last executing test programs:

56.018497469s ago: executing program 0 (id=85):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
pwritev(r0, &(0x7f00000002c0), 0x0, 0x7, 0x1)

54.983717641s ago: executing program 0 (id=87):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13) (async)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x9, 0xffffffff, 0x4e, 0x567}, 0x13)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$UBLK_U_CMD_END_USER_RECOVERY(0xffffffffffffffff, 0xc0207511, &(0x7f0000000280)={0x0, 0xffff, 0x0, 0x0, <r2=>0xffffffffffffffff})
pipe2$watch_queue(&(0x7f0000001180)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
r4 = add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
pipe2$watch_queue(&(0x7f00000000c0)={<r5=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r5, 0xc3)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0xffffffffffffffff)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ff7000/0x8000)=nil, 0x8000}, 0x3}) (async)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000ff7000/0x8000)=nil, 0x8000}, 0x3})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r8) (async)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r8)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000200)={'wlan1\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r10=>0x0})
sendmsg$NL80211_CMD_DISASSOCIATE(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010006000000f7ffffff2700000008000300", @ANYRES32=r10, @ANYBLOB="06003600060000000a000600"], 0x30}, 0x1, 0x0, 0x0, 0x4800}, 0x80004)
sendmsg$OSF_MSG_ADD(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="0815000000051104"], 0x1508}}, 0x10)
setsockopt$sock_int(r6, 0x1, 0x2d, &(0x7f00000026c0)=0x9, 0x4)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x16, 0x1, 0x0, 0x0, {0x13}, [@nested={0x4, 0xca}, @nested={0x4c, 0x22, 0x0, 0x1, [@nested={0x25, 0x145, 0x0, 0x1, [@typed={0x8, 0x8f, 0x0, 0x0, @fd=r0}, @generic="ac24a880880d0bbe095ec5c225", @nested={0x4, 0xaa}, @typed={0x8, 0x9a, 0x0, 0x0, @fd=r1}]}, @typed={0x8, 0x11e, 0x0, 0x0, @pid=r2}, @typed={0x14, 0x137, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x35}}, @typed={0x4, 0x91}]}]}, 0x64}}, 0x0) (async)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x64, 0x16, 0x1, 0x0, 0x0, {0x13}, [@nested={0x4, 0xca}, @nested={0x4c, 0x22, 0x0, 0x1, [@nested={0x25, 0x145, 0x0, 0x1, [@typed={0x8, 0x8f, 0x0, 0x0, @fd=r0}, @generic="ac24a880880d0bbe095ec5c225", @nested={0x4, 0xaa}, @typed={0x8, 0x9a, 0x0, 0x0, @fd=r1}]}, @typed={0x8, 0x11e, 0x0, 0x0, @pid=r2}, @typed={0x14, 0x137, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x35}}, @typed={0x4, 0x91}]}]}, 0x64}}, 0x0)
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000140)="71468a0f38a84c4e67f9bb563a902d9e2c9d3b5c64ae32f9e116db64b84aee6b6050f069b7a4208f6e428dfb399895a52b6cde8be29f6791968f3659dfa7d4ded621cd5c0ca7bde1a6554e92dbe1b906075a04b6d736485ad97d2c2e54ebc5f18bc05a0b2a8b8a22ae68062649a1dc4ed72f6bb980e278f10a6dff0f911a03545b78ea7a96da87942f2f5d69480e3bc4fc896a0f480c026539b803227a25ef3903b3b7ee6cf805ac8b205dd627cc264e2b65011b24988c9b73a38470", 0xbc}], 0x1)

54.019135401s ago: executing program 0 (id=91):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r2 = socket$inet_icmp(0x2, 0x2, 0x1)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
connect$bt_l2cap(r1, &(0x7f0000000040)={0x1f, 0x3e}, 0xe)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "5660359c3245d1c42317afad7d48ed51000000000000000100"})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DEST(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="59cffeffffff11b230bda0000000"], 0x14}, 0x1, 0x0, 0x0, 0x400c081}, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0x5, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27"})
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f00000002c0)=0x3)

53.751886413s ago: executing program 0 (id=95):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
pwritev(r0, &(0x7f00000002c0), 0x0, 0x7, 0x1)

52.862439839s ago: executing program 0 (id=98):
r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="12010000000000201c1b091c00000000000109022d0001000060000904008002030000000921080400012205000905810320000908070905020340"], 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000001, 0x59032, 0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000456000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x69, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x4b564d02, 0xec000000, 0xcd}]})
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f00000005c0)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf8526714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b93c9659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a5d73c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086e92ce7061b4f79fa8afbb48a6ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad623c17d8043d3bf083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_ep_read(r0, 0x2, 0x0, 0x0)

50.253511502s ago: executing program 0 (id=104):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1)
recvmmsg(r2, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4004004}}], 0x1, 0xc000)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, "06000000000200", "5171bbe111800000000000eaff00", "fbfbffff", "4c43d28395f2af58"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)

34.529374413s ago: executing program 32 (id=104):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x45)
r2 = accept4(r1, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000200)="ad00"/16, 0x10)
readv(r2, &(0x7f0000000140)=[{&(0x7f0000000600)=""/152, 0x98}], 0x1)
recvmmsg(r2, &(0x7f0000002440), 0x3ffffffffffff67, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f00000000c0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4004004}}], 0x1, 0xc000)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, "06000000000200", "5171bbe111800000000000eaff00", "fbfbffff", "4c43d28395f2af58"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x50, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x7}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x50}, 0x1, 0x0, 0x0, 0x20000010}, 0x0)

3.070106448s ago: executing program 4 (id=258):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001680)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x40001}, 0x4040850)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETCHAIN(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000003c0)={0x14, 0x4, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000001}, 0x10)
recvmsg(r1, &(0x7f0000000600)={0x0, 0x8, 0x0}, 0x0)

3.024094892s ago: executing program 1 (id=259):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000031c0), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000003200)={<r2=>0xffffffffffffffff})
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000003380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000ffdbdf2503000000400007800c00018008000100", @ANYRES32=r2, @ANYBLOB="0c0001b8deb84400", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="080001"], 0x64}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x10)

2.732025483s ago: executing program 1 (id=260):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(r0, &(0x7f0000002300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000001200)={0x50, 0x0, r1, {0x7, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, 0x50)
lgetxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='sy'], 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004340)={0x2020, 0x0, <r2=>0x0}, 0x2061)
write$FUSE_INTERRUPT(r0, &(0x7f0000000200)={0x10, 0xffffffffffffffda, r2}, 0x10)
getxattr(&(0x7f0000005140)='./file0\x00', &(0x7f0000000040)=@random={'security.', ')\x00'}, 0x0, 0x0)

2.547583728s ago: executing program 4 (id=263):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="400000000906010200000000000000000200ffff08000940ffffffea0900020073797a31000000000500010007000002100008800c"], 0x40}, 0x1, 0x0, 0x0, 0x10000082}, 0x4000080)

2.514823357s ago: executing program 4 (id=264):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e21, @broadcast}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000300)={0x1, &(0x7f0000000240)=[{0x6, 0x3, 0xfd, 0xcdb9}]}, 0x8)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd41)

1.941932638s ago: executing program 3 (id=266):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000006c0)={0x14, 0x7, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x20008005)

1.829689342s ago: executing program 1 (id=267):
socket$inet6(0xa, 0x1, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', <r0=>0x0})
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r1, 0x303, 0x0, 0xfffffffc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

1.829463496s ago: executing program 2 (id=268):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000031c0), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000003200)={<r2=>0xffffffffffffffff})
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000003380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000ffdbdf2503000000400007800c00018008000100", @ANYRES32=r2, @ANYBLOB="0c0001b8deb84400", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="080001"], 0x64}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x10)

1.707871101s ago: executing program 3 (id=269):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', &(0x7f00000000c0), 0x800, &(0x7f0000000340)={'trans=virtio,', {[{@cache_loose}, {@version_u}]}})

1.428507171s ago: executing program 2 (id=270):
fsopen(&(0x7f0000002b00)='squashfs\x00', 0x1)
close(0x3)

1.351549419s ago: executing program 4 (id=271):
r0 = openat$comedi(0xffffff9c, &(0x7f00000001c0)='/dev/comedi2\x00', 0x40, 0x0)
ioctl$COMEDI_LOCK(r0, 0x6405)
ioctl$NILFS_IOCTL_SYNC(0xffffffffffffffff, 0x80086e8a, 0x0)

1.338199245s ago: executing program 3 (id=272):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x4a, 0x0, 0x84, 0xfffffffe})
r0 = socket$inet(0xa, 0x801, 0x84)
fsetxattr$security_capability(r0, &(0x7f0000000040), &(0x7f00000001c0)=@v3={0x3000000, [{0x2632d2ef, 0x8}, {0xfffffffc, 0x9}]}, 0x18, 0x1)

1.251133286s ago: executing program 1 (id=273):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000060a050000000000000000000200000a0900020073797a32000000000900010073797a30000000000c0003"], 0x60}}, 0x0)

1.195632271s ago: executing program 3 (id=274):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x30, 0x0, 0x5, 0x0, 0x40000000, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x6}, @NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL={0x6, 0x12, 0x7f}]}]}, 0x30}}, 0x0)

1.141223798s ago: executing program 2 (id=275):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x20, 0x39, 0x1, 0x7fffa, 0x25dfdaff, {0x1}, [@generic="eb68284455ff6cc880"]}, 0x20}, 0x1, 0x0, 0x0, 0x400c801}, 0x0)

1.13434238s ago: executing program 4 (id=276):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0x4, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/power/pm_test', 0x8a881, 0xbb)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x80, 0x0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x86022, &(0x7f0000000040)={[{@nr_inodes={'nr_inodes', 0x3d, [0x35]}}, {@nr_blocks={'nr_blocks', 0x3d, [0x32]}}]})
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x1, 0xfff, 0x0, 0x0, 0x3, 0xc, "faf98317e5a1149989fc67be43ea6acc96e3a2503dc31c97214d58128bbad0099cebdc25f5ab60c9e69098c8b534464c516bdd8a0f350000000000000300", "32d8cc26f7305b74df2ce0fa7c19d1309abf30890997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f4cc50a1fcaed1e831fa79a00", "67523760fd40f78d2cfc03d81a8ca55ba139c01802c4dae4162e43ac61b7ad33", [0x2, 0x8]}})

1.048680814s ago: executing program 3 (id=277):
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x4000, 0x1000, 0xb, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x1}, {0x0, 0x60000, 0x3, 0x81, 0x0, 0x17, 0xf9, 0x6, 0x7, 0x0, 0x0, 0x42}, {0xeeef0000, 0x6000, 0x13, 0x3, 0x0, 0x0, 0x2, 0x0, 0x4, 0x6, 0x1, 0x3}, {0x1, 0x0, 0x4, 0x0, 0xfd, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfe}, {0xc000, 0x1000, 0xa, 0x0, 0x0, 0x80, 0x80, 0x0, 0x0, 0x0, 0x1a, 0x1}, {0xe000, 0xd000, 0x10, 0x0, 0x0, 0x9, 0x40, 0x0, 0x0, 0x0, 0x84}, {0xf000, 0x5000, 0x9, 0x4, 0x3, 0x0, 0x0, 0xfd, 0x3}, {0x1000, 0x100000, 0x10, 0xf9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, {0x70000}, {0x1, 0xfffe}, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x1, 0x900, [0xfffffffffffffffc, 0x0, 0x0, 0x3]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x2, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x7, 0x2, 0x2, r2, 0xb})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x2, 0x5, 0x0, 0x4002004c5, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2], 0x8080000, 0x1144})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

898.361788ms ago: executing program 2 (id=278):
ioctl$KDGKBTYPE(0xffffffffffffffff, 0x4b33, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000840)={0x26, 'rng\x00', 0x0, 0x0, 'jitterentropy_rng\x00'}, 0x58)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(0x0)
eventfd(0xfffffc00)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000180)={'ip6gre0\x00', &(0x7f0000000080)={'syztnl0\x00', 0x0, 0x2f, 0x9, 0x3, 0x7, 0xe, @empty, @empty, 0x700, 0x700, 0x59, 0x9}})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000002e00090027ff0f0000000000040000002400118031f9e05e2f826cfc31dc2af824704f63dac994ce05dc7224e5479795b50d9015"], 0x38}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x42804}, 0x4000010)
socket$key(0xf, 0x3, 0x2)
mbind(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x8001, &(0x7f0000008e00)=0x9, 0x6a6f, 0x2)

820.962205ms ago: executing program 1 (id=286):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000)=0x40, 0x4)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000240)="db", 0x1}], 0x1}}], 0x1, 0x24040015)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000280)="29dba458", 0x4, 0x50, 0x0, 0x0)

230.122764ms ago: executing program 3 (id=279):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000031c0), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000003200)={<r2=>0xffffffffffffffff})
sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000003480)={0x0, 0x0, &(0x7f0000003440)={&(0x7f0000003380)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002abd7000ffdbdf2503000000400007800c00018008000100", @ANYRES32=r2, @ANYBLOB="0c0001b8deb84400", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="0c00018008000100", @ANYRES32, @ANYBLOB="080001"], 0x64}, 0x1, 0x0, 0x0, 0x4c0c0}, 0x10)

229.051073ms ago: executing program 1 (id=288):
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f0000000100)={{0x4000, 0x1000, 0xb, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x1}, {0x0, 0x60000, 0x3, 0x81, 0x0, 0x17, 0xf9, 0x6, 0x7, 0x0, 0x0, 0x42}, {0xeeef0000, 0x6000, 0x13, 0x3, 0x0, 0x0, 0x2, 0x0, 0x4, 0x6, 0x1, 0x3}, {0x1, 0x0, 0x4, 0x0, 0xfd, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0xfe}, {0xc000, 0x1000, 0xa, 0x0, 0x0, 0x80, 0x80, 0x0, 0x0, 0x0, 0x1a, 0x1}, {0xe000, 0xd000, 0x10, 0x0, 0x0, 0x9, 0x40, 0x0, 0x0, 0x0, 0x84}, {0xf000, 0x5000, 0x9, 0x4, 0x3, 0x0, 0x0, 0xfd, 0x3}, {0x1000, 0x100000, 0x10, 0xf9, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, {0x70000}, {0x1, 0xfffe}, 0x0, 0x0, 0x6000, 0x0, 0x0, 0x1, 0x900, [0xfffffffffffffffc, 0x0, 0x0, 0x3]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x2, 0x801)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x7, 0x2, 0x2, r2, 0xb})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x6, 0xfffffffffffffffd, 0x2, 0x5, 0x0, 0x4002004c5, 0x1000, 0x0, 0x0, 0x2, 0x0, 0x0, 0x2], 0x8080000, 0x1144})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

228.385381ms ago: executing program 2 (id=280):
r0 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r0, &(0x7f0000000180)={&(0x7f0000000080)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e22, @broadcast}, 0x0, 0x1, 0x3}}, 0x80, 0x0}, 0x40)

110.444513ms ago: executing program 4 (id=281):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000ec0)={'batadv0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), r0)
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)={0x1c, r2, 0x303, 0x0, 0xfffffffc, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x0)

0s ago: executing program 2 (id=282):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
lsetxattr$security_capability(&(0x7f0000000180)='./file0\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

 hci0: command tx timeout
[   93.239794][ T5613] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   93.275895][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[   93.290813][ T5613] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   93.315509][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[   93.319785][ T5613] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   93.348398][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[   93.373691][ T5613] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   93.382087][ T4925] Bluetooth: hci1: command tx timeout
[   93.416795][ T5613] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[   93.529211][ T5609] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.542978][ T4925] Bluetooth: hci2: command tx timeout
[   93.543010][ T4925] Bluetooth: hci3: command tx timeout
[   93.646074][ T5609] 8021q: adding VLAN 0 to HW filter on device team0
[   93.690055][ T5615] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.716112][ T1437] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.716334][ T1437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.767081][ T3342] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.767680][ T3342] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.853771][ T5615] 8021q: adding VLAN 0 to HW filter on device team0
[   93.888964][ T5614] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.919671][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.919799][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.982655][  T144] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.982831][  T144] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.056729][ T5614] 8021q: adding VLAN 0 to HW filter on device team0
[   94.113574][ T5613] 8021q: adding VLAN 0 to HW filter on device bond0
[   94.135540][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.135671][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.200173][ T1437] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.200284][ T1437] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.337906][ T5613] 8021q: adding VLAN 0 to HW filter on device team0
[   94.418632][ T1437] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.418779][ T1437] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.530352][ T3342] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.530562][ T3342] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.301748][   T60] Bluetooth: hci0: command tx timeout
[   95.461754][   T60] Bluetooth: hci1: command tx timeout
[   95.531177][ T5609] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.621706][   T60] Bluetooth: hci3: command tx timeout
[   95.621737][   T60] Bluetooth: hci2: command tx timeout
[   95.669955][ T5615] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.896680][ T5609] veth0_vlan: entered promiscuous mode
[   96.009181][ T5609] veth1_vlan: entered promiscuous mode
[   96.054213][ T5614] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.096742][ T5615] veth0_vlan: entered promiscuous mode
[   96.119774][ T5613] 8021q: adding VLAN 0 to HW filter on device batadv0
[   96.154096][ T5615] veth1_vlan: entered promiscuous mode
[   96.235247][ T5609] veth0_macvtap: entered promiscuous mode
[   96.277757][ T5609] veth1_macvtap: entered promiscuous mode
[   96.340045][ T5614] veth0_vlan: entered promiscuous mode
[   96.359235][ T5615] veth0_macvtap: entered promiscuous mode
[   96.398050][ T5613] veth0_vlan: entered promiscuous mode
[   96.399895][ T5615] veth1_macvtap: entered promiscuous mode
[   96.419722][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.459466][ T5614] veth1_vlan: entered promiscuous mode
[   96.484516][ T5609] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.515455][ T5613] veth1_vlan: entered promiscuous mode
[   96.545540][  T144] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.562901][  T144] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.570511][ T5615] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.603559][  T152] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.625897][  T152] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.650103][ T5615] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.805789][  T152] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   96.850757][  T152] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   96.867421][  T152] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   96.905042][  T152] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   96.907550][ T5614] veth0_macvtap: entered promiscuous mode
[   97.065696][ T5614] veth1_macvtap: entered promiscuous mode
[   97.185841][ T5613] veth0_macvtap: entered promiscuous mode
[   97.331103][ T5613] veth1_macvtap: entered promiscuous mode
[   97.382663][ T3342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.382689][ T3342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.432446][ T5614] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.509022][ T5614] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.570549][ T1437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.570568][ T1437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.607823][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_0
[   97.621317][  T152] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.657966][  T152] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.679907][  T152] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.708221][ T5613] batman_adv: batadv0: Interface activated: batadv_slave_1
[   97.708499][  T152] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.738655][ T3342] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.738672][ T3342] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.868816][   T56] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.874894][   T56] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.884266][   T56] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.885894][   T56] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.948618][   T56] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.948651][   T56] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.770479][  T152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.770501][  T152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.258188][ T2160] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.258208][ T2160] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.369463][ T1437] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.369484][ T1437] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.461079][ T5769] sit0: entered promiscuous mode
[   99.524699][ T5769] netlink: 'syz.2.6': attribute type 1 has an invalid length.
[   99.524769][ T5769] netlink: 1 bytes leftover after parsing attributes in process `syz.2.6'.
[   99.645318][  T144] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   99.645339][  T144] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.713631][ T5772] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  100.366499][ T5777] FAULT_INJECTION: forcing a failure.
[  100.366499][ T5777] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  100.366551][ T5777] CPU: 1 UID: 0 PID: 5777 Comm: syz.3.4 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  100.366576][ T5777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  100.366597][ T5777] Call Trace:
[  100.366609][ T5777]  <TASK>
[  100.366618][ T5777]  dump_stack_lvl+0xe8/0x150
[  100.366652][ T5777]  should_fail_ex+0x46b/0x600
[  100.366682][ T5777]  _copy_to_user+0x31/0xb0
[  100.366703][ T5777]  simple_read_from_buffer+0xe1/0x170
[  100.366728][ T5777]  proc_fail_nth_read+0x1be/0x230
[  100.366752][ T5777]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.366780][ T5777]  ? rw_verify_area+0x2ac/0x4e0
[  100.366805][ T5777]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  100.366828][ T5777]  vfs_read+0x212/0xa80
[  100.366862][ T5777]  ? __pfx_vfs_read+0x10/0x10
[  100.366890][ T5777]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  100.366919][ T5777]  ? lockdep_hardirqs_on+0x7a/0x110
[  100.366947][ T5777]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  100.366975][ T5777]  ? mutex_lock_nested+0x152/0x1d0
[  100.366996][ T5777]  ? fdget_pos+0x252/0x320
[  100.367031][ T5777]  ksys_read+0x156/0x270
[  100.367063][ T5777]  ? __pfx_ksys_read+0x10/0x10
[  100.367093][ T5777]  ? __pfx_drm_ioctl+0x10/0x10
[  100.367125][ T5777]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.367150][ T5777]  do_syscall_64+0x174/0x580
[  100.367191][ T5777]  ? trace_irq_disable+0x3b/0x140
[  100.367214][ T5777]  ? clear_bhb_loop+0x40/0x90
[  100.367239][ T5777]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  100.367259][ T5777] RIP: 0033:0x7fa9c66dd68e
[  100.367286][ T5777] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  100.367302][ T5777] RSP: 002b:00007fa9c496dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  100.367327][ T5777] RAX: ffffffffffffffda RBX: 00007fa9c496e6c0 RCX: 00007fa9c66dd68e
[  100.367358][ T5777] RDX: 000000000000000f RSI: 00007fa9c496e0a0 RDI: 0000000000000004
[  100.367371][ T5777] RBP: 00007fa9c496e090 R08: 0000000000000000 R09: 0000000000000000
[  100.367384][ T5777] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  100.367409][ T5777] R13: 00007fa9c6996038 R14: 00007fa9c6995fa0 R15: 00007ffc0be8d768
[  100.367438][ T5777]  </TASK>
[  100.973717][ T5788] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10'.
[  101.486155][ T1262] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  101.493181][ T5599] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  101.608524][ T5793] FAULT_INJECTION: forcing a failure.
[  101.608524][ T5793] name failslab, interval 1, probability 0, space 0, times 1
[  101.608557][ T5793] CPU: 0 UID: 0 PID: 5793 Comm: syz.0.13 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  101.608598][ T5793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  101.608611][ T5793] Call Trace:
[  101.608619][ T5793]  <TASK>
[  101.608628][ T5793]  dump_stack_lvl+0xe8/0x150
[  101.608659][ T5793]  should_fail_ex+0x46b/0x600
[  101.608698][ T5793]  should_failslab+0xa8/0x100
[  101.608729][ T5793]  __kmalloc_noprof+0xdf/0x7b0
[  101.608752][ T5793]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  101.608779][ T5793]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  101.608807][ T5793]  genl_family_rcv_msg_doit+0xd9/0x330
[  101.608834][ T5793]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  101.608863][ T5793]  ? apparmor_capable+0x126/0x170
[  101.608889][ T5793]  ? bpf_lsm_capable+0x9/0x20
[  101.608905][ T5793]  ? security_capable+0x7e/0x2c0
[  101.608926][ T5793]  genl_rcv_msg+0x61c/0x7a0
[  101.608952][ T5793]  ? __pfx_genl_rcv_msg+0x10/0x10
[  101.608971][ T5793]  ? ref_tracker_free+0x673/0x820
[  101.609000][ T5793]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  101.609023][ T5793]  ? __pfx_nl80211_deauthenticate+0x10/0x10
[  101.609049][ T5793]  ? __pfx_nl80211_post_doit+0x10/0x10
[  101.609071][ T5793]  ? ____sys_sendmsg+0x55c/0x870
[  101.609098][ T5793]  ? ___sys_sendmsg+0x2a5/0x360
[  101.609126][ T5793]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  101.609154][ T5793]  ? do_syscall_64+0x174/0x580
[  101.609181][ T5793]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.609210][ T5793]  netlink_rcv_skb+0x232/0x4b0
[  101.609238][ T5793]  ? __pfx_genl_rcv_msg+0x10/0x10
[  101.609260][ T5793]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  101.609296][ T5793]  ? netlink_deliver_tap+0x2e/0x1b0
[  101.609342][ T5793]  ? netlink_deliver_tap+0x2e/0x1b0
[  101.609374][ T5793]  genl_rcv+0x28/0x40
[  101.609393][ T5793]  netlink_unicast+0x780/0x920
[  101.609429][ T5793]  netlink_sendmsg+0x813/0xb40
[  101.609456][ T5793]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.609477][ T5793]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  101.609518][ T5793]  ? aa_sock_msg_perm+0x122/0x200
[  101.609541][ T5793]  ? __pfx_netlink_sendmsg+0x10/0x10
[  101.609559][ T5793]  sock_sendmsg_nosec+0x13a/0x180
[  101.609586][ T5793]  ____sys_sendmsg+0x55c/0x870
[  101.609622][ T5793]  ? __pfx_____sys_sendmsg+0x10/0x10
[  101.609661][ T5793]  ? import_iovec+0x73/0xa0
[  101.609684][ T5793]  ___sys_sendmsg+0x2a5/0x360
[  101.609710][ T5793]  ? __lock_acquire+0x6b5/0x2d10
[  101.609735][ T5793]  ? __pfx____sys_sendmsg+0x10/0x10
[  101.609794][ T5793]  ? __fget_files+0x2a/0x420
[  101.609814][ T5793]  ? __fget_files+0x3a6/0x420
[  101.609844][ T5793]  __x64_sys_sendmsg+0x1c3/0x2a0
[  101.609877][ T5793]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  101.609916][ T5793]  ? __pfx_ksys_write+0x10/0x10
[  101.609952][ T5793]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.609974][ T5793]  do_syscall_64+0x174/0x580
[  101.610006][ T5793]  ? trace_irq_disable+0x3b/0x140
[  101.610030][ T5793]  ? clear_bhb_loop+0x40/0x90
[  101.610053][ T5793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  101.610074][ T5793] RIP: 0033:0x7f04ad45ce59
[  101.610091][ T5793] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  101.610106][ T5793] RSP: 002b:00007f04ab6b6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  101.610124][ T5793] RAX: ffffffffffffffda RBX: 00007f04ad6d5fa0 RCX: 00007f04ad45ce59
[  101.610137][ T5793] RDX: 0000000000044010 RSI: 0000200000000340 RDI: 0000000000000003
[  101.610148][ T5793] RBP: 00007f04ab6b6090 R08: 0000000000000000 R09: 0000000000000000
[  101.610158][ T5793] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  101.610168][ T5793] R13: 00007f04ad6d6038 R14: 00007f04ad6d5fa0 R15: 00007ffc28115098
[  101.610196][ T5793]  </TASK>
[  101.751451][ T1262] usb 4-1: Using ep0 maxpacket: 8
[  102.046051][ T1262] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55
[  102.046081][ T1262] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.046101][ T1262] usb 4-1: Product: syz
[  102.046115][ T1262] usb 4-1: Manufacturer: syz
[  102.046130][ T1262] usb 4-1: SerialNumber: syz
[  102.135524][ T1262] usb 4-1: config 0 descriptor??
[  102.229001][ T5599] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  102.229029][ T5599] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.229049][ T5599] usb 3-1: Product: syz
[  102.229062][ T5599] usb 3-1: Manufacturer: syz
[  102.229076][ T5599] usb 3-1: SerialNumber: syz
[  102.443142][ T5599] usb 3-1: config 0 descriptor??
[  102.461854][ T1262] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  102.596387][ T1262] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  102.684737][ T5797] syzkaller1: entered promiscuous mode
[  102.684764][ T5797] syzkaller1: entered allmulticast mode
[  102.745185][ T1262] usb 4-1: USB disconnect, device number 2
[  102.785837][ T5599] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  103.020818][ T5804] capability: warning: `syz.1.16' uses 32-bit capabilities (legacy support in use)
[  103.021239][ T5804] netlink: 264 bytes leftover after parsing attributes in process `syz.1.16'.
[  103.990204][ T5810] binder: 5809:5810 ioctl aa00 0 returned -22
[  104.032585][ T5818] FAULT_INJECTION: forcing a failure.
[  104.032585][ T5818] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  104.032620][ T5818] CPU: 0 UID: 0 PID: 5818 Comm: syz.1.22 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  104.032668][ T5818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  104.032682][ T5818] Call Trace:
[  104.032691][ T5818]  <TASK>
[  104.032700][ T5818]  dump_stack_lvl+0xe8/0x150
[  104.032732][ T5818]  should_fail_ex+0x46b/0x600
[  104.032771][ T5818]  _copy_to_iter+0x589/0x17d0
[  104.032816][ T5818]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  104.032846][ T5818]  ? __pfx__copy_to_iter+0x10/0x10
[  104.032866][ T5818]  ? rt_spin_lock+0x1e0/0x400
[  104.032895][ T5818]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  104.032933][ T5818]  __skb_datagram_iter+0xf8/0x980
[  104.032957][ T5818]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  104.032989][ T5818]  skb_copy_datagram_iter+0xb5/0x240
[  104.033018][ T5818]  netlink_recvmsg+0x2c3/0xa50
[  104.033050][ T5818]  ? __pfx_netlink_recvmsg+0x10/0x10
[  104.033076][ T5818]  ? __pfx_aa_sk_perm+0x10/0x10
[  104.033102][ T5818]  ? aa_sock_msg_perm+0x122/0x200
[  104.033126][ T5818]  ? __pfx_netlink_recvmsg+0x10/0x10
[  104.033149][ T5818]  sock_recvmsg_nosec+0x130/0x170
[  104.033182][ T5818]  ____sys_recvmsg+0x23d/0x4f0
[  104.033214][ T5818]  ? __pfx_____sys_recvmsg+0x10/0x10
[  104.033251][ T5818]  ? import_iovec+0x73/0xa0
[  104.033280][ T5818]  ___sys_recvmsg+0x215/0x590
[  104.033300][ T5818]  ? get_pid_task+0x20/0x1f0
[  104.033331][ T5818]  ? __pfx____sys_recvmsg+0x10/0x10
[  104.033362][ T5818]  ? __fget_files+0x2a/0x420
[  104.033407][ T5818]  ? __fget_files+0x3a6/0x420
[  104.033445][ T5818]  __x64_sys_recvmsg+0x1c0/0x2a0
[  104.033470][ T5818]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  104.033503][ T5818]  ? __pfx_ksys_write+0x10/0x10
[  104.033545][ T5818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.033570][ T5818]  do_syscall_64+0x174/0x580
[  104.033603][ T5818]  ? trace_irq_disable+0x3b/0x140
[  104.033626][ T5818]  ? clear_bhb_loop+0x40/0x90
[  104.033653][ T5818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  104.033677][ T5818] RIP: 0033:0x7f425a4cce59
[  104.033698][ T5818] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  104.033715][ T5818] RSP: 002b:00007f425871e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  104.033739][ T5818] RAX: ffffffffffffffda RBX: 00007f425a745fa0 RCX: 00007f425a4cce59
[  104.033755][ T5818] RDX: 0000000000000000 RSI: 00002000000030c0 RDI: 0000000000000003
[  104.033769][ T5818] RBP: 00007f425871e090 R08: 0000000000000000 R09: 0000000000000000
[  104.033782][ T5818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  104.033804][ T5818] R13: 00007f425a746038 R14: 00007f425a745fa0 R15: 00007ffefd579518
[  104.033839][ T5818]  </TASK>
[  104.613425][  T821] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  104.923261][  T821] usb 4-1: Using ep0 maxpacket: 8
[  104.951567][  T821] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0038, bcdDevice=99.03
[  104.951597][  T821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.951680][  T821] usb 4-1: Product: syz
[  104.951695][  T821] usb 4-1: Manufacturer: syz
[  104.951710][  T821] usb 4-1: SerialNumber: syz
[  105.390121][  T821] usb 4-1: config 0 descriptor??
[  105.413876][ T5781] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  105.497106][ T5599] gspca_stk1135: reg_w 0x350 err -71
[  105.498166][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498180][ T5599] gspca_stk1135: Sensor write failed
[  105.498208][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498217][ T5599] gspca_stk1135: Sensor write failed
[  105.498250][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498260][ T5599] gspca_stk1135: Sensor read failed
[  105.498304][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498313][ T5599] gspca_stk1135: Sensor read failed
[  105.498320][ T5599] gspca_stk1135: Detected sensor type unknown (0x0)
[  105.498356][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498366][ T5599] gspca_stk1135: Sensor read failed
[  105.498399][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498408][ T5599] gspca_stk1135: Sensor read failed
[  105.498441][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498450][ T5599] gspca_stk1135: Sensor write failed
[  105.498483][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  105.498493][ T5599] gspca_stk1135: Sensor write failed
[  105.498576][ T5599] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  105.678198][ T5781] usb 2-1: Using ep0 maxpacket: 8
[  105.690871][ T5781] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  105.690917][ T5781] usb 2-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  105.690956][ T5781] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  105.690978][ T5781] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.760179][  T821] dvb-usb: found a 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver' in warm state.
[  105.776427][  T821] dvb-usb: bulk message failed: -22 (2/0)
[  105.776449][  T821] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  105.777299][  T821] dvbdev: DVB: registering new adapter (TerraTec/qanu USB2.0 Highspeed DVB-T Receiver)
[  105.777384][  T821] usb 4-1: media controller created
[  105.857220][ T5781] usbtmc 2-1:16.0: bulk endpoints not found
[  105.869389][ T5599] usb 3-1: USB disconnect, device number 2
[  106.060288][  T821] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  106.098482][ T5844] netlink: 188 bytes leftover after parsing attributes in process `syz.2.31'.
[  106.365435][  T821] dvb-usb: bulk message failed: -22 (1/0)
[  106.365511][  T821] dvb-usb: no frontend was attached by 'TerraTec/qanu USB2.0 Highspeed DVB-T Receiver'
[  106.397138][ T5823] FAULT_INJECTION: forcing a failure.
[  106.397138][ T5823] name failslab, interval 1, probability 0, space 0, times 0
[  106.397173][ T5823] CPU: 1 UID: 0 PID: 5823 Comm: syz.1.23 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  106.397198][ T5823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  106.397212][ T5823] Call Trace:
[  106.397220][ T5823]  <TASK>
[  106.397229][ T5823]  dump_stack_lvl+0xe8/0x150
[  106.397261][ T5823]  should_fail_ex+0x46b/0x600
[  106.397300][ T5823]  should_failslab+0xa8/0x100
[  106.397331][ T5823]  __kmalloc_node_noprof+0xe7/0x7f0
[  106.397361][ T5823]  ? alloc_slab_obj_exts+0xbf/0x250
[  106.397391][ T5823]  alloc_slab_obj_exts+0xbf/0x250
[  106.397420][ T5823]  __memcg_slab_post_alloc_hook+0x5dd/0xf70
[  106.397469][ T5823]  kmem_cache_alloc_noprof+0x3f4/0x680
[  106.397495][ T5823]  ? ep_insert+0x3af/0x1820
[  106.397524][ T5823]  ? ep_insert+0x512/0x1820
[  106.397568][ T5823]  ep_insert+0x512/0x1820
[  106.397602][ T5823]  ? __lock_acquire+0x6b5/0x2d10
[  106.397639][ T5823]  ? __pfx_ep_insert+0x10/0x10
[  106.397680][ T5823]  ? lockdep_hardirqs_on+0x7a/0x110
[  106.397714][ T5823]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  106.397748][ T5823]  ? mutex_lock_nested+0x152/0x1d0
[  106.397773][ T5823]  ? do_epoll_ctl_file+0x3e8/0xed0
[  106.397808][ T5823]  do_epoll_ctl_file+0x8bb/0xed0
[  106.397848][ T5823]  ? __pfx_do_epoll_ctl_file+0x10/0x10
[  106.397883][ T5823]  ? __fget_files+0x3a6/0x420
[  106.397910][ T5823]  ? __fget_files+0x2a/0x420
[  106.397946][ T5823]  __se_sys_epoll_ctl+0x14e/0x210
[  106.397981][ T5823]  ? __pfx___se_sys_epoll_ctl+0x10/0x10
[  106.398023][ T5823]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.398049][ T5823]  do_syscall_64+0x174/0x580
[  106.398082][ T5823]  ? trace_irq_disable+0x3b/0x140
[  106.398108][ T5823]  ? clear_bhb_loop+0x40/0x90
[  106.398137][ T5823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.398159][ T5823] RIP: 0033:0x7f425a4cce59
[  106.398180][ T5823] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  106.398198][ T5823] RSP: 002b:00007f42586fd028 EFLAGS: 00000246 ORIG_RAX: 00000000000000e9
[  106.398222][ T5823] RAX: ffffffffffffffda RBX: 00007f425a746090 RCX: 00007f425a4cce59
[  106.398238][ T5823] RDX: 0000000000000003 RSI: 0000000000000001 RDI: 0000000000000004
[  106.398251][ T5823] RBP: 00007f42586fd090 R08: 0000000000000000 R09: 0000000000000000
[  106.398265][ T5823] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  106.398280][ T5823] R13: 00007f425a746128 R14: 00007f425a746090 R15: 00007ffefd579518
[  106.398316][ T5823]  </TASK>
[  106.688658][  T821] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input5
[  106.933824][  T821] dvb-usb: schedule remote query interval to 50 msecs.
[  106.933854][  T821] dvb-usb: bulk message failed: -22 (2/0)
[  106.933872][  T821] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Receiver successfully initialized and connected.
[  106.992943][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  106.992981][ T5619] dvb-usb: error while querying for an remote control event.
[  107.016714][ T5855] 9pnet_fd: Insufficient options for proto=fd
[  107.058858][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  107.058878][ T5619] dvb-usb: error while querying for an remote control event.
[  107.114862][ T5619] dvb-usb: bulk message failed: -22 (1/0)
[  107.114878][ T5619] dvb-usb: error while querying for an remote control event.
[  107.190551][  T821] usb 4-1: USB disconnect, device number 3
[  107.383258][ T5708] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  107.576828][  T821] dvb-usb: TerraTec/qanu USB2.0 Highspeed DVB-T Re successfully deinitialized and disconnected.
[  107.592668][ T5708] usb 3-1: Using ep0 maxpacket: 8
[  107.600941][ T5708] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  107.600974][ T5708] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  107.601002][ T5708] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  107.601027][ T5708] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  107.601072][ T5708] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  107.601096][ T5708] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.925374][ T5715] usb 2-1: USB disconnect, device number 2
[  107.967249][ T5708] usb 3-1: GET_CAPABILITIES returned 0
[  107.967299][ T5708] usbtmc 3-1:16.0: can't read capabilities
[  108.280333][ T5708] usb 3-1: USB disconnect, device number 3
[  108.451600][ T5715] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  108.608111][ T5715] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  108.608142][ T5715] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.630471][ T5715] usb 4-1: Product: syz
[  108.630491][ T5715] usb 4-1: Manufacturer: syz
[  108.630519][ T5715] usb 4-1: SerialNumber: syz
[  108.658934][ T5715] usb 4-1: config 0 descriptor??
[  108.677137][ T5715] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  109.161085][ T5873] FAULT_INJECTION: forcing a failure.
[  109.161085][ T5873] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  109.161182][ T5873] CPU: 0 UID: 0 PID: 5873 Comm: syz.0.41 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  109.161208][ T5873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  109.161223][ T5873] Call Trace:
[  109.161231][ T5873]  <TASK>
[  109.161241][ T5873]  dump_stack_lvl+0xe8/0x150
[  109.161273][ T5873]  should_fail_ex+0x46b/0x600
[  109.161318][ T5873]  _copy_to_user+0x31/0xb0
[  109.161347][ T5873]  simple_read_from_buffer+0xe1/0x170
[  109.161380][ T5873]  proc_fail_nth_read+0x1be/0x230
[  109.161422][ T5873]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.161450][ T5873]  ? rw_verify_area+0x2ac/0x4e0
[  109.161477][ T5873]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  109.161503][ T5873]  vfs_read+0x212/0xa80
[  109.161539][ T5873]  ? __pfx_vfs_read+0x10/0x10
[  109.161569][ T5873]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  109.161607][ T5873]  ? lockdep_hardirqs_on+0x7a/0x110
[  109.161656][ T5873]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  109.161690][ T5873]  ? mutex_lock_nested+0x152/0x1d0
[  109.161716][ T5873]  ? fdget_pos+0x252/0x320
[  109.161752][ T5873]  ksys_read+0x156/0x270
[  109.161795][ T5873]  ? __pfx_ksys_read+0x10/0x10
[  109.161836][ T5873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.161861][ T5873]  do_syscall_64+0x174/0x580
[  109.161895][ T5873]  ? trace_irq_disable+0x3b/0x140
[  109.161921][ T5873]  ? clear_bhb_loop+0x40/0x90
[  109.161949][ T5873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  109.161972][ T5873] RIP: 0033:0x7f04ad41d68e
[  109.161993][ T5873] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  109.162012][ T5873] RSP: 002b:00007f04ab6b5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  109.162036][ T5873] RAX: ffffffffffffffda RBX: 00007f04ab6b66c0 RCX: 00007f04ad41d68e
[  109.162052][ T5873] RDX: 000000000000000f RSI: 00007f04ab6b60a0 RDI: 0000000000000004
[  109.162066][ T5873] RBP: 00007f04ab6b6090 R08: 0000000000000000 R09: 0000000000000000
[  109.162080][ T5873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  109.162093][ T5873] R13: 00007f04ad6d6038 R14: 00007f04ad6d5fa0 R15: 00007ffc28115098
[  109.162127][ T5873]  </TASK>
[  109.541701][ T5708] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  109.722421][ T5708] usb 3-1: unable to get BOS descriptor or descriptor too short
[  109.724257][ T5708] usb 3-1: config 1 interface 0 has no altsetting 0
[  109.727889][ T5708] usb 3-1: string descriptor 0 read error: -22
[  109.728034][ T5708] usb 3-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.40
[  109.728051][ T5708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.811628][ T5599] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  109.851588][   T10] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  109.961473][ T5599] usb 2-1: Using ep0 maxpacket: 8
[  109.965689][ T5599] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.0a
[  109.965717][ T5599] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.982355][   T10] usb 1-1: device descriptor read/64, error -71
[  110.009323][ T5599] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  110.023390][ T5599] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input6
[  110.233650][ T5619] usb 2-1: USB disconnect, device number 3
[  110.301920][   T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  110.459198][   T10] usb 1-1: device descriptor read/64, error -71
[  110.549701][ T5708] input: HID 28bd:1903 Mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/0003:28BD:1903.0001/input/input7
[  110.595404][   T10] usb usb1-port1: attempt power cycle
[  110.939119][ T5883] netlink: 28 bytes leftover after parsing attributes in process `syz.1.44'.
[  110.990987][ T5708] uclogic 0003:28BD:1903.0001: input,hidraw0: USB HID v0.03 Mouse [HID 28bd:1903] on usb-dummy_hcd.2-1/input0
[  111.025210][   T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  111.063913][   T10] usb 1-1: device descriptor read/8, error -71
[  111.130294][ T5888] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  111.130997][ T5888] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  111.164577][ T5708] usb 3-1: USB disconnect, device number 4
[  111.317417][   T10] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  111.354619][   T10] usb 1-1: device descriptor read/8, error -71
[  111.462911][   T10] usb usb1-port1: unable to enumerate USB device
[  111.523455][ T5715] gspca_stk1135: reg_w 0x351 err -71
[  111.524443][ T5885] fido_id[5885]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  111.524501][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524514][ T5715] gspca_stk1135: Sensor write failed
[  111.524549][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524559][ T5715] gspca_stk1135: Sensor write failed
[  111.524598][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524608][ T5715] gspca_stk1135: Sensor read failed
[  111.524640][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524649][ T5715] gspca_stk1135: Sensor read failed
[  111.524656][ T5715] gspca_stk1135: Detected sensor type unknown (0x0)
[  111.524695][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524704][ T5715] gspca_stk1135: Sensor read failed
[  111.524755][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524765][ T5715] gspca_stk1135: Sensor read failed
[  111.524810][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524819][ T5715] gspca_stk1135: Sensor write failed
[  111.524849][ T5715] gspca_stk1135: serial bus timeout: status=0x00
[  111.524858][ T5715] gspca_stk1135: Sensor write failed
[  111.524937][ T5715] stk1135 4-1:0.0: probe with driver stk1135 failed with error -71
[  111.683731][ T5715] usb 4-1: USB disconnect, device number 4
[  111.834328][ T5619] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  111.986663][ T5619] usb 2-1: Using ep0 maxpacket: 8
[  112.000268][ T5619] usb 2-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  112.000302][ T5619] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.000324][ T5619] usb 2-1: Product: syz
[  112.000340][ T5619] usb 2-1: Manufacturer: syz
[  112.000356][ T5619] usb 2-1: SerialNumber: syz
[  112.043872][ T5619] usb 2-1: config 0 descriptor??
[  112.057007][ T5619] gspca_main: se401-2.14.0 probing 047d:5003
[  112.242934][ T5708] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  112.308559][ T5890] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  112.355442][ T5890] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  112.431270][ T5708] usb 3-1: Using ep0 maxpacket: 32
[  112.447812][ T5708] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  112.447854][ T5708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  112.447885][ T5708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  112.447912][ T5708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  112.560090][ T5708] usb 3-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  112.560124][ T5708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.560245][ T5708] usb 3-1: Product: syz
[  112.560260][ T5708] usb 3-1: Manufacturer: syz
[  112.560276][ T5708] usb 3-1: SerialNumber: syz
[  112.638210][ T5619] gspca_se401: ExtraFeatures: 4
[  112.638228][ T5619] gspca_se401: Frame size: 0x0 1/16th janggu
[  112.638243][ T5619] gspca_se401: Frame size: 0x0 1/16th janggu
[  112.638257][ T5619] gspca_se401: Frame size: 0x0 1/16th janggu
[  112.638270][ T5619] gspca_se401: Frame size: 0x0 1/16th janggu
[  112.638283][ T5619] gspca_se401: Frame size: 0x0 1/16th janggu
[  112.683086][ T5708] usb 3-1: config 0 descriptor??
[  112.948159][ T5619] input: se401 as /devices/platform/dummy_hcd.1/usb2/2-1/input/input8
[  112.986861][ T5757] usb 3-1: USB disconnect, device number 5
[  113.166878][ T5619] usb 2-1: USB disconnect, device number 4
[  114.611928][ T5599] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  114.786007][ T5599] usb 1-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  114.786042][ T5599] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.786063][ T5599] usb 1-1: Product: syz
[  114.786079][ T5599] usb 1-1: Manufacturer: syz
[  114.786095][ T5599] usb 1-1: SerialNumber: syz
[  114.836599][ T5599] usb 1-1: config 0 descriptor??
[  114.869498][ T5599] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  115.191915][ T5619] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  115.509270][ T5926] syz.3.60 uses obsolete (PF_INET,SOCK_PACKET)
[  115.588985][ T5619] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  115.589084][ T5619] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.589107][ T5619] usb 3-1: Product: syz
[  115.589122][ T5619] usb 3-1: Manufacturer: syz
[  115.589138][ T5619] usb 3-1: SerialNumber: syz
[  115.770789][ T5619] usb 3-1: config 0 descriptor??
[  115.916314][ T5619] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  117.021698][ T5757] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  117.171934][ T5757] usb 4-1: Using ep0 maxpacket: 8
[  117.194328][ T5757] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  117.194424][ T5757] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  117.194480][ T5757] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  117.194506][ T5757] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.284926][ T5757] usbtmc 4-1:16.0: bulk endpoints not found
[  117.913431][ T5599] gspca_stk1135: reg_w 0x351 err -71
[  117.914472][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914483][ T5599] gspca_stk1135: Sensor write failed
[  117.914638][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914647][ T5599] gspca_stk1135: Sensor write failed
[  117.914673][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914680][ T5599] gspca_stk1135: Sensor read failed
[  117.914747][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914755][ T5599] gspca_stk1135: Sensor read failed
[  117.914760][ T5599] gspca_stk1135: Detected sensor type unknown (0x0)
[  117.914789][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914797][ T5599] gspca_stk1135: Sensor read failed
[  117.914823][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914829][ T5599] gspca_stk1135: Sensor read failed
[  117.914855][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914899][ T5599] gspca_stk1135: Sensor write failed
[  117.914925][ T5599] gspca_stk1135: serial bus timeout: status=0x00
[  117.914932][ T5599] gspca_stk1135: Sensor write failed
[  117.914998][ T5599] stk1135 1-1:0.0: probe with driver stk1135 failed with error -71
[  118.124637][ T5599] usb 1-1: USB disconnect, device number 6
[  118.375550][  T821] usb 2-1: new low-speed USB device number 5 using dummy_hcd
[  118.521581][  T821] usb 2-1: device descriptor read/64, error -71
[  118.791728][  T821] usb 2-1: new low-speed USB device number 6 using dummy_hcd
[  118.876852][ T5619] gspca_stk1135: reg_w 0x351 err -71
[  118.880799][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.880820][ T5619] gspca_stk1135: Sensor write failed
[  118.880854][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.880864][ T5619] gspca_stk1135: Sensor write failed
[  118.880898][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.880907][ T5619] gspca_stk1135: Sensor read failed
[  118.880940][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.880950][ T5619] gspca_stk1135: Sensor read failed
[  118.880957][ T5619] gspca_stk1135: Detected sensor type unknown (0x0)
[  118.880995][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.881006][ T5619] gspca_stk1135: Sensor read failed
[  118.881041][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.881052][ T5619] gspca_stk1135: Sensor read failed
[  118.881086][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.881095][ T5619] gspca_stk1135: Sensor write failed
[  118.881131][ T5619] gspca_stk1135: serial bus timeout: status=0x00
[  118.881141][ T5619] gspca_stk1135: Sensor write failed
[  118.881235][ T5619] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  118.921825][  T821] usb 2-1: device descriptor read/64, error -71
[  119.040903][ T5619] usb 3-1: USB disconnect, device number 6
[  119.061176][  T821] usb usb2-port1: attempt power cycle
[  119.151673][ T5757] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  119.311567][ T5757] usb 1-1: Using ep0 maxpacket: 32
[  119.316736][ T5757] usb 1-1: New USB device found, idVendor=2a39, idProduct=3fd3, bcdDevice= 0.40
[  119.316770][ T5757] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.316792][ T5757] usb 1-1: Product: syz
[  119.316807][ T5757] usb 1-1: Manufacturer: syz
[  119.316822][ T5757] usb 1-1: SerialNumber: syz
[  119.411744][  T821] usb 2-1: new low-speed USB device number 7 using dummy_hcd
[  119.432446][  T821] usb 2-1: device descriptor read/8, error -71
[  119.660920][ T5757] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  119.668569][ T5781] usb 4-1: USB disconnect, device number 5
[  119.688468][  T821] usb 2-1: new low-speed USB device number 8 using dummy_hcd
[  119.709968][  T821] usb 2-1: device descriptor read/8, error -71
[  119.760666][ T5757] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  119.812892][  T821] usb usb2-port1: unable to enumerate USB device
[  120.061737][ T5619] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  120.106251][ T5757] usb 1-1: USB disconnect, device number 7
[  120.177753][ T5958] nbd: must specify at least one socket
[  120.222407][ T5619] usb 3-1: Using ep0 maxpacket: 32
[  120.225498][ T5619] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  120.225532][ T5619] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  120.225568][ T5619] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  120.225590][ T5619] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.377455][ T5619] usb 3-1: config 0 descriptor??
[  120.472590][ T5619] hub 3-1:0.0: USB hub found
[  120.606618][ T5619] hub 3-1:0.0: 1 port detected
[  120.652546][ T5801] udevd[5801]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  120.855524][ T5757] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  120.992783][ T5757] usb 1-1: device descriptor read/64, error -71
[  121.241003][ T5619] hub 3-1:0.0: activate --> -90
[  121.255205][ T5757] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  121.401746][ T5757] usb 1-1: device descriptor read/64, error -71
[  121.457994][ T5950] syz.2.68 (5950): /proc/5949/oom_adj is deprecated, please use /proc/5949/oom_score_adj instead.
[  121.465048][ T5619] hub 3-1:0.0: hub_ext_port_status failed (err = 0)
[  121.513206][ T5757] usb usb1-port1: attempt power cycle
[  121.647095][ T5980] FAULT_INJECTION: forcing a failure.
[  121.647095][ T5980] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  121.647136][ T5980] CPU: 0 UID: 0 PID: 5980 Comm: syz.3.79 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  121.647179][ T5980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  121.647193][ T5980] Call Trace:
[  121.647202][ T5980]  <TASK>
[  121.647211][ T5980]  dump_stack_lvl+0xe8/0x150
[  121.647246][ T5980]  should_fail_ex+0x46b/0x600
[  121.647286][ T5980]  _copy_to_user+0x31/0xb0
[  121.647315][ T5980]  simple_read_from_buffer+0xe1/0x170
[  121.647348][ T5980]  proc_fail_nth_read+0x1be/0x230
[  121.647378][ T5980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  121.647409][ T5980]  ? rw_verify_area+0x2ac/0x4e0
[  121.647441][ T5980]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  121.647469][ T5980]  vfs_read+0x212/0xa80
[  121.647510][ T5980]  ? __pfx_vfs_read+0x10/0x10
[  121.647543][ T5980]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  121.647579][ T5980]  ? lockdep_hardirqs_on+0x7a/0x110
[  121.647612][ T5980]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  121.647645][ T5980]  ? mutex_lock_nested+0x152/0x1d0
[  121.647671][ T5980]  ? fdget_pos+0x252/0x320
[  121.647717][ T5980]  ksys_read+0x156/0x270
[  121.647750][ T5980]  ? __pfx_ksys_read+0x10/0x10
[  121.647787][ T5980]  ? __pfx_drm_ioctl+0x10/0x10
[  121.647823][ T5980]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.647854][ T5980]  do_syscall_64+0x174/0x580
[  121.647886][ T5980]  ? trace_irq_disable+0x3b/0x140
[  121.647912][ T5980]  ? clear_bhb_loop+0x40/0x90
[  121.647940][ T5980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  121.647963][ T5980] RIP: 0033:0x7fa9c66dd68e
[  121.647984][ T5980] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  121.648003][ T5980] RSP: 002b:00007fa9c496dfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  121.648027][ T5980] RAX: ffffffffffffffda RBX: 00007fa9c496e6c0 RCX: 00007fa9c66dd68e
[  121.648043][ T5980] RDX: 000000000000000f RSI: 00007fa9c496e0a0 RDI: 0000000000000004
[  121.648057][ T5980] RBP: 00007fa9c496e090 R08: 0000000000000000 R09: 0000000000000000
[  121.648071][ T5980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  121.648084][ T5980] R13: 00007fa9c6996038 R14: 00007fa9c6995fa0 R15: 00007ffc0be8d768
[  121.648119][ T5980]  </TASK>
[  121.846941][  T821] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  121.972313][ T5757] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  121.998438][ T5757] usb 1-1: device descriptor read/8, error -71
[  122.026351][  T821] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  122.026390][  T821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.026405][  T821] usb 2-1: Product: syz
[  122.026416][  T821] usb 2-1: Manufacturer: syz
[  122.026427][  T821] usb 2-1: SerialNumber: syz
[  122.072833][  T821] usb 2-1: config 0 descriptor??
[  122.081326][  T821] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  122.232152][ T5757] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  122.253171][ T5757] usb 1-1: device descriptor read/8, error -71
[  122.364593][ T5757] usb usb1-port1: unable to enumerate USB device
[  122.406366][ T5619] usb 3-1: USB disconnect, device number 7
[  122.627236][ T5989] FAULT_INJECTION: forcing a failure.
[  122.627236][ T5989] name failslab, interval 1, probability 0, space 0, times 0
[  122.627275][ T5989] CPU: 0 UID: 0 PID: 5989 Comm: syz.2.82 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  122.627305][ T5989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  122.627316][ T5989] Call Trace:
[  122.627322][ T5989]  <TASK>
[  122.627329][ T5989]  dump_stack_lvl+0xe8/0x150
[  122.627378][ T5989]  should_fail_ex+0x46b/0x600
[  122.627419][ T5989]  should_failslab+0xa8/0x100
[  122.627451][ T5989]  __kmalloc_node_noprof+0xe7/0x7f0
[  122.627485][ T5989]  ? crypto_create_tfm_node+0x83/0x3f0
[  122.627531][ T5989]  crypto_create_tfm_node+0x83/0x3f0
[  122.627577][ T5989]  crypto_alloc_tfm_node+0x172/0x3f0
[  122.627625][ T5989]  kdf_alloc+0x21/0x100
[  122.627680][ T5989]  __keyctl_dh_compute+0x4f9/0xd10
[  122.627714][ T5989]  ? __lock_acquire+0x6b5/0x2d10
[  122.627748][ T5989]  ? __pfx___keyctl_dh_compute+0x10/0x10
[  122.627787][ T5989]  ? __might_fault+0xaf/0x130
[  122.627837][ T5989]  keyctl_dh_compute+0x124/0x180
[  122.627868][ T5989]  ? __pfx_keyctl_dh_compute+0x10/0x10
[  122.627907][ T5989]  ? do_raw_spin_lock+0x12b/0x2f0
[  122.627936][ T5989]  __se_sys_keyctl+0x44c/0x9e0
[  122.627973][ T5989]  ? __pfx___se_sys_keyctl+0x10/0x10
[  122.628007][ T5989]  ? lockdep_hardirqs_on+0x7a/0x110
[  122.628052][ T5989]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  122.628089][ T5989]  ? rt_mutex_slowunlock+0x1cb/0x300
[  122.628117][ T5989]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  122.628154][ T5989]  ? fput+0xa0/0xd0
[  122.628181][ T5989]  ? ksys_write+0x248/0x270
[  122.628221][ T5989]  ? __pfx_ksys_write+0x10/0x10
[  122.628262][ T5989]  ? __x64_sys_keyctl+0x20/0xc0
[  122.628297][ T5989]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.628321][ T5989]  do_syscall_64+0x174/0x580
[  122.628358][ T5989]  ? trace_irq_disable+0x3b/0x140
[  122.628377][ T5989]  ? clear_bhb_loop+0x40/0x90
[  122.628417][ T5989]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  122.628441][ T5989] RIP: 0033:0x7f9ae0f5ce59
[  122.628464][ T5989] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  122.628482][ T5989] RSP: 002b:00007f9adf1ae028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  122.628505][ T5989] RAX: ffffffffffffffda RBX: 00007f9ae11d5fa0 RCX: 00007f9ae0f5ce59
[  122.628527][ T5989] RDX: 0000000000000000 RSI: 0000200000000800 RDI: 0000000000000017
[  122.628538][ T5989] RBP: 00007f9adf1ae090 R08: 0000200000000280 R09: 0000000000000000
[  122.628549][ T5989] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  122.628558][ T5989] R13: 00007f9ae11d6038 R14: 00007f9ae11d5fa0 R15: 00007ffea718e1f8
[  122.628607][ T5989]  </TASK>
[  122.628617][ T5989] could not allocate digest TFM handle sha384
[  122.685732][ T5757] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  123.012089][ T5757] usb 4-1: Using ep0 maxpacket: 8
[  123.021310][ T5757] usb 4-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  123.035983][ T5757] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.036013][ T5757] usb 4-1: Product: syz
[  123.036030][ T5757] usb 4-1: Manufacturer: syz
[  123.036047][ T5757] usb 4-1: SerialNumber: syz
[  123.103275][ T5757] usb 4-1: config 0 descriptor??
[  123.126897][ T5757] gspca_main: se401-2.14.0 probing 047d:5003
[  123.336810][ T5987] Invalid source name
[  123.360084][ T5987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  123.431885][ T5987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  123.952063][ T5757] input: se401 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input9
[  124.175733][ T5757] usb 4-1: USB disconnect, device number 6
[  124.978608][  T821] gspca_stk1135: reg_w 0x351 err -71
[  124.979655][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979672][  T821] gspca_stk1135: Sensor write failed
[  124.979702][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979712][  T821] gspca_stk1135: Sensor write failed
[  124.979741][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979750][  T821] gspca_stk1135: Sensor read failed
[  124.979781][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979791][  T821] gspca_stk1135: Sensor read failed
[  124.979798][  T821] gspca_stk1135: Detected sensor type unknown (0x0)
[  124.979846][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979858][  T821] gspca_stk1135: Sensor read failed
[  124.979890][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979899][  T821] gspca_stk1135: Sensor read failed
[  124.979931][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979941][  T821] gspca_stk1135: Sensor write failed
[  124.979973][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  124.979983][  T821] gspca_stk1135: Sensor write failed
[  124.980074][  T821] stk1135 2-1:0.0: probe with driver stk1135 failed with error -71
[  125.162345][  T821] usb 2-1: USB disconnect, device number 9
[  125.273420][ T6013] FAULT_INJECTION: forcing a failure.
[  125.273420][ T6013] name failslab, interval 1, probability 0, space 0, times 0
[  125.273451][ T6013] CPU: 0 UID: 0 PID: 6013 Comm: syz.2.89 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  125.273473][ T6013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  125.273484][ T6013] Call Trace:
[  125.273491][ T6013]  <TASK>
[  125.273499][ T6013]  dump_stack_lvl+0xe8/0x150
[  125.273527][ T6013]  should_fail_ex+0x46b/0x600
[  125.273559][ T6013]  should_failslab+0xa8/0x100
[  125.273584][ T6013]  __kmalloc_noprof+0xdf/0x7b0
[  125.273606][ T6013]  ? drm_atomic_commit_init+0x113/0x3b0
[  125.273634][ T6013]  drm_atomic_commit_init+0x113/0x3b0
[  125.273659][ T6013]  drm_atomic_commit_alloc+0xbc/0x100
[  125.273683][ T6013]  drm_atomic_helper_update_plane+0x55/0x3b0
[  125.273710][ T6013]  drm_mode_cursor_common+0xecc/0x1660
[  125.273758][ T6013]  ? __pfx_drm_mode_cursor_common+0x10/0x10
[  125.273811][ T6013]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  125.273840][ T6013]  ? lockdep_hardirqs_on+0x7a/0x110
[  125.273868][ T6013]  ? drm_mode_cursor_ioctl+0xbb/0x130
[  125.273897][ T6013]  drm_mode_cursor_ioctl+0xd4/0x130
[  125.273922][ T6013]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  125.273944][ T6013]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  125.273974][ T6013]  ? rt_spin_unlock+0x160/0x200
[  125.273998][ T6013]  ? drm_is_current_master+0x1a2/0x210
[  125.274031][ T6013]  drm_ioctl_kernel+0x2e2/0x3b0
[  125.274059][ T6013]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  125.274085][ T6013]  ? __pfx_drm_ioctl_kernel+0x10/0x10
[  125.274118][ T6013]  drm_ioctl+0x6c0/0xb80
[  125.274145][ T6013]  ? __pfx_drm_mode_cursor_ioctl+0x10/0x10
[  125.274173][ T6013]  ? __pfx_drm_ioctl+0x10/0x10
[  125.274211][ T6013]  ? __fget_files+0x2a/0x420
[  125.274237][ T6013]  ? bpf_lsm_file_ioctl+0x9/0x20
[  125.274265][ T6013]  ? __pfx_drm_ioctl+0x10/0x10
[  125.274298][ T6013]  __se_sys_ioctl+0xff/0x170
[  125.274326][ T6013]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.274346][ T6013]  do_syscall_64+0x174/0x580
[  125.274375][ T6013]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.274394][ T6013]  ? clear_bhb_loop+0x40/0x90
[  125.274417][ T6013]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.274436][ T6013] RIP: 0033:0x7f9ae0f5ce59
[  125.274454][ T6013] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  125.274471][ T6013] RSP: 002b:00007f9adf1ae028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  125.274493][ T6013] RAX: ffffffffffffffda RBX: 00007f9ae11d5fa0 RCX: 00007f9ae0f5ce59
[  125.274507][ T6013] RDX: 0000200000000140 RSI: 00000000c01c64a3 RDI: 0000000000000003
[  125.274520][ T6013] RBP: 00007f9adf1ae090 R08: 0000000000000000 R09: 0000000000000000
[  125.274533][ T6013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.274546][ T6013] R13: 00007f9ae11d6038 R14: 00007f9ae11d5fa0 R15: 00007ffea718e1f8
[  125.274578][ T6013]  </TASK>
[  125.965127][ T6027] FAULT_INJECTION: forcing a failure.
[  125.965127][ T6027] name failslab, interval 1, probability 0, space 0, times 0
[  125.965168][ T6027] CPU: 1 UID: 0 PID: 6027 Comm: syz.2.94 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  125.965197][ T6027] Tainted: [L]=SOFTLOCKUP
[  125.965215][ T6027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  125.965228][ T6027] Call Trace:
[  125.965236][ T6027]  <TASK>
[  125.965245][ T6027]  dump_stack_lvl+0xe8/0x150
[  125.965275][ T6027]  should_fail_ex+0x46b/0x600
[  125.965314][ T6027]  should_failslab+0xa8/0x100
[  125.965346][ T6027]  __kmalloc_noprof+0xdf/0x7b0
[  125.965375][ T6027]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  125.965411][ T6027]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  125.965454][ T6027]  genl_family_rcv_msg_doit+0xd9/0x330
[  125.965491][ T6027]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  125.965529][ T6027]  ? apparmor_capable+0x126/0x170
[  125.965563][ T6027]  ? bpf_lsm_capable+0x9/0x20
[  125.965583][ T6027]  ? security_capable+0x7e/0x2c0
[  125.965612][ T6027]  genl_rcv_msg+0x61c/0x7a0
[  125.965648][ T6027]  ? __pfx_genl_rcv_msg+0x10/0x10
[  125.965673][ T6027]  ? ref_tracker_free+0x673/0x820
[  125.965705][ T6027]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  125.965729][ T6027]  ? __pfx_nl80211_tx_mgmt+0x10/0x10
[  125.965761][ T6027]  ? __pfx_nl80211_post_doit+0x10/0x10
[  125.965787][ T6027]  ? ____sys_sendmsg+0x55c/0x870
[  125.965820][ T6027]  ? ___sys_sendmsg+0x2a5/0x360
[  125.965853][ T6027]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  125.965887][ T6027]  ? do_syscall_64+0x174/0x580
[  125.965918][ T6027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.965951][ T6027]  netlink_rcv_skb+0x232/0x4b0
[  125.965989][ T6027]  ? __pfx_genl_rcv_msg+0x10/0x10
[  125.966019][ T6027]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  125.966069][ T6027]  ? netlink_deliver_tap+0x2e/0x1b0
[  125.966106][ T6027]  ? netlink_deliver_tap+0x2e/0x1b0
[  125.966146][ T6027]  genl_rcv+0x28/0x40
[  125.966171][ T6027]  netlink_unicast+0x780/0x920
[  125.966224][ T6027]  netlink_sendmsg+0x813/0xb40
[  125.966257][ T6027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.966282][ T6027]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  125.966316][ T6027]  ? aa_sock_msg_perm+0x122/0x200
[  125.966342][ T6027]  ? __pfx_netlink_sendmsg+0x10/0x10
[  125.966363][ T6027]  sock_sendmsg_nosec+0x13a/0x180
[  125.966392][ T6027]  ____sys_sendmsg+0x55c/0x870
[  125.966431][ T6027]  ? __pfx_____sys_sendmsg+0x10/0x10
[  125.966476][ T6027]  ? import_iovec+0x73/0xa0
[  125.966506][ T6027]  ___sys_sendmsg+0x2a5/0x360
[  125.966538][ T6027]  ? __lock_acquire+0x6b5/0x2d10
[  125.966568][ T6027]  ? __pfx____sys_sendmsg+0x10/0x10
[  125.966640][ T6027]  ? __fget_files+0x2a/0x420
[  125.966665][ T6027]  ? __fget_files+0x3a6/0x420
[  125.966702][ T6027]  __x64_sys_sendmsg+0x1c3/0x2a0
[  125.966741][ T6027]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  125.966788][ T6027]  ? __pfx_ksys_write+0x10/0x10
[  125.966827][ T6027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.966850][ T6027]  do_syscall_64+0x174/0x580
[  125.966881][ T6027]  ? trace_irq_disable+0x3b/0x140
[  125.966906][ T6027]  ? clear_bhb_loop+0x40/0x90
[  125.966935][ T6027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  125.966957][ T6027] RIP: 0033:0x7f9ae0f5ce59
[  125.966978][ T6027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  125.966996][ T6027] RSP: 002b:00007f9adf1ae028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  125.967020][ T6027] RAX: ffffffffffffffda RBX: 00007f9ae11d5fa0 RCX: 00007f9ae0f5ce59
[  125.967036][ T6027] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000004
[  125.967049][ T6027] RBP: 00007f9adf1ae090 R08: 0000000000000000 R09: 0000000000000000
[  125.967061][ T6027] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  125.967074][ T6027] R13: 00007f9ae11d6038 R14: 00007f9ae11d5fa0 R15: 00007ffea718e1f8
[  125.967120][ T6027]  </TASK>
[  126.771537][    T9] usb 2-1: new low-speed USB device number 10 using dummy_hcd
[  126.912448][    T9] usb 2-1: device descriptor read/64, error -71
[  127.112588][ T5757] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  127.161616][    T9] usb 2-1: new low-speed USB device number 11 using dummy_hcd
[  127.261540][ T5757] usb 1-1: Using ep0 maxpacket: 32
[  127.270740][ T5757] usb 1-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  127.270778][ T5757] usb 1-1: config 0 interface 0 has no altsetting 0
[  127.270814][ T5757] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  127.270838][ T5757] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.316881][    T9] usb 2-1: device descriptor read/64, error -71
[  127.338471][ T5757] usb 1-1: config 0 descriptor??
[  127.424793][    T9] usb usb2-port1: attempt power cycle
[  127.513585][ T6045] netlink: 12 bytes leftover after parsing attributes in process `syz.3.99'.
[  127.740205][ T4925] block nbd0: Receive control failed (result -107)
[  127.853226][  T821] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  127.891665][    T9] usb 2-1: new low-speed USB device number 12 using dummy_hcd
[  127.932382][    T9] usb 2-1: device descriptor read/8, error -71
[  128.001638][ T5757] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  128.001683][ T5757] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  128.001712][ T5757] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  128.001740][ T5757] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  128.001766][ T5757] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[  128.081874][ T5757] corsair-psu 0003:1B1C:1C09.0002: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.0-1/input0
[  128.110177][  T821] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  128.110208][  T821] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.110225][  T821] usb 3-1: Product: syz
[  128.110238][  T821] usb 3-1: Manufacturer: syz
[  128.110250][  T821] usb 3-1: SerialNumber: syz
[  128.180584][  T821] usb 3-1: config 0 descriptor??
[  128.201672][    T9] usb 2-1: new low-speed USB device number 13 using dummy_hcd
[  128.205595][  T821] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  128.240186][    T9] usb 2-1: device descriptor read/8, error -71
[  128.350198][    T9] usb usb2-port1: unable to enumerate USB device
[  128.531587][ T5757] corsair-psu 0003:1B1C:1C09.0002: unable to initialize device (-110)
[  128.568545][ T5757] corsair-psu 0003:1B1C:1C09.0002: probe with driver corsair-psu failed with error -110
[  128.788647][ T5757] usb 1-1: USB disconnect, device number 12
[  129.111575][ T5708] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  129.271520][ T5708] usb 4-1: Using ep0 maxpacket: 32
[  129.276108][ T5708] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  129.276145][ T5708] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  129.276186][ T5708] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  129.276211][ T5708] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.302072][ T5708] usb 4-1: config 0 descriptor??
[  129.369022][ T5708] hub 4-1:0.0: USB hub found
[  129.537011][ T5708] hub 4-1:0.0: 26 ports detected
[  129.537574][ T5708] hub 4-1:0.0: insufficient power available to use all downstream ports
[  129.743556][ T5708] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  129.743587][ T5708] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  129.915989][ T5708] usbhid 4-1:0.0: can't add hid device: -71
[  129.916139][ T5708] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  130.105463][ T6062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.105'.
[  130.155090][ T5708] usb 4-1: USB disconnect, device number 7
[  130.716431][ T6066] FAULT_INJECTION: forcing a failure.
[  130.716431][ T6066] name failslab, interval 1, probability 0, space 0, times 0
[  130.716475][ T6066] CPU: 0 UID: 0 PID: 6066 Comm: syz.3.107 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  130.716508][ T6066] Tainted: [L]=SOFTLOCKUP
[  130.716516][ T6066] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  130.716530][ T6066] Call Trace:
[  130.716542][ T6066]  <TASK>
[  130.716553][ T6066]  dump_stack_lvl+0xe8/0x150
[  130.716587][ T6066]  should_fail_ex+0x46b/0x600
[  130.716628][ T6066]  should_failslab+0xa8/0x100
[  130.716662][ T6066]  kmem_cache_alloc_node_noprof+0x8f/0x6e0
[  130.716692][ T6066]  ? __alloc_skb+0x1d0/0x7d0
[  130.716723][ T6066]  ? lockdep_hardirqs_on+0x7a/0x110
[  130.716763][ T6066]  __alloc_skb+0x1d0/0x7d0
[  130.716799][ T6066]  alloc_skb_with_frags+0xc8/0x760
[  130.716845][ T6066]  ? __pfx_hlock_conflict+0x10/0x10
[  130.716888][ T6066]  tcp_send_rcvq+0x14b/0x520
[  130.716921][ T6066]  ? __pfx_tcp_send_rcvq+0x10/0x10
[  130.716949][ T6066]  ? ktime_get_real_ts64+0x370/0x3e0
[  130.716975][ T6066]  ? lock_acquire+0x106/0x350
[  130.717009][ T6066]  tcp_sendmsg_locked+0x4c00/0x5370
[  130.717045][ T6066]  ? __pfx___css_rstat_updated+0x10/0x10
[  130.717071][ T6066]  ? tcp_sendmsg_locked+0x281/0x5370
[  130.717102][ T6066]  ? ktime_get+0x45/0x220
[  130.717138][ T6066]  ? __lock_acquire+0x6b5/0x2d10
[  130.717192][ T6066]  ? finish_task_switch+0x15f/0xbe0
[  130.717218][ T6066]  ? lock_acquire+0x106/0x350
[  130.717246][ T6066]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  130.717282][ T6066]  ? gcm_process_assoc+0x4f8/0x6b0
[  130.717309][ T6066]  ? memcpy_to_scatterwalk+0x300/0x480
[  130.717347][ T6066]  ? __asan_memset+0x22/0x50
[  130.717371][ T6066]  ? iov_iter_bvec+0xb8/0x180
[  130.717399][ T6066]  tls_push_sg+0x278/0x9a0
[  130.717431][ T6066]  ? skcipher_walk_done+0x20d/0x880
[  130.717466][ T6066]  ? __pfx_tls_push_sg+0x10/0x10
[  130.717526][ T6066]  tls_tx_records+0x36f/0x5c0
[  130.717570][ T6066]  tls_push_record+0x20d7/0x37e0
[  130.717620][ T6066]  ? sk_psock_get+0x2ab/0x340
[  130.717654][ T6066]  ? __pfx_tls_push_record+0x10/0x10
[  130.717679][ T6066]  ? __pfx_sk_psock_get+0x10/0x10
[  130.717713][ T6066]  ? gup_fast_fallback+0x1b1e/0x2040
[  130.717749][ T6066]  bpf_exec_tx_verdict+0xf65/0x1640
[  130.717809][ T6066]  ? __pfx_bpf_exec_tx_verdict+0x10/0x10
[  130.717954][ T6066]  tls_sw_sendmsg+0x1912/0x2430
[  130.718036][ T6066]  ? __pfx_tls_sw_sendmsg+0x10/0x10
[  130.718074][ T6066]  ? inet_send_prepare+0x21/0x270
[  130.718105][ T6066]  ? sock_rps_record_flow+0x19/0x350
[  130.718138][ T6066]  ? inet_send_prepare+0x5c/0x270
[  130.718172][ T6066]  ? inet6_sendmsg+0x101/0x120
[  130.718202][ T6066]  ? __pfx_inet6_sendmsg+0x10/0x10
[  130.718227][ T6066]  sock_sendmsg_nosec+0x90/0x180
[  130.718278][ T6066]  __sys_sendto+0x402/0x590
[  130.718318][ T6066]  ? __pfx___sys_sendto+0x10/0x10
[  130.718381][ T6066]  ? exc_page_fault+0x6a/0xc0
[  130.718418][ T6066]  ? do_user_addr_fault+0xc6f/0x1340
[  130.718451][ T6066]  __x64_sys_sendto+0xde/0x100
[  130.718485][ T6066]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.718510][ T6066]  do_syscall_64+0x174/0x580
[  130.718544][ T6066]  ? trace_irq_disable+0x3b/0x140
[  130.718571][ T6066]  ? clear_bhb_loop+0x40/0x90
[  130.718600][ T6066]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  130.718624][ T6066] RIP: 0033:0x7fa9c66dd68e
[  130.718646][ T6066] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  130.718665][ T6066] RSP: 002b:00007fa9c496ce88 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  130.718689][ T6066] RAX: ffffffffffffffda RBX: 00007fa9c496e6c0 RCX: 00007fa9c66dd68e
[  130.718705][ T6066] RDX: 0000000000000020 RSI: 00007fa9c496d000 RDI: 0000000000000003
[  130.718720][ T6066] RBP: 0000000000000000 R08: 00007fa9c496cf04 R09: 000000000000000c
[  130.718734][ T6066] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000003
[  130.718747][ T6066] R13: 00007fa9c496cf58 R14: 00007fa9c496d000 R15: 0000000000000000
[  130.718783][ T6066]  </TASK>
[  131.094272][  T821] gspca_stk1135: reg_w 0x351 err -71
[  131.095323][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095337][  T821] gspca_stk1135: Sensor write failed
[  131.095372][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095382][  T821] gspca_stk1135: Sensor write failed
[  131.095416][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095427][  T821] gspca_stk1135: Sensor read failed
[  131.095462][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095473][  T821] gspca_stk1135: Sensor read failed
[  131.095480][  T821] gspca_stk1135: Detected sensor type unknown (0x0)
[  131.095522][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095532][  T821] gspca_stk1135: Sensor read failed
[  131.095568][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095578][  T821] gspca_stk1135: Sensor read failed
[  131.095614][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095624][  T821] gspca_stk1135: Sensor write failed
[  131.095660][  T821] gspca_stk1135: serial bus timeout: status=0x00
[  131.095671][  T821] gspca_stk1135: Sensor write failed
[  131.095767][  T821] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  131.262366][  T821] usb 3-1: USB disconnect, device number 8
[  132.017726][ T6081] FAULT_INJECTION: forcing a failure.
[  132.017726][ T6081] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  132.017766][ T6081] CPU: 0 UID: 0 PID: 6081 Comm: syz.1.112 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  132.017795][ T6081] Tainted: [L]=SOFTLOCKUP
[  132.017803][ T6081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  132.017817][ T6081] Call Trace:
[  132.017826][ T6081]  <TASK>
[  132.017835][ T6081]  dump_stack_lvl+0xe8/0x150
[  132.017870][ T6081]  should_fail_ex+0x46b/0x600
[  132.017910][ T6081]  _copy_from_iter+0x1d3/0x1670
[  132.017937][ T6081]  ? rcu_is_watching+0x15/0xb0
[  132.017971][ T6081]  ? rcu_is_watching+0x15/0xb0
[  132.018008][ T6081]  ? __pfx__copy_from_iter+0x10/0x10
[  132.018029][ T6081]  ? __kmalloc_node_track_caller_noprof+0x390/0x7e0
[  132.018060][ T6081]  ? __alloc_skb+0x1d0/0x7d0
[  132.018099][ T6081]  ? tipc_msg_build+0x40d/0xf00
[  132.018159][ T6081]  tipc_msg_build+0x466/0xf00
[  132.018199][ T6081]  ? tipc_node_find+0x3cd/0x4a0
[  132.018228][ T6081]  ? arch_stack_walk+0xfb/0x150
[  132.018259][ T6081]  ? tipc_node_find+0xb3/0x4a0
[  132.018287][ T6081]  ? __pfx_tipc_msg_build+0x10/0x10
[  132.018338][ T6081]  tipc_send_group_msg+0x2a3/0x600
[  132.018378][ T6081]  ? __pfx_tipc_send_group_msg+0x10/0x10
[  132.018408][ T6081]  ? kfree+0x1c5/0x6c0
[  132.018461][ T6081]  tipc_send_group_unicast+0x4e0/0x550
[  132.018513][ T6081]  ? __pfx_tipc_send_group_unicast+0x10/0x10
[  132.018544][ T6081]  ? lockdep_hardirqs_on+0x7a/0x110
[  132.018583][ T6081]  ? __pfx_woken_wake_function+0x10/0x10
[  132.018611][ T6081]  ? tipc_dest_pop+0x19c/0x230
[  132.018649][ T6081]  ? tipc_dest_pop+0x19c/0x230
[  132.018678][ T6081]  __tipc_sendmsg+0x15bb/0x2c00
[  132.018710][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.018753][ T6081]  ? do_raw_spin_lock+0x12b/0x2f0
[  132.018776][ T6081]  ? __pfx___tipc_sendmsg+0x10/0x10
[  132.018817][ T6081]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  132.018853][ T6081]  ? lockdep_hardirqs_on+0x7a/0x110
[  132.018888][ T6081]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  132.018921][ T6081]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  132.018952][ T6081]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  132.018984][ T6081]  ? try_to_take_rt_mutex+0x840/0xb00
[  132.019028][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.019062][ T6081]  ? try_to_take_rt_mutex+0x840/0xb00
[  132.019106][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.019140][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.019170][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.019206][ T6081]  __tipc_sendstream+0x104e/0x1280
[  132.019240][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.019285][ T6081]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  132.019322][ T6081]  ? __pfx___tipc_sendstream+0x10/0x10
[  132.019354][ T6081]  ? __local_bh_enable+0x1e1/0x2f0
[  132.019393][ T6081]  ? __local_bh_enable_ip+0x1ae/0x2b0
[  132.019425][ T6081]  ? lockdep_hardirqs_on+0x7a/0x110
[  132.019465][ T6081]  tipc_send_packet+0x7c/0xa0
[  132.019498][ T6081]  ? __pfx_tipc_send_packet+0x10/0x10
[  132.019530][ T6081]  sock_sendmsg_nosec+0x13a/0x180
[  132.019562][ T6081]  ____sys_sendmsg+0x55c/0x870
[  132.019603][ T6081]  ? __pfx_____sys_sendmsg+0x10/0x10
[  132.019657][ T6081]  ? import_iovec+0x73/0xa0
[  132.019687][ T6081]  ___sys_sendmsg+0x2a5/0x360
[  132.019722][ T6081]  ? __lock_acquire+0x6b5/0x2d10
[  132.019753][ T6081]  ? __pfx____sys_sendmsg+0x10/0x10
[  132.019825][ T6081]  ? __fget_files+0x2a/0x420
[  132.019851][ T6081]  ? __fget_files+0x3a6/0x420
[  132.019889][ T6081]  __x64_sys_sendmsg+0x1c3/0x2a0
[  132.019927][ T6081]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  132.019972][ T6081]  ? __pfx_ksys_write+0x10/0x10
[  132.020012][ T6081]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.020037][ T6081]  do_syscall_64+0x174/0x580
[  132.020070][ T6081]  ? trace_irq_disable+0x3b/0x140
[  132.020096][ T6081]  ? clear_bhb_loop+0x40/0x90
[  132.020123][ T6081]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.020147][ T6081] RIP: 0033:0x7f425a4cce59
[  132.020168][ T6081] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  132.020187][ T6081] RSP: 002b:00007f425871e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  132.020210][ T6081] RAX: ffffffffffffffda RBX: 00007f425a745fa0 RCX: 00007f425a4cce59
[  132.020227][ T6081] RDX: 0000000000000000 RSI: 00002000000005c0 RDI: 0000000000000003
[  132.020240][ T6081] RBP: 00007f425871e090 R08: 0000000000000000 R09: 0000000000000000
[  132.020254][ T6081] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  132.020266][ T6081] R13: 00007f425a746038 R14: 00007f425a745fa0 R15: 00007ffefd579518
[  132.020298][ T6081]  </TASK>
[  132.644529][ T6088] FAULT_INJECTION: forcing a failure.
[  132.644529][ T6088] name failslab, interval 1, probability 0, space 0, times 0
[  132.644576][ T6088] CPU: 0 UID: 0 PID: 6088 Comm: syz.1.115 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  132.644619][ T6088] Tainted: [L]=SOFTLOCKUP
[  132.644628][ T6088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  132.644641][ T6088] Call Trace:
[  132.644650][ T6088]  <TASK>
[  132.644660][ T6088]  dump_stack_lvl+0xe8/0x150
[  132.644696][ T6088]  should_fail_ex+0x46b/0x600
[  132.644738][ T6088]  should_failslab+0xa8/0x100
[  132.644773][ T6088]  __kmalloc_noprof+0xdf/0x7b0
[  132.644802][ T6088]  ? skcipher_walk_virt+0x85/0x6a0
[  132.644826][ T6088]  ? skcipher_next_slow+0xee/0x230
[  132.644852][ T6088]  ? skcipher_walk_next+0x7b3/0xbe0
[  132.644882][ T6088]  skcipher_next_slow+0xee/0x230
[  132.644915][ T6088]  cbc_decrypt+0x10c/0xd20
[  132.644946][ T6088]  ? lockdep_hardirqs_on+0x7a/0x110
[  132.644984][ T6088]  ? __pfx_cbc_decrypt+0x10/0x10
[  132.645012][ T6088]  ? kfree+0x1c5/0x6c0
[  132.645041][ T6088]  ? sock_kfree_s+0x28/0x60
[  132.645094][ T6088]  skcipher_recvmsg+0xae6/0x1140
[  132.645151][ T6088]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  132.645182][ T6088]  ? __lock_acquire+0x6b5/0x2d10
[  132.645216][ T6088]  ? aa_sock_msg_perm+0x122/0x200
[  132.645243][ T6088]  ? __pfx_skcipher_recvmsg+0x10/0x10
[  132.645278][ T6088]  sock_recvmsg_nosec+0x130/0x170
[  132.645312][ T6088]  ____sys_recvmsg+0x23d/0x4f0
[  132.645346][ T6088]  ? __pfx_____sys_recvmsg+0x10/0x10
[  132.645387][ T6088]  ? import_iovec+0x73/0xa0
[  132.645418][ T6088]  ___sys_recvmsg+0x215/0x590
[  132.645448][ T6088]  ? __pfx____sys_recvmsg+0x10/0x10
[  132.645476][ T6088]  ? __fget_files+0x2a/0x420
[  132.645525][ T6088]  ? __fget_files+0x3a6/0x420
[  132.645565][ T6088]  do_recvmmsg+0x33a/0x800
[  132.645607][ T6088]  ? __pfx_do_recvmmsg+0x10/0x10
[  132.645658][ T6088]  ? rt_mutex_slowunlock+0x1cb/0x300
[  132.645703][ T6088]  __x64_sys_recvmmsg+0x198/0x250
[  132.645730][ T6088]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  132.645764][ T6088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.645791][ T6088]  do_syscall_64+0x174/0x580
[  132.645825][ T6088]  ? trace_irq_disable+0x3b/0x140
[  132.645852][ T6088]  ? clear_bhb_loop+0x40/0x90
[  132.645881][ T6088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.645905][ T6088] RIP: 0033:0x7f425a4cce59
[  132.645927][ T6088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  132.645945][ T6088] RSP: 002b:00007f425871e028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  132.645970][ T6088] RAX: ffffffffffffffda RBX: 00007f425a745fa0 RCX: 00007f425a4cce59
[  132.645985][ T6088] RDX: 0000000000000001 RSI: 0000200000006d00 RDI: 0000000000000004
[  132.645998][ T6088] RBP: 00007f425871e090 R08: 0000000000000000 R09: 0000000000000000
[  132.646011][ T6088] R10: 0000000040004022 R11: 0000000000000246 R12: 0000000000000001
[  132.646024][ T6088] R13: 00007f425a746038 R14: 00007f425a745fa0 R15: 00007ffefd579518
[  132.646057][ T6088]  </TASK>
[  132.901660][  T821] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  133.078112][ T1338] ieee802154 phy0 wpan0: encryption failed: -22
[  133.079375][ T1338] ieee802154 phy1 wpan1: encryption failed: -22
[  133.194963][  T821] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 246, changing to 11
[  133.194999][  T821] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  133.195052][  T821] usb 4-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  133.195076][  T821] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.249639][  T821] usb 4-1: config 0 descriptor??
[  133.591525][ T5757] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  133.742296][ T5757] usb 3-1: Using ep0 maxpacket: 8
[  133.752345][ T5757] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.752385][ T5757] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  133.752434][ T5757] usb 3-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  133.752463][ T5757] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.808347][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808390][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808418][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808446][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808473][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808502][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808532][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808578][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808608][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.808637][  T821] razer 0003:1532:010D.0003: unknown main item tag 0x0
[  133.809393][  T821] razer 0003:1532:010D.0003: unexpected long global item
[  133.822032][ T5757] usb 3-1: config 0 descriptor??
[  133.836455][    T9] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  133.907028][  T821] razer 0003:1532:010D.0003: probe with driver razer failed with error -22
[  134.128529][ T5708] usb 4-1: USB disconnect, device number 8
[  134.175234][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  134.235714][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  134.235804][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  134.264433][    T9] usb 2-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40
[  134.264540][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.264565][    T9] usb 2-1: Product: syz
[  134.264582][    T9] usb 2-1: Manufacturer: syz
[  134.264599][    T9] usb 2-1: SerialNumber: syz
[  134.473184][    T9] usb 2-1: selecting invalid altsetting 1
[  134.500879][    T9] usb 2-1: unit 6 not found!
[  134.640999][ T5757] logitech-djreceiver 0003:046D:C534.0004: hidraw0: USB HID v0.00 Device [HID 046d:c534] on usb-dummy_hcd.2-1/input0
[  134.876950][ T5757] usb 3-1: USB disconnect, device number 9
[  135.448203][ T6095] netlink: 4 bytes leftover after parsing attributes in process `syz.1.118'.
[  135.615390][    T9] usb 2-1: 2:0: failed to get current value for ch 0 (-71)
[  135.724081][   T39] audit: type=1326 audit(1780615844.686:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6099 comm="syz.2.120" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9ae0f5ce59 code=0x0
[  135.787324][ T6102] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  136.126725][    T9] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  136.162543][    T9] usb 2-1: USB disconnect, device number 14
[  136.219064][ T5801] udevd[5801]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  136.506070][    T9] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  136.709175][    T9] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  136.710108][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.710134][    T9] usb 2-1: Product: syz
[  136.710150][    T9] usb 2-1: Manufacturer: syz
[  136.710167][    T9] usb 2-1: SerialNumber: syz
[  136.762094][    T9] usb 2-1: config 0 descriptor??
[  136.816315][    T9] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  136.896503][ T6121] FAULT_INJECTION: forcing a failure.
[  136.896503][ T6121] name failslab, interval 1, probability 0, space 0, times 0
[  136.896541][ T6121] CPU: 1 UID: 0 PID: 6121 Comm: syz.3.124 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  136.896573][ T6121] Tainted: [L]=SOFTLOCKUP
[  136.896581][ T6121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  136.896595][ T6121] Call Trace:
[  136.896604][ T6121]  <TASK>
[  136.896614][ T6121]  dump_stack_lvl+0xe8/0x150
[  136.896649][ T6121]  should_fail_ex+0x46b/0x600
[  136.896698][ T6121]  should_failslab+0xa8/0x100
[  136.896730][ T6121]  kmem_cache_alloc_noprof+0x87/0x680
[  136.896758][ T6121]  ? skb_clone+0x212/0x3a0
[  136.896785][ T6121]  skb_clone+0x212/0x3a0
[  136.896811][ T6121]  __netlink_deliver_tap+0x424/0x8b0
[  136.896861][ T6121]  ? netlink_deliver_tap+0x2e/0x1b0
[  136.896898][ T6121]  netlink_deliver_tap+0x19c/0x1b0
[  136.896937][ T6121]  netlink_unicast+0x754/0x920
[  136.896981][ T6121]  netlink_sendmsg+0x813/0xb40
[  136.897011][ T6121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.897036][ T6121]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  136.897071][ T6121]  ? aa_sock_msg_perm+0x122/0x200
[  136.897097][ T6121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  136.897118][ T6121]  sock_sendmsg_nosec+0x13a/0x180
[  136.897147][ T6121]  ____sys_sendmsg+0x55c/0x870
[  136.897186][ T6121]  ? __pfx_____sys_sendmsg+0x10/0x10
[  136.897231][ T6121]  ? import_iovec+0x73/0xa0
[  136.897262][ T6121]  ___sys_sendmsg+0x2a5/0x360
[  136.897296][ T6121]  ? __lock_acquire+0x6b5/0x2d10
[  136.897326][ T6121]  ? __pfx____sys_sendmsg+0x10/0x10
[  136.897398][ T6121]  ? __fget_files+0x2a/0x420
[  136.897426][ T6121]  ? __fget_files+0x3a6/0x420
[  136.897463][ T6121]  __x64_sys_sendmsg+0x1c3/0x2a0
[  136.897502][ T6121]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  136.897548][ T6121]  ? __pfx_ksys_write+0x10/0x10
[  136.897590][ T6121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.897615][ T6121]  do_syscall_64+0x174/0x580
[  136.897648][ T6121]  ? trace_irq_disable+0x3b/0x140
[  136.897704][ T6121]  ? clear_bhb_loop+0x40/0x90
[  136.897734][ T6121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  136.897757][ T6121] RIP: 0033:0x7fa9c671ce59
[  136.897778][ T6121] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  136.897797][ T6121] RSP: 002b:00007fa9c496e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  136.897820][ T6121] RAX: ffffffffffffffda RBX: 00007fa9c6995fa0 RCX: 00007fa9c671ce59
[  136.897836][ T6121] RDX: 0000000000000044 RSI: 0000200000000d80 RDI: 0000000000000003
[  136.897849][ T6121] RBP: 00007fa9c496e090 R08: 0000000000000000 R09: 0000000000000000
[  136.897864][ T6121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  136.897876][ T6121] R13: 00007fa9c6996038 R14: 00007fa9c6995fa0 R15: 00007ffc0be8d768
[  136.897912][ T6121]  </TASK>
[  136.908946][ T6121] netlink: 4 bytes leftover after parsing attributes in process `syz.3.124'.
[  138.701513][  T821] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  138.731635][ T6138] FAULT_INJECTION: forcing a failure.
[  138.731635][ T6138] name failslab, interval 1, probability 0, space 0, times 0
[  138.731670][ T6138] CPU: 1 UID: 0 PID: 6138 Comm: syz.2.130 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  138.731697][ T6138] Tainted: [L]=SOFTLOCKUP
[  138.731704][ T6138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  138.731716][ T6138] Call Trace:
[  138.731723][ T6138]  <TASK>
[  138.731732][ T6138]  dump_stack_lvl+0xe8/0x150
[  138.731761][ T6138]  should_fail_ex+0x46b/0x600
[  138.731794][ T6138]  should_failslab+0xa8/0x100
[  138.731821][ T6138]  __kmalloc_noprof+0xdf/0x7b0
[  138.731845][ T6138]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  138.731877][ T6138]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  138.731910][ T6138]  genl_family_rcv_msg_doit+0xd9/0x330
[  138.731941][ T6138]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  138.731974][ T6138]  ? apparmor_capable+0x126/0x170
[  138.732014][ T6138]  ? bpf_lsm_capable+0x9/0x20
[  138.732030][ T6138]  ? security_capable+0x7e/0x2c0
[  138.732052][ T6138]  genl_rcv_msg+0x61c/0x7a0
[  138.732079][ T6138]  ? __pfx_genl_rcv_msg+0x10/0x10
[  138.732098][ T6138]  ? ref_tracker_free+0x673/0x820
[  138.732124][ T6138]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  138.732144][ T6138]  ? __pfx_nl80211_start_ap+0x10/0x10
[  138.732166][ T6138]  ? __pfx_nl80211_post_doit+0x10/0x10
[  138.732187][ T6138]  ? ____sys_sendmsg+0x55c/0x870
[  138.732215][ T6138]  ? ___sys_sendmsg+0x2a5/0x360
[  138.732240][ T6138]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  138.732265][ T6138]  ? do_syscall_64+0x174/0x580
[  138.732292][ T6138]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.732318][ T6138]  netlink_rcv_skb+0x232/0x4b0
[  138.732350][ T6138]  ? __pfx_genl_rcv_msg+0x10/0x10
[  138.732375][ T6138]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  138.732417][ T6138]  ? netlink_deliver_tap+0x2e/0x1b0
[  138.732447][ T6138]  ? netlink_deliver_tap+0x2e/0x1b0
[  138.732481][ T6138]  genl_rcv+0x28/0x40
[  138.732507][ T6138]  netlink_unicast+0x780/0x920
[  138.732546][ T6138]  netlink_sendmsg+0x813/0xb40
[  138.732573][ T6138]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.732593][ T6138]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  138.732622][ T6138]  ? aa_sock_msg_perm+0x122/0x200
[  138.732646][ T6138]  ? __pfx_netlink_sendmsg+0x10/0x10
[  138.732665][ T6138]  sock_sendmsg_nosec+0x13a/0x180
[  138.732694][ T6138]  ____sys_sendmsg+0x55c/0x870
[  138.732735][ T6138]  ? __pfx_____sys_sendmsg+0x10/0x10
[  138.732783][ T6138]  ? import_iovec+0x73/0xa0
[  138.732812][ T6138]  ___sys_sendmsg+0x2a5/0x360
[  138.732844][ T6138]  ? __lock_acquire+0x6b5/0x2d10
[  138.732874][ T6138]  ? __pfx____sys_sendmsg+0x10/0x10
[  138.732944][ T6138]  ? __fget_files+0x2a/0x420
[  138.732972][ T6138]  ? __fget_files+0x3a6/0x420
[  138.733019][ T6138]  __x64_sys_sendmsg+0x1c3/0x2a0
[  138.733058][ T6138]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  138.733104][ T6138]  ? __pfx_ksys_write+0x10/0x10
[  138.733147][ T6138]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.733171][ T6138]  do_syscall_64+0x174/0x580
[  138.733203][ T6138]  ? trace_irq_disable+0x3b/0x140
[  138.733234][ T6138]  ? clear_bhb_loop+0x40/0x90
[  138.733256][ T6138]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.733308][ T6138] RIP: 0033:0x7f9ae0f5ce59
[  138.733329][ T6138] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  138.733349][ T6138] RSP: 002b:00007f9adf18d028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  138.733372][ T6138] RAX: ffffffffffffffda RBX: 00007f9ae11d6090 RCX: 00007f9ae0f5ce59
[  138.733387][ T6138] RDX: 0000000020000014 RSI: 00002000000001c0 RDI: 0000000000000003
[  138.733401][ T6138] RBP: 00007f9adf18d090 R08: 0000000000000000 R09: 0000000000000000
[  138.733419][ T6138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  138.733429][ T6138] R13: 00007f9ae11d6128 R14: 00007f9ae11d6090 R15: 00007ffea718e1f8
[  138.733469][ T6138]  </TASK>
[  138.914642][  T821] usb 4-1: Using ep0 maxpacket: 16
[  138.936380][  T821] usb 4-1: unable to get BOS descriptor or descriptor too short
[  138.939581][  T821] usb 4-1: config 42 has an invalid interface number: 178 but max is 0
[  138.939656][  T821] usb 4-1: config 42 has no interface number 0
[  138.939725][  T821] usb 4-1: config 42 interface 178 has no altsetting 0
[  138.983118][  T821] usb 4-1: string descriptor 0 read error: -22
[  138.983251][  T821] usb 4-1: New USB device found, idVendor=045e, idProduct=00f8, bcdDevice=e0.e5
[  138.983276][  T821] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.188432][  T821] uvcvideo 4-1:42.178: Found multiple Units with ID 1
[  139.194523][  T821] uvcvideo 4-1:42.178: Found UVC 0.00 device <unnamed> (045e:00f8)
[  139.194629][  T821] uvcvideo 4-1:42.178: No valid video chain found.
[  139.664660][ T6139] warning: `syz.3.128' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  139.683393][    T9] gspca_stk1135: reg_w 0x351 err -71
[  139.684441][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684459][    T9] gspca_stk1135: Sensor write failed
[  139.684492][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684501][    T9] gspca_stk1135: Sensor write failed
[  139.684533][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684542][    T9] gspca_stk1135: Sensor read failed
[  139.684571][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684580][    T9] gspca_stk1135: Sensor read failed
[  139.684595][    T9] gspca_stk1135: Detected sensor type unknown (0x0)
[  139.684631][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684640][    T9] gspca_stk1135: Sensor read failed
[  139.684669][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684679][    T9] gspca_stk1135: Sensor read failed
[  139.684709][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684719][    T9] gspca_stk1135: Sensor write failed
[  139.684750][    T9] gspca_stk1135: serial bus timeout: status=0x00
[  139.684759][    T9] gspca_stk1135: Sensor write failed
[  139.684854][    T9] stk1135 2-1:0.0: probe with driver stk1135 failed with error -71
[  139.813049][    T9] usb 2-1: USB disconnect, device number 15
[  140.793803][ T5599] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  140.894127][ T6151] openvswitch: netlink: EtherType 53b is less than min 600
[  140.961555][ T5599] usb 2-1: Using ep0 maxpacket: 8
[  140.970185][ T5599] usb 2-1: unable to get BOS descriptor or descriptor too short
[  140.988855][ T5599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  140.988893][ T5599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  140.988918][ T5599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 65535, setting to 1024
[  140.988948][ T5599] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1024
[  140.988975][ T5599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  140.988991][ T5599] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  140.989007][ T5599] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  141.083862][ T5599] usb 2-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  141.083898][ T5599] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.083921][ T5599] usb 2-1: Product: syz
[  141.083937][ T5599] usb 2-1: Manufacturer: syz
[  141.083953][ T5599] usb 2-1: SerialNumber: syz
[  141.165658][ T5599] usb 2-1: config 0 descriptor??
[  141.174048][ T6145] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  141.210400][ T5599] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  141.580043][    T9] usb 4-1: USB disconnect, device number 9
[  141.604880][ T6158] netlink: 4 bytes leftover after parsing attributes in process `syz.2.137'.
[  141.606645][ T6158] FAULT_INJECTION: forcing a failure.
[  141.606645][ T6158] name failslab, interval 1, probability 0, space 0, times 0
[  141.606674][ T6158] CPU: 1 UID: 0 PID: 6158 Comm: syz.2.137 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  141.606696][ T6158] Tainted: [L]=SOFTLOCKUP
[  141.606702][ T6158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  141.606712][ T6158] Call Trace:
[  141.606718][ T6158]  <TASK>
[  141.606725][ T6158]  dump_stack_lvl+0xe8/0x150
[  141.606748][ T6158]  should_fail_ex+0x46b/0x600
[  141.606776][ T6158]  should_failslab+0xa8/0x100
[  141.606799][ T6158]  kmem_cache_alloc_noprof+0x87/0x680
[  141.606818][ T6158]  ? skb_clone+0x212/0x3a0
[  141.606839][ T6158]  skb_clone+0x212/0x3a0
[  141.606852][ T6158]  ? nfnetlink_rcv+0x4b0/0x27b0
[  141.606877][ T6158]  nfnetlink_rcv+0x4e2/0x27b0
[  141.606901][ T6158]  ? sock_sendmsg_nosec+0x13a/0x180
[  141.606920][ T6158]  ? __pfx_snprintf+0x10/0x10
[  141.606941][ T6158]  ? unwind_get_return_address+0x4d/0x90
[  141.606970][ T6158]  ? trim_netdev_trace+0x7ac/0x840
[  141.606991][ T6158]  ? __pfx_trim_netdev_trace+0x10/0x10
[  141.607006][ T6158]  ? stack_trace_save+0xa9/0x100
[  141.607028][ T6158]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  141.607062][ T6158]  ? __pfx_save_netdev_trace_buffer+0x10/0x10
[  141.607079][ T6158]  ? ref_tracker_free+0x673/0x820
[  141.607103][ T6158]  ? __netlink_deliver_tap+0x636/0x8b0
[  141.607127][ T6158]  ? netlink_deliver_tap+0x19c/0x1b0
[  141.607151][ T6158]  ? netlink_unicast+0x754/0x920
[  141.607171][ T6158]  ? netlink_sendmsg+0x813/0xb40
[  141.607185][ T6158]  ? sock_sendmsg_nosec+0x13a/0x180
[  141.607202][ T6158]  ? ____sys_sendmsg+0x55c/0x870
[  141.607226][ T6158]  ? ___sys_sendmsg+0x2a5/0x360
[  141.607249][ T6158]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  141.607273][ T6158]  ? do_syscall_64+0x174/0x580
[  141.607297][ T6158]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.607330][ T6158]  ? skb_clone+0x246/0x3a0
[  141.607347][ T6158]  ? __netlink_deliver_tap+0x866/0x8b0
[  141.607373][ T6158]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.607402][ T6158]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.607427][ T6158]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.607455][ T6158]  netlink_unicast+0x780/0x920
[  141.607486][ T6158]  netlink_sendmsg+0x813/0xb40
[  141.607507][ T6158]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.607524][ T6158]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  141.607548][ T6158]  ? aa_sock_msg_perm+0x122/0x200
[  141.607566][ T6158]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.607580][ T6158]  sock_sendmsg_nosec+0x13a/0x180
[  141.607601][ T6158]  ____sys_sendmsg+0x55c/0x870
[  141.607630][ T6158]  ? __pfx_____sys_sendmsg+0x10/0x10
[  141.607661][ T6158]  ? import_iovec+0x73/0xa0
[  141.607682][ T6158]  ___sys_sendmsg+0x2a5/0x360
[  141.607706][ T6158]  ? __lock_acquire+0x6b5/0x2d10
[  141.607728][ T6158]  ? __pfx____sys_sendmsg+0x10/0x10
[  141.607777][ T6158]  ? __fget_files+0x2a/0x420
[  141.607795][ T6158]  ? __fget_files+0x3a6/0x420
[  141.607821][ T6158]  __x64_sys_sendmsg+0x1c3/0x2a0
[  141.607848][ T6158]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  141.607880][ T6158]  ? __pfx_ksys_write+0x10/0x10
[  141.607909][ T6158]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.607926][ T6158]  do_syscall_64+0x174/0x580
[  141.607950][ T6158]  ? trace_irq_disable+0x3b/0x140
[  141.607968][ T6158]  ? clear_bhb_loop+0x40/0x90
[  141.607987][ T6158]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.608003][ T6158] RIP: 0033:0x7f9ae0f5ce59
[  141.608018][ T6158] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  141.608031][ T6158] RSP: 002b:00007f9adf1ae028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.608047][ T6158] RAX: ffffffffffffffda RBX: 00007f9ae11d5fa0 RCX: 00007f9ae0f5ce59
[  141.608059][ T6158] RDX: 0000000000000044 RSI: 0000200000000d80 RDI: 0000000000000003
[  141.608069][ T6158] RBP: 00007f9adf1ae090 R08: 0000000000000000 R09: 0000000000000000
[  141.608079][ T6158] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  141.608088][ T6158] R13: 00007f9ae11d6038 R14: 00007f9ae11d5fa0 R15: 00007ffea718e1f8
[  141.608111][ T6158]  </TASK>
[  142.611200][ T6167] FAULT_INJECTION: forcing a failure.
[  142.611200][ T6167] name failslab, interval 1, probability 0, space 0, times 0
[  142.611235][ T6167] CPU: 0 UID: 0 PID: 6167 Comm: syz.2.140 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  142.611260][ T6167] Tainted: [L]=SOFTLOCKUP
[  142.611266][ T6167] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  142.611283][ T6167] Call Trace:
[  142.611289][ T6167]  <TASK>
[  142.611297][ T6167]  dump_stack_lvl+0xe8/0x150
[  142.611322][ T6167]  should_fail_ex+0x46b/0x600
[  142.611353][ T6167]  should_failslab+0xa8/0x100
[  142.611378][ T6167]  __kmalloc_noprof+0xdf/0x7b0
[  142.611400][ T6167]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  142.611428][ T6167]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  142.611457][ T6167]  genl_family_rcv_msg_doit+0xd9/0x330
[  142.611485][ T6167]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  142.611514][ T6167]  ? apparmor_capable+0x126/0x170
[  142.611540][ T6167]  ? bpf_lsm_capable+0x9/0x20
[  142.611556][ T6167]  ? security_capable+0x7e/0x2c0
[  142.611579][ T6167]  genl_rcv_msg+0x61c/0x7a0
[  142.611605][ T6167]  ? __pfx_genl_rcv_msg+0x10/0x10
[  142.611625][ T6167]  ? ref_tracker_free+0x673/0x820
[  142.611652][ T6167]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  142.611672][ T6167]  ? __pfx_nl80211_trigger_scan+0x10/0x10
[  142.611695][ T6167]  ? __pfx_nl80211_post_doit+0x10/0x10
[  142.611715][ T6167]  ? ____sys_sendmsg+0x55c/0x870
[  142.611741][ T6167]  ? ___sys_sendmsg+0x2a5/0x360
[  142.611766][ T6167]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  142.611806][ T6167]  ? do_syscall_64+0x174/0x580
[  142.611832][ T6167]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.611860][ T6167]  netlink_rcv_skb+0x232/0x4b0
[  142.611891][ T6167]  ? __pfx_genl_rcv_msg+0x10/0x10
[  142.611915][ T6167]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  142.611956][ T6167]  ? netlink_deliver_tap+0x2e/0x1b0
[  142.611984][ T6167]  ? netlink_deliver_tap+0x2e/0x1b0
[  142.612017][ T6167]  genl_rcv+0x28/0x40
[  142.612038][ T6167]  netlink_unicast+0x780/0x920
[  142.612075][ T6167]  netlink_sendmsg+0x813/0xb40
[  142.612102][ T6167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.612122][ T6167]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  142.612151][ T6167]  ? aa_sock_msg_perm+0x122/0x200
[  142.612173][ T6167]  ? __pfx_netlink_sendmsg+0x10/0x10
[  142.612191][ T6167]  sock_sendmsg_nosec+0x13a/0x180
[  142.612217][ T6167]  ____sys_sendmsg+0x55c/0x870
[  142.612254][ T6167]  ? __pfx_____sys_sendmsg+0x10/0x10
[  142.612291][ T6167]  ? import_iovec+0x73/0xa0
[  142.612315][ T6167]  ___sys_sendmsg+0x2a5/0x360
[  142.612341][ T6167]  ? __lock_acquire+0x6b5/0x2d10
[  142.612366][ T6167]  ? __pfx____sys_sendmsg+0x10/0x10
[  142.612423][ T6167]  ? __fget_files+0x2a/0x420
[  142.612444][ T6167]  ? __fget_files+0x3a6/0x420
[  142.612475][ T6167]  __x64_sys_sendmsg+0x1c3/0x2a0
[  142.612505][ T6167]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  142.612541][ T6167]  ? __pfx_ksys_write+0x10/0x10
[  142.612593][ T6167]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.612612][ T6167]  do_syscall_64+0x174/0x580
[  142.612642][ T6167]  ? trace_irq_disable+0x3b/0x140
[  142.612664][ T6167]  ? clear_bhb_loop+0x40/0x90
[  142.612688][ T6167]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  142.612707][ T6167] RIP: 0033:0x7f9ae0f5ce59
[  142.612728][ T6167] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  142.612744][ T6167] RSP: 002b:00007f9adf1ae028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  142.612766][ T6167] RAX: ffffffffffffffda RBX: 00007f9ae11d5fa0 RCX: 00007f9ae0f5ce59
[  142.612792][ T6167] RDX: 0000000000028000 RSI: 0000200000006000 RDI: 0000000000000003
[  142.612804][ T6167] RBP: 00007f9adf1ae090 R08: 0000000000000000 R09: 0000000000000000
[  142.612815][ T6167] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  142.612826][ T6167] R13: 00007f9ae11d6038 R14: 00007f9ae11d5fa0 R15: 00007ffea718e1f8
[  142.612857][ T6167]  </TASK>
[  143.582108][ T5708] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  143.742805][ T5708] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  143.742839][ T5708] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.742862][ T5708] usb 3-1: Product: syz
[  143.742878][ T5708] usb 3-1: Manufacturer: syz
[  143.742895][ T5708] usb 3-1: SerialNumber: syz
[  143.823169][ T5781] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  143.992802][ T5781] usb 4-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  143.992837][ T5781] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.992859][ T5781] usb 4-1: Product: syz
[  143.992875][ T5781] usb 4-1: Manufacturer: syz
[  143.992892][ T5781] usb 4-1: SerialNumber: syz
[  144.078889][ T5708] usb 3-1: config 0 descriptor??
[  144.101747][ T5708] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  144.615765][ T5599] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -12
[  144.683146][ T5781] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  144.683232][ T5781] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  144.821995][ T5599] usb 2-1: USB disconnect, device number 16
[  145.000484][ T5762] udevd[5762]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  145.531478][ T5599] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  145.570430][ T6160] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  145.672537][ T6160] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  146.155067][   T60] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  146.283542][   T60] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  146.305992][   T60] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  146.364452][   T60] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  146.390097][   T60] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  146.996012][ T5708] gspca_stk1135: reg_w 0x351 err -71
[  146.997060][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997077][ T5708] gspca_stk1135: Sensor write failed
[  146.997107][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997117][ T5708] gspca_stk1135: Sensor write failed
[  146.997148][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997158][ T5708] gspca_stk1135: Sensor read failed
[  146.997190][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997200][ T5708] gspca_stk1135: Sensor read failed
[  146.997207][ T5708] gspca_stk1135: Detected sensor type unknown (0x0)
[  146.997241][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997249][ T5708] gspca_stk1135: Sensor read failed
[  146.997275][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997283][ T5708] gspca_stk1135: Sensor read failed
[  146.997309][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997317][ T5708] gspca_stk1135: Sensor write failed
[  146.997347][ T5708] gspca_stk1135: serial bus timeout: status=0x00
[  146.997355][ T5708] gspca_stk1135: Sensor write failed
[  146.997437][ T5708] stk1135 3-1:0.0: probe with driver stk1135 failed with error -71
[  147.166645][ T5708] usb 3-1: USB disconnect, device number 10
[  147.723913][ T5781] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -EPROTO
[  147.723976][ T5781] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  147.956135][ T5781] lan78xx 4-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  148.041704][ T5781] lan78xx 4-1:1.0: probe with driver lan78xx failed with error -71
[  148.177615][ T5781] usb 4-1: USB disconnect, device number 10
[  148.581861][ T4925] Bluetooth: hci4: command tx timeout
[  148.863526][ T6195] FAULT_INJECTION: forcing a failure.
[  148.863526][ T6195] name failslab, interval 1, probability 0, space 0, times 0
[  148.863577][ T6195] CPU: 0 UID: 0 PID: 6195 Comm: syz.3.149 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  148.863609][ T6195] Tainted: [L]=SOFTLOCKUP
[  148.863616][ T6195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  148.863631][ T6195] Call Trace:
[  148.863639][ T6195]  <TASK>
[  148.863649][ T6195]  dump_stack_lvl+0xe8/0x150
[  148.863680][ T6195]  should_fail_ex+0x46b/0x600
[  148.863717][ T6195]  should_failslab+0xa8/0x100
[  148.863749][ T6195]  __kmalloc_noprof+0xdf/0x7b0
[  148.863776][ T6195]  ? genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  148.863812][ T6195]  genl_family_rcv_msg_attrs_parse+0xd0/0x2f0
[  148.863849][ T6195]  genl_family_rcv_msg_doit+0xd9/0x330
[  148.863884][ T6195]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  148.863920][ T6195]  ? apparmor_capable+0x126/0x170
[  148.863951][ T6195]  ? bpf_lsm_capable+0x9/0x20
[  148.863970][ T6195]  ? security_capable+0x7e/0x2c0
[  148.863999][ T6195]  genl_rcv_msg+0x61c/0x7a0
[  148.864034][ T6195]  ? __pfx_genl_rcv_msg+0x10/0x10
[  148.864059][ T6195]  ? ref_tracker_free+0x673/0x820
[  148.864092][ T6195]  ? __pfx_batadv_pre_doit+0x10/0x10
[  148.864118][ T6195]  ? __pfx_batadv_netlink_set_mesh+0x10/0x10
[  148.864145][ T6195]  ? __pfx_batadv_post_doit+0x10/0x10
[  148.864173][ T6195]  ? ____sys_sendmsg+0x55c/0x870
[  148.864206][ T6195]  ? ___sys_sendmsg+0x2a5/0x360
[  148.864237][ T6195]  ? __x64_sys_sendmsg+0x1c3/0x2a0
[  148.864271][ T6195]  ? do_syscall_64+0x174/0x580
[  148.864303][ T6195]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.864335][ T6195]  netlink_rcv_skb+0x232/0x4b0
[  148.864372][ T6195]  ? __pfx_genl_rcv_msg+0x10/0x10
[  148.864402][ T6195]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  148.864452][ T6195]  ? netlink_deliver_tap+0x2e/0x1b0
[  148.864489][ T6195]  ? netlink_deliver_tap+0x2e/0x1b0
[  148.864527][ T6195]  genl_rcv+0x28/0x40
[  148.864559][ T6195]  netlink_unicast+0x780/0x920
[  148.864601][ T6195]  netlink_sendmsg+0x813/0xb40
[  148.864631][ T6195]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.864654][ T6195]  ? tomoyo_socket_sendmsg_permission+0x1e0/0x300
[  148.864688][ T6195]  ? aa_sock_msg_perm+0x122/0x200
[  148.864712][ T6195]  ? __pfx_netlink_sendmsg+0x10/0x10
[  148.864732][ T6195]  sock_sendmsg_nosec+0x13a/0x180
[  148.864764][ T6195]  ____sys_sendmsg+0x55c/0x870
[  148.864806][ T6195]  ? __pfx_____sys_sendmsg+0x10/0x10
[  148.864853][ T6195]  ? import_iovec+0x73/0xa0
[  148.864884][ T6195]  ___sys_sendmsg+0x2a5/0x360
[  148.864918][ T6195]  ? __lock_acquire+0x6b5/0x2d10
[  148.864951][ T6195]  ? __pfx____sys_sendmsg+0x10/0x10
[  148.865024][ T6195]  ? __fget_files+0x2a/0x420
[  148.865051][ T6195]  ? __fget_files+0x3a6/0x420
[  148.865090][ T6195]  __x64_sys_sendmsg+0x1c3/0x2a0
[  148.865131][ T6195]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  148.865178][ T6195]  ? __pfx_ksys_write+0x10/0x10
[  148.865221][ T6195]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.865246][ T6195]  do_syscall_64+0x174/0x580
[  148.865281][ T6195]  ? trace_irq_disable+0x3b/0x140
[  148.865307][ T6195]  ? clear_bhb_loop+0x40/0x90
[  148.865335][ T6195]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  148.865359][ T6195] RIP: 0033:0x7fa9c671ce59
[  148.865382][ T6195] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  148.865400][ T6195] RSP: 002b:00007fa9c496e028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  148.865425][ T6195] RAX: ffffffffffffffda RBX: 00007fa9c6995fa0 RCX: 00007fa9c671ce59
[  148.865441][ T6195] RDX: 0000000000000080 RSI: 0000200000000540 RDI: 0000000000000003
[  148.865456][ T6195] RBP: 00007fa9c496e090 R08: 0000000000000000 R09: 0000000000000000
[  148.865470][ T6195] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  148.865483][ T6195] R13: 00007fa9c6996038 R14: 00007fa9c6995fa0 R15: 00007ffc0be8d768
[  148.865520][ T6195]  </TASK>
[  150.668717][   T60] Bluetooth: hci4: command tx timeout
[  151.631511][ T5599] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  151.766713][   T37] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.806834][ T5599] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  151.824556][ T5599] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  151.824595][ T5599] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  151.824610][ T5599] usb 3-1: Product: syz
[  151.824621][ T5599] usb 3-1: Manufacturer: syz
[  151.824631][ T5599] usb 3-1: SerialNumber: syz
[  151.933387][ T5599] usb 3-1: config 0 descriptor??
[  152.185097][ T5599] usb 3-1: USB disconnect, device number 11
[  152.618467][   T37] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.743236][   T60] Bluetooth: hci4: command 0x040f tx timeout
[  152.781770][    T9] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  152.965569][    T9] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  152.966794][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.966854][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.966884][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  152.968020][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.968077][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.968108][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  152.969210][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.969265][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.969294][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  152.974992][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.975052][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.975082][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  152.978930][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.978998][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.979028][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  152.984870][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.984927][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.984957][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  152.999125][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  152.999188][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  152.999218][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  153.016280][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  153.016345][    T9] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  153.016376][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[  153.036589][    T9] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  153.036625][    T9] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  153.036649][    T9] usb 2-1: Product: syz
[  153.036666][    T9] usb 2-1: Manufacturer: syz
[  153.036681][    T9] usb 2-1: SerialNumber: syz
[  153.251699][    T9] usb 2-1: config 0 descriptor??
[  153.359645][    T9] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  153.462963][ T5599] usb 2-1: USB disconnect, device number 18
[  153.481624][   T37] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.563776][ T5757] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[  153.584231][ T5599] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  153.722479][ T5757] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  153.722571][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  153.722604][ T5757] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  153.722645][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  153.722695][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  153.726227][ T5757] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  153.726277][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  153.726301][ T5757] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  153.726324][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  153.726345][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  153.846678][ T5757] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  153.846742][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  153.846773][ T5757] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  153.846801][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  153.846829][ T5757] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  153.910680][ T5757] usb 4-1: string descriptor 0 read error: -22
[  153.910838][ T5757] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  153.910863][ T5757] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.991887][ T5757] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  154.445116][   T37] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.749599][ T4925] Bluetooth: hci0: hcon ffff888035ffc000 sent 1 < count 10
[  154.749751][ T4925] Bluetooth: hci0: hcon ffff888036c18000 sent 1 < count 16
[  154.749822][ T4925] Bluetooth: hci0: hcon ffff888036c18000 sent 0 < count 5
[  154.749858][ T4925] Bluetooth: hci0: hcon ffff888036c18000 sent 0 < count 23552
[  154.767665][ T6277] qnx6: unable to read the first superblock
[  154.772832][ T6277] random: crng reseeded on system resumption
[  154.835884][   T60] Bluetooth: hci4: command 0x040f tx timeout
[  155.048740][ T6172] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.049013][ T6172] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.072507][ T6172] bridge_slave_0: entered allmulticast mode
[  155.076271][ T6172] bridge_slave_0: entered promiscuous mode
[  155.127332][ T6172] bridge0: port 2(bridge_slave_1) entered blocking state
[  155.127593][ T6172] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.127926][ T6172] bridge_slave_1: entered allmulticast mode
[  155.168701][ T6172] bridge_slave_1: entered promiscuous mode
[  155.334225][ T6172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  155.345138][ T6172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  155.472470][ T6172] team0: Port device team_slave_0 added
[  155.477523][ T6172] team0: Port device team_slave_1 added
[  155.708099][ T6172] batman_adv: batadv0: Adding interface: batadv_slave_0
[  155.708118][ T6172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  155.708144][ T6172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  155.908045][ T6172] batman_adv: batadv0: Adding interface: batadv_slave_1
[  155.908059][ T6172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  155.908080][ T6172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  155.921869][ T5708] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  156.082724][ T5708] usb 3-1: Using ep0 maxpacket: 16
[  156.085395][ T5708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.085435][ T5708] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.085461][ T5708] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  156.085508][ T5708] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  156.085542][ T5708] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.196326][ T5708] usb 3-1: config 0 descriptor??
[  156.343330][ T5599] usb 4-1: USB disconnect, device number 11
[  156.513809][ T5781] usb 2-1: new low-speed USB device number 19 using dummy_hcd
[  156.706872][ T5781] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  156.706933][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  156.706965][ T5781] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  156.706993][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  156.707023][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  156.756825][ T5781] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  156.756882][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  156.756906][ T5781] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  156.756930][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  156.756954][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  156.827627][ T5781] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  156.827688][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  156.827719][ T5781] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  156.827748][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  156.827777][ T5781] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  156.828979][ T5708] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0005/input/input10
[  156.836800][ T5781] usb 2-1: string descriptor 0 read error: -22
[  156.837000][ T5781] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  156.837041][ T5781] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.922513][ T4925] Bluetooth: hci4: command 0x040f tx timeout
[  157.146882][ T6172] hsr_slave_0: entered promiscuous mode
[  157.150333][ T6172] hsr_slave_1: entered promiscuous mode
[  157.167246][ T6172] debugfs: 'hsr0' already exists in 'hsr'
[  157.167278][ T6172] Cannot create hsr debugfs directory
[  157.173513][ T5708] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  157.215936][ T5781] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  157.299774][ T5708] usb 3-1: USB disconnect, device number 12
[  157.460631][ T6294] fido_id[6294]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  157.595457][   T37] bridge_slave_1: left allmulticast mode
[  157.595721][   T37] bridge_slave_1: left promiscuous mode
[  157.596798][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.989781][   T37] bridge_slave_0: left allmulticast mode
[  157.989834][   T37] bridge_slave_0: left promiscuous mode
[  157.990036][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.546860][ T5708] usb 2-1: USB disconnect, device number 19
[  159.733590][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  159.803222][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  159.845606][   T37] bond0 (unregistering): Released all slaves
[  160.263030][ T4925] Bluetooth: Wrong link type (-71)
[  161.831584][ T4925] Bluetooth: hci3: hcon ffff88803571c000 sent 2 < count 10
[  161.831807][ T4925] Bluetooth: hci3: hcon ffff88803bd60000 sent 1 < count 16
[  161.831872][ T4925] Bluetooth: hci3: hcon ffff88803bd60000 sent 0 < count 5
[  161.831907][ T4925] Bluetooth: hci3: hcon ffff88803bd60000 sent 0 < count 23552
[  161.868506][ T6347] random: crng reseeded on system resumption
[  163.119021][ T5271] 8021q: adding VLAN 0 to HW filter on device eth1
[  164.040878][ T5271] 8021q: adding VLAN 0 to HW filter on device eth2
[  164.042570][ T6172] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  164.076350][ T6172] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  164.189010][ T6172] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  164.206238][ T6172] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  164.218897][ T6172] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  164.270991][ T6172] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  164.280148][ T6172] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  164.306696][ T6172] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  164.461716][   T37] hsr_slave_0: left promiscuous mode
[  164.481636][   T37] hsr_slave_1: left promiscuous mode
[  164.489641][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.491073][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.553540][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.553571][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.643759][   T37] veth1_macvtap: left promiscuous mode
[  164.643997][   T37] veth0_macvtap: left promiscuous mode
[  164.644279][   T37] veth1_vlan: left promiscuous mode
[  164.644617][   T37] veth0_vlan: left promiscuous mode
[  165.532714][   T37] team0 (unregistering): Port device team_slave_1 removed
[  165.602261][   T37] team0 (unregistering): Port device team_slave_0 removed
[  166.220737][ T6172] 8021q: adding VLAN 0 to HW filter on device bond0
[  166.298688][ T6172] 8021q: adding VLAN 0 to HW filter on device team0
[  166.338631][ T1437] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.338818][ T1437] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.440407][  T832] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.440604][  T832] bridge0: port 2(bridge_slave_1) entered forwarding state
[  167.004908][ T5271] 8021q: adding VLAN 0 to HW filter on device eth3
[  167.905902][ T6172] 8021q: adding VLAN 0 to HW filter on device batadv0
[  168.113136][ T5271] 8021q: adding VLAN 0 to HW filter on device eth4
[  168.509836][ T6172] veth0_vlan: entered promiscuous mode
[  168.551284][ T6172] veth1_vlan: entered promiscuous mode
[  168.665327][ T6172] veth0_macvtap: entered promiscuous mode
[  168.706037][ T6172] veth1_macvtap: entered promiscuous mode
[  168.771566][ T6172] batman_adv: batadv0: Interface activated: batadv_slave_0
[  168.800270][ T6172] batman_adv: batadv0: Interface activated: batadv_slave_1
[  168.826073][   T37] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  168.826129][   T37] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  168.826169][   T37] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  168.826205][   T37] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  169.662385][   T37] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.662409][   T37] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  169.780787][   T37] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  169.780813][   T37] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  170.804514][ T6460] ieee802154 phy0 wpan0: encryption failed: -22
[  172.641813][   T39] audit: type=1326 audit(1780615881.606:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6464 comm="syz.4.213" exe="/root/ci-upstream-rust-kasan-gce/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f525da4ce59 code=0x0
[  172.878358][ T6502] random: crng reseeded on system resumption
[  173.255798][ T4925] Bluetooth: hci3: unexpected event 0x2f length: 1017 > 260
[  174.078041][ T1262] Process accounting resumed
[  174.402344][ T6514] Process accounting resumed
[  174.708533][ T6541] netlink: 196 bytes leftover after parsing attributes in process `syz.4.240'.
[  176.774728][ T6586] netlink: 8 bytes leftover after parsing attributes in process `syz.1.259'.
[  176.815938][ T6586] block nbd0: reconnected socket
[  176.815963][ T6586] nbd: socks must be embedded in a SOCK_ITEM attr
[  176.849844][ T4925] block nbd0: Receive control failed (result -32)
[  178.007232][ T6608] netlink: 8 bytes leftover after parsing attributes in process `syz.2.268'.
[  178.007448][ T6608] block nbd0: reconnected socket
[  178.007478][ T6608] nbd: socks must be embedded in a SOCK_ITEM attr
[  178.025532][ T4925] block nbd0: Receive control failed (result -32)
[  178.282227][ T6610] 9pnet_virtio: no channels available for device syz
[  178.814263][ T6626] loop4: detected capacity change from 0 to 7
[  179.313909][ T6626]  loop4: [CUMANA/ADFS] p1 [ADFS] p1
[  179.313943][ T6626] loop4: partition table partially beyond EOD, truncated
[  179.370007][ T6626] loop4: p1 size 2989602745 extends beyond EOD, truncated
[  179.610843][ T6641] netlink: 8 bytes leftover after parsing attributes in process `syz.3.279'.
[  179.631556][ T6641] block nbd0: reconnected socket
[  179.631578][ T6641] nbd: socks must be embedded in a SOCK_ITEM attr
[  179.634926][ T4925] block nbd0: Receive control failed (result -32)
[  179.696947][ T6444] 
[  179.696960][ T6444] ======================================================
[  179.696969][ T6444] WARNING: possible circular locking dependency detected
[  179.697005][ T6444] syzkaller #0 Tainted: G             L     
[  179.697017][ T6444] ------------------------------------------------------
[  179.697026][ T6444] udevd/6444 is trying to acquire lock:
[  179.697039][ T6444] ffff888037fb1938 ((wq_completion)loop4){+.+.}-{0:0}, at: touch_wq_lockdep_map+0xb5/0x180
[  179.697108][ T6444] 
[  179.697108][ T6444] but task is already holding lock:
[  179.697116][ T6444] ffff888026f604c8 (&disk->open_mutex#4){+.+.}-{4:4}, at: bdev_release+0x1af/0x660
[  179.697200][ T6444] 
[  179.697200][ T6444] which lock already depends on the new lock.
[  179.697200][ T6444] 
[  179.697208][ T6444] 
[  179.697208][ T6444] the existing dependency chain (in reverse order) is:
[  179.697217][ T6444] 
[  179.697217][ T6444] -> #5 (&disk->open_mutex#4){+.+.}-{4:4}:
[  179.697258][ T6444]        mutex_lock_nested+0x5a/0x1d0
[  179.697288][ T6444]        bdev_open+0xe0/0xcc0
[  179.697321][ T6444]        bdev_file_open_by_dev+0x1be/0x240
[  179.697353][ T6444]        swsusp_check+0x56/0x490
[  179.697375][ T6444]        software_resume+0x51/0x4c0
[  179.697413][ T6444]        resume_store+0x333/0x4f0
[  179.697430][ T6444]        kernfs_fop_write_iter+0x3b0/0x540
[  179.697465][ T6444]        vfs_write+0x629/0xba0
[  179.697498][ T6444]        ksys_write+0x156/0x270
[  179.697526][ T6444]        do_syscall_64+0x174/0x580
[  179.697562][ T6444]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.697584][ T6444] 
[  179.697584][ T6444] -> #4 (system_transition_mutex){+.+.}-{4:4}:
[  179.697615][ T6444]        mutex_lock_nested+0x5a/0x1d0
[  179.697643][ T6444]        lock_system_sleep+0x49/0x70
[  179.697680][ T6444]        resume_store+0x2ff/0x4f0
[  179.697707][ T6444]        kernfs_fop_write_iter+0x3b0/0x540
[  179.697751][ T6444]        vfs_write+0x629/0xba0
[  179.697784][ T6444]        ksys_write+0x156/0x270
[  179.697822][ T6444]        do_syscall_64+0x174/0x580
[  179.697853][ T6444]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.697879][ T6444] 
[  179.697879][ T6444] -> #3 (&of->mutex){+.+.}-{4:4}:
[  179.697918][ T6444]        mutex_lock_nested+0x5a/0x1d0
[  179.697940][ T6444]        kernfs_seq_start+0x5c/0x420
[  179.697970][ T6444]        seq_read_iter+0x3f8/0xe20
[  179.698012][ T6444]        copy_splice_read+0x605/0xab0
[  179.698043][ T6444]        splice_direct_to_actor+0x483/0xc80
[  179.698079][ T6444]        do_splice_direct+0x19b/0x2a0
[  179.698118][ T6444]        do_sendfile+0x547/0x7e0
[  179.698151][ T6444]        __se_sys_sendfile64+0x144/0x1a0
[  179.698177][ T6444]        do_syscall_64+0x174/0x580
[  179.698207][ T6444]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.698227][ T6444] 
[  179.698227][ T6444] -> #2 (&p->lock){+.+.}-{4:4}:
[  179.698258][ T6444]        mutex_lock_nested+0x5a/0x1d0
[  179.698287][ T6444]        seq_read_iter+0xb8/0xe20
[  179.698317][ T6444]        lo_rw_aio+0xc80/0xf00
[  179.698344][ T6444]        loop_process_work+0x92a/0x11b0
[  179.698372][ T6444]        process_one_work+0x98b/0x1630
[  179.698398][ T6444]        worker_thread+0xb49/0x1140
[  179.698427][ T6444]        kthread+0x388/0x470
[  179.698447][ T6444]        ret_from_fork+0x514/0xb70
[  179.698469][ T6444]        ret_from_fork_asm+0x1a/0x30
[  179.698501][ T6444] 
[  179.698501][ T6444] -> #1 ((work_completion)(&worker->work)){+.+.}-{0:0}:
[  179.698531][ T6444]        process_one_work+0x8d7/0x1630
[  179.698559][ T6444]        worker_thread+0xb49/0x1140
[  179.698601][ T6444]        kthread+0x388/0x470
[  179.698621][ T6444]        ret_from_fork+0x514/0xb70
[  179.698645][ T6444]        ret_from_fork_asm+0x1a/0x30
[  179.698671][ T6444] 
[  179.698671][ T6444] -> #0 ((wq_completion)loop4){+.+.}-{0:0}:
[  179.698701][ T6444]        __lock_acquire+0x15a5/0x2d10
[  179.698731][ T6444]        lock_acquire+0x106/0x350
[  179.698753][ T6444]        touch_wq_lockdep_map+0xcb/0x180
[  179.698773][ T6444]        __flush_workqueue+0x14b/0x14f0
[  179.698796][ T6444]        drain_workqueue+0xd3/0x390
[  179.698815][ T6444]        lo_release+0x287/0x8f0
[  179.698842][ T6444]        bdev_release+0x541/0x660
[  179.698872][ T6444]        blkdev_release+0x15/0x20
[  179.698900][ T6444]        __fput+0x461/0xa70
[  179.698922][ T6444]        fput_close_sync+0x11f/0x240
[  179.698950][ T6444]        __x64_sys_close+0x7e/0x110
[  179.698974][ T6444]        do_syscall_64+0x174/0x580
[  179.699004][ T6444]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.699024][ T6444] 
[  179.699024][ T6444] other info that might help us debug this:
[  179.699024][ T6444] 
[  179.699032][ T6444] Chain exists of:
[  179.699032][ T6444]   (wq_completion)loop4 --> system_transition_mutex --> &disk->open_mutex#4
[  179.699032][ T6444] 
[  179.699078][ T6444]  Possible unsafe locking scenario:
[  179.699078][ T6444] 
[  179.699085][ T6444]        CPU0                    CPU1
[  179.699092][ T6444]        ----                    ----
[  179.699099][ T6444]   lock(&disk->open_mutex#4);
[  179.699125][ T6444]                                lock(system_transition_mutex);
[  179.699143][ T6444]                                lock(&disk->open_mutex#4);
[  179.699176][ T6444]   lock((wq_completion)loop4);
[  179.699192][ T6444] 
[  179.699192][ T6444]  *** DEADLOCK ***
[  179.699192][ T6444] 
[  179.699198][ T6444] 1 lock held by udevd/6444:
[  179.699211][ T6444]  #0: ffff888026f604c8 (&disk->open_mutex#4){+.+.}-{4:4}, at: bdev_release+0x1af/0x660
[  179.699290][ T6444] 
[  179.699290][ T6444] stack backtrace:
[  179.699306][ T6444] CPU: 0 UID: 0 PID: 6444 Comm: udevd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  179.699336][ T6444] Tainted: [L]=SOFTLOCKUP
[  179.699344][ T6444] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  179.699364][ T6444] Call Trace:
[  179.699377][ T6444]  <TASK>
[  179.699390][ T6444]  dump_stack_lvl+0xe8/0x150
[  179.699415][ T6444]  print_circular_bug+0x2e1/0x300
[  179.699447][ T6444]  check_noncircular+0x12e/0x150
[  179.699491][ T6444]  __lock_acquire+0x15a5/0x2d10
[  179.699529][ T6444]  ? __bfs+0x153/0x290
[  179.699553][ T6444]  ? __pfx_hlock_conflict+0x10/0x10
[  179.699596][ T6444]  ? touch_wq_lockdep_map+0xb5/0x180
[  179.699616][ T6444]  lock_acquire+0x106/0x350
[  179.699645][ T6444]  ? touch_wq_lockdep_map+0xb5/0x180
[  179.699672][ T6444]  ? touch_wq_lockdep_map+0xb5/0x180
[  179.699693][ T6444]  touch_wq_lockdep_map+0xcb/0x180
[  179.699724][ T6444]  ? touch_wq_lockdep_map+0xb5/0x180
[  179.699746][ T6444]  __flush_workqueue+0x14b/0x14f0
[  179.699774][ T6444]  ? do_raw_spin_lock+0x12b/0x2f0
[  179.699810][ T6444]  ? __pfx___flush_workqueue+0x10/0x10
[  179.699843][ T6444]  drain_workqueue+0xd3/0x390
[  179.699872][ T6444]  lo_release+0x287/0x8f0
[  179.699901][ T6444]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  179.699939][ T6444]  ? __pfx_lo_release+0x10/0x10
[  179.699979][ T6444]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  179.700016][ T6444]  ? reacquire_held_locks+0x104/0x190
[  179.700045][ T6444]  ? rt_spin_lock+0x1e0/0x400
[  179.700076][ T6444]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  179.700108][ T6444]  ? rt_spin_unlock+0x14f/0x200
[  179.700136][ T6444]  ? rt_spin_unlock+0x160/0x200
[  179.700179][ T6444]  ? __pfx_lo_release+0x10/0x10
[  179.700215][ T6444]  bdev_release+0x541/0x660
[  179.700256][ T6444]  ? __pfx_blkdev_release+0x10/0x10
[  179.700282][ T6444]  blkdev_release+0x15/0x20
[  179.700302][ T6444]  __fput+0x461/0xa70
[  179.700332][ T6444]  fput_close_sync+0x11f/0x240
[  179.700357][ T6444]  ? __pfx_fput_close_sync+0x10/0x10
[  179.700384][ T6444]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.700408][ T6444]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.700436][ T6444]  __x64_sys_close+0x7e/0x110
[  179.700463][ T6444]  do_syscall_64+0x174/0x580
[  179.700500][ T6444]  ? trace_irq_disable+0x3b/0x140
[  179.700524][ T6444]  ? clear_bhb_loop+0x40/0x90
[  179.700547][ T6444]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  179.700569][ T6444] RIP: 0033:0x7f515607b407
[  179.700588][ T6444] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  179.700609][ T6444] RSP: 002b:00007ffd5aa1c8c0 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[  179.700638][ T6444] RAX: ffffffffffffffda RBX: 00007f5155f8d880 RCX: 00007f515607b407
[  179.700656][ T6444] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008
[  179.700669][ T6444] RBP: 00007f5155f8d6e8 R08: 0000000000000000 R09: 0000000000000000
[  179.700694][ T6444] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000002
[  179.700707][ T6444] R13: 00005653df2f9190 R14: 0000000000000008 R15: 00005653df2fead0
[  179.700737][ T6444]  </TASK>
[  180.095567][ T6649] evm: overlay not supported
[  180.263121][ T6444] udevd[6444]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory