(( unsigned long)((worker))))) (__ptr + (((__per_cpu_offset[(cpu)])))); }); })->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  680.987663][   T38]  #2: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.987707][   T38]  #3: ffff8880b8923d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.987752][   T38] 1 lock held by dhcpcd/8510:
[  680.987763][   T38]  #0: ffff888035c24350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  680.987808][   T38] 1 lock held by dhcpcd/8511:
[  680.987818][   T38]  #0: ffff8880199aa350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  680.987862][   T38] 1 lock held by dhcpcd/8512:
[  680.987871][   T38]  #0: ffff88802c706350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  680.987915][   T38] 1 lock held by dhcpcd/8513:
[  680.987925][   T38]  #0: ffff888034956350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  680.987975][   T38] 1 lock held by dhcpcd/8514:
[  680.987985][   T38]  #0: ffff888037cde350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  680.988031][   T38] 5 locks held by syz-executor/8515:
[  680.988041][   T38] 3 locks held by dhcpcd/8516:
[  680.988051][   T38]  #0: ffff88802e852350 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcd0
[  680.988094][   T38]  #1: ffffffff8d84a9a0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x400
[  680.988137][   T38]  #2: ffff8880b8823d90 ((softirq_ctrl.lock)){+.+.}-{3:3}, at: __local_bh_disable_ip+0x264/0x400
[  680.988185][   T38] 
[  680.988189][   T38] =============================================
[  680.988189][   T38] 
[  680.988215][   T38] NMI backtrace for cpu 1
[  680.988241][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  680.988289][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  680.988315][   T38] Call Trace:
[  680.988331][   T38]  <TASK>
[  680.988347][   T38]  dump_stack_lvl+0x189/0x250
[  680.988417][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  680.988479][   T38]  ? __pfx__printk+0x10/0x10
[  680.988555][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  680.988618][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  680.988681][   T38]  ? __pfx__printk+0x10/0x10
[  680.988739][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  680.988798][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  680.988861][   T38]  watchdog+0xf93/0xfe0
[  680.988928][   T38]  ? watchdog+0x1de/0xfe0
[  680.988972][   T38]  kthread+0x711/0x8a0
[  680.988998][   T38]  ? __pfx_watchdog+0x10/0x10
[  680.989018][   T38]  ? __pfx_kthread+0x10/0x10
[  680.989045][   T38]  ? __pfx_kthread+0x10/0x10
[  680.989069][   T38]  ret_from_fork+0x436/0x7d0
[  680.989094][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  680.989121][   T38]  ? __switch_to_asm+0x39/0x70
[  680.989137][   T38]  ? __switch_to_asm+0x33/0x70
[  680.989152][   T38]  ? __pfx_kthread+0x10/0x10
[  680.989176][   T38]  ret_from_fork_asm+0x1a/0x30
[  680.989207][   T38]  </TASK>
[  680.989214][   T38] Sending NMI from CPU 1 to CPUs 0:
[  680.989240][    C0] NMI backtrace for cpu 0
[  680.989254][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  680.989273][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  680.989287][    C0] RIP: 0010:kasan_check_range+0x5/0x2c0
[  680.989309][    C0] Code: 21 8d e8 de 12 0a ff 90 0f 0b cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 55 <41> 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 ba 01 00 00 4c 8d
[  680.989322][    C0] RSP: 0000:ffffc90000156a08 EFLAGS: 00000246
[  680.989336][    C0] RAX: 1ffff9200002ad68 RBX: 0000000000000010 RCX: ffffffff8172cd58
[  680.989348][    C0] RDX: 0000000000000001 RSI: 0000000000000010 RDI: ffffc90000156b58
[  680.989359][    C0] RBP: 0000000000000000 R08: 0000000000000009 R09: ffffffff8172c165
[  680.989369][    C0] R10: ffffc90000156b58 R11: ffffffff81aaf080 R12: ffffc90000157810
[  680.989380][    C0] R13: ffffc90000156b58 R14: ffffc90000156b58 R15: ffffc90000156b50
[  680.989392][    C0] FS:  0000000000000000(0000) GS:ffff8881268bc000(0000) knlGS:0000000000000000
[  680.989405][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  680.989415][    C0] CR2: 00007f8624253078 CR3: 0000000035748000 CR4: 00000000003526f0
[  680.989430][    C0] Call Trace:
[  680.989436][    C0]  <TASK>
[  680.989442][    C0]  __asan_memset+0x22/0x50
[  680.989459][    C0]  unwind_next_frame+0xc98/0x2390
[  680.989481][    C0]  ? unwind_next_frame+0xa5/0x2390
[  680.989499][    C0]  ? __netif_receive_skb+0x143/0x380
[  680.989519][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  680.989535][    C0]  arch_stack_walk+0x11c/0x150
[  680.989558][    C0]  ? process_backlog+0x31e/0x900
[  680.989577][    C0]  stack_trace_save+0x9c/0xe0
[  680.989592][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  680.989611][    C0]  ? __lock_acquire+0xab9/0xd20
[  680.989630][    C0]  kasan_save_track+0x3e/0x80
[  680.989644][    C0]  ? kasan_save_track+0x3e/0x80
[  680.989659][    C0]  ? kasan_save_free_info+0x46/0x50
[  680.989672][    C0]  ? __kasan_slab_free+0x5b/0x80
[  680.989688][    C0]  ? kmem_cache_free+0x195/0x510
[  680.989705][    C0]  ? skb_release_data+0x62d/0x7c0
[  680.989718][    C0]  ? consume_skb+0x9e/0xf0
[  680.989736][    C0]  ? nft_synproxy_eval_v4+0x376/0x560
[  680.989752][    C0]  ? nft_synproxy_do_eval+0x345/0x570
[  680.989767][    C0]  ? nft_do_chain+0x40c/0x1920
[  680.989780][    C0]  ? nft_do_chain_inet+0x25d/0x340
[  680.989797][    C0]  ? nf_hook_slow+0xc2/0x220
[  680.989814][    C0]  ? NF_HOOK+0x206/0x3a0
[  680.989829][    C0]  ? NF_HOOK+0x30c/0x3a0
[  680.989845][    C0]  ? __netif_receive_skb+0x143/0x380
[  680.989887][    C0]  kasan_save_free_info+0x46/0x50
[  680.989901][    C0]  __kasan_slab_free+0x5b/0x80
[  680.989917][    C0]  ? skb_release_data+0x62d/0x7c0
[  680.989930][    C0]  kmem_cache_free+0x195/0x510
[  680.989950][    C0]  skb_release_data+0x62d/0x7c0
[  680.989969][    C0]  consume_skb+0x9e/0xf0
[  680.989988][    C0]  nft_synproxy_eval_v4+0x376/0x560
[  680.990007][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  680.990024][    C0]  ? nf_ip_checksum+0x13c/0x510
[  680.990041][    C0]  nft_synproxy_do_eval+0x345/0x570
[  680.990057][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  680.990074][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  680.990097][    C0]  nft_do_chain+0x40c/0x1920
[  680.990115][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  680.990129][    C0]  ? ipv6_find_hdr+0xc78/0x1050
[  680.990150][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  680.990182][    C0]  nft_do_chain_inet+0x25d/0x340
[  680.990205][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  680.990220][    C0]  ? __lock_acquire+0xab9/0xd20
[  680.990242][    C0]  ? NF_HOOK+0x9a/0x3a0
[  680.990260][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  680.990276][    C0]  nf_hook_slow+0xc2/0x220
[  680.990296][    C0]  NF_HOOK+0x206/0x3a0
[  680.990314][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  680.990332][    C0]  ? NF_HOOK+0x9a/0x3a0
[  680.990349][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  680.990366][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[  680.990385][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  680.990404][    C0]  ? skb_dst+0x4f/0xd0
[  680.990422][    C0]  ? ip_local_deliver+0x12a/0x1b0
[  680.990441][    C0]  NF_HOOK+0x30c/0x3a0
[  680.990459][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  680.990477][    C0]  ? NF_HOOK+0x9a/0x3a0
[  680.990493][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  680.990511][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  680.990534][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  680.990551][    C0]  __netif_receive_skb+0x143/0x380
[  680.990567][    C0]  ? rt_spin_unlock+0x65/0x80
[  680.990586][    C0]  ? process_backlog+0x27b/0x900
[  680.990603][    C0]  process_backlog+0x31e/0x900
[  680.990626][    C0]  __napi_poll+0xb3/0x540
[  680.990645][    C0]  net_rx_action+0x707/0xe00
[  680.990671][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  680.990704][    C0]  handle_softirqs+0x22c/0x710
[  680.990725][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  680.990747][    C0]  run_ktimerd+0xcf/0x190
[  680.990781][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[  680.990800][    C0]  ? preempt_schedule_thunk+0x16/0x30
[  680.990817][    C0]  ? smpboot_thread_fn+0x5f4/0xa60
[  680.990834][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  680.990850][    C0]  smpboot_thread_fn+0x542/0xa60
[  680.990867][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  680.990888][    C0]  kthread+0x711/0x8a0
[  680.990907][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  680.990924][    C0]  ? __pfx_kthread+0x10/0x10
[  680.990945][    C0]  ? __pfx_kthread+0x10/0x10
[  680.990964][    C0]  ret_from_fork+0x436/0x7d0
[  680.990982][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  680.991002][    C0]  ? __switch_to_asm+0x39/0x70
[  680.991016][    C0]  ? __switch_to_asm+0x33/0x70
[  680.991029][    C0]  ? __pfx_kthread+0x10/0x10
[  680.991048][    C0]  ret_from_fork_asm+0x1a/0x30
[  680.991069][    C0]  </TASK>
[  681.043889][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  681.043912][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  681.043934][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  681.043951][   T38] Call Trace:
[  681.043959][   T38]  <TASK>
[  681.043968][   T38]  dump_stack_lvl+0x99/0x250
[  681.043997][   T38]  ? __asan_memcpy+0x40/0x70
[  681.044017][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  681.044040][   T38]  ? __pfx__printk+0x10/0x10
[  681.044071][   T38]  vpanic+0x281/0x750
[  681.044096][   T38]  ? __pfx_vpanic+0x10/0x10
[  681.044118][   T38]  ? preempt_schedule+0xae/0xc0
[  681.044143][   T38]  ? preempt_schedule_common+0x83/0xd0
[  681.044173][   T38]  panic+0xb9/0xc0
[  681.044194][   T38]  ? __pfx_panic+0x10/0x10
[  681.044218][   T38]  ? preempt_schedule_thunk+0x16/0x30
[  681.044243][   T38]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  681.044266][   T38]  watchdog+0xfd2/0xfe0
[  681.044289][   T38]  ? watchdog+0x1de/0xfe0
[  681.044314][   T38]  kthread+0x711/0x8a0
[  681.044341][   T38]  ? __pfx_watchdog+0x10/0x10
[  681.044361][   T38]  ? __pfx_kthread+0x10/0x10
[  681.044388][   T38]  ? __pfx_kthread+0x10/0x10
[  681.044412][   T38]  ret_from_fork+0x436/0x7d0
[  681.044436][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  681.044462][   T38]  ? __switch_to_asm+0x39/0x70
[  681.044478][   T38]  ? __switch_to_asm+0x33/0x70
[  681.044494][   T38]  ? __pfx_kthread+0x10/0x10
[  681.044518][   T38]  ret_from_fork_asm+0x1a/0x30
[  681.044550][   T38]  </TASK>
[  681.044696][   T38] Kernel Offset: disabled