last executing test programs: 2.611398664s ago: executing program 3 (id=798): r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7fff, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000200)={0x1, @vbi={0x0, 0x0, 0x32315842, 0x0, [0x0, 0x500]}}) 2.472946316s ago: executing program 3 (id=799): r0 = socket$can_j1939(0x1d, 0x2, 0x7) getsockopt$sock_int(r0, 0x1, 0x2f, 0x0, &(0x7f0000000240)=0x700) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r1, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0xffff, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, &(0x7f0000000040)=0x84) listen(r1, 0x8) mount(&(0x7f0000000080)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000000)='adfs\x00', 0x204000, 0x0) 2.325179407s ago: executing program 3 (id=801): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$netlink(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20048000) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB, @ANYRES8, @ANYRES16=r2, @ANYRESOCT], 0x34}, 0x1, 0x0, 0x0, 0x94}, 0x0) 2.222114323s ago: executing program 3 (id=804): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), r0) sendmsg$MPTCP_PM_CMD_GET_ADDR(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, r1, 0x9, 0x70bd26, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e22}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x884}, 0x4080) socket$alg(0x26, 0x5, 0x0) socket$key(0xf, 0x3, 0x2) r2 = add_key$keyring(&(0x7f0000000640), &(0x7f0000000680)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffc) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$SNDCTL_SYNTH_ID(r3, 0xc08c5114, &(0x7f0000000e80)={"ffcd295cd5dbaed6b1c60507c1c7d38a2e4ec94cc4999b640e8afe8eca1f", 0x80000001}) pipe2$watch_queue(&(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80) r5 = socket$can_raw(0x1d, 0x3, 0x1) getsockopt$CAN_RAW_FD_FRAMES(r5, 0x65, 0x8, 0x0, &(0x7f0000002140)) r6 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, r2) keyctl$KEYCTL_WATCH_KEY(0x20, r6, r4, 0x100000009c) r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x10b942, 0x0) ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000380)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r7, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r8, 0x0, 0x0}) ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000140)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r7, 0x3ba0, &(0x7f0000000080)={0x48, 0xa, r9, 0x0, r10}) r11 = fsopen(&(0x7f00000001c0)='ceph\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r11, 0x1, &(0x7f00000000c0)='t;st_du_enc\x89yption', &(0x7f0000000080)='v1to_da_alloc', 0x0) r12 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r12, 0xc008561c, &(0x7f0000000000)={0xf0f003, 0x6}) keyctl$KEYCTL_WATCH_KEY(0x20, r2, r4, 0x4c) syz_emit_vhci(&(0x7f0000000300)=ANY=[@ANYBLOB="84134f2f24c05fadb088af8703fcdc020f69cebe54fd2764e166e618a45a34057eccc62408ea1385c231f6e7d33db44412e23e2312047dca6f27563c2448e2ee09676cf50e09cf2bb78a61b72e6c5e7ff282d261391f582c328d12b16d5e52c8cd9a56d857d4d5952858a9c8151ed0cb398a2ff2b8af6e4ec4cd88ba7154286195676a5b90050698060949f8a19b85325186a6063a7fc1ebf91682303c8f1fd019f903b6a9651cf3772e1e0ed6bb8b9010", @ANYRESHEX=r12], 0x2) 2.041204019s ago: executing program 1 (id=806): creat(&(0x7f0000001380)='./file0\x00', 0x12c) mount(&(0x7f0000000080)=@sr0, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='affs\x00', 0x4c00a, 0x0) 1.987559147s ago: executing program 3 (id=807): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)=[{0x0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x28801, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = socket$key(0xf, 0x3, 0x2) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4}, 0xb, &(0x7f00000003c0)={&(0x7f0000000440)=@getsadinfo={0x1c8, 0x23, 0x100, 0x70bd2d, 0x25dfdbfb, 0x0, [@XFRMA_SET_MARK={0x8, 0x1d, 0x2}, @migrate={0xe8, 0x11, [{@in6=@empty, @in6=@private0, @in=@empty, @in=@multicast2, 0x3c, 0x2, 0x0, 0x3503, 0x2, 0xa}, {@in6=@local, @in6=@empty, @in=@dev={0xac, 0x14, 0x14, 0xd}, @in=@multicast2, 0x32, 0x0, 0x0, 0x3504, 0x2, 0xa}, {@in=@broadcast, @in6=@dev={0xfe, 0x80, '\x00', 0x15}, @in=@multicast2, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2b, 0x2, 0x0, 0x34ff, 0xa, 0x2}]}, @tfcpad={0x8, 0x16, 0x7}, @algo_auth_trunc={0xaa, 0x14, {{'blake2s-160-arm\x00'}, 0x2f0, 0xa0, "df3a9aea80789517c60c6f441b62bfbbaac81456710d38b1919f880d4c685225479d21409f3fbee6987bebf9a2840a88579095bd8e1f7ca77905b069ede2c37db577c357cb675ccc9cd77bcee7b08432b363b98ed1745f42ac94247bc886"}}, @tfcpad={0x8, 0x16, 0x8}, @tfcpad={0x8, 0x16, 0x9}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x8084}, 0x10) sendmsg$key(r3, &(0x7f0000000000)={0x0, 0x3, &(0x7f0000000080)={&(0x7f0000000280)={0x2, 0x3, 0x2, 0x9, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x33, 0x0, 0xe, @in6={0xa, 0x4e20, 0x4, @private0, 0x3}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0xa, 0x40, 0x2}, @sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x0, @multicast1}}]}, 0x60}}, 0x0) close(r2) ioctl$KVM_CHECK_EXTENSION(r1, 0xae01, 0x1) syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000bff000/0x400000)=nil) ioctl$KVM_SET_MEMORY_ATTRIBUTES(r2, 0x4020aed2, &(0x7f0000000040)={0x742000, 0x399000, 0x8}) r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, &(0x7f0000000300)={0x4376ea830d4d549b, 0x0, [0xffffffffffffffff, 0x7, 0x1000000, 0x0, 0x5, 0x3, 0xfffffffffffffffc, 0x800000]}) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f00000ab000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="36d0e866b8970000000f23c80f21f866350c00a0000f23f89d0f326635000400000f302e8dcc0f23742e3b5753baf80466b8f494f78e66efbafc0c66b83ac80000666fda6509", 0x46}], 0x1, 0x1a, 0x0, 0x0) ioctl$KVM_RUN(r5, 0xae80, 0x0) ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000001c0)={[0xfffffffffffffffe, 0x6, 0x4, 0xc3, 0x3, 0x9, 0x0, 0x10000, 0x8, 0x7, 0x2ff, 0xc21, 0x8, 0x0, 0x8, 0xacc], 0xf000, 0x241800}) sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) 1.929203243s ago: executing program 0 (id=809): mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000080)='xfs\x00', 0x1200051, 0x0) (async) socket(0x26, 0x0, 0x9) 1.771759571s ago: executing program 1 (id=811): r0 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000280)={0x18, 0x1409, 0x1, 0x70bd29, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x4000}]}, 0x18}, 0x1, 0x0, 0x0, 0x80}, 0x40040000) 1.440448815s ago: executing program 1 (id=814): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) (async) r1 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x18, 0x0) (async) r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0) setsockopt$rose(r2, 0x104, 0x3, &(0x7f0000000000), 0x4) (async) landlock_restrict_self(r1, 0x0) (async, rerun: 32) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (rerun: 32) ioctl$KVM_CREATE_VM(r3, 0x5451, 0x0) (async) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000000)={0x0, 0x0}, &(0x7f0000000080)=0xc) setreuid(0x0, r5) mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0x5a051feb1f984a1d, 0x202812, r0, 0x7dfff000) 1.377307165s ago: executing program 0 (id=815): r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0) ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, 0x0}) ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f0000000440)={0x48, 0x1, r1, 0x0, 0x97, 0x8000000}) setrlimit(0x40000000000008, &(0x7f0000000000)={0x4848, 0xfffffffffffff006}) capset(&(0x7f0000a31000)={0x20080522}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x800}) ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000140)={0x28, 0x6, r1, 0x0, &(0x7f0000ff6000/0xa000)=nil, 0xa000}) newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x6000) setresuid(0xee01, 0x0, 0x0) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) syz_pidfd_open(r2, 0x0) ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f00000002c0)={0x68, 0x2, r1, 0xffffff00, 0x0, 0x0, 0x0, 0x1}) 1.330049805s ago: executing program 1 (id=816): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/seq/clients\x00', 0x0, 0x0) read$hiddev(r0, &(0x7f00000000c0)=""/4078, 0xfee) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r2 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0700100000004000000060ec97000fc83cf5fe8000000000000000000000000000aaff02000000000000000000000000000106"], 0xffe) 1.233335488s ago: executing program 0 (id=818): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2a000, 0x0) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x9e) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x7) ioctl$TIOCSLCKTRMIOS(r0, 0x5457, &(0x7f0000000100)) memfd_secret(0x80000) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x141b82, 0x0) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r2, 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) r4 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c) listen(r4, 0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e22, @loopback}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r7, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}, 0x1, 0x200000000000000}, 0x0) write$cgroup_int(r1, &(0x7f0000000000)=0x800, 0x12) ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000400)=0x6f) mount(0x0, 0x0, 0x0, 0x208002, 0x0) 1.196817683s ago: executing program 2 (id=819): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000100)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="000086dd000411000400600000006eec00be10a42f01fe8000000000000000000000000000aaff020000000000000000000000000001330022eb"], 0x10da) 1.125708084s ago: executing program 3 (id=820): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) gettid() r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x7, 0x7fc00100}]}) socket$inet6_tcp(0xa, 0x1, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r2 = socket(0x1000000000000010, 0x80802, 0x0) sendmsg(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000540)="5500000018007fd500fe01b2a4a280930a46000000a843089100fe801100080008000c00085540002d000f009b2c136ef75afb83de448daa72540d8102d2c55327c43ab82286ef1fdd20642383656d4d2449155037", 0x55}], 0x1}, 0x20000004) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000380)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f00000000c0)) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x800, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040)) syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) close(r4) socket$inet6_tcp(0xa, 0x1, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0) write$uinput_user_dev(r5, &(0x7f0000000b00)={'syz0\x00', {0x5, 0x7, 0x3, 0x7}, 0x3e, [0x2, 0x9, 0x0, 0x1, 0xc, 0xea45, 0xd, 0x1, 0x0, 0x0, 0x800008, 0xc, 0x3, 0x0, 0x1, 0xb, 0x93f, 0x7fffffff, 0x51, 0x5, 0x803, 0xfffffffa, 0x3ff, 0x2, 0x7, 0xffffffff, 0x3, 0x1, 0x8, 0x6, 0x9, 0x7, 0x9, 0x4, 0x2, 0x1, 0x5, 0x4, 0x10000, 0x4, 0xa, 0x8, 0x0, 0x8, 0x0, 0x2, 0xffff, 0x6, 0x939, 0x5, 0x9, 0x2, 0x4f, 0x40004, 0xfffffff7, 0x7fff, 0x6, 0x5, 0x2, 0x56f00ca9, 0x5, 0x2a, 0x1, 0x22], [0x1, 0x9, 0x9, 0x1, 0x5, 0xe, 0x800, 0xc, 0xfffffffa, 0x2329, 0xfd8, 0x1, 0x5, 0x5, 0x0, 0x24e, 0x1, 0xfffffff7, 0x2, 0x3, 0x5, 0x9, 0x82, 0x4000008, 0x1, 0x40, 0xa3, 0x8, 0xffffffff, 0x5, 0x10000, 0x1, 0xffffff00, 0x7ff, 0x6, 0x7, 0x0, 0xa9, 0x101, 0x10, 0x2, 0x7, 0x7, 0x8, 0x5, 0x8000, 0x800, 0x5, 0xc5, 0x6, 0x1, 0x9, 0x8, 0x3, 0xfffffff7, 0x6, 0x24b, 0x1fd, 0x2a0, 0x5, 0x6, 0x8, 0x7, 0x80000007], [0x2, 0x9, 0x1a9e1bfa, 0xfffffffc, 0x8, 0x6, 0x5, 0x8001, 0x7, 0x1, 0x2, 0x7fffffff, 0x8000, 0x4, 0x1, 0x5, 0x4, 0x2, 0x2b0, 0x5, 0x97f82544, 0x8, 0x0, 0x9, 0x5, 0x5, 0x4, 0x9, 0xc93, 0xffffff3c, 0x8b2, 0x7, 0x0, 0xff, 0x0, 0x2, 0x2, 0xb, 0x9, 0x6, 0x7, 0x7c13, 0x1, 0x1, 0x7, 0xff, 0xe, 0xf3, 0x4, 0x8, 0x0, 0xffffff00, 0x100, 0x7, 0x2, 0x0, 0x9, 0xdd, 0xfe83, 0x9, 0xc3, 0x7751c64, 0x800007a3], [0xb, 0x3889, 0xffff9a7f, 0x200, 0x3, 0x2, 0x3, 0x1, 0x5, 0x4, 0x3, 0x1f, 0x3, 0x6, 0x6, 0x2, 0x9, 0x7, 0x2, 0x66608000, 0x9, 0x7ff, 0x6, 0x5, 0xa476, 0x5, 0x9, 0xffff, 0xd, 0x0, 0xfff7ff81, 0x5, 0x10001, 0x61, 0x10, 0x1000, 0x8, 0x100, 0x1, 0x20000000, 0x8, 0x1d, 0x4000b329, 0xec000000, 0x2, 0x1904, 0x4, 0x9, 0x8, 0x7ff, 0x80, 0x5, 0xfffffffb, 0x7, 0x6e79, 0x8, 0x10000, 0x9371, 0x4f89, 0x7, 0x580, 0x10001, 0x80, 0x8]}, 0x45c) ioctl$DRM_IOCTL_CONTROL(r5, 0x40086414, &(0x7f0000000140)={0x1, 0x3}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r5, 0x0) inotify_add_watch(r5, 0x0, 0x71000b9a) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r0, 0x2000) 1.037343572s ago: executing program 1 (id=821): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$netlink(0xffffffffffffffff, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @loopback}, 0x1c) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$kcm(0xffffffffffffffff, 0x0, 0x20048000) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000140)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB, @ANYRES8, @ANYRES16=r2, @ANYRESOCT], 0x34}, 0x1, 0x0, 0x0, 0x94}, 0x0) 1.035105711s ago: executing program 0 (id=822): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000280), 0x800c42, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x2000, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0) openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff) openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x101801, 0x0) syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) openat$mice(0xffffffffffffff9c, &(0x7f0000000040), 0x80882) openat(0xffffffffffffffff, &(0x7f0000000100)='./file0\x00', 0x0, 0x100) openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x60) open(&(0x7f00000001c0)='.\x00', 0x141400, 0xf00000000000000) 987.390413ms ago: executing program 1 (id=823): mount(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='hfs\x00', 0x300000, 0x0) prctl$PR_SET_SECUREBITS(0x1c, 0x1a) r0 = socket$inet_icmp(0x2, 0x2, 0x1) setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x7, 0x4, 0x3a0, 0x1d0, 0x1d0, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@arp={@private=0xa010101, @remote, 0x0, 0xff, 0x0, 0x6, {@mac=@broadcast, {[0xff, 0xff, 0x0, 0xff]}}, {@mac=@broadcast, {[0x1fe, 0xff, 0xff, 0x0, 0xff]}}, 0x5, 0x1, 0x6, 0x800, 0x2, 0x400, 'veth0_to_bond\x00', 'veth0_virt_wifi\x00', {0xff}, {0xff}, 0x0, 0x111}, 0xc0, 0xe8}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x7}}}, {{@arp={@remote, @empty, 0xffffff00, 0xff000000, 0x10, 0xc, {@empty, {[0xff, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, 0x27e, 0x6, 0xb4, 0xb, 0x7, 0x8001, 'macvlan1\x00', 'sit0\x00', {}, {0xff}, 0x0, 0x412}, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x6}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x31}, @local, 0xff, 0x0, 0xd, 0x2, {@empty, {[0xff, 0x0, 0xff, 0xff, 0x0, 0xff]}}, {@mac=@remote, {[0xff, 0x0, 0x0, 0x0, 0xff]}}, 0x3e53, 0x7, 0x100, 0x2, 0x7ff, 0x22, 'caif0\x00', 'veth0\x00', {}, {}, 0x0, 0x40}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0) lsetxattr$security_evm(&(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0), &(0x7f0000000100)=@md5={0x1, "1e7fec4bde00881bab48e2df6ae9c66c"}, 0x11, 0x1) statx(0xffffffffffffffff, 0x0, 0x6000, 0x40, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000902, r1, 0x0) ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000100)=0x22) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009e602206d0414c340000000000109022400010400a000090480000103010100093700086ce82201000905815f"], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, 0x0, &(0x7f0000000480)={0x2c, &(0x7f0000000380)=ANY=[@ANYBLOB="200900000000f1e8c8fe2fcdda626fa530b6af68aa181ac3beee12728958765fd59c28ce6b3e810d50c0717eb90553e04ffd3c54b5ae744ebbb4351595641e1ce3b4803256458b71fdbe7414db6bd35f9f19e720d9e2e1baa7592f82d9e520234459897a19ec220d43721f67c31a58dff80bbfeaa2591478d3ff2653db263d77d54f2321286075881cee42978899427030c4"], 0x0, 0x0, 0x0, 0x0}) 918.071897ms ago: executing program 0 (id=824): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) (async) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) (async) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000140)={0x1, [0x0]}, &(0x7f0000000240)=0x8) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={r2}, &(0x7f0000000240)=0x8) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x2}, 0xe) (async) bind$bt_l2cap(r3, &(0x7f00000002c0)={0x1f, 0x0, @any, 0xfffa}, 0xe) (async) mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='gfs2\x00', 0x200000, 0x0) r4 = socket$inet_sctp(0x2, 0x5, 0x84) close(r4) (async) select(0x40, &(0x7f0000001900)={0x4, 0x27fe, 0x80, 0xf, 0x7, 0x6a2a, 0x3, 0x9}, 0x0, 0x0, 0x0) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x10, r0, 0x45b81000) (async) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r5, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f00000001c0)={0x1, [0x0]}, &(0x7f0000000240)=0x8) sendmsg$inet_sctp(r4, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=[@sndinfo={0x20, 0x84, 0x2, {0x6, 0x4, 0x28, 0x200000b, r6}}], 0x20, 0x6044}, 0x6) symlink(&(0x7f0000000080)='./cgroup\x00', &(0x7f00000000c0)='./cgroup\x00') 873.366395ms ago: executing program 2 (id=825): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0) ioctl$HIDIOCGRDESC(0xffffffffffffffff, 0x90044802, &(0x7f0000000980)={0x550, "5c16ce5dbbc08cabc01c7cc2bcd08838b634e037b9dfd22ccedeeef216246201702483c2187499271cd308a6443da943e706de8d603b1635cb871a4cd45229f615b4b74714cb235a2ad90c104c389896c8a55d85987a9f39c2b999844da0d4df4c3a38a1f27a1b5edcb48fccf70a6fb9b1ad1df524824056a914aa9b476efe84dbe6733f2be92de2b20a76954811cc96e3a79685adfcc177a9e7aca859c78ea80a45b37a4b4f4d313f3d893bb2aaf36d9152f10fa09ad8a0276d29e3920c9032ad2339efca5abaf5cffd58b603fe74790d3b4ece6f935a1c4c868fffaae0286dbc6a7e1df4f0faaf3d2653628934e3004f825ada079a3382db94297111dfb120dab5cb00a4c30eaf66ce3f35ec7be9e9804659bcdafb9e1be67e61221a4bef6275bf364955192537f69dd4265b370be66a80c44da0fdcd982655374d3fb407fdeadbdbb7e0c0913376320cf7c2208ad4f1dd8f4c0f131aeef6e9359281519a0e1fcdc951fc91627cd790dcc4964a3f834943d1b8dda19017dc658bfb7878c5ffdaec83442275e752f86ee6b8babce03eec37f8872bb57e613e676cb6bb5ee631f39b0000e068027851e133d5e05590f7e7d6083b8bb7d89650f311fa1db5e29d66f07595c0cf55e373819e5970d74401c2aa65593cd536f4c46473ae1b1dd5ef8bb5b0f7c718828568ead5e53d162cb50f2340fbd0351b8d765fe58b14d58e4d77328335e0ed007449d3b41f9ded7187a970f1754a712285876077d30ae047bdf20777936a769b17061a9458addfab43752fcf228612cd1da2f2164712c7335e1b23b4c9bb1d921d0aee169b813d1daacf2cd7d2b2c2e7a2f5c57e93cd4cbce6eabf3b4a0c9bbeda0b72abf2630a89514200058330cfbe315ac583f3e8f94cafa8cc06e92d76c9adeae40ccf3922bbac05b87ae47f38aab2d912babb0be3b3f5f2a37e0c524f0fa93b4a77b9ee54f4afd75020997a80a2c431ea658176b434dc322077fbb5a616b44be0c008048c6e944a84e69a180026fff71e1ce5c86e5c20e836ea904369b7e8fe3bfabbc0e7b3b997213a5ef4898f2c6d14922eadcbbe36fbc29e8c4a1d675acaff9a983508421fa0684124cfb98d28e272b6462b2d201eabe260bccf0567f283df167ad17e5954f940d5e727c592e79d951a3e38d64c67adf44cc31381c20b43f654a07cf6c782e076febc64efa06eb1345f277a335ef75f9b2c7c96c0714e7134fb6a0fb6353c2d437c1546abb7a5596c95c63d526dfe1079495a9c5606b4cf2fecdf2bf3dfb6306d1aa7e6fa0fef0321324b844120a687e0705ba4116c20e4e6097ddc95b7a5d382ef8d1f6c3e069271ddf80a8963137ca0a21d2addfc79550eaefccbb5387d2003d8549d46bef219d6db3981ca8b4980cec90810ff521e6dded7d7a2a8ac4857e0bd1545c1cbf64f6bf1b61aa618a75498211bc6f601e00da0ea73833ec3a50d03fe294422b4b74edcf9b84d18a5a91016fe01f4259c01a980cc271e702fe3c8113b9c9105f92b56f68e3197a76ee509a9389dffaa4afbd1737b5754658b5c8bedf01cf92f0e386b288169750a443fb464abdea96563e9416653fc15ecba0768511077eeb845f8aee907054b56742843a4d7e78ce1c2bdbfedc543a5e896e32ee09cd06d6a73a9a7e676ffa65e51fbdae536d6c579171add19bcb489a1ebf0d25fb3221d8cb461e6637ad7c9987ca2640fccfc29de4749793e63410394daa5138123d2ece80e573fd90197f51764e04a26ec05cb67f3a8d726a5155b3d769102fab24941bbb22c31289ae2bb559e9febd5ed1065556a0640c624df0a0e55eff775319c9b68bb33cb73216127b81af5c584ffb3d05ad7ff970ee5fe44bbacf02ef6b016021b249320c56694957a901719b2a17e0548edf86651b24f194b6006"}) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000280)=ANY=[@ANYBLOB='\t\x00\x00\x00\x00\x00\x00\x004\x00']) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setreuid(0x0, r5) fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_access\x00', 0x0, 0x0, 0x3) 746.622477ms ago: executing program 2 (id=826): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)={0x30, r1, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_BSS_BASIC_RATES={0x4}, @NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x30}, 0x1, 0x0, 0x0, 0xd0}, 0x600) 638.48109ms ago: executing program 2 (id=827): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_FLOWTABLE_HOOK={0x4}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x78}}, 0x0) (fail_nth: 10) 149.012646ms ago: executing program 2 (id=828): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8) (async) r1 = socket$l2tp6(0xa, 0x2, 0x73) setsockopt$inet6_opts(r1, 0x29, 0x37, &(0x7f0000000140)=@fragment={0xb6, 0x0, 0x92, 0x0, 0x0, 0x1b, 0x65}, 0x8) r2 = socket$nl_crypto(0x10, 0x3, 0x15) connect$inet6(r0, &(0x7f00000009c0)={0xa, 0x4e22, 0x5, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, 0xfb}, 0x1c) (async) sendmsg$nl_crypto(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000700)=@getstat={0xe0, 0x15, 0x1, 0x70bd2a, 0x25dfdbfc, {{'ecb(cast5)\x00'}, '\x00', '\x00', 0x1400, 0x2600}}, 0xe0}, 0x1, 0x0, 0x0, 0x40}, 0x8800) (async) sendto$inet6(r1, 0x0, 0x0, 0x400c0, &(0x7f00000001c0)={0xa, 0xcaa1, 0x0, @local, 0xd}, 0x1c) (async) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c) (async, rerun: 32) r3 = socket$inet6(0xa, 0x1, 0x8010000000000084) (rerun: 32) sendto$inet6(r0, &(0x7f00000002c0)="811b660373f754b40cae74246b61b73014516e26c4e3afa9a2cf87144f16f8ca4d7827b3ee020cf11ade79ad95d5ef94baa0725ac65c4e6821d3d72b0e1bf3de5cbcded50673dfe7ffa3762e7aff315c1e3b6ae9815aeef620b61a36b04acb0fafb1ec69229c201996d429c60bcdccf47296209adf0fd91158bbb05e2e7b3874150b8b483a56287345ebce7bbd08ff418ff570f5f3ed0f44a0e0a78e7926c210032288c9bbbaad30ac7c7ec1ff7ace8f9495f24c7b4b1b6760a4dc8b988042c0f96d5854f55309ca8534bcb09311", 0xce, 0x4000000, &(0x7f0000000040)={0xa, 0x4e21, 0xf298, @mcast1, 0xfb}, 0x1c) (async) getsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000740), &(0x7f0000000780)=0xe) (async) sendto$inet6(r0, &(0x7f0000000200)="cf", 0x1, 0x400c0d4, &(0x7f0000000140)={0xa, 0x4e23, 0xfa82, @loopback, 0xffffffff}, 0x1c) r4 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000480)=0xffffffffffffffff, 0x4) (async, rerun: 64) r5 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) (async, rerun: 64) r6 = socket$inet_udp(0x2, 0x2, 0x0) (async, rerun: 32) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f00000004c0)='logon\x00', &(0x7f0000000500)=@keyring) (rerun: 32) bind$inet(r6, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x36}}, 0x10) sendmmsg$inet(r6, &(0x7f0000003040)=[{{&(0x7f0000000680)={0x2, 0x4e22, @multicast2}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000cc0)="e35f7e5e5ac5e9f0cd5260605ba7cda81ba1559f17393edeb50e129851c8070000000000000005d4b034d0ce1f6e0be5b65e1ea3aab64fb19483ed222b9d51007de194d43163a764136ee239c65b382cbf2c46ced59f283332621e64913a530016bc320cb091f6fc2c8b8af6884caccb5a8cef9382455f4b1540ad90b9308269b06fe596f2f4935802420035d8efc47278940beabec4d40fa02b2a7b3f179ac1d1c332424093c93924b0fb97f23a2ce3a5ffd46a4ca58d205e8263de6c8f35ae0bdf26e7665d4521dc583997930691d414e950900194775678184d57e2a7bfbbb812ed678dee3f02a1c54cfd4c2faee9cd398d28b9f4f5fb8eb0290290399155c805fc6c3f6329e625d718b0215af67c4482ab8af756b973664ab0a372ecea980cf89a63de97a4f0721aab", 0x12b}, {&(0x7f0000001040)="a632d1428982a252324f258392e316f18cf86b2e26ac0af8c71b951129f3e611dc5fa965da5032081ce0cdc4659935a61e2b9a7fe3a4a89869f95f15cd0fe0cbc18f6a6d873a310a108980d90a1aad98d0e0dddb70480bd18486191b33112719854b86cb73be4fcff420a4caa64c932b46ba10031706e2fa27537ff5b9ee7f54d19f8a6d5dcc1711be704ea7424b04854aa7ea52a67f412b25168797edb27644d2b8356bedb99f1fbe0056f06bbdc7deb2de32161bcfc6557f2438cb4f205ad8c0c91d75385b90c102000000000000002c8bcbe34f9411542cc837ee91388dc51b9c9e60a52da69045f95ade368dc4d145513ea2ff07c86d637b44376576648e7adca3e28386", 0x106}, {&(0x7f00000007c0)="ae01c1ffa47432736ef41d1ca7a55e6ee84fc95a490173e6f97a5c34095cb06b53d352aa1286e3afd71aedd025c1946871822e0900ef5878455e97286102cdde893d7ccc8f6fbaf39ebfc87a0889162556dd2c750b72373cfc7c03b20d68bac0e03f2957d4cebb8fbac2af9abe141fe5820064122f5bd93ebef6e200989cdb3cb800089a8694e29cbdf892bb8117526046ceb41781f58cbd2fa05936a120f19ecc081392e9996f697e2f00"/182, 0xb6}, {&(0x7f0000000580)="6b9cacb7f6804c331a3aa9379734ec2aedb597c32af634ddb581e3cef4c3058812b5118b70a11b4169426d7df4887c10782a5cfc7f8ea9995dea4ac79993469d55895298a177c1e96fbc02b422b2f658450f124c1f7fbb0ffc995cac4fb8186835e2811d77f90cd9a4d933cb708bc5a346e7fc85379cca848191ce387c3aba4c12d2c7a110b4ce3114b3bd8d1b7b116a803bd8ce2405f7c43700329ad680dfa721b65823c09cca147a24f365e0cbc678092ae44a632b5c8da7f3e8b31ceaf1b5577b783908da7734f30d7ade6113b3adfebb2b03ed05", 0xd6}, {&(0x7f0000000880)="c545b8e6891930d00e0c9f9a34b60edab224b1d599675d86f2f876ea962ace703f8afaf9c4262d97ed63349f484d86885681bc9cca3150f7e96d42e3700004caeb28614673b668f1d4bfbc2ffdc9bbb7faa421ca301c10368c46010ec37a088c3414908889082d9fdffe5f74be78e4ab3d545c22d3148d9b024b52ac9280db8ea86894997c083e31229fa2365a8bceb69178468b0b7741df61069d66365ec555624cf395e1359669aec4eb18c84c59149442a7315383dd26efb1c7e3ad05b4f9cce399014d99422dfd4670b0fae7869616b29a20fe828bb54cdd5f8cb4763dea4245e78a9cd14b14fb6a6b4660c3068f9ae8cb7474622a4dee527d9578f91ee788c48346d6f0e1b70314da13e7f58767337f6d491d4912717dd52e8ae3d3b8d8f368f4c17d32bb3fc075148f9b34bfd28d9e6937", 0x134}], 0x5}}, {{0x0, 0x0, 0x0, 0x25}}], 0x3, 0xc044) write$binfmt_misc(r6, &(0x7f0000000300), 0x5b0) (async) ioctl$IOCTL_START_ACCEL_DEV(0xffffffffffffffff, 0x40096102, &(0x7f0000000240)={{&(0x7f0000000180)={'KERNEL\x00', {&(0x7f00000003c0)=@adf_hex={@bank={'Bank', '5', 'InterruptCoalescingTimerNs\x00'}, {0xa0}}}, {&(0x7f0000000080)={'KERNEL\x00'}}}}, 0x4}) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r5, 0x45809000) (async) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r0, 0x84, 0x23, &(0x7f0000000100)={0x0, 0xe7f2}, 0x8) (async) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f00000006c0)={0xa3, 0x0, &(0x7f0000000540)}) (async) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="300000003c0007010000000000400000037c00000400fc80100001805fd05a"], 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0xc010) (async) fallocate(r1, 0x4c, 0xb, 0x2) 210.749µs ago: executing program 0 (id=829): creat(&(0x7f0000001380)='./file0\x00', 0x4) mount(&(0x7f0000000040)=@loop={'/dev/loop', 0x0}, &(0x7f0000001440)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x208083, 0x0) 0s ago: executing program 2 (id=830): r0 = syz_open_dev$vim2m(&(0x7f0000000680), 0x8, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x14, 0x15, 0x301, 0x70bd29, 0x0, {0xc}}, 0x14}, 0x1, 0x0, 0x0, 0xc040}, 0x4000000) r2 = syz_io_uring_setup(0x7374, &(0x7f0000000000)={0x0, 0x61d8, 0x1000, 0x0, 0x107}, &(0x7f0000000080), &(0x7f0000000100)) r3 = socket$alg(0x26, 0x5, 0x0) bind$alg(r3, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(serpent)\x00'}, 0x58) r4 = syz_open_dev$radio(&(0x7f0000002b40), 0x3, 0x2) ioctl$VIDIOC_QUERYMENU(r4, 0xc02c5625, &(0x7f0000000000)={0x98f907, 0x5, @name="03489dc364b8b035b088af7cd259cf32928518e18ff9ffffff08581448a7fc5e"}) setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0) r5 = accept4(r3, 0x0, 0x0, 0x80800) sendmsg$alg(r5, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x810}, 0x20044000) recvmmsg$unix(r5, &(0x7f0000000a00)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000001d40)=""/4087, 0xff7}], 0x1}}], 0x1, 0x12040, 0x0) syz_io_uring_setup(0x19c9, &(0x7f0000000140)={0x0, 0xc7db, 0x2, 0x2, 0x35e, 0x0, r2}, &(0x7f00000001c0), &(0x7f0000000200)) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x13, r0, 0x0) kernel console output (not intermixed with test programs): c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.142270][ T6938] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 116.142280][ T6938] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 116.142287][ T6938] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 116.142293][ T6938] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 116.142298][ T6938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 116.142304][ T6938] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 116.142318][ T6938] [ 116.143859][ T5901] usb 1-1: config 4 has an invalid interface number: 128 but max is 0 [ 116.521179][ T5901] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 116.531520][ T5901] usb 1-1: config 4 has no interface number 0 [ 116.537877][ T5901] usb 1-1: config 4 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 116.552074][ T5901] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 116.561361][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 116.583212][ T5901] hub 1-1:4.128: bad descriptor, ignoring hub [ 116.597626][ T5901] hub 1-1:4.128: probe with driver hub failed with error -5 [ 116.607017][ T5901] usbhid 1-1:4.128: couldn't find an input interrupt endpoint [ 116.732224][ T6950] FAULT_INJECTION: forcing a failure. [ 116.732224][ T6950] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 116.753912][ T6950] CPU: 0 UID: 0 PID: 6950 Comm: syz.2.351 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 116.753934][ T6950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 116.753943][ T6950] Call Trace: [ 116.753950][ T6950] [ 116.753958][ T6950] dump_stack_lvl+0x189/0x250 [ 116.753981][ T6950] ? __pfx____ratelimit+0x10/0x10 [ 116.754002][ T6950] ? __pfx_dump_stack_lvl+0x10/0x10 [ 116.754019][ T6950] ? __pfx__printk+0x10/0x10 [ 116.754038][ T6950] ? __might_fault+0xb0/0x130 [ 116.754078][ T6950] should_fail_ex+0x414/0x560 [ 116.754105][ T6950] _copy_from_user+0x2d/0xb0 [ 116.754129][ T6950] input_event_from_user+0xb2/0x280 [ 116.754153][ T6950] ? __pfx_input_event_from_user+0x10/0x10 [ 116.754177][ T6950] ? input_inject_event+0xbc/0x320 [ 116.754197][ T6950] evdev_write+0x2a6/0x480 [ 116.754223][ T6950] ? __pfx_evdev_write+0x10/0x10 [ 116.754244][ T6950] ? bpf_lsm_file_permission+0x9/0x20 [ 116.754259][ T6950] ? security_file_permission+0x75/0x290 [ 116.754283][ T6950] ? rw_verify_area+0x258/0x650 [ 116.754302][ T6950] ? __pfx_evdev_write+0x10/0x10 [ 116.754324][ T6950] vfs_write+0x27b/0xa90 [ 116.754352][ T6950] ? __pfx_vfs_write+0x10/0x10 [ 116.754373][ T6950] ? __fget_files+0x2a/0x420 [ 116.754395][ T6950] ? __fget_files+0x2a/0x420 [ 116.754415][ T6950] ? __fget_files+0x3a0/0x420 [ 116.754434][ T6950] ? __fget_files+0x2a/0x420 [ 116.754465][ T6950] ksys_write+0x145/0x250 [ 116.754486][ T6950] ? __pfx_ksys_write+0x10/0x10 [ 116.754511][ T6950] ? do_syscall_64+0xbe/0x3b0 [ 116.754536][ T6950] do_syscall_64+0xfa/0x3b0 [ 116.754554][ T6950] ? lockdep_hardirqs_on+0x9c/0x150 [ 116.754583][ T6950] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.754600][ T6950] ? clear_bhb_loop+0x60/0xb0 [ 116.754620][ T6950] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.754636][ T6950] RIP: 0033:0x7f7df3f8e929 [ 116.754651][ T6950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.754664][ T6950] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 116.754682][ T6950] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 116.754694][ T6950] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003 [ 116.754705][ T6950] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 116.754715][ T6950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 116.754725][ T6950] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 116.754753][ T6950] [ 116.806538][ T6952] netlink: 'syz.1.352': attribute type 4 has an invalid length. [ 116.811131][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.017512][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.023485][ C0] hrtimer: interrupt took 268717436 ns [ 117.041499][ T6952] /dev/rnullb0: Can't open blockdev [ 117.123514][ C0] vkms_vblank_simulate: vblank timer overrun [ 117.444339][ T5885] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 117.594210][ T5885] usb 3-1: Using ep0 maxpacket: 8 [ 117.602647][ T5885] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 117.613056][ T5885] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 117.624724][ T5885] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 117.635599][ T5885] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 117.650104][ T5885] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 117.659254][ T5885] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 117.873145][ T5885] usb 3-1: GET_CAPABILITIES returned 0 [ 117.878769][ T5885] usbtmc 3-1:16.0: can't read capabilities [ 117.928510][ T5885] usb 4-1: USB disconnect, device number 9 [ 118.435676][ T5885] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 118.480021][ T5901] usb 3-1: USB disconnect, device number 10 [ 118.604295][ T5885] usb 4-1: Using ep0 maxpacket: 16 [ 118.612508][ T5885] usb 4-1: config index 0 descriptor too short (expected 9, got 0) [ 118.612542][ T5885] usb 4-1: can't read configurations, error -22 [ 118.734267][ T5885] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 118.834508][ T5901] usb 1-1: USB disconnect, device number 8 [ 118.894222][ T5885] usb 4-1: Using ep0 maxpacket: 16 [ 118.897287][ T5885] usb 4-1: config index 0 descriptor too short (expected 9, got 0) [ 118.897320][ T5885] usb 4-1: can't read configurations, error -22 [ 118.897630][ T5885] usb usb4-port1: attempt power cycle [ 119.056842][ T6976] net_ratelimit: 4 callbacks suppressed [ 119.056856][ T6976] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 119.264167][ T5885] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 119.302145][ T6976] warning: `syz.0.359' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 119.324283][ T5885] usb 4-1: Using ep0 maxpacket: 16 [ 119.332482][ T5885] usb 4-1: config index 0 descriptor too short (expected 9, got 0) [ 119.340577][ T5885] usb 4-1: can't read configurations, error -22 [ 119.645021][ T5885] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 119.664806][ T5885] usb 4-1: Using ep0 maxpacket: 16 [ 119.677037][ T5885] usb 4-1: config index 0 descriptor too short (expected 9, got 0) [ 119.686362][ T5885] usb 4-1: can't read configurations, error -22 [ 119.694843][ T5885] usb usb4-port1: unable to enumerate USB device [ 119.867179][ T6983] FAULT_INJECTION: forcing a failure. [ 119.867179][ T6983] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 119.897350][ T6983] CPU: 0 UID: 0 PID: 6983 Comm: syz.2.362 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 119.897364][ T6983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 119.897373][ T6983] Call Trace: [ 119.897378][ T6983] [ 119.897382][ T6983] dump_stack_lvl+0x189/0x250 [ 119.897405][ T6983] ? __pfx____ratelimit+0x10/0x10 [ 119.897418][ T6983] ? __pfx_dump_stack_lvl+0x10/0x10 [ 119.897428][ T6983] ? __pfx__printk+0x10/0x10 [ 119.897445][ T6983] should_fail_ex+0x414/0x560 [ 119.897462][ T6983] _copy_to_user+0x31/0xb0 [ 119.897472][ T6983] simple_read_from_buffer+0xe1/0x170 [ 119.897487][ T6983] proc_fail_nth_read+0x1df/0x250 [ 119.897504][ T6983] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 119.897519][ T6983] ? rw_verify_area+0x258/0x650 [ 119.897529][ T6983] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 119.897542][ T6983] vfs_read+0x1fd/0x980 [ 119.897555][ T6983] ? __pfx___mutex_lock+0x10/0x10 [ 119.897568][ T6983] ? __pfx_vfs_read+0x10/0x10 [ 119.897579][ T6983] ? __fget_files+0x2a/0x420 [ 119.897593][ T6983] ? __fget_files+0x3a0/0x420 [ 119.897604][ T6983] ? __fget_files+0x2a/0x420 [ 119.897620][ T6983] ksys_read+0x145/0x250 [ 119.897630][ T6983] ? __fget_files+0x3a0/0x420 [ 119.897642][ T6983] ? __pfx_ksys_read+0x10/0x10 [ 119.897655][ T6983] ? do_syscall_64+0xbe/0x3b0 [ 119.897668][ T6983] do_syscall_64+0xfa/0x3b0 [ 119.897679][ T6983] ? lockdep_hardirqs_on+0x9c/0x150 [ 119.897689][ T6983] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.897698][ T6983] ? clear_bhb_loop+0x60/0xb0 [ 119.897710][ T6983] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 119.897719][ T6983] RIP: 0033:0x7f7df3f8d33c [ 119.897731][ T6983] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 119.897738][ T6983] RSP: 002b:00007f7df4e47030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 119.897753][ T6983] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8d33c [ 119.897760][ T6983] RDX: 000000000000000f RSI: 00007f7df4e470a0 RDI: 0000000000000006 [ 119.897766][ T6983] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 119.897772][ T6983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 119.897777][ T6983] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 119.897792][ T6983] [ 120.133219][ C0] vkms_vblank_simulate: vblank timer overrun [ 120.264302][ T5901] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 120.391670][ T6989] loop6: detected capacity change from 0 to 524287999 [ 120.427398][ T5901] usb 1-1: Using ep0 maxpacket: 32 [ 120.436059][ T5901] usb 1-1: config 0 has an invalid interface number: 183 but max is 0 [ 120.448671][ T5901] usb 1-1: config 0 has no interface number 0 [ 120.477546][ T5901] usb 1-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8 [ 120.489968][ T5901] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 120.503402][ T5901] usb 1-1: Product: syz [ 120.520762][ T5901] usb 1-1: Manufacturer: syz [ 120.525852][ T5901] usb 1-1: SerialNumber: syz [ 120.533214][ T6994] FAULT_INJECTION: forcing a failure. [ 120.533214][ T6994] name failslab, interval 1, probability 0, space 0, times 0 [ 120.533250][ T5901] usb 1-1: config 0 descriptor?? [ 120.556561][ T6994] CPU: 1 UID: 0 PID: 6994 Comm: syz.1.366 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 120.556581][ T6994] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 120.556590][ T6994] Call Trace: [ 120.556596][ T6994] [ 120.556607][ T6994] dump_stack_lvl+0x189/0x250 [ 120.556630][ T6994] ? __pfx____ratelimit+0x10/0x10 [ 120.556650][ T6994] ? __pfx_dump_stack_lvl+0x10/0x10 [ 120.556669][ T6994] ? __pfx__printk+0x10/0x10 [ 120.556690][ T6994] ? __pfx___might_resched+0x10/0x10 [ 120.556705][ T6994] ? fs_reclaim_acquire+0x7d/0x100 [ 120.556727][ T6994] should_fail_ex+0x414/0x560 [ 120.556754][ T6994] should_failslab+0xa8/0x100 [ 120.556775][ T6994] kmem_cache_alloc_noprof+0x73/0x3c0 [ 120.556793][ T6994] ? __kernfs_new_node+0xd7/0x7e0 [ 120.556820][ T6994] __kernfs_new_node+0xd7/0x7e0 [ 120.556841][ T6994] ? __lock_acquire+0xab9/0xd20 [ 120.556871][ T6994] ? __pfx___kernfs_new_node+0x10/0x10 [ 120.556894][ T6994] ? kernfs_root+0x1c/0x230 [ 120.556921][ T6994] ? kernfs_root+0x1c/0x230 [ 120.556941][ T6994] ? kernfs_root+0x1c/0x230 [ 120.556960][ T6994] ? kernfs_root+0x1c/0x230 [ 120.556986][ T6994] kernfs_new_node+0x102/0x210 [ 120.557013][ T6994] __kernfs_create_file+0x4b/0x2e0 [ 120.557035][ T6994] sysfs_add_file_mode_ns+0x238/0x300 [ 120.557064][ T6994] sysfs_create_file_ns+0x128/0x1a0 [ 120.557083][ T6994] ? __pfx___up_read+0x10/0x10 [ 120.557101][ T6994] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 120.557124][ T6994] ? __dev_fwnode+0x50/0x80 [ 120.557140][ T6994] ? device_create_file+0xf4/0x1c0 [ 120.557158][ T6994] device_add+0x440/0xb50 [ 120.557191][ T6994] device_create+0x25b/0x2f0 [ 120.557211][ T6994] ? format_decode+0x5ee/0xe30 [ 120.557226][ T6994] ? string+0x279/0x2b0 [ 120.557239][ T6994] ? widen_string+0x3b/0x2a0 [ 120.557255][ T6994] ? __pfx_device_create+0x10/0x10 [ 120.557286][ T6994] bdi_register_va+0x9c/0x740 [ 120.557314][ T6994] super_setup_bdi_name+0xe6/0x200 [ 120.557333][ T6994] ? fuse_dev_install+0x8d/0x1a0 [ 120.557360][ T6994] ? __pfx_super_setup_bdi_name+0x10/0x10 [ 120.557393][ T6994] fuse_fill_super_common+0x64a/0x1100 [ 120.557425][ T6994] ? __pfx_fuse_fill_super_common+0x10/0x10 [ 120.557451][ T6994] ? __pfx_snprintf+0x10/0x10 [ 120.557464][ T6994] ? set_blocksize+0x21e/0x500 [ 120.557492][ T6994] ? sb_set_blocksize+0x104/0x180 [ 120.557515][ T6994] fuse_fill_super+0x176/0x1f0 [ 120.557534][ T6994] get_tree_bdev_flags+0x40e/0x4d0 [ 120.557553][ T6994] ? __pfx_fuse_fill_super+0x10/0x10 [ 120.557569][ T6994] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 120.557590][ T6994] ? __fget_files+0x2a/0x420 [ 120.557609][ T6994] ? __fget_files+0x3a0/0x420 [ 120.557628][ T6994] ? __fget_files+0x2a/0x420 [ 120.557653][ T6994] fuse_get_tree+0x23c/0x4e0 [ 120.557674][ T6994] vfs_get_tree+0x8f/0x2b0 [ 120.557696][ T6994] do_new_mount+0x24a/0xa40 [ 120.557724][ T6994] __se_sys_mount+0x317/0x410 [ 120.557751][ T6994] ? __pfx___se_sys_mount+0x10/0x10 [ 120.557770][ T6994] ? rcu_is_watching+0x15/0xb0 [ 120.557791][ T6994] ? do_syscall_64+0xbe/0x3b0 [ 120.557809][ T6994] ? __x64_sys_mount+0x20/0xc0 [ 120.557832][ T6994] do_syscall_64+0xfa/0x3b0 [ 120.557850][ T6994] ? lockdep_hardirqs_on+0x9c/0x150 [ 120.557868][ T6994] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.557884][ T6994] ? clear_bhb_loop+0x60/0xb0 [ 120.557903][ T6994] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 120.557919][ T6994] RIP: 0033:0x7f1678d8e929 [ 120.557934][ T6994] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 120.557947][ T6994] RSP: 002b:00007f1676bf6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 120.557964][ T6994] RAX: ffffffffffffffda RBX: 00007f1678fb5fa0 RCX: 00007f1678d8e929 [ 120.557976][ T6994] RDX: 0000200000000100 RSI: 0000200000002480 RDI: 0000200000002440 [ 120.557987][ T6994] RBP: 00007f1676bf6090 R08: 0000200000000600 R09: 0000000000000000 [ 120.557998][ T6994] R10: 0000000000008004 R11: 0000000000000246 R12: 0000000000000002 [ 120.558007][ T6994] R13: 0000000000000000 R14: 00007f1678fb5fa0 R15: 00007fff93c37388 [ 120.558035][ T6994] [ 120.574990][ T5901] net1080 1-1:0.183: probe with driver net1080 failed with error -22 [ 120.607558][ T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 120.754264][ T24] usb 3-1: Using ep0 maxpacket: 16 [ 120.875510][ T7000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.369'. [ 120.902751][ T24] usb 3-1: config 5 has an invalid interface number: 168 but max is 0 [ 120.902774][ T24] usb 3-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config [ 120.902791][ T24] usb 3-1: config 5 has no interface number 0 [ 120.902825][ T24] usb 3-1: config 5 interface 168 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B [ 120.902847][ T24] usb 3-1: config 5 interface 168 altsetting 7 endpoint 0x8B has invalid wMaxPacketSize 0 [ 120.902864][ T24] usb 3-1: config 5 interface 168 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 120.902887][ T24] usb 3-1: config 5 interface 168 has no altsetting 0 [ 120.906785][ T5866] usb 1-1: USB disconnect, device number 9 [ 120.920847][ T7000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.369'. [ 120.935100][ T24] usb 3-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=fc.58 [ 120.940893][ T7000] netlink: 60 bytes leftover after parsing attributes in process `syz.1.369'. [ 120.942221][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 121.177375][ T24] usb 3-1: Product: syz [ 121.181562][ T24] usb 3-1: Manufacturer: syz [ 121.186234][ T24] usb 3-1: SerialNumber: syz [ 121.358447][ T7002] capability: warning: `syz.1.370' uses 32-bit capabilities (legacy support in use) [ 121.569314][ T24] pn533_usb 3-1:5.168: NFC: Could not find bulk-in or bulk-out endpoint [ 121.634247][ T24] usb 3-1: USB disconnect, device number 11 [ 121.761751][ T7010] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 121.918714][ T7018] /dev/rnullb0: Can't open blockdev [ 121.974191][ T5866] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 122.114192][ T5866] usb 1-1: device descriptor read/64, error -71 [ 122.366716][ T5866] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 122.514219][ T5866] usb 1-1: device descriptor read/64, error -71 [ 122.633416][ T5866] usb usb1-port1: attempt power cycle [ 122.704305][ T7037] sp0: Synchronizing with TNC [ 122.714532][ T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 122.857795][ T7043] 8021q: adding VLAN 0 to HW filter on device bond0 [ 122.880811][ T24] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 122.889039][ T7043] bond0: (slave rose0): Enslaving as an active interface with an up link [ 122.914377][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 122.932608][ T24] usb 4-1: Product: syz [ 122.939563][ T24] usb 4-1: Manufacturer: syz [ 122.956311][ T24] usb 4-1: SerialNumber: syz [ 122.982512][ T24] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 122.992322][ T5866] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 123.066222][ T5866] usb 1-1: device descriptor read/8, error -71 [ 123.082665][ T121] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 123.315015][ T5866] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 123.344926][ T5866] usb 1-1: device descriptor read/8, error -71 [ 123.454803][ T5866] usb usb1-port1: unable to enumerate USB device [ 123.859547][ T5832] usb 4-1: USB disconnect, device number 14 [ 124.049219][ T7076] FAULT_INJECTION: forcing a failure. [ 124.049219][ T7076] name failslab, interval 1, probability 0, space 0, times 0 [ 124.097050][ T7076] CPU: 1 UID: 0 PID: 7076 Comm: syz.1.393 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 124.097072][ T7076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 124.097090][ T7076] Call Trace: [ 124.097097][ T7076] [ 124.097105][ T7076] dump_stack_lvl+0x189/0x250 [ 124.097130][ T7076] ? __pfx____ratelimit+0x10/0x10 [ 124.097151][ T7076] ? __pfx_dump_stack_lvl+0x10/0x10 [ 124.097170][ T7076] ? __pfx__printk+0x10/0x10 [ 124.097195][ T7076] ? __pfx___might_resched+0x10/0x10 [ 124.097217][ T7076] should_fail_ex+0x414/0x560 [ 124.097246][ T7076] should_failslab+0xa8/0x100 [ 124.097268][ T7076] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 124.097289][ T7076] ? __alloc_skb+0x112/0x2d0 [ 124.097317][ T7076] __alloc_skb+0x112/0x2d0 [ 124.097342][ T7076] inet_ifmcaddr_notify+0x7e/0x150 [ 124.097370][ T7076] ____ip_mc_inc_group+0x9b8/0xde0 [ 124.097402][ T7076] ip_mc_up+0x125/0x300 [ 124.097425][ T7076] inetdev_event+0xfb3/0x15b0 [ 124.097448][ T7076] ? __pfx_inetdev_event+0x10/0x10 [ 124.097475][ T7076] notifier_call_chain+0x1b3/0x3e0 [ 124.097501][ T7076] __dev_notify_flags+0x18d/0x2e0 [ 124.097527][ T7076] ? __pfx___dev_notify_flags+0x10/0x10 [ 124.097548][ T7076] ? __dev_change_flags+0x4cc/0x6d0 [ 124.097577][ T7076] ? __pfx___dev_change_flags+0x10/0x10 [ 124.097597][ T7076] ? devinet_ioctl+0x323/0x1b50 [ 124.097622][ T7076] ? __pfx___mutex_lock+0x10/0x10 [ 124.097649][ T7076] netif_change_flags+0xe8/0x1a0 [ 124.097677][ T7076] dev_change_flags+0x130/0x260 [ 124.097705][ T7076] devinet_ioctl+0xbb4/0x1b50 [ 124.097740][ T7076] ? __pfx_devinet_ioctl+0x10/0x10 [ 124.097767][ T7076] ? get_user_ifreq+0x12c/0x180 [ 124.097787][ T7076] inet_ioctl+0x3c0/0x4c0 [ 124.097809][ T7076] ? __pfx_inet_ioctl+0x10/0x10 [ 124.097846][ T7076] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 124.097876][ T7076] ? packet_ioctl+0x254/0x350 [ 124.097902][ T7076] sock_do_ioctl+0xdc/0x300 [ 124.097923][ T7076] ? __pfx_sock_do_ioctl+0x10/0x10 [ 124.097939][ T7076] ? __lock_acquire+0xab9/0xd20 [ 124.097979][ T7076] sock_ioctl+0x576/0x790 [ 124.098000][ T7076] ? __pfx_sock_ioctl+0x10/0x10 [ 124.098018][ T7076] ? __fget_files+0x2a/0x420 [ 124.098039][ T7076] ? __fget_files+0x3a0/0x420 [ 124.098059][ T7076] ? __fget_files+0x2a/0x420 [ 124.098089][ T7076] ? bpf_lsm_file_ioctl+0x9/0x20 [ 124.098106][ T7076] ? __pfx_sock_ioctl+0x10/0x10 [ 124.098124][ T7076] __se_sys_ioctl+0xfc/0x170 [ 124.098145][ T7076] do_syscall_64+0xfa/0x3b0 [ 124.098165][ T7076] ? lockdep_hardirqs_on+0x9c/0x150 [ 124.098184][ T7076] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.098201][ T7076] ? clear_bhb_loop+0x60/0xb0 [ 124.098222][ T7076] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 124.098238][ T7076] RIP: 0033:0x7f1678d8e929 [ 124.098254][ T7076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 124.098267][ T7076] RSP: 002b:00007f1676bf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 124.098285][ T7076] RAX: ffffffffffffffda RBX: 00007f1678fb5fa0 RCX: 00007f1678d8e929 [ 124.098298][ T7076] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 124.098309][ T7076] RBP: 00007f1676bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 124.098320][ T7076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 124.098329][ T7076] R13: 0000000000000000 R14: 00007f1678fb5fa0 R15: 00007fff93c37388 [ 124.098358][ T7076] [ 124.552335][ T121] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive [ 124.559811][ T121] ath9k_htc: Failed to initialize the device [ 124.609327][ T5832] usb 4-1: ath9k_htc: USB layer deinitialized [ 124.676906][ T7092] netlink: 8 bytes leftover after parsing attributes in process `syz.3.395'. [ 124.909059][ T7105] /dev/rnullb0: Can't open blockdev [ 125.174263][ T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 125.195379][ T7122] /dev/rnullb0: Can't open blockdev [ 125.206076][ T7124] /dev/rnullb0: Can't open blockdev [ 125.345784][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 125.378624][ T9] usb 3-1: config 0 has an invalid interface number: 196 but max is 0 [ 125.403719][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 125.439006][ T9] usb 3-1: config 0 has no interface number 0 [ 125.453083][ T9] usb 3-1: config 0 interface 196 altsetting 31 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 125.499200][ T9] usb 3-1: config 0 interface 196 has no altsetting 0 [ 125.519586][ T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a [ 125.536298][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 125.550243][ T9] usb 3-1: Product: syz [ 125.556736][ T9] usb 3-1: Manufacturer: syz [ 125.561373][ T9] usb 3-1: SerialNumber: syz [ 125.573031][ T9] usb 3-1: config 0 descriptor?? [ 125.605361][ T9] ipheth 3-1:0.196: Unable to find alternate settings interface [ 125.820261][ T7109] ieee802154 phy0 wpan0: encryption failed: -22 [ 125.885370][ T5885] usb 3-1: USB disconnect, device number 12 [ 125.984687][ T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 126.024712][ T7154] /dev/rnullb0: Can't open blockdev [ 126.131102][ T7158] Invalid logical block size (117440512) [ 126.150033][ T9] usb 1-1: config 0 interface 0 has no altsetting 0 [ 126.176085][ T9] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75 [ 126.203941][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 126.220189][ T9] usb 1-1: config 0 descriptor?? [ 126.438515][ T7144] netlink: 1347 bytes leftover after parsing attributes in process `syz.0.410'. [ 126.764778][ T9] (null): keene_cmd_main failed (-71) [ 126.805915][ T7173] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280 [ 126.846557][ T9] video4linux radio48: keene_cmd_main failed (-71) [ 126.866775][ T9] radio-keene 1-1:0.0: V4L2 device registered as radio48 [ 126.879884][ T9] usb 1-1: USB disconnect, device number 14 [ 127.282783][ T7187] /dev/rnullb0: Can't open blockdev [ 127.285445][ T5885] usb 3-1: new full-speed USB device number 13 using dummy_hcd [ 127.615301][ T24] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 127.674262][ T9] usb 2-1: new full-speed USB device number 22 using dummy_hcd [ 127.776262][ T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.788560][ T24] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 127.797653][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 127.808493][ T24] usb 1-1: config 0 descriptor?? [ 127.824163][ T121] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 127.835772][ T9] usb 2-1: not running at top speed; connect to a high speed hub [ 127.847034][ T9] usb 2-1: config 1 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.857430][ T9] usb 2-1: config 1 interface 0 altsetting 7 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 127.870789][ T9] usb 2-1: config 1 interface 0 has no altsetting 0 [ 127.879764][ T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 127.889872][ T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 127.897925][ T9] usb 2-1: Product: 䱏黌䘜؜ﺹẐꫛꃁ㳊몹Ꞧꄩ伺뒨踰뇿Ⲛ뇦ꍵᠳ꽌ꂵ끡ޖ㥃鑰پ堠⾏ퟆ쥔嫯⋪衺脞藪ꦉ桫瓈⽧皠줌ꀚ㛣ﳓ顱柘ꣃݾ琢Ց쮣襗별壣득倠䀧썢ᇎꁮۨ쒕گ俊ຳ࢕의䦏㍌辐ﯵﷸ褸媏ꁸ벍┘඙ꮺয়⋄섫ὺ婏⠼뛶귰Ȫ젿와婱Ƙꑝ௡㺽놴갽㸲ᓬ哇氁멀뵁꫘䛯㴀랓ᄩ乊姰ࠁ [ 127.932822][ C0] vkms_vblank_simulate: vblank timer overrun [ 127.939282][ T9] usb 2-1: SerialNumber: syz [ 127.948446][ T7193] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22 [ 128.028716][ T121] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.039857][ T121] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 128.049461][ T121] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.060827][ T121] usb 4-1: config 0 descriptor?? [ 128.107872][ T24] usbhid 1-1:0.0: can't add hid device: -71 [ 128.115751][ T24] usbhid 1-1:0.0: probe with driver usbhid failed with error -71 [ 128.126913][ T24] usb 1-1: USB disconnect, device number 15 [ 128.280985][ T121] usbhid 4-1:0.0: can't add hid device: -71 [ 128.287488][ T121] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 128.300445][ T121] usb 4-1: USB disconnect, device number 15 [ 128.370874][ T9] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22 [ 128.387975][ T9] usb 2-1: USB disconnect, device number 22 [ 128.564166][ T5832] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 128.694238][ T5832] usb 1-1: device descriptor read/64, error -71 [ 128.724308][ T5922] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 128.875265][ T5922] usb 4-1: Using ep0 maxpacket: 16 [ 128.882205][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 128.893299][ T5922] usb 4-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00 [ 128.903745][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 128.915438][ T5922] usb 4-1: config 0 descriptor?? [ 128.934667][ T5832] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 128.997977][ T5842] Bluetooth: hci1: Malformed HCI Event [ 129.064262][ T5832] usb 1-1: device descriptor read/64, error -71 [ 129.184417][ T5832] usb usb1-port1: attempt power cycle [ 129.535768][ T5832] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 129.576025][ T5832] usb 1-1: device descriptor read/8, error -71 [ 129.783783][ T7203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.792596][ T7203] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.803301][ T7203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 129.813164][ T7203] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 129.816427][ T5832] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 129.844906][ T5832] usb 1-1: device descriptor read/8, error -71 [ 129.967826][ T5832] usb usb1-port1: unable to enumerate USB device [ 130.304315][ T5866] usb 2-1: new high-speed USB device number 23 using dummy_hcd [ 130.472255][ T7216] FAULT_INJECTION: forcing a failure. [ 130.472255][ T7216] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.491031][ T7216] CPU: 1 UID: 0 PID: 7216 Comm: syz.2.436 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 130.491053][ T7216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 130.491064][ T7216] Call Trace: [ 130.491071][ T7216] [ 130.491079][ T7216] dump_stack_lvl+0x189/0x250 [ 130.491102][ T7216] ? __pfx____ratelimit+0x10/0x10 [ 130.491127][ T7216] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.491145][ T7216] ? __pfx__printk+0x10/0x10 [ 130.491164][ T7216] ? __might_fault+0xb0/0x130 [ 130.491192][ T7216] should_fail_ex+0x414/0x560 [ 130.491229][ T7216] _copy_from_iter+0x1db/0x16f0 [ 130.491255][ T7216] ? rcu_is_watching+0x15/0xb0 [ 130.491273][ T7216] ? kmem_cache_alloc_node_noprof+0x217/0x3c0 [ 130.491294][ T7216] ? __pfx__copy_from_iter+0x10/0x10 [ 130.491317][ T7216] ? __build_skb_around+0x257/0x3e0 [ 130.491342][ T7216] ? netlink_sendmsg+0x642/0xb30 [ 130.491361][ T7216] ? skb_put+0x11b/0x210 [ 130.491386][ T7216] netlink_sendmsg+0x6b2/0xb30 [ 130.491414][ T7216] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.491438][ T7216] ? aa_sock_msg_perm+0xf1/0x1d0 [ 130.491458][ T7216] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 130.491479][ T7216] ? __pfx_netlink_sendmsg+0x10/0x10 [ 130.491501][ T7216] __sock_sendmsg+0x21c/0x270 [ 130.491523][ T7216] ____sys_sendmsg+0x505/0x830 [ 130.491552][ T7216] ? __pfx_____sys_sendmsg+0x10/0x10 [ 130.491585][ T7216] ? import_iovec+0x74/0xa0 [ 130.491612][ T7216] ___sys_sendmsg+0x21f/0x2a0 [ 130.491637][ T7216] ? __pfx____sys_sendmsg+0x10/0x10 [ 130.491694][ T7216] ? __fget_files+0x2a/0x420 [ 130.491716][ T7216] ? __fget_files+0x3a0/0x420 [ 130.491748][ T7216] __x64_sys_sendmsg+0x19b/0x260 [ 130.491774][ T7216] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 130.491806][ T7216] ? __pfx_ksys_write+0x10/0x10 [ 130.491823][ T7216] ? rcu_is_watching+0x15/0xb0 [ 130.491844][ T7216] ? do_syscall_64+0xbe/0x3b0 [ 130.491867][ T7216] do_syscall_64+0xfa/0x3b0 [ 130.491885][ T7216] ? lockdep_hardirqs_on+0x9c/0x150 [ 130.491904][ T7216] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.491919][ T7216] ? clear_bhb_loop+0x60/0xb0 [ 130.491939][ T7216] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.491954][ T7216] RIP: 0033:0x7f7df3f8e929 [ 130.491969][ T7216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.491983][ T7216] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 130.492001][ T7216] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 130.492013][ T7216] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003 [ 130.492024][ T7216] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 130.492034][ T7216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.492045][ T7216] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 130.492072][ T7216] [ 130.830914][ T5866] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 130.840700][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 130.853373][ T5866] usb 2-1: Product: syz [ 130.857810][ T5866] usb 2-1: Manufacturer: syz [ 130.862461][ T5866] usb 2-1: SerialNumber: syz [ 130.872832][ T7221] /dev/rnullb0: Can't open blockdev [ 130.882174][ T5866] usb 2-1: config 0 descriptor?? [ 130.893907][ T5866] ch341 2-1:0.0: ch341-uart converter detected [ 130.929255][ T7223] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 131.079497][ T5922] usbhid 4-1:0.0: can't add hid device: -71 [ 131.098282][ T5922] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 131.136685][ T7232] devpts: Bad value for 'max' [ 131.148823][ T5922] usb 4-1: USB disconnect, device number 16 [ 131.275006][ T7238] sp0: Synchronizing with TNC [ 131.412232][ T7242] /dev/rnullb0: Can't open blockdev [ 131.468734][ T7244] /dev/rnullb0: Can't open blockdev [ 131.494536][ T121] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 131.537808][ T7247] FAULT_INJECTION: forcing a failure. [ 131.537808][ T7247] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 131.551016][ T7248] syz.3.450 (7248) used obsolete PPPIOCDETACH ioctl [ 131.559091][ T7247] CPU: 0 UID: 0 PID: 7247 Comm: syz.0.451 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 131.559123][ T7247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 131.559134][ T7247] Call Trace: [ 131.559142][ T7247] [ 131.559149][ T7247] dump_stack_lvl+0x189/0x250 [ 131.559173][ T7247] ? __pfx____ratelimit+0x10/0x10 [ 131.559195][ T7247] ? __pfx_dump_stack_lvl+0x10/0x10 [ 131.559215][ T7247] ? __pfx__printk+0x10/0x10 [ 131.559233][ T7247] ? __might_fault+0xb0/0x130 [ 131.559264][ T7247] should_fail_ex+0x414/0x560 [ 131.559293][ T7247] _copy_from_user+0x2d/0xb0 [ 131.559320][ T7247] input_event_from_user+0xb2/0x280 [ 131.559344][ T7247] ? __pfx_input_event_from_user+0x10/0x10 [ 131.559369][ T7247] ? input_inject_event+0xbc/0x320 [ 131.559392][ T7247] evdev_write+0x2a6/0x480 [ 131.559419][ T7247] ? __pfx_evdev_write+0x10/0x10 [ 131.559442][ T7247] ? bpf_lsm_file_permission+0x9/0x20 [ 131.559458][ T7247] ? security_file_permission+0x75/0x290 [ 131.559482][ T7247] ? rw_verify_area+0x258/0x650 [ 131.559501][ T7247] ? __pfx_evdev_write+0x10/0x10 [ 131.559525][ T7247] vfs_write+0x27b/0xa90 [ 131.559553][ T7247] ? __pfx_vfs_write+0x10/0x10 [ 131.559575][ T7247] ? __fget_files+0x2a/0x420 [ 131.559600][ T7247] ? __fget_files+0x2a/0x420 [ 131.559620][ T7247] ? __fget_files+0x3a0/0x420 [ 131.559641][ T7247] ? __fget_files+0x2a/0x420 [ 131.559672][ T7247] ksys_write+0x145/0x250 [ 131.559695][ T7247] ? __pfx_ksys_write+0x10/0x10 [ 131.559711][ T7247] ? rcu_is_watching+0x15/0xb0 [ 131.559735][ T7247] ? do_syscall_64+0xbe/0x3b0 [ 131.559759][ T7247] do_syscall_64+0xfa/0x3b0 [ 131.559778][ T7247] ? lockdep_hardirqs_on+0x9c/0x150 [ 131.559797][ T7247] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.559815][ T7247] ? clear_bhb_loop+0x60/0xb0 [ 131.559835][ T7247] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 131.559852][ T7247] RIP: 0033:0x7fa0e858e929 [ 131.559868][ T7247] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 131.559882][ T7247] RSP: 002b:00007fa0e9387038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 131.559900][ T7247] RAX: ffffffffffffffda RBX: 00007fa0e87b5fa0 RCX: 00007fa0e858e929 [ 131.559913][ T7247] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003 [ 131.559925][ T7247] RBP: 00007fa0e9387090 R08: 0000000000000000 R09: 0000000000000000 [ 131.559936][ T7247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 131.559946][ T7247] R13: 0000000000000000 R14: 00007fa0e87b5fa0 R15: 00007fff165a0ba8 [ 131.559974][ T7247] [ 131.644191][ T121] usb 3-1: Using ep0 maxpacket: 32 [ 131.645356][ C0] vkms_vblank_simulate: vblank timer overrun [ 131.835501][ T121] usb 3-1: config 4 has an invalid interface number: 128 but max is 0 [ 131.843704][ T121] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config [ 131.861232][ T121] usb 3-1: config 4 has no interface number 0 [ 131.867390][ T121] usb 3-1: config 4 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 131.904198][ T121] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 131.913256][ T121] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 131.928380][ T5866] usb 2-1: ch341-uart converter now attached to ttyUSB0 [ 131.947193][ T121] hub 3-1:4.128: bad descriptor, ignoring hub [ 131.953284][ T121] hub 3-1:4.128: probe with driver hub failed with error -5 [ 131.982022][ T7251] overlay: ./file0 is not a directory [ 131.984496][ T121] usbhid 3-1:4.128: couldn't find an input interrupt endpoint [ 132.012556][ T7253] netlink: 160 bytes leftover after parsing attributes in process `syz.3.453'. [ 132.020313][ T7251] netlink: 'syz.0.452': attribute type 10 has an invalid length. [ 132.034416][ T7251] bridge0: port 3(team0) entered blocking state [ 132.041177][ T7251] bridge0: port 3(team0) entered disabled state [ 132.048066][ T7251] team0: entered allmulticast mode [ 132.053201][ T7251] team_slave_0: entered allmulticast mode [ 132.059475][ T7251] team_slave_1: entered allmulticast mode [ 132.067342][ T7251] team0: entered promiscuous mode [ 132.072674][ T7251] team_slave_0: entered promiscuous mode [ 132.078699][ T7253] /dev/rnullb0: Can't open blockdev [ 132.080734][ T7251] team_slave_1: entered promiscuous mode [ 132.093257][ T7251] bridge0: port 3(team0) entered blocking state [ 132.099639][ T7251] bridge0: port 3(team0) entered forwarding state [ 132.139224][ T5832] usb 2-1: USB disconnect, device number 23 [ 132.150652][ T5832] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0 [ 132.204202][ T5832] ch341 2-1:0.0: device disconnected [ 132.743867][ T1301] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.750529][ T1301] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.572528][ T7290] /dev/rnullb0: Can't open blockdev [ 133.604183][ T5832] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 133.764829][ T5832] usb 4-1: no configurations [ 133.771207][ T5832] usb 4-1: can't read configurations, error -22 [ 133.884263][ T5885] usb 2-1: new high-speed USB device number 24 using dummy_hcd [ 133.914210][ T5832] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 134.054600][ T5885] usb 2-1: Using ep0 maxpacket: 8 [ 134.065693][ T5885] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 134.075597][ T5885] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 134.085589][ T5885] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 134.095675][ T5832] usb 4-1: no configurations [ 134.100270][ T5832] usb 4-1: can't read configurations, error -22 [ 134.106801][ T5885] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 134.120177][ T5832] usb usb4-port1: attempt power cycle [ 134.125645][ T5885] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 134.136714][ T5885] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.350530][ T5885] usb 2-1: GET_CAPABILITIES returned 0 [ 134.357270][ T5885] usbtmc 2-1:16.0: can't read capabilities [ 134.374492][ T9] usb 3-1: USB disconnect, device number 14 [ 134.474246][ T5832] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 134.493301][ T7307] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 134.520112][ T7307] batadv_slave_1: entered allmulticast mode [ 134.525312][ T5832] usb 4-1: no configurations [ 134.530598][ T5832] usb 4-1: can't read configurations, error -22 [ 134.541425][ T7310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.559456][ T7310] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.559605][ T7295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.579426][ T7295] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.604924][ T7295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.617481][ T7295] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.705384][ T5832] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 134.725324][ T5832] usb 4-1: no configurations [ 134.729936][ T5832] usb 4-1: can't read configurations, error -22 [ 134.738179][ T5832] usb usb4-port1: unable to enumerate USB device [ 134.773522][ T7307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 134.782011][ T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 134.791404][ T7307] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 134.958537][ T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.974493][ T24] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 134.993972][ T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 134.997068][ T5832] usb 2-1: USB disconnect, device number 24 [ 135.018709][ T24] usb 3-1: config 0 descriptor?? [ 135.036709][ T24] usb 3-1: can't set config #0, error -71 [ 135.065271][ T24] usb 3-1: USB disconnect, device number 15 [ 135.211653][ T7321] netlink: 12 bytes leftover after parsing attributes in process `syz.0.478'. [ 135.286502][ T7325] /dev/rnullb0: Can't open blockdev [ 135.292353][ T7326] /dev/rnullb0: Can't open blockdev [ 135.331221][ T7328] FAULT_INJECTION: forcing a failure. [ 135.331221][ T7328] name failslab, interval 1, probability 0, space 0, times 0 [ 135.348286][ T7328] CPU: 0 UID: 0 PID: 7328 Comm: syz.2.481 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 135.348308][ T7328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 135.348319][ T7328] Call Trace: [ 135.348326][ T7328] [ 135.348333][ T7328] dump_stack_lvl+0x189/0x250 [ 135.348357][ T7328] ? __pfx____ratelimit+0x10/0x10 [ 135.348379][ T7328] ? __pfx_dump_stack_lvl+0x10/0x10 [ 135.348398][ T7328] ? __pfx__printk+0x10/0x10 [ 135.348422][ T7328] ? __pfx___might_resched+0x10/0x10 [ 135.348438][ T7328] ? fs_reclaim_acquire+0x7d/0x100 [ 135.348463][ T7328] should_fail_ex+0x414/0x560 [ 135.348491][ T7328] should_failslab+0xa8/0x100 [ 135.348513][ T7328] kmem_cache_alloc_noprof+0x73/0x3c0 [ 135.348530][ T7328] ? __kernfs_new_node+0xd7/0x7e0 [ 135.348557][ T7328] __kernfs_new_node+0xd7/0x7e0 [ 135.348578][ T7328] ? __lock_acquire+0xab9/0xd20 [ 135.348608][ T7328] ? __pfx___kernfs_new_node+0x10/0x10 [ 135.348631][ T7328] ? kernfs_root+0x1c/0x230 [ 135.348657][ T7328] ? kernfs_root+0x1c/0x230 [ 135.348679][ T7328] ? kernfs_root+0x1c/0x230 [ 135.348698][ T7328] ? kernfs_root+0x1c/0x230 [ 135.348722][ T7328] kernfs_new_node+0x102/0x210 [ 135.348750][ T7328] __kernfs_create_file+0x4b/0x2e0 [ 135.348773][ T7328] sysfs_add_file_mode_ns+0x238/0x300 [ 135.348801][ T7328] sysfs_create_file_ns+0x128/0x1a0 [ 135.348821][ T7328] ? __pfx___up_read+0x10/0x10 [ 135.348839][ T7328] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 135.348862][ T7328] ? __dev_fwnode+0x50/0x80 [ 135.348879][ T7328] ? device_create_file+0xf4/0x1c0 [ 135.348897][ T7328] device_add+0x440/0xb50 [ 135.348919][ T7328] device_create+0x25b/0x2f0 [ 135.348940][ T7328] ? format_decode+0x5ee/0xe30 [ 135.348955][ T7328] ? string+0x279/0x2b0 [ 135.348976][ T7328] ? widen_string+0x3b/0x2a0 [ 135.348992][ T7328] ? __pfx_device_create+0x10/0x10 [ 135.349025][ T7328] bdi_register_va+0x9c/0x740 [ 135.349055][ T7328] super_setup_bdi_name+0xe6/0x200 [ 135.349074][ T7328] ? fuse_dev_install+0x8d/0x1a0 [ 135.349103][ T7328] ? __pfx_super_setup_bdi_name+0x10/0x10 [ 135.349139][ T7328] fuse_fill_super_common+0x64a/0x1100 [ 135.349173][ T7328] ? __pfx_fuse_fill_super_common+0x10/0x10 [ 135.349200][ T7328] ? __pfx_snprintf+0x10/0x10 [ 135.349214][ T7328] ? set_blocksize+0x21e/0x500 [ 135.349244][ T7328] ? sb_set_blocksize+0x104/0x180 [ 135.349268][ T7328] fuse_fill_super+0x176/0x1f0 [ 135.349288][ T7328] get_tree_bdev_flags+0x40e/0x4d0 [ 135.349308][ T7328] ? __pfx_fuse_fill_super+0x10/0x10 [ 135.349325][ T7328] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 135.349346][ T7328] ? __fget_files+0x2a/0x420 [ 135.349365][ T7328] ? __fget_files+0x3a0/0x420 [ 135.349386][ T7328] ? __fget_files+0x2a/0x420 [ 135.349413][ T7328] fuse_get_tree+0x23c/0x4e0 [ 135.349435][ T7328] vfs_get_tree+0x8f/0x2b0 [ 135.349458][ T7328] do_new_mount+0x24a/0xa40 [ 135.349487][ T7328] __se_sys_mount+0x317/0x410 [ 135.349516][ T7328] ? __pfx___se_sys_mount+0x10/0x10 [ 135.349535][ T7328] ? rcu_is_watching+0x15/0xb0 [ 135.349558][ T7328] ? do_syscall_64+0xbe/0x3b0 [ 135.349576][ T7328] ? __x64_sys_mount+0x20/0xc0 [ 135.349600][ T7328] do_syscall_64+0xfa/0x3b0 [ 135.349619][ T7328] ? lockdep_hardirqs_on+0x9c/0x150 [ 135.349638][ T7328] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.349655][ T7328] ? clear_bhb_loop+0x60/0xb0 [ 135.349676][ T7328] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 135.349692][ T7328] RIP: 0033:0x7f7df3f8e929 [ 135.349707][ T7328] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 135.349721][ T7328] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 135.349740][ T7328] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 135.349754][ T7328] RDX: 0000200000000100 RSI: 0000200000002480 RDI: 0000200000002440 [ 135.349766][ T7328] RBP: 00007f7df4e47090 R08: 0000200000000600 R09: 0000000000000000 [ 135.349777][ T7328] R10: 0000000000008004 R11: 0000000000000246 R12: 0000000000000002 [ 135.349787][ T7328] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 135.349816][ T7328] [ 135.750324][ C0] vkms_vblank_simulate: vblank timer overrun [ 135.824161][ T24] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 136.004147][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 136.026257][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 136.044196][ T24] usb 1-1: config 0 has no interfaces? [ 136.061233][ T24] usb 1-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b [ 136.229922][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 136.245840][ T24] usb 1-1: Product: syz [ 136.255152][ T24] usb 1-1: Manufacturer: syz [ 136.259754][ T24] usb 1-1: SerialNumber: syz [ 136.284783][ T24] usb 1-1: config 0 descriptor?? [ 136.285646][ T7337] Invalid logical block size (83886080) [ 136.508543][ T7330] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.531024][ T7330] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.876549][ T7366] /dev/rnullb0: Can't open blockdev [ 137.093241][ T24] usb 1-1: USB disconnect, device number 20 [ 137.303978][ T7385] netlink: 8 bytes leftover after parsing attributes in process `syz.3.498'. [ 137.648786][ T7399] netlink: 28 bytes leftover after parsing attributes in process `syz.0.502'. [ 137.814834][ T9] usb 4-1: new full-speed USB device number 21 using dummy_hcd [ 137.965214][ T9] usb 4-1: device descriptor read/64, error -71 [ 138.225195][ T9] usb 4-1: new full-speed USB device number 22 using dummy_hcd [ 138.365589][ T9] usb 4-1: device descriptor read/64, error -71 [ 138.379845][ T7440] vcan0: entered allmulticast mode [ 138.486690][ T9] usb usb4-port1: attempt power cycle [ 138.545016][ T7445] netlink: 12 bytes leftover after parsing attributes in process `syz.2.517'. [ 138.599511][ T7447] netlink: 8 bytes leftover after parsing attributes in process `syz.1.518'. [ 138.835129][ T9] usb 4-1: new full-speed USB device number 23 using dummy_hcd [ 138.874894][ T9] usb 4-1: device descriptor read/8, error -71 [ 138.958400][ T7461] FAULT_INJECTION: forcing a failure. [ 138.958400][ T7461] name failslab, interval 1, probability 0, space 0, times 0 [ 138.972018][ T7461] CPU: 0 UID: 0 PID: 7461 Comm: syz.2.523 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 138.972040][ T7461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 138.972049][ T7461] Call Trace: [ 138.972056][ T7461] [ 138.972064][ T7461] dump_stack_lvl+0x189/0x250 [ 138.972087][ T7461] ? __pfx____ratelimit+0x10/0x10 [ 138.972107][ T7461] ? __pfx_dump_stack_lvl+0x10/0x10 [ 138.972125][ T7461] ? __pfx__printk+0x10/0x10 [ 138.972145][ T7461] ? __pfx___might_resched+0x10/0x10 [ 138.972163][ T7461] ? fs_reclaim_acquire+0x7d/0x100 [ 138.972189][ T7461] should_fail_ex+0x414/0x560 [ 138.972218][ T7461] should_failslab+0xa8/0x100 [ 138.972239][ T7461] __kmalloc_noprof+0xcb/0x4f0 [ 138.972257][ T7461] ? fib6_info_alloc+0x30/0xf0 [ 138.972281][ T7461] fib6_info_alloc+0x30/0xf0 [ 138.972302][ T7461] ip6_route_info_create+0x142/0x860 [ 138.972332][ T7461] ip6_route_add+0x49/0x1b0 [ 138.972355][ T7461] addrconf_add_dev+0x24f/0x340 [ 138.972386][ T7461] ? __pfx_addrconf_add_dev+0x10/0x10 [ 138.972421][ T7461] ? __lock_acquire+0xab9/0xd20 [ 138.972456][ T7461] addrconf_init_auto_addrs+0x590/0xbb0 [ 138.972479][ T7461] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 138.972497][ T7461] ? __pfx_addrconf_init_auto_addrs+0x10/0x10 [ 138.972518][ T7461] ? addrconf_permanent_addr+0x917/0x9d0 [ 138.972543][ T7461] ? addrconf_permanent_addr+0x917/0x9d0 [ 138.972566][ T7461] ? addrconf_permanent_addr+0x917/0x9d0 [ 138.972595][ T7461] ? __pfx_addrconf_permanent_addr+0x10/0x10 [ 138.972622][ T7461] ? __mutex_unlock_slowpath+0x1cd/0x700 [ 138.972647][ T7461] ? __pfx___mutex_lock+0x10/0x10 [ 138.972666][ T7461] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 138.972684][ T7461] ? tls_dev_event+0x717/0xec0 [ 138.972713][ T7461] ? addrconf_link_ready+0x112/0x170 [ 138.972739][ T7461] addrconf_notify+0xacc/0x1010 [ 138.972766][ T7461] notifier_call_chain+0x1b3/0x3e0 [ 138.972791][ T7461] __dev_notify_flags+0x18d/0x2e0 [ 138.972817][ T7461] ? __pfx___dev_notify_flags+0x10/0x10 [ 138.972836][ T7461] ? __dev_change_flags+0x4cc/0x6d0 [ 138.972863][ T7461] ? __pfx___dev_change_flags+0x10/0x10 [ 138.972884][ T7461] ? devinet_ioctl+0x323/0x1b50 [ 138.972910][ T7461] ? __pfx___mutex_lock+0x10/0x10 [ 138.972933][ T7461] netif_change_flags+0xe8/0x1a0 [ 138.972960][ T7461] dev_change_flags+0x130/0x260 [ 138.972987][ T7461] devinet_ioctl+0xbb4/0x1b50 [ 138.973020][ T7461] ? __pfx_devinet_ioctl+0x10/0x10 [ 138.973045][ T7461] ? get_user_ifreq+0x12c/0x180 [ 138.973063][ T7461] inet_ioctl+0x3c0/0x4c0 [ 138.973085][ T7461] ? __pfx_inet_ioctl+0x10/0x10 [ 138.973123][ T7461] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 138.973153][ T7461] ? packet_ioctl+0x254/0x350 [ 138.973179][ T7461] sock_do_ioctl+0xdc/0x300 [ 138.973200][ T7461] ? __pfx_sock_do_ioctl+0x10/0x10 [ 138.973216][ T7461] ? __lock_acquire+0xab9/0xd20 [ 138.973255][ T7461] sock_ioctl+0x576/0x790 [ 138.973275][ T7461] ? __pfx_sock_ioctl+0x10/0x10 [ 138.973294][ T7461] ? __fget_files+0x2a/0x420 [ 138.973314][ T7461] ? __fget_files+0x3a0/0x420 [ 138.973334][ T7461] ? __fget_files+0x2a/0x420 [ 138.973358][ T7461] ? bpf_lsm_file_ioctl+0x9/0x20 [ 138.973382][ T7461] ? __pfx_sock_ioctl+0x10/0x10 [ 138.973399][ T7461] __se_sys_ioctl+0xfc/0x170 [ 138.973420][ T7461] do_syscall_64+0xfa/0x3b0 [ 138.973440][ T7461] ? lockdep_hardirqs_on+0x9c/0x150 [ 138.973459][ T7461] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.973476][ T7461] ? clear_bhb_loop+0x60/0xb0 [ 138.973498][ T7461] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 138.973515][ T7461] RIP: 0033:0x7f7df3f8e929 [ 138.973530][ T7461] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 138.973544][ T7461] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 138.973563][ T7461] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 138.973576][ T7461] RDX: 0000200000000180 RSI: 0000000000008914 RDI: 0000000000000004 [ 138.973587][ T7461] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 138.973598][ T7461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 138.973609][ T7461] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 138.973637][ T7461] [ 139.383603][ C0] vkms_vblank_simulate: vblank timer overrun [ 139.558322][ T9] usb 4-1: new full-speed USB device number 24 using dummy_hcd [ 139.584801][ T9] usb 4-1: device descriptor read/8, error -71 [ 139.704879][ T9] usb usb4-port1: unable to enumerate USB device [ 139.712300][ T7475] netlink: 232 bytes leftover after parsing attributes in process `syz.0.528'. [ 140.257200][ T7501] Invalid logical block size (134217728) [ 140.306304][ T7503] FAULT_INJECTION: forcing a failure. [ 140.306304][ T7503] name failslab, interval 1, probability 0, space 0, times 0 [ 140.319310][ T7503] CPU: 1 UID: 0 PID: 7503 Comm: syz.2.538 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 140.319333][ T7503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 140.319343][ T7503] Call Trace: [ 140.319351][ T7503] [ 140.319357][ T7503] dump_stack_lvl+0x189/0x250 [ 140.319379][ T7503] ? __pfx____ratelimit+0x10/0x10 [ 140.319400][ T7503] ? __pfx_dump_stack_lvl+0x10/0x10 [ 140.319419][ T7503] ? __pfx__printk+0x10/0x10 [ 140.319445][ T7503] ? __pfx___might_resched+0x10/0x10 [ 140.319461][ T7503] ? fs_reclaim_acquire+0x7d/0x100 [ 140.319486][ T7503] should_fail_ex+0x414/0x560 [ 140.319515][ T7503] should_failslab+0xa8/0x100 [ 140.319537][ T7503] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 140.319557][ T7503] ? snd_timer_instance_new+0x6a/0x220 [ 140.319587][ T7503] kstrdup+0x42/0x100 [ 140.319610][ T7503] snd_timer_instance_new+0x6a/0x220 [ 140.319635][ T7503] snd_seq_timer_open+0x237/0x5f0 [ 140.319662][ T7503] ? __pfx_snd_seq_timer_open+0x10/0x10 [ 140.319681][ T7503] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 140.319704][ T7503] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 140.319721][ T7503] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 140.319750][ T7503] snd_seq_queue_alloc+0x407/0x790 [ 140.319779][ T7503] snd_seq_ioctl_create_queue+0x7f/0x3c0 [ 140.319809][ T7503] snd_seq_oss_open+0x5e0/0xea0 [ 140.319842][ T7503] ? __pfx_snd_seq_oss_open+0x10/0x10 [ 140.319877][ T7503] ? __lock_acquire+0xab9/0xd20 [ 140.319922][ T7503] ? rcu_is_watching+0x15/0xb0 [ 140.319940][ T7503] ? trace_contention_end+0x39/0x120 [ 140.319977][ T7503] ? __pfx___mutex_lock+0x10/0x10 [ 140.320003][ T7503] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 140.320018][ T7503] ? __pfx_free_devinfo+0x10/0x10 [ 140.320031][ T7503] ? do_raw_spin_unlock+0x122/0x240 [ 140.320056][ T7503] ? soundcore_open+0x2da/0x490 [ 140.320076][ T7503] odev_open+0x67/0xa0 [ 140.320097][ T7503] chrdev_open+0x4cc/0x5e0 [ 140.320121][ T7503] ? __pfx_chrdev_open+0x10/0x10 [ 140.320149][ T7503] ? __pfx_chrdev_open+0x10/0x10 [ 140.320168][ T7503] do_dentry_open+0xdf3/0x1970 [ 140.320206][ T7503] vfs_open+0x3b/0x340 [ 140.320227][ T7503] ? path_openat+0x2ecd/0x3830 [ 140.320256][ T7503] path_openat+0x2ee5/0x3830 [ 140.320272][ T7503] ? arch_stack_walk+0xfc/0x150 [ 140.320323][ T7503] ? __pfx_path_openat+0x10/0x10 [ 140.320338][ T7503] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.320367][ T7503] do_filp_open+0x1fa/0x410 [ 140.320380][ T7503] ? __lock_acquire+0xab9/0xd20 [ 140.320400][ T7503] ? __pfx_do_filp_open+0x10/0x10 [ 140.320430][ T7503] ? _raw_spin_unlock+0x28/0x50 [ 140.320443][ T7503] ? alloc_fd+0x64c/0x6c0 [ 140.320469][ T7503] do_sys_openat2+0x121/0x1c0 [ 140.320484][ T7503] ? __pfx_do_sys_openat2+0x10/0x10 [ 140.320508][ T7503] __x64_sys_openat+0x138/0x170 [ 140.320524][ T7503] do_syscall_64+0xfa/0x3b0 [ 140.320540][ T7503] ? lockdep_hardirqs_on+0x9c/0x150 [ 140.320555][ T7503] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.320568][ T7503] ? clear_bhb_loop+0x60/0xb0 [ 140.320584][ T7503] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 140.320596][ T7503] RIP: 0033:0x7f7df3f8d290 [ 140.320609][ T7503] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 140.320620][ T7503] RSP: 002b:00007f7df4e46b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 140.320635][ T7503] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f7df3f8d290 [ 140.320645][ T7503] RDX: 0000000000000000 RSI: 00007f7df4e46c10 RDI: 00000000ffffff9c [ 140.320653][ T7503] RBP: 00007f7df4e46c10 R08: 0000000000000000 R09: 007265636e657571 [ 140.320662][ T7503] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 140.320671][ T7503] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 140.320693][ T7503] [ 140.951127][ T7517] exFAT-fs (nullb0): invalid boot record signature [ 140.991503][ T7517] exFAT-fs (nullb0): failed to read boot sector [ 140.999258][ T7517] exFAT-fs (nullb0): failed to recognize exfat type [ 141.345023][ T9] usb 4-1: new low-speed USB device number 25 using dummy_hcd [ 141.564667][ T9] usb 4-1: Invalid ep0 maxpacket: 32 [ 141.696412][ T9] usb 4-1: new low-speed USB device number 26 using dummy_hcd [ 141.798012][ T7540] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 141.811208][ T7540] FAULT_INJECTION: forcing a failure. [ 141.811208][ T7540] name failslab, interval 1, probability 0, space 0, times 0 [ 141.824338][ T7540] CPU: 1 UID: 0 PID: 7540 Comm: syz.2.551 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 141.824360][ T7540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 141.824370][ T7540] Call Trace: [ 141.824377][ T7540] [ 141.824384][ T7540] dump_stack_lvl+0x189/0x250 [ 141.824406][ T7540] ? __pfx____ratelimit+0x10/0x10 [ 141.824426][ T7540] ? __pfx_dump_stack_lvl+0x10/0x10 [ 141.824441][ T7540] ? __pfx__printk+0x10/0x10 [ 141.824465][ T7540] ? __pfx___might_resched+0x10/0x10 [ 141.824487][ T7540] should_fail_ex+0x414/0x560 [ 141.824514][ T7540] should_failslab+0xa8/0x100 [ 141.824535][ T7540] __kmalloc_cache_noprof+0x70/0x3d0 [ 141.824554][ T7540] ? kobject_uevent_env+0x27c/0x8c0 [ 141.824581][ T7540] ? __pfx_dev_uevent_name+0x10/0x10 [ 141.824602][ T7540] kobject_uevent_env+0x27c/0x8c0 [ 141.824627][ T7540] ? kobject_put+0x43f/0x480 [ 141.824653][ T7540] device_add+0x557/0xb50 [ 141.824674][ T7540] iommufd_test+0x2f95/0x5170 [ 141.824707][ T7540] ? __pfx_iommufd_test+0x10/0x10 [ 141.824729][ T7540] ? __lock_acquire+0xab9/0xd20 [ 141.824762][ T7540] ? __might_fault+0xb0/0x130 [ 141.824801][ T7540] iommufd_fops_ioctl+0x45e/0x580 [ 141.824823][ T7540] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.824845][ T7540] ? __fget_files+0x2a/0x420 [ 141.824873][ T7540] ? __fget_files+0x2a/0x420 [ 141.824897][ T7540] ? bpf_lsm_file_ioctl+0x9/0x20 [ 141.824913][ T7540] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 141.824929][ T7540] __se_sys_ioctl+0xfc/0x170 [ 141.824949][ T7540] do_syscall_64+0xfa/0x3b0 [ 141.824971][ T7540] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.824987][ T7540] ? asm_sysvec_call_function_single+0x1a/0x20 [ 141.825004][ T7540] ? clear_bhb_loop+0x60/0xb0 [ 141.825023][ T7540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 141.825040][ T7540] RIP: 0033:0x7f7df3f8e929 [ 141.825055][ T7540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 141.825069][ T7540] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 141.825097][ T7540] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 141.825110][ T7540] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 141.825122][ T7540] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 141.825132][ T7540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 141.825143][ T7540] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 141.825171][ T7540] [ 141.934452][ T9] usb 4-1: Invalid ep0 maxpacket: 32 [ 142.076963][ T5842] Bluetooth: hci2: Malformed HCI Event [ 142.083512][ T9] usb usb4-port1: attempt power cycle [ 142.444293][ T9] usb 4-1: new low-speed USB device number 27 using dummy_hcd [ 142.478988][ T9] usb 4-1: Invalid ep0 maxpacket: 32 [ 142.574062][ T5866] usb 2-1: new high-speed USB device number 25 using dummy_hcd [ 142.614283][ T9] usb 4-1: new low-speed USB device number 28 using dummy_hcd [ 142.659936][ T9] usb 4-1: Invalid ep0 maxpacket: 32 [ 142.678730][ T9] usb usb4-port1: unable to enumerate USB device [ 142.723779][ T7576] FAULT_INJECTION: forcing a failure. [ 142.723779][ T7576] name failslab, interval 1, probability 0, space 0, times 0 [ 142.725654][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 142.740650][ T7576] CPU: 0 UID: 0 PID: 7576 Comm: syz.2.567 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 142.740674][ T7576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 142.740684][ T7576] Call Trace: [ 142.740691][ T7576] [ 142.740699][ T7576] dump_stack_lvl+0x189/0x250 [ 142.740723][ T7576] ? __pfx____ratelimit+0x10/0x10 [ 142.740744][ T7576] ? __pfx_dump_stack_lvl+0x10/0x10 [ 142.740762][ T7576] ? __pfx__printk+0x10/0x10 [ 142.740787][ T7576] ? ref_tracker_alloc+0x318/0x460 [ 142.740806][ T7576] should_fail_ex+0x414/0x560 [ 142.740834][ T7576] should_failslab+0xa8/0x100 [ 142.740856][ T7576] kmem_cache_alloc_noprof+0x73/0x3c0 [ 142.740874][ T7576] ? skb_clone+0x212/0x3a0 [ 142.740895][ T7576] skb_clone+0x212/0x3a0 [ 142.740913][ T7576] __netlink_deliver_tap+0x404/0x850 [ 142.740946][ T7576] ? netlink_deliver_tap+0x2e/0x1b0 [ 142.740969][ T7576] netlink_deliver_tap+0x19c/0x1b0 [ 142.740990][ T7576] netlink_unicast+0x72f/0x8d0 [ 142.741019][ T7576] netlink_sendmsg+0x805/0xb30 [ 142.741049][ T7576] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.741074][ T7576] ? aa_sock_msg_perm+0xf1/0x1d0 [ 142.741093][ T7576] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 142.741114][ T7576] ? __pfx_netlink_sendmsg+0x10/0x10 [ 142.741136][ T7576] __sock_sendmsg+0x21c/0x270 [ 142.741158][ T7576] ____sys_sendmsg+0x505/0x830 [ 142.741187][ T7576] ? __pfx_____sys_sendmsg+0x10/0x10 [ 142.741219][ T7576] ? import_iovec+0x74/0xa0 [ 142.741252][ T7576] ___sys_sendmsg+0x21f/0x2a0 [ 142.741278][ T7576] ? __pfx____sys_sendmsg+0x10/0x10 [ 142.741336][ T7576] ? __fget_files+0x2a/0x420 [ 142.741356][ T7576] ? __fget_files+0x3a0/0x420 [ 142.741386][ T7576] __x64_sys_sendmsg+0x19b/0x260 [ 142.741413][ T7576] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 142.741446][ T7576] ? __pfx_ksys_write+0x10/0x10 [ 142.741470][ T7576] ? do_syscall_64+0xbe/0x3b0 [ 142.741494][ T7576] do_syscall_64+0xfa/0x3b0 [ 142.741512][ T7576] ? lockdep_hardirqs_on+0x9c/0x150 [ 142.741531][ T7576] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.741547][ T7576] ? clear_bhb_loop+0x60/0xb0 [ 142.741567][ T7576] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 142.741583][ T7576] RIP: 0033:0x7f7df3f8e929 [ 142.741598][ T7576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 142.741611][ T7576] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 142.741629][ T7576] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 142.741642][ T7576] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003 [ 142.741653][ T7576] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 142.741663][ T7576] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 142.741672][ T7576] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 142.741700][ T7576] [ 142.821904][ T7578] tmpfs: Bad value for 'mpol' [ 142.834894][ T5866] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 142.986055][ T5832] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 143.114136][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 143.135028][ T5866] usb 2-1: config 0 descriptor?? [ 143.184274][ T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 143.191977][ T5832] usb 1-1: device descriptor read/64, error -71 [ 143.346987][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 143.349925][ T5866] usbhid 2-1:0.0: can't add hid device: -71 [ 143.354431][ T9] usb 3-1: too many configurations: 129, using maximum allowed: 8 [ 143.358848][ T5866] usbhid 2-1:0.0: probe with driver usbhid failed with error -71 [ 143.374722][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.378121][ T5866] usb 2-1: USB disconnect, device number 25 [ 143.393122][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.405249][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.419555][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.430562][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.441064][ T5832] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 143.450522][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.461772][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.472868][ T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 143.485031][ T9] usb 3-1: New USB device found, idVendor=061d, idProduct=c160, bcdDevice=ce.6f [ 143.494059][ T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 143.502097][ T9] usb 3-1: Product: syz [ 143.506300][ T9] usb 3-1: Manufacturer: syz [ 143.510885][ T9] usb 3-1: SerialNumber: syz [ 143.517934][ T9] usb 3-1: config 0 descriptor?? [ 143.524989][ T9] quatech2 3-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected [ 143.574256][ T5832] usb 1-1: device descriptor read/64, error -71 [ 143.686067][ T5832] usb usb1-port1: attempt power cycle [ 143.729913][ T9] usb 3-1: qt2_attach - failed to power on unit: -71 [ 143.736816][ T9] quatech2 3-1:0.0: probe with driver quatech2 failed with error -71 [ 143.748478][ T9] usb 3-1: USB disconnect, device number 17 [ 143.824488][ T5866] usb 2-1: new high-speed USB device number 26 using dummy_hcd [ 143.976091][ T5866] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 143.992759][ T5866] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 144.001885][ T5866] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 144.018696][ T5866] usb 2-1: config 0 descriptor?? [ 144.024201][ T5832] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 144.056072][ T5832] usb 1-1: device descriptor read/8, error -71 [ 144.216001][ T7587] /dev/rnullb0: Can't open blockdev [ 144.294284][ T5832] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 144.310493][ T7589] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 144.327077][ T5832] usb 1-1: device descriptor read/8, error -71 [ 144.439458][ T5866] keytouch 0003:0926:3333.0005: fixing up Keytouch IEC report descriptor [ 144.441701][ T7599] FAULT_INJECTION: forcing a failure. [ 144.441701][ T7599] name failslab, interval 1, probability 0, space 0, times 0 [ 144.466325][ T5832] usb usb1-port1: unable to enumerate USB device [ 144.474688][ T7599] CPU: 0 UID: 0 PID: 7599 Comm: syz.2.577 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 144.474711][ T7599] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.474722][ T7599] Call Trace: [ 144.474729][ T7599] [ 144.474737][ T7599] dump_stack_lvl+0x189/0x250 [ 144.474761][ T7599] ? __pfx____ratelimit+0x10/0x10 [ 144.474782][ T7599] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.474801][ T7599] ? __pfx__printk+0x10/0x10 [ 144.474834][ T7599] ? __pfx___might_resched+0x10/0x10 [ 144.474856][ T7599] should_fail_ex+0x414/0x560 [ 144.474886][ T7599] should_failslab+0xa8/0x100 [ 144.474908][ T7599] __kmalloc_noprof+0xcb/0x4f0 [ 144.474925][ T7599] ? __kasan_kmalloc+0x93/0xb0 [ 144.474940][ T7599] ? nla_strdup+0x9d/0x140 [ 144.474963][ T7599] nla_strdup+0x9d/0x140 [ 144.474983][ T7599] nf_tables_newtable+0x491/0x1890 [ 144.475005][ T7599] ? nfnl_pernet+0x22/0x240 [ 144.475041][ T7599] nfnetlink_rcv+0x112f/0x2520 [ 144.475087][ T7599] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 144.475122][ T7599] ? ref_tracker_free+0x63a/0x7d0 [ 144.475167][ T7599] ? __netlink_deliver_tap+0x807/0x850 [ 144.475191][ T7599] ? netlink_deliver_tap+0x2e/0x1b0 [ 144.475207][ T7599] ? netlink_deliver_tap+0x2e/0x1b0 [ 144.475227][ T7599] netlink_unicast+0x758/0x8d0 [ 144.475251][ T7599] netlink_sendmsg+0x805/0xb30 [ 144.475275][ T7599] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.475294][ T7599] ? aa_sock_msg_perm+0xf1/0x1d0 [ 144.475311][ T7599] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 144.475328][ T7599] ? __pfx_netlink_sendmsg+0x10/0x10 [ 144.475345][ T7599] __sock_sendmsg+0x21c/0x270 [ 144.475364][ T7599] ____sys_sendmsg+0x505/0x830 [ 144.475386][ T7599] ? __pfx_____sys_sendmsg+0x10/0x10 [ 144.475412][ T7599] ? import_iovec+0x74/0xa0 [ 144.475434][ T7599] ___sys_sendmsg+0x21f/0x2a0 [ 144.475454][ T7599] ? __pfx____sys_sendmsg+0x10/0x10 [ 144.475500][ T7599] ? __fget_files+0x2a/0x420 [ 144.475516][ T7599] ? __fget_files+0x3a0/0x420 [ 144.475541][ T7599] __x64_sys_sendmsg+0x19b/0x260 [ 144.475562][ T7599] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 144.475588][ T7599] ? __pfx_ksys_write+0x10/0x10 [ 144.475602][ T7599] ? rcu_is_watching+0x15/0xb0 [ 144.475619][ T7599] ? do_syscall_64+0xbe/0x3b0 [ 144.475638][ T7599] do_syscall_64+0xfa/0x3b0 [ 144.475653][ T7599] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.475668][ T7599] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.475682][ T7599] ? clear_bhb_loop+0x60/0xb0 [ 144.475698][ T7599] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.475710][ T7599] RIP: 0033:0x7f7df3f8e929 [ 144.475723][ T7599] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.475734][ T7599] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 144.475749][ T7599] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 144.475759][ T7599] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 144.475767][ T7599] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 144.475776][ T7599] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 144.475784][ T7599] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 144.475806][ T7599] [ 144.483580][ T5866] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0005/input/input9 [ 144.913280][ T7603] FAULT_INJECTION: forcing a failure. [ 144.913280][ T7603] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 144.954339][ T7603] CPU: 0 UID: 0 PID: 7603 Comm: syz.3.578 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 144.954364][ T7603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 144.954375][ T7603] Call Trace: [ 144.954383][ T7603] [ 144.954390][ T7603] dump_stack_lvl+0x189/0x250 [ 144.954415][ T7603] ? __pfx____ratelimit+0x10/0x10 [ 144.954436][ T7603] ? __pfx_dump_stack_lvl+0x10/0x10 [ 144.954455][ T7603] ? __pfx__printk+0x10/0x10 [ 144.954475][ T7603] ? __might_fault+0xb0/0x130 [ 144.954502][ T7603] should_fail_ex+0x414/0x560 [ 144.954525][ T7603] _copy_from_user+0x2d/0xb0 [ 144.954546][ T7603] input_event_from_user+0xb2/0x280 [ 144.954566][ T7603] ? __pfx_input_event_from_user+0x10/0x10 [ 144.954588][ T7603] ? input_inject_event+0xbc/0x320 [ 144.954607][ T7603] evdev_write+0x2a6/0x480 [ 144.954629][ T7603] ? __pfx_evdev_write+0x10/0x10 [ 144.954649][ T7603] ? bpf_lsm_file_permission+0x9/0x20 [ 144.954663][ T7603] ? security_file_permission+0x75/0x290 [ 144.954684][ T7603] ? rw_verify_area+0x258/0x650 [ 144.954701][ T7603] ? __pfx_evdev_write+0x10/0x10 [ 144.954722][ T7603] vfs_write+0x27b/0xa90 [ 144.954748][ T7603] ? __pfx_vfs_write+0x10/0x10 [ 144.954768][ T7603] ? __fget_files+0x2a/0x420 [ 144.954791][ T7603] ? __fget_files+0x2a/0x420 [ 144.954809][ T7603] ? __fget_files+0x3a0/0x420 [ 144.954827][ T7603] ? __fget_files+0x2a/0x420 [ 144.954855][ T7603] ksys_write+0x145/0x250 [ 144.954876][ T7603] ? __pfx_ksys_write+0x10/0x10 [ 144.954891][ T7603] ? rcu_is_watching+0x15/0xb0 [ 144.954912][ T7603] ? do_syscall_64+0xbe/0x3b0 [ 144.954935][ T7603] do_syscall_64+0xfa/0x3b0 [ 144.954953][ T7603] ? lockdep_hardirqs_on+0x9c/0x150 [ 144.954971][ T7603] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.954987][ T7603] ? clear_bhb_loop+0x60/0xb0 [ 144.955009][ T7603] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 144.955025][ T7603] RIP: 0033:0x7f869d98e929 [ 144.955041][ T7603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 144.955063][ T7603] RSP: 002b:00007f869e7b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 144.955082][ T7603] RAX: ffffffffffffffda RBX: 00007f869dbb5fa0 RCX: 00007f869d98e929 [ 144.955094][ T7603] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003 [ 144.955106][ T7603] RBP: 00007f869e7b0090 R08: 0000000000000000 R09: 0000000000000000 [ 144.955116][ T7603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 144.955126][ T7603] R13: 0000000000000000 R14: 00007f869dbb5fa0 R15: 00007ffef34fc678 [ 144.955155][ T7603] [ 145.221496][ T7606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 145.237026][ T7606] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 145.293475][ T5866] keytouch 0003:0926:3333.0005: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0 [ 145.390270][ T5866] usb 2-1: USB disconnect, device number 26 [ 145.428788][ T7611] fido_id[7611]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory [ 146.009539][ T5842] Bluetooth: hci2: unexpected event for opcode 0x0411 [ 146.061140][ T7637] /dev/rnullb0: Can't open blockdev [ 146.239775][ T7646] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 146.323838][ T7651] netlink: 12 bytes leftover after parsing attributes in process `syz.0.597'. [ 146.482353][ T7663] FAULT_INJECTION: forcing a failure. [ 146.482353][ T7663] name failslab, interval 1, probability 0, space 0, times 0 [ 146.498383][ T7663] CPU: 1 UID: 0 PID: 7663 Comm: syz.0.600 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 146.498407][ T7663] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 146.498418][ T7663] Call Trace: [ 146.498425][ T7663] [ 146.498433][ T7663] dump_stack_lvl+0x189/0x250 [ 146.498457][ T7663] ? __pfx____ratelimit+0x10/0x10 [ 146.498478][ T7663] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.498498][ T7663] ? __pfx__printk+0x10/0x10 [ 146.498523][ T7663] ? __pfx___might_resched+0x10/0x10 [ 146.498539][ T7663] ? fs_reclaim_acquire+0x7d/0x100 [ 146.498566][ T7663] should_fail_ex+0x414/0x560 [ 146.498595][ T7663] should_failslab+0xa8/0x100 [ 146.498617][ T7663] kmem_cache_alloc_noprof+0x73/0x3c0 [ 146.498636][ T7663] ? __kernfs_new_node+0xd7/0x7e0 [ 146.498664][ T7663] __kernfs_new_node+0xd7/0x7e0 [ 146.498685][ T7663] ? __lock_acquire+0xab9/0xd20 [ 146.498716][ T7663] ? __pfx___kernfs_new_node+0x10/0x10 [ 146.498737][ T7663] ? kernfs_root+0x1c/0x230 [ 146.498763][ T7663] ? kernfs_root+0x1c/0x230 [ 146.498786][ T7663] ? kernfs_root+0x1c/0x230 [ 146.498813][ T7663] kernfs_new_node+0x102/0x210 [ 146.498840][ T7663] kernfs_create_link+0xa7/0x200 [ 146.498870][ T7663] sysfs_do_create_link_sd+0x83/0x110 [ 146.498897][ T7663] device_add_class_symlinks+0xb6/0x240 [ 146.498919][ T7663] device_add+0x475/0xb50 [ 146.498941][ T7663] device_create+0x25b/0x2f0 [ 146.498963][ T7663] ? format_decode+0x5ee/0xe30 [ 146.498979][ T7663] ? string+0x279/0x2b0 [ 146.498993][ T7663] ? widen_string+0x3b/0x2a0 [ 146.499010][ T7663] ? __pfx_device_create+0x10/0x10 [ 146.499043][ T7663] bdi_register_va+0x9c/0x740 [ 146.499072][ T7663] super_setup_bdi_name+0xe6/0x200 [ 146.499092][ T7663] ? fuse_dev_install+0x8d/0x1a0 [ 146.499121][ T7663] ? __pfx_super_setup_bdi_name+0x10/0x10 [ 146.499155][ T7663] fuse_fill_super_common+0x64a/0x1100 [ 146.499188][ T7663] ? __pfx_fuse_fill_super_common+0x10/0x10 [ 146.499215][ T7663] ? __pfx_snprintf+0x10/0x10 [ 146.499229][ T7663] ? set_blocksize+0x21e/0x500 [ 146.499258][ T7663] ? sb_set_blocksize+0x104/0x180 [ 146.499284][ T7663] fuse_fill_super+0x176/0x1f0 [ 146.499304][ T7663] get_tree_bdev_flags+0x40e/0x4d0 [ 146.499325][ T7663] ? __pfx_fuse_fill_super+0x10/0x10 [ 146.499342][ T7663] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 146.499368][ T7663] ? __fget_files+0x2a/0x420 [ 146.499388][ T7663] ? __fget_files+0x3a0/0x420 [ 146.499409][ T7663] ? __fget_files+0x2a/0x420 [ 146.499434][ T7663] fuse_get_tree+0x23c/0x4e0 [ 146.499457][ T7663] vfs_get_tree+0x8f/0x2b0 [ 146.499480][ T7663] do_new_mount+0x24a/0xa40 [ 146.499510][ T7663] __se_sys_mount+0x317/0x410 [ 146.499539][ T7663] ? __pfx___se_sys_mount+0x10/0x10 [ 146.499558][ T7663] ? rcu_is_watching+0x15/0xb0 [ 146.499581][ T7663] ? do_syscall_64+0xbe/0x3b0 [ 146.499599][ T7663] ? __x64_sys_mount+0x20/0xc0 [ 146.499622][ T7663] do_syscall_64+0xfa/0x3b0 [ 146.499641][ T7663] ? lockdep_hardirqs_on+0x9c/0x150 [ 146.499661][ T7663] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.499678][ T7663] ? clear_bhb_loop+0x60/0xb0 [ 146.499699][ T7663] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.499716][ T7663] RIP: 0033:0x7fa0e858e929 [ 146.499732][ T7663] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.499746][ T7663] RSP: 002b:00007fa0e9387038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 146.499765][ T7663] RAX: ffffffffffffffda RBX: 00007fa0e87b5fa0 RCX: 00007fa0e858e929 [ 146.499778][ T7663] RDX: 0000200000000100 RSI: 0000200000002480 RDI: 0000200000002440 [ 146.499791][ T7663] RBP: 00007fa0e9387090 R08: 0000200000000600 R09: 0000000000000000 [ 146.499802][ T7663] R10: 0000000000008004 R11: 0000000000000246 R12: 0000000000000002 [ 146.499813][ T7663] R13: 0000000000000000 R14: 00007fa0e87b5fa0 R15: 00007fff165a0ba8 [ 146.499843][ T7663] [ 147.277126][ T7673] Invalid logical block size (100663296) [ 147.346895][ T7675] /dev/rnullb0: Can't open blockdev [ 147.404159][ T9] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 147.577124][ T9] usb 1-1: Using ep0 maxpacket: 8 [ 147.583868][ T9] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 147.583892][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 147.583915][ T9] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 147.583937][ T9] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 147.583976][ T9] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 147.583987][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 147.584552][ T121] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 147.679022][ T7681] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 147.679458][ T7681] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 147.739981][ T121] usb 4-1: config 9 has an invalid interface number: 253 but max is 3 [ 147.740007][ T121] usb 4-1: config 9 has an invalid descriptor of length 0, skipping remainder of the config [ 147.740026][ T121] usb 4-1: config 9 has 1 interface, different from the descriptor's value: 4 [ 147.740045][ T121] usb 4-1: config 9 has no interface number 0 [ 147.740083][ T121] usb 4-1: config 9 interface 253 altsetting 173 has 0 endpoint descriptors, different from the interface descriptor's value: 10 [ 147.740109][ T121] usb 4-1: config 9 interface 253 has no altsetting 0 [ 147.743049][ T121] usb 4-1: New USB device found, idVendor=0e8d, idProduct=7103, bcdDevice=1b.e1 [ 147.806656][ T121] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 147.806680][ T121] usb 4-1: Manufacturer: 㒫啦ﲫꣁ糖 [ 147.806696][ T121] usb 4-1: SerialNumber: Ⰱ [ 147.820785][ T9] usb 1-1: GET_CAPABILITIES returned 0 [ 147.820811][ T9] usbtmc 1-1:16.0: can't read capabilities [ 147.934227][ T5866] usb 2-1: new high-speed USB device number 27 using dummy_hcd [ 148.027451][ T121] option 4-1:9.253: GSM modem (1-port) converter detected [ 148.042990][ T121] usb 4-1: USB disconnect, device number 29 [ 148.056269][ T121] option 4-1:9.253: device disconnected [ 148.084998][ T5866] usb 2-1: Using ep0 maxpacket: 8 [ 148.092580][ T5866] usb 2-1: unable to get BOS descriptor or descriptor too short [ 148.113346][ T7684] ALSA: seq fatal error: cannot create timer (-22) [ 148.113707][ T5866] usb 2-1: config 8 has an invalid interface number: 24 but max is 1 [ 148.131818][ T5866] usb 2-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config [ 148.142204][ T5866] usb 2-1: config 8 has 1 interface, different from the descriptor's value: 2 [ 148.151564][ T5866] usb 2-1: config 8 has no interface number 0 [ 148.158593][ T5866] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid wMaxPacketSize 0 [ 148.168589][ T5866] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 148.179962][ T5866] usb 2-1: config 8 interface 24 has no altsetting 0 [ 148.188389][ T5866] usb 2-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af [ 148.197433][ T5866] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 148.205656][ T5866] usb 2-1: Product: syz [ 148.209833][ T5866] usb 2-1: Manufacturer: syz [ 148.214448][ T5866] usb 2-1: SerialNumber: syz [ 148.293537][ T7686] /dev/rnullb0: Can't open blockdev [ 148.325785][ T9] usb 1-1: USB disconnect, device number 25 [ 148.498940][ T5866] vmk80xx 2-1:8.24: driver 'vmk80xx' failed to auto-configure device. [ 148.512353][ T5866] vmk80xx 2-1:8.24: probe with driver vmk80xx failed with error -22 [ 148.526967][ T5866] usb 2-1: USB disconnect, device number 27 [ 148.753496][ T7701] /dev/rnullb0: Can't open blockdev [ 150.122140][ T7739] netlink: 9 bytes leftover after parsing attributes in process `syz.3.626'. [ 150.146567][ T7740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.627'. [ 150.184986][ T7741] netlink: 24 bytes leftover after parsing attributes in process `syz.3.626'. [ 150.188993][ T7742] netlink: 5 bytes leftover after parsing attributes in process `syz.3.626'. [ 150.238785][ T7739] gretap0: entered promiscuous mode [ 150.274623][ T7742] 0{X: renamed from gretap0 [ 150.292146][ T7742] 0{X: left promiscuous mode [ 150.297623][ T7742] 0{X: entered allmulticast mode [ 150.305156][ T7742] A link change request failed with some changes committed already. Interface 30{X may have been left with an inconsistent configuration, please check. [ 150.400697][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.408329][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.416753][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.424304][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.431819][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.443639][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.451213][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.458872][ T5866] usb 4-1: new full-speed USB device number 30 using dummy_hcd [ 150.470995][ T7752] binder: 7751:7752 ioctl 4020ae46 7f1676bf5f90 returned -22 [ 150.626436][ T5866] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 150.627353][ T7757] netlink: 16 bytes leftover after parsing attributes in process `syz.2.633'. [ 150.639708][ T5866] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4 [ 150.656569][ T7757] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 150.666105][ T5866] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 150.671517][ T7757] MTD: Attempt to mount non-MTD device "/dev/nullb0" [ 150.678105][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.683900][ T7757] cramfs: wrong magic [ 150.693660][ T5866] usb 4-1: config 0 descriptor?? [ 150.724204][ T121] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 150.834798][ T7761] /dev/rnullb0: Can't open blockdev [ 150.874297][ T121] usb 2-1: Using ep0 maxpacket: 32 [ 150.881303][ T121] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 150.894407][ T121] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.909654][ T121] usb 2-1: config 0 descriptor?? [ 150.925288][ T121] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 151.058659][ T7769] /dev/rnullb0: Can't open blockdev [ 151.068366][ T7772] Invalid logical block size (150994944) [ 151.120354][ T5866] konepure 0003:1E7D:2DB4.0006: unbalanced collection at end of report description [ 151.138058][ T5866] konepure 0003:1E7D:2DB4.0006: parse failed [ 151.150246][ T5866] konepure 0003:1E7D:2DB4.0006: probe with driver konepure failed with error -22 [ 151.309786][ T980] usb 4-1: USB disconnect, device number 30 [ 152.739817][ T7831] /dev/rnullb0: Can't open blockdev [ 152.770141][ T7835] /dev/rnullb0: Can't open blockdev [ 152.848470][ T980] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 153.016099][ T980] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 153.033354][ T980] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.067901][ T980] usb 3-1: config 0 descriptor?? [ 153.077742][ T980] cp210x 3-1:0.0: cp210x converter detected [ 153.104903][ T5901] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 153.271721][ T5901] usb 4-1: config 0 has an invalid interface number: 45 but max is 0 [ 153.296024][ T5901] usb 4-1: config 0 has no interface number 0 [ 153.302139][ T5901] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3 [ 153.315016][ T5901] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.325514][ T5901] usb 4-1: config 0 descriptor?? [ 153.346981][ T5901] cp210x 4-1:0.45: cp210x converter detected [ 153.416921][ T24] usb 2-1: USB disconnect, device number 28 [ 153.424244][ T121] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 153.493865][ T7828] overlayfs: workdir and upperdir must reside under the same mount [ 153.550682][ T7850] IPv6: NLM_F_CREATE should be specified when creating new route [ 153.566919][ T980] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -71 [ 153.582464][ T980] cp210x 3-1:0.0: failed to get vendor val 0x370c size 73: -71 [ 153.584769][ T121] usb 1-1: Using ep0 maxpacket: 32 [ 153.592804][ T980] cp210x 3-1:0.0: GPIO initialisation failed: -71 [ 153.629965][ T121] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 153.653642][ T980] usb 3-1: cp210x converter now attached to ttyUSB0 [ 153.660596][ T121] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 153.676045][ T121] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0 [ 153.686722][ T980] usb 3-1: USB disconnect, device number 18 [ 153.689913][ T121] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11 [ 153.709231][ T121] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024 [ 153.721605][ T980] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 153.723754][ T121] usb 1-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36 [ 153.741095][ T980] cp210x 3-1:0.0: device disconnected [ 153.776175][ T121] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 153.782830][ T7852] /dev/rnullb0: Can't open blockdev [ 153.785972][ T121] usb 1-1: Product: syz [ 153.808150][ T7854] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 153.817169][ T7854] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 153.827095][ T121] usb 1-1: Manufacturer: syz [ 153.831735][ T121] usb 1-1: SerialNumber: syz [ 153.841184][ T121] usb 1-1: config 0 descriptor?? [ 153.900009][ T5901] cp210x 4-1:0.45: failed to get vendor val 0x000e size 3: -71 [ 153.920753][ T5901] usb 4-1: cp210x converter now attached to ttyUSB0 [ 153.936718][ T5901] usb 4-1: USB disconnect, device number 31 [ 153.960529][ T5901] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0 [ 153.981270][ T5901] cp210x 4-1:0.45: device disconnected [ 154.180321][ T7865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.673'. [ 154.416140][ T7870] /dev/rnullb0: Can't open blockdev [ 154.984494][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.002650][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.014874][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.024217][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.025713][ T7886] FAULT_INJECTION: forcing a failure. [ 155.025713][ T7886] name failslab, interval 1, probability 0, space 0, times 0 [ 155.044211][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.050602][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.064565][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.074212][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.079593][ T7886] CPU: 0 UID: 0 PID: 7886 Comm: syz.1.681 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 155.079615][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 155.079625][ T7886] Call Trace: [ 155.079632][ T7886] [ 155.079640][ T7886] dump_stack_lvl+0x189/0x250 [ 155.079665][ T7886] ? __pfx____ratelimit+0x10/0x10 [ 155.079686][ T7886] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.079704][ T7886] ? __pfx__printk+0x10/0x10 [ 155.079728][ T7886] ? __pfx___might_resched+0x10/0x10 [ 155.079743][ T7886] ? fs_reclaim_acquire+0x7d/0x100 [ 155.079768][ T7886] should_fail_ex+0x414/0x560 [ 155.079795][ T7886] ? rhashtable_init_noprof+0x4ee/0xbb0 [ 155.079816][ T7886] should_failslab+0xa8/0x100 [ 155.079838][ T7886] __kvmalloc_node_noprof+0x161/0x5f0 [ 155.079858][ T7886] ? rhashtable_init_noprof+0x4ee/0xbb0 [ 155.079884][ T7886] rhashtable_init_noprof+0x4ee/0xbb0 [ 155.079912][ T7886] rhltable_init_noprof+0x1e/0x60 [ 155.079934][ T7886] nf_tables_newtable+0x68f/0x1890 [ 155.079977][ T7886] nfnetlink_rcv+0x112f/0x2520 [ 155.080025][ T7886] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 155.080064][ T7886] ? ref_tracker_free+0x63a/0x7d0 [ 155.080111][ T7886] ? __netlink_deliver_tap+0x807/0x850 [ 155.080140][ T7886] ? netlink_deliver_tap+0x2e/0x1b0 [ 155.080160][ T7886] ? netlink_deliver_tap+0x2e/0x1b0 [ 155.080186][ T7886] netlink_unicast+0x758/0x8d0 [ 155.080215][ T7886] netlink_sendmsg+0x805/0xb30 [ 155.080243][ T7886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.080267][ T7886] ? aa_sock_msg_perm+0xf1/0x1d0 [ 155.080287][ T7886] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 155.080309][ T7886] ? __pfx_netlink_sendmsg+0x10/0x10 [ 155.080330][ T7886] __sock_sendmsg+0x21c/0x270 [ 155.080353][ T7886] ____sys_sendmsg+0x505/0x830 [ 155.080380][ T7886] ? __pfx_____sys_sendmsg+0x10/0x10 [ 155.080413][ T7886] ? import_iovec+0x74/0xa0 [ 155.080439][ T7886] ___sys_sendmsg+0x21f/0x2a0 [ 155.080464][ T7886] ? __pfx____sys_sendmsg+0x10/0x10 [ 155.080523][ T7886] ? __fget_files+0x2a/0x420 [ 155.080543][ T7886] ? __fget_files+0x3a0/0x420 [ 155.080574][ T7886] __x64_sys_sendmsg+0x19b/0x260 [ 155.080600][ T7886] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 155.080633][ T7886] ? __pfx_ksys_write+0x10/0x10 [ 155.080650][ T7886] ? rcu_is_watching+0x15/0xb0 [ 155.080671][ T7886] ? do_syscall_64+0xbe/0x3b0 [ 155.080695][ T7886] do_syscall_64+0xfa/0x3b0 [ 155.080713][ T7886] ? lockdep_hardirqs_on+0x9c/0x150 [ 155.080733][ T7886] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.080749][ T7886] ? clear_bhb_loop+0x60/0xb0 [ 155.080769][ T7886] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.080785][ T7886] RIP: 0033:0x7f1678d8e929 [ 155.080800][ T7886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.080813][ T7886] RSP: 002b:00007f1676bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 155.080833][ T7886] RAX: ffffffffffffffda RBX: 00007f1678fb5fa0 RCX: 00007f1678d8e929 [ 155.080844][ T7886] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 155.080855][ T7886] RBP: 00007f1676bf6090 R08: 0000000000000000 R09: 0000000000000000 [ 155.080866][ T7886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 155.080875][ T7886] R13: 0000000000000000 R14: 00007f1678fb5fa0 R15: 00007fff93c37388 [ 155.080903][ T7886] [ 155.131537][ T7888] /dev/rnullb0: Can't open blockdev [ 155.191110][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.445302][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.451692][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.471313][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.500447][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.507091][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.524194][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.541952][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.552506][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.564570][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.571226][ T121] iforce 1-1:0.0: usb_submit_urb failed: -71 [ 155.584168][ T121] input input11: Timeout waiting for response from device. [ 155.616316][ T121] usb 1-1: USB disconnect, device number 26 [ 155.674498][ T7895] FAULT_INJECTION: forcing a failure. [ 155.674498][ T7895] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 155.693848][ T7895] CPU: 0 UID: 0 PID: 7895 Comm: syz.3.684 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 155.693865][ T7895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 155.693873][ T7895] Call Trace: [ 155.693879][ T7895] [ 155.693885][ T7895] dump_stack_lvl+0x189/0x250 [ 155.693905][ T7895] ? __pfx____ratelimit+0x10/0x10 [ 155.693922][ T7895] ? __pfx_dump_stack_lvl+0x10/0x10 [ 155.693938][ T7895] ? __pfx__printk+0x10/0x10 [ 155.693962][ T7895] ? __might_fault+0xb0/0x130 [ 155.693987][ T7895] should_fail_ex+0x414/0x560 [ 155.694012][ T7895] _copy_from_user+0x2d/0xb0 [ 155.694033][ T7895] input_event_from_user+0xb2/0x280 [ 155.694054][ T7895] ? __pfx_input_event_from_user+0x10/0x10 [ 155.694080][ T7895] ? input_inject_event+0xbc/0x320 [ 155.694098][ T7895] evdev_write+0x2a6/0x480 [ 155.694119][ T7895] ? __pfx_evdev_write+0x10/0x10 [ 155.694138][ T7895] ? bpf_lsm_file_permission+0x9/0x20 [ 155.694151][ T7895] ? security_file_permission+0x75/0x290 [ 155.694170][ T7895] ? rw_verify_area+0x258/0x650 [ 155.694184][ T7895] ? __pfx_evdev_write+0x10/0x10 [ 155.694203][ T7895] vfs_write+0x27b/0xa90 [ 155.694226][ T7895] ? __pfx_vfs_write+0x10/0x10 [ 155.694242][ T7895] ? __fget_files+0x2a/0x420 [ 155.694262][ T7895] ? __fget_files+0x2a/0x420 [ 155.694280][ T7895] ? __fget_files+0x3a0/0x420 [ 155.694297][ T7895] ? __fget_files+0x2a/0x420 [ 155.694323][ T7895] ksys_write+0x145/0x250 [ 155.694343][ T7895] ? __pfx_ksys_write+0x10/0x10 [ 155.694360][ T7895] ? rcu_is_watching+0x15/0xb0 [ 155.694380][ T7895] ? do_syscall_64+0xbe/0x3b0 [ 155.694403][ T7895] do_syscall_64+0xfa/0x3b0 [ 155.694419][ T7895] ? lockdep_hardirqs_on+0x9c/0x150 [ 155.694437][ T7895] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.694450][ T7895] ? clear_bhb_loop+0x60/0xb0 [ 155.694467][ T7895] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 155.694481][ T7895] RIP: 0033:0x7f869d98e929 [ 155.694497][ T7895] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 155.694510][ T7895] RSP: 002b:00007f869e7b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 155.694528][ T7895] RAX: ffffffffffffffda RBX: 00007f869dbb5fa0 RCX: 00007f869d98e929 [ 155.694540][ T7895] RDX: 0000000000002250 RSI: 0000200000000040 RDI: 0000000000000003 [ 155.694550][ T7895] RBP: 00007f869e7b0090 R08: 0000000000000000 R09: 0000000000000000 [ 155.694559][ T7895] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 155.694568][ T7895] R13: 0000000000000000 R14: 00007f869dbb5fa0 R15: 00007ffef34fc678 [ 155.694593][ T7895] [ 156.114493][ T121] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 156.152292][ T7907] /dev/rnullb0: Can't open blockdev [ 156.264540][ T121] usb 1-1: Using ep0 maxpacket: 16 [ 156.274350][ T980] usb 4-1: new full-speed USB device number 32 using dummy_hcd [ 156.327745][ T7882] /dev/rnullb0: Can't open blockdev [ 156.333607][ T7915] /dev/rnullb0: Can't open blockdev [ 156.338606][ T121] usb 1-1: unable to get BOS descriptor or descriptor too short [ 156.357801][ T121] usb 1-1: unable to read config index 0 descriptor/start: -71 [ 156.368481][ T121] usb 1-1: can't read configurations, error -71 [ 156.433198][ T7919] netlink: 12 bytes leftover after parsing attributes in process `syz.1.694'. [ 156.445473][ T980] usb 4-1: device descriptor read/64, error -71 [ 156.694281][ T980] usb 4-1: new full-speed USB device number 33 using dummy_hcd [ 156.844379][ T980] usb 4-1: device descriptor read/64, error -71 [ 156.904285][ T7942] netlink: 4 bytes leftover after parsing attributes in process `syz.0.702'. [ 156.953589][ T7946] FAULT_INJECTION: forcing a failure. [ 156.953589][ T7946] name failslab, interval 1, probability 0, space 0, times 0 [ 156.969956][ T980] usb usb4-port1: attempt power cycle [ 156.984340][ T7946] CPU: 1 UID: 0 PID: 7946 Comm: syz.2.704 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 156.984365][ T7946] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 156.984376][ T7946] Call Trace: [ 156.984383][ T7946] [ 156.984391][ T7946] dump_stack_lvl+0x189/0x250 [ 156.984415][ T7946] ? __pfx____ratelimit+0x10/0x10 [ 156.984437][ T7946] ? __pfx_dump_stack_lvl+0x10/0x10 [ 156.984468][ T7946] ? __pfx__printk+0x10/0x10 [ 156.984494][ T7946] ? __pfx___might_resched+0x10/0x10 [ 156.984512][ T7946] ? fs_reclaim_acquire+0x7d/0x100 [ 156.984541][ T7946] should_fail_ex+0x414/0x560 [ 156.984571][ T7946] should_failslab+0xa8/0x100 [ 156.984592][ T7946] kmem_cache_alloc_noprof+0x73/0x3c0 [ 156.984610][ T7946] ? __kernfs_new_node+0xd7/0x7e0 [ 156.984639][ T7946] __kernfs_new_node+0xd7/0x7e0 [ 156.984661][ T7946] ? __lock_acquire+0xab9/0xd20 [ 156.984694][ T7946] ? __pfx___kernfs_new_node+0x10/0x10 [ 156.984718][ T7946] ? kernfs_root+0x1c/0x230 [ 156.984747][ T7946] ? kernfs_root+0x1c/0x230 [ 156.984769][ T7946] ? kernfs_root+0x1c/0x230 [ 156.984788][ T7946] ? kernfs_root+0x1c/0x230 [ 156.984816][ T7946] kernfs_new_node+0x102/0x210 [ 156.984852][ T7946] __kernfs_create_file+0x4b/0x2e0 [ 156.984874][ T7946] sysfs_add_file_mode_ns+0x238/0x300 [ 156.984904][ T7946] sysfs_create_file_ns+0x128/0x1a0 [ 156.984925][ T7946] ? __pfx___up_read+0x10/0x10 [ 156.984944][ T7946] ? __pfx_sysfs_create_file_ns+0x10/0x10 [ 156.984969][ T7946] ? __dev_fwnode+0x50/0x80 [ 156.984986][ T7946] ? device_create_file+0xf4/0x1c0 [ 156.985006][ T7946] device_add+0x440/0xb50 [ 156.985028][ T7946] device_create+0x25b/0x2f0 [ 156.985049][ T7946] ? format_decode+0x5ee/0xe30 [ 156.985064][ T7946] ? string+0x279/0x2b0 [ 156.985078][ T7946] ? widen_string+0x3b/0x2a0 [ 156.985096][ T7946] ? __pfx_device_create+0x10/0x10 [ 156.985130][ T7946] bdi_register_va+0x9c/0x740 [ 156.985160][ T7946] super_setup_bdi_name+0xe6/0x200 [ 156.985185][ T7946] ? lockdep_hardirqs_on+0x9c/0x150 [ 156.985208][ T7946] ? __pfx_super_setup_bdi_name+0x10/0x10 [ 156.985244][ T7946] fuse_fill_super_common+0x64a/0x1100 [ 156.985279][ T7946] ? __pfx_fuse_fill_super_common+0x10/0x10 [ 156.985306][ T7946] ? __pfx_snprintf+0x10/0x10 [ 156.985320][ T7946] ? set_blocksize+0x21e/0x500 [ 156.985350][ T7946] ? sb_set_blocksize+0x104/0x180 [ 156.985375][ T7946] fuse_fill_super+0x176/0x1f0 [ 156.985395][ T7946] get_tree_bdev_flags+0x40e/0x4d0 [ 156.985416][ T7946] ? __pfx_fuse_fill_super+0x10/0x10 [ 156.985433][ T7946] ? __pfx_get_tree_bdev_flags+0x10/0x10 [ 156.985454][ T7946] ? __fget_files+0x2a/0x420 [ 156.985475][ T7946] ? __fget_files+0x3a0/0x420 [ 156.985495][ T7946] ? __fget_files+0x2a/0x420 [ 156.985522][ T7946] fuse_get_tree+0x23c/0x4e0 [ 156.985544][ T7946] vfs_get_tree+0x8f/0x2b0 [ 156.985568][ T7946] do_new_mount+0x24a/0xa40 [ 156.985597][ T7946] __se_sys_mount+0x317/0x410 [ 156.985626][ T7946] ? __pfx___se_sys_mount+0x10/0x10 [ 156.985645][ T7946] ? rcu_is_watching+0x15/0xb0 [ 156.985668][ T7946] ? do_syscall_64+0xbe/0x3b0 [ 156.985686][ T7946] ? __x64_sys_mount+0x20/0xc0 [ 156.985711][ T7946] do_syscall_64+0xfa/0x3b0 [ 156.985730][ T7946] ? lockdep_hardirqs_on+0x9c/0x150 [ 156.985749][ T7946] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.985766][ T7946] ? clear_bhb_loop+0x60/0xb0 [ 156.985788][ T7946] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 156.985805][ T7946] RIP: 0033:0x7f7df3f8e929 [ 156.985821][ T7946] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 156.985836][ T7946] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 156.985860][ T7946] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 156.985873][ T7946] RDX: 0000200000000100 RSI: 0000200000002480 RDI: 0000200000002440 [ 156.985885][ T7946] RBP: 00007f7df4e47090 R08: 0000200000000600 R09: 0000000000000000 [ 156.985897][ T7946] R10: 0000000000008004 R11: 0000000000000246 R12: 0000000000000002 [ 156.985908][ T7946] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 156.985937][ T7946] [ 157.390700][ C1] vkms_vblank_simulate: vblank timer overrun [ 157.400884][ T980] usb 4-1: new full-speed USB device number 34 using dummy_hcd [ 157.437775][ T980] usb 4-1: device descriptor read/8, error -71 [ 157.686793][ T980] usb 4-1: new full-speed USB device number 35 using dummy_hcd [ 157.714694][ T980] usb 4-1: device descriptor read/8, error -71 [ 157.754250][ T121] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 157.799226][ T7959] netlink: 'syz.1.709': attribute type 21 has an invalid length. [ 157.837537][ T980] usb usb4-port1: unable to enumerate USB device [ 157.864892][ T7961] Invalid logical block size (100925440) [ 157.904552][ T121] usb 1-1: Using ep0 maxpacket: 32 [ 157.916002][ T121] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 157.933869][ T121] usb 1-1: can't read configurations, error -61 [ 158.074321][ T121] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 158.227224][ T121] usb 1-1: Using ep0 maxpacket: 32 [ 158.229170][ T121] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 158.246541][ T121] usb 1-1: can't read configurations, error -61 [ 158.246769][ T121] usb usb1-port1: attempt power cycle [ 158.319448][ T7976] qnx4: no qnx4 filesystem (no root dir). [ 158.584159][ T121] usb 1-1: new high-speed USB device number 31 using dummy_hcd [ 158.604736][ T121] usb 1-1: Using ep0 maxpacket: 32 [ 158.613202][ T121] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 158.613236][ T121] usb 1-1: can't read configurations, error -61 [ 158.734212][ T121] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 158.754735][ T121] usb 1-1: Using ep0 maxpacket: 32 [ 158.762231][ T121] usb 1-1: unable to read config index 0 descriptor/start: -61 [ 158.762263][ T121] usb 1-1: can't read configurations, error -61 [ 158.762513][ T121] usb usb1-port1: unable to enumerate USB device [ 159.256544][ T7987] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 159.366599][ T7992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.724'. [ 160.049845][ T8018] netlink: 12 bytes leftover after parsing attributes in process `syz.2.734'. [ 160.092510][ T8020] netlink: 8 bytes leftover after parsing attributes in process `syz.2.735'. [ 160.134192][ T980] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 160.304516][ T980] usb 4-1: Using ep0 maxpacket: 8 [ 160.339090][ T980] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 160.353636][ T980] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 160.368609][ T980] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 160.385845][ T980] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 160.400714][ T980] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 160.410731][ T980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.602071][ T8034] syz.2.742: attempt to access beyond end of device [ 160.602071][ T8034] loop2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 160.655929][ T980] usb 4-1: GET_CAPABILITIES returned 0 [ 160.661439][ T980] usbtmc 4-1:16.0: can't read capabilities [ 160.661447][ T8041] netlink: 8 bytes leftover after parsing attributes in process `syz.0.743'. [ 161.252496][ T8066] netlink: 232 bytes leftover after parsing attributes in process `syz.1.751'. [ 161.368178][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 161.384665][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 161.397487][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 161.483854][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 161.496364][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 161.543311][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 161.569525][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 161.573796][ T8080] Invalid logical block size (218103808) [ 161.583910][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 161.599045][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc1) = 0x400 [ 161.613714][ T8070] kvm: kvm [8069]: vcpu0, guest rIP: 0x161 Unhandled WRMSR(0xc2) = 0x400 [ 162.396402][ T8102] FAULT_INJECTION: forcing a failure. [ 162.396402][ T8102] name failslab, interval 1, probability 0, space 0, times 0 [ 162.411155][ T8102] CPU: 0 UID: 0 PID: 8102 Comm: syz.0.767 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 162.411179][ T8102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 162.411190][ T8102] Call Trace: [ 162.411197][ T8102] [ 162.411204][ T8102] dump_stack_lvl+0x189/0x250 [ 162.411227][ T8102] ? __pfx____ratelimit+0x10/0x10 [ 162.411248][ T8102] ? __pfx_dump_stack_lvl+0x10/0x10 [ 162.411268][ T8102] ? __pfx__printk+0x10/0x10 [ 162.411293][ T8102] ? __pfx___might_resched+0x10/0x10 [ 162.411315][ T8102] should_fail_ex+0x414/0x560 [ 162.411344][ T8102] should_failslab+0xa8/0x100 [ 162.411367][ T8102] __kmalloc_noprof+0xcb/0x4f0 [ 162.411385][ T8102] ? snd_seq_oss_readq_new+0x81/0x250 [ 162.411411][ T8102] snd_seq_oss_readq_new+0x81/0x250 [ 162.411433][ T8102] snd_seq_oss_open+0x770/0xea0 [ 162.411468][ T8102] ? __pfx_snd_seq_oss_open+0x10/0x10 [ 162.411504][ T8102] ? __lock_acquire+0xab9/0xd20 [ 162.411550][ T8102] ? rcu_is_watching+0x15/0xb0 [ 162.411568][ T8102] ? trace_contention_end+0x39/0x120 [ 162.411605][ T8102] ? __pfx___mutex_lock+0x10/0x10 [ 162.411632][ T8102] ? __pfx_snd_seq_oss_event_input+0x10/0x10 [ 162.411649][ T8102] ? __pfx_free_devinfo+0x10/0x10 [ 162.411664][ T8102] ? do_raw_spin_unlock+0x122/0x240 [ 162.411689][ T8102] ? soundcore_open+0x2da/0x490 [ 162.411708][ T8102] odev_open+0x67/0xa0 [ 162.411732][ T8102] chrdev_open+0x4cc/0x5e0 [ 162.411757][ T8102] ? __pfx_chrdev_open+0x10/0x10 [ 162.411787][ T8102] ? __pfx_chrdev_open+0x10/0x10 [ 162.411808][ T8102] do_dentry_open+0xdf3/0x1970 [ 162.411848][ T8102] vfs_open+0x3b/0x340 [ 162.411869][ T8102] ? path_openat+0x2ecd/0x3830 [ 162.411890][ T8102] path_openat+0x2ee5/0x3830 [ 162.411906][ T8102] ? arch_stack_walk+0xfc/0x150 [ 162.411960][ T8102] ? __pfx_path_openat+0x10/0x10 [ 162.411975][ T8102] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.412013][ T8102] do_filp_open+0x1fa/0x410 [ 162.412030][ T8102] ? __lock_acquire+0xab9/0xd20 [ 162.412059][ T8102] ? __pfx_do_filp_open+0x10/0x10 [ 162.412101][ T8102] ? _raw_spin_unlock+0x28/0x50 [ 162.412118][ T8102] ? alloc_fd+0x64c/0x6c0 [ 162.412148][ T8102] do_sys_openat2+0x121/0x1c0 [ 162.412167][ T8102] ? __pfx_do_sys_openat2+0x10/0x10 [ 162.412184][ T8102] ? exc_page_fault+0x76/0xf0 [ 162.412208][ T8102] ? do_user_addr_fault+0xc8a/0x1390 [ 162.412234][ T8102] __x64_sys_openat+0x138/0x170 [ 162.412255][ T8102] do_syscall_64+0xfa/0x3b0 [ 162.412274][ T8102] ? lockdep_hardirqs_on+0x9c/0x150 [ 162.412292][ T8102] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.412308][ T8102] ? clear_bhb_loop+0x60/0xb0 [ 162.412329][ T8102] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 162.412345][ T8102] RIP: 0033:0x7fa0e858d290 [ 162.412359][ T8102] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44 [ 162.412373][ T8102] RSP: 002b:00007fa0e9386b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 162.412389][ T8102] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fa0e858d290 [ 162.412399][ T8102] RDX: 0000000000000000 RSI: 00007fa0e9386c10 RDI: 00000000ffffff9c [ 162.412408][ T8102] RBP: 00007fa0e9386c10 R08: 0000000000000000 R09: 007265636e657571 [ 162.412417][ T8102] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd [ 162.412425][ T8102] R13: 0000000000000000 R14: 00007fa0e87b5fa0 R15: 00007fff165a0ba8 [ 162.412447][ T8102] [ 162.900280][ T980] usb 4-1: USB disconnect, device number 36 [ 163.198609][ T8121] /dev/rnullb0: Can't open blockdev [ 163.363929][ T8127] exFAT-fs (nullb0): invalid boot record signature [ 163.371241][ T8127] exFAT-fs (nullb0): failed to read boot sector [ 163.379769][ T8127] exFAT-fs (nullb0): failed to recognize exfat type [ 163.580961][ T8139] /dev/rnullb0: Can't open blockdev [ 163.586565][ T8140] /dev/rnullb0: Can't open blockdev [ 163.594314][ T980] usb 4-1: new full-speed USB device number 37 using dummy_hcd [ 163.768082][ T980] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 163.783066][ T980] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 163.787351][ T8145] netlink: 277 bytes leftover after parsing attributes in process `syz.0.785'. [ 163.804415][ T980] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 163.834158][ T980] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.871428][ T8147] /dev/rnullb0: Can't open blockdev [ 163.895063][ T8151] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 163.902481][ T8151] FAULT_INJECTION: forcing a failure. [ 163.902481][ T8151] name failslab, interval 1, probability 0, space 0, times 0 [ 163.915620][ T8151] CPU: 1 UID: 0 PID: 8151 Comm: syz.0.787 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 163.915643][ T8151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 163.915653][ T8151] Call Trace: [ 163.915660][ T8151] [ 163.915668][ T8151] dump_stack_lvl+0x189/0x250 [ 163.915692][ T8151] ? __pfx____ratelimit+0x10/0x10 [ 163.915713][ T8151] ? __pfx_dump_stack_lvl+0x10/0x10 [ 163.915733][ T8151] ? __pfx__printk+0x10/0x10 [ 163.915757][ T8151] ? __pfx___might_resched+0x10/0x10 [ 163.915772][ T8151] ? fs_reclaim_acquire+0x7d/0x100 [ 163.915798][ T8151] should_fail_ex+0x414/0x560 [ 163.915827][ T8151] should_failslab+0xa8/0x100 [ 163.915849][ T8151] __kmalloc_noprof+0xcb/0x4f0 [ 163.915867][ T8151] ? kobject_get_path+0xc5/0x2d0 [ 163.915893][ T8151] kobject_get_path+0xc5/0x2d0 [ 163.915918][ T8151] kobject_uevent_env+0x292/0x8c0 [ 163.915941][ T8151] ? kobject_put+0x43f/0x480 [ 163.915967][ T8151] device_add+0x557/0xb50 [ 163.915990][ T8151] iommufd_test+0x2f95/0x5170 [ 163.916023][ T8151] ? __pfx_iommufd_test+0x10/0x10 [ 163.916047][ T8151] ? __lock_acquire+0xab9/0xd20 [ 163.916080][ T8151] ? __might_fault+0xb0/0x130 [ 163.916119][ T8151] iommufd_fops_ioctl+0x45e/0x580 [ 163.916143][ T8151] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.916170][ T8151] ? __fget_files+0x2a/0x420 [ 163.916199][ T8151] ? __fget_files+0x2a/0x420 [ 163.916224][ T8151] ? bpf_lsm_file_ioctl+0x9/0x20 [ 163.916240][ T8151] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 163.916258][ T8151] __se_sys_ioctl+0xfc/0x170 [ 163.916279][ T8151] do_syscall_64+0xfa/0x3b0 [ 163.916298][ T8151] ? lockdep_hardirqs_on+0x9c/0x150 [ 163.916318][ T8151] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.916334][ T8151] ? clear_bhb_loop+0x60/0xb0 [ 163.916356][ T8151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 163.916373][ T8151] RIP: 0033:0x7fa0e858e929 [ 163.916389][ T8151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 163.916403][ T8151] RSP: 002b:00007fa0e9387038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 163.916421][ T8151] RAX: ffffffffffffffda RBX: 00007fa0e87b5fa0 RCX: 00007fa0e858e929 [ 163.916435][ T8151] RDX: 00002000000002c0 RSI: 0000000000003ba0 RDI: 0000000000000003 [ 163.916446][ T8151] RBP: 00007fa0e9387090 R08: 0000000000000000 R09: 0000000000000000 [ 163.916458][ T8151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 163.916468][ T8151] R13: 0000000000000000 R14: 00007fa0e87b5fa0 R15: 00007fff165a0ba8 [ 163.916497][ T8151] [ 164.057645][ T980] usb 4-1: GET_CAPABILITIES returned 0 [ 164.057862][ C1] vkms_vblank_simulate: vblank timer overrun [ 164.063511][ T980] usbtmc 4-1:16.0: can't read capabilities [ 164.230855][ T8155] /dev/rnullb0: Can't open blockdev [ 164.281734][ T980] usb 4-1: USB disconnect, device number 37 [ 164.429509][ T8164] /dev/rnullb0: Can't open blockdev [ 165.145628][ T980] usb 2-1: new high-speed USB device number 29 using dummy_hcd [ 165.476882][ T980] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 165.607769][ T980] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 165.616683][ T980] usb 2-1: Product: syz [ 165.620861][ T980] usb 2-1: Manufacturer: syz [ 165.630018][ T980] usb 2-1: SerialNumber: syz [ 165.649424][ T980] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 165.680494][ T8179] /dev/rnullb0: Can't open blockdev [ 165.682770][ T5832] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 165.959008][ T8195] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 165.963928][ T5922] usb 2-1: USB disconnect, device number 29 [ 166.029413][ T8197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.805'. [ 166.140867][ T8205] FAULT_INJECTION: forcing a failure. [ 166.140867][ T8205] name failslab, interval 1, probability 0, space 0, times 0 [ 166.148641][ T8203] /dev/rnullb0: Can't open blockdev [ 166.156849][ T8205] CPU: 1 UID: 0 PID: 8205 Comm: syz.2.808 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 166.156871][ T8205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 166.156881][ T8205] Call Trace: [ 166.156889][ T8205] [ 166.156896][ T8205] dump_stack_lvl+0x189/0x250 [ 166.156920][ T8205] ? __pfx____ratelimit+0x10/0x10 [ 166.156948][ T8205] ? __pfx_dump_stack_lvl+0x10/0x10 [ 166.156966][ T8205] ? __pfx__printk+0x10/0x10 [ 166.156991][ T8205] ? __pfx___might_resched+0x10/0x10 [ 166.157012][ T8205] should_fail_ex+0x414/0x560 [ 166.157041][ T8205] should_failslab+0xa8/0x100 [ 166.157062][ T8205] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 166.157082][ T8205] ? __alloc_skb+0x112/0x2d0 [ 166.157108][ T8205] __alloc_skb+0x112/0x2d0 [ 166.157133][ T8205] nl80211_tx_mgmt+0x968/0xd50 [ 166.157161][ T8205] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 166.157181][ T8205] ? __pfx_netdev_run_todo+0x10/0x10 [ 166.157202][ T8205] ? __pfx___cfg80211_wdev_from_attrs+0x10/0x10 [ 166.157231][ T8205] ? nl80211_pre_doit+0x4f1/0x930 [ 166.157253][ T8205] genl_family_rcv_msg_doit+0x215/0x300 [ 166.157277][ T8205] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 166.157307][ T8205] ? bpf_lsm_capable+0x9/0x20 [ 166.157325][ T8205] ? security_capable+0x7e/0x2e0 [ 166.157348][ T8205] genl_rcv_msg+0x60e/0x790 [ 166.157371][ T8205] ? __pfx_genl_rcv_msg+0x10/0x10 [ 166.157385][ T8205] ? ref_tracker_free+0x63a/0x7d0 [ 166.157399][ T8205] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 166.157414][ T8205] ? __pfx_nl80211_tx_mgmt+0x10/0x10 [ 166.157431][ T8205] ? __pfx_nl80211_post_doit+0x10/0x10 [ 166.157448][ T8205] ? __pfx_ref_tracker_free+0x10/0x10 [ 166.157475][ T8205] netlink_rcv_skb+0x205/0x470 [ 166.157496][ T8205] ? __pfx_genl_rcv_msg+0x10/0x10 [ 166.157515][ T8205] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 166.157552][ T8205] ? down_read+0x1ad/0x2e0 [ 166.157576][ T8205] genl_rcv+0x28/0x40 [ 166.157590][ T8205] netlink_unicast+0x758/0x8d0 [ 166.157620][ T8205] netlink_sendmsg+0x805/0xb30 [ 166.157650][ T8205] ? __pfx_netlink_sendmsg+0x10/0x10 [ 166.157675][ T8205] ? aa_sock_msg_perm+0xf1/0x1d0 [ 166.157692][ T8205] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 166.157713][ T8205] ? __pfx_netlink_sendmsg+0x10/0x10 [ 166.157735][ T8205] __sock_sendmsg+0x21c/0x270 [ 166.157757][ T8205] ____sys_sendmsg+0x505/0x830 [ 166.157785][ T8205] ? __pfx_____sys_sendmsg+0x10/0x10 [ 166.157818][ T8205] ? import_iovec+0x74/0xa0 [ 166.157845][ T8205] ___sys_sendmsg+0x21f/0x2a0 [ 166.157871][ T8205] ? __pfx____sys_sendmsg+0x10/0x10 [ 166.157935][ T8205] ? __fget_files+0x2a/0x420 [ 166.157956][ T8205] ? __fget_files+0x3a0/0x420 [ 166.157987][ T8205] __x64_sys_sendmsg+0x19b/0x260 [ 166.158013][ T8205] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 166.158046][ T8205] ? __pfx_ksys_write+0x10/0x10 [ 166.158062][ T8205] ? rcu_is_watching+0x15/0xb0 [ 166.158085][ T8205] ? do_syscall_64+0xbe/0x3b0 [ 166.158109][ T8205] do_syscall_64+0xfa/0x3b0 [ 166.158127][ T8205] ? lockdep_hardirqs_on+0x9c/0x150 [ 166.158145][ T8205] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.158161][ T8205] ? clear_bhb_loop+0x60/0xb0 [ 166.158182][ T8205] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 166.158198][ T8205] RIP: 0033:0x7f7df3f8e929 [ 166.158213][ T8205] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 166.158227][ T8205] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 166.158245][ T8205] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 166.158258][ T8205] RDX: 0000000000000000 RSI: 0000200000000c00 RDI: 0000000000000003 [ 166.158268][ T8205] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 166.158279][ T8205] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 166.158289][ T8205] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 166.158316][ T8205] [ 166.706636][ T8224] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 166.740720][ T5832] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive [ 166.750786][ T5832] ath9k_htc: Failed to initialize the device [ 166.784800][ T5922] usb 2-1: ath9k_htc: USB layer deinitialized [ 166.904764][ T8231] sp0: Synchronizing with TNC [ 167.198048][ T8249] /dev/rnullb0: Can't open blockdev [ 167.221013][ T8239] netlink: 37 bytes leftover after parsing attributes in process `syz.3.820'. [ 167.434259][ T5832] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 167.466897][ T8253] FAULT_INJECTION: forcing a failure. [ 167.466897][ T8253] name failslab, interval 1, probability 0, space 0, times 0 [ 167.494152][ T8253] CPU: 0 UID: 0 PID: 8253 Comm: syz.2.827 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 167.494177][ T8253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 167.494187][ T8253] Call Trace: [ 167.494194][ T8253] [ 167.494202][ T8253] dump_stack_lvl+0x189/0x250 [ 167.494226][ T8253] ? __pfx____ratelimit+0x10/0x10 [ 167.494247][ T8253] ? __pfx_dump_stack_lvl+0x10/0x10 [ 167.494270][ T8253] ? __pfx__printk+0x10/0x10 [ 167.494290][ T8253] ? __pfx___might_resched+0x10/0x10 [ 167.494307][ T8253] ? fs_reclaim_acquire+0x7d/0x100 [ 167.494332][ T8253] should_fail_ex+0x414/0x560 [ 167.494361][ T8253] should_failslab+0xa8/0x100 [ 167.494383][ T8253] __kmalloc_cache_noprof+0x70/0x3d0 [ 167.494402][ T8253] ? nft_trans_table_add+0x56/0x430 [ 167.494425][ T8253] nft_trans_table_add+0x56/0x430 [ 167.494449][ T8253] nf_tables_newtable+0xce3/0x1890 [ 167.494493][ T8253] nfnetlink_rcv+0x112f/0x2520 [ 167.494554][ T8253] ? __pfx_nfnetlink_rcv+0x10/0x10 [ 167.494590][ T8253] ? ref_tracker_free+0x63a/0x7d0 [ 167.494639][ T8253] ? __netlink_deliver_tap+0x807/0x850 [ 167.494671][ T8253] ? netlink_deliver_tap+0x2e/0x1b0 [ 167.494692][ T8253] ? netlink_deliver_tap+0x2e/0x1b0 [ 167.494718][ T8253] netlink_unicast+0x758/0x8d0 [ 167.494750][ T8253] netlink_sendmsg+0x805/0xb30 [ 167.494781][ T8253] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.494806][ T8253] ? aa_sock_msg_perm+0xf1/0x1d0 [ 167.494827][ T8253] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 167.494849][ T8253] ? __pfx_netlink_sendmsg+0x10/0x10 [ 167.494872][ T8253] __sock_sendmsg+0x21c/0x270 [ 167.494896][ T8253] ____sys_sendmsg+0x505/0x830 [ 167.494926][ T8253] ? __pfx_____sys_sendmsg+0x10/0x10 [ 167.494960][ T8253] ? import_iovec+0x74/0xa0 [ 167.494988][ T8253] ___sys_sendmsg+0x21f/0x2a0 [ 167.495016][ T8253] ? __pfx____sys_sendmsg+0x10/0x10 [ 167.495076][ T8253] ? __fget_files+0x2a/0x420 [ 167.495096][ T8253] ? __fget_files+0x3a0/0x420 [ 167.495127][ T8253] __x64_sys_sendmsg+0x19b/0x260 [ 167.495154][ T8253] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 167.495187][ T8253] ? __pfx_ksys_write+0x10/0x10 [ 167.495205][ T8253] ? rcu_is_watching+0x15/0xb0 [ 167.495227][ T8253] ? do_syscall_64+0xbe/0x3b0 [ 167.495252][ T8253] do_syscall_64+0xfa/0x3b0 [ 167.495271][ T8253] ? lockdep_hardirqs_on+0x9c/0x150 [ 167.495290][ T8253] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.495307][ T8253] ? clear_bhb_loop+0x60/0xb0 [ 167.495328][ T8253] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 167.495345][ T8253] RIP: 0033:0x7f7df3f8e929 [ 167.495361][ T8253] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 167.495375][ T8253] RSP: 002b:00007f7df4e47038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 167.495393][ T8253] RAX: ffffffffffffffda RBX: 00007f7df41b5fa0 RCX: 00007f7df3f8e929 [ 167.495406][ T8253] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 167.495416][ T8253] RBP: 00007f7df4e47090 R08: 0000000000000000 R09: 0000000000000000 [ 167.495427][ T8253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 167.495437][ T8253] R13: 0000000000000000 R14: 00007f7df41b5fa0 R15: 00007ffedc7e3408 [ 167.495466][ T8253] [ 167.926468][ T5832] usb 2-1: Using ep0 maxpacket: 32 [ 167.936994][ T5832] usb 2-1: config 4 has an invalid interface number: 128 but max is 0 [ 167.945916][ T5832] usb 2-1: config 4 has no interface number 0 [ 167.952121][ T5832] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 167.963850][ T5832] usb 2-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 167.974142][ T5832] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 167.983450][ T5832] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 167.997828][ T5832] hub 2-1:4.128: USB hub found [ 168.162417][ T8263] syz.0.829: attempt to access beyond end of device [ 168.162417][ T8263] loop0: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 168.200843][ T5832] hub 2-1:4.128: config failed, can't read hub descriptor (err -22) [ 168.234514][ T5832] ------------[ cut here ]------------ [ 168.239998][ T5832] WARNING: kernel/workqueue.c:4208 at __flush_work+0xabc/0xbc0, CPU#0: kworker/0:3/5832 [ 168.249796][ T5832] Modules linked in: [ 168.254130][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/0:3 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 168.266075][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 168.276175][ T5832] Workqueue: usb_hub_wq hub_event [ 168.281224][ T5832] RIP: 0010:__flush_work+0xabc/0xbc0 [ 168.286619][ T5832] Code: 01 00 00 75 53 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 60 3d 35 00 90 0f 0b 90 eb a5 e8 55 3d 35 00 90 <0f> 0b 90 31 c0 48 8b 5c 24 18 eb 95 e8 43 3d 35 00 e9 92 fc ff ff [ 168.306483][ T5832] RSP: 0018:ffffc90004216940 EFLAGS: 00010283 [ 168.312573][ T5832] RAX: ffffffff818ade3b RBX: 1ffff1100f6c3a54 RCX: 0000000000100000 [ 168.320606][ T5832] RDX: ffffc90017762000 RSI: 000000000002267f RDI: 0000000000022680 [ 168.328707][ T5832] RBP: ffffc90004216b10 R08: ffffffff8fc29737 R09: 1ffffffff1f852e6 [ 168.337490][ T5832] R10: dffffc0000000000 R11: fffffbfff1f852e7 R12: 0000000000000000 [ 168.346104][ T5832] R13: ffff88807b61d2a0 R14: dffffc0000000000 R15: ffff88807b61d288 [ 168.354370][ T5832] FS: 0000000000000000(0000) GS:ffff8881259e4000(0000) knlGS:0000000000000000 [ 168.363734][ T5832] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 168.370580][ T5832] CR2: 00007ffc5693dff8 CR3: 000000007d31a000 CR4: 00000000003526f0 [ 168.378618][ T5832] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000 [ 168.386651][ T5832] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 168.394662][ T5832] Call Trace: [ 168.397954][ T5832] [ 168.400894][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 168.407277][ T5832] ? __pfx___flush_work+0x10/0x10 [ 168.412329][ T5832] ? __timer_delete_sync+0x218/0x2d0 [ 168.417676][ T5832] ? __pfx___might_resched+0x10/0x10 [ 168.422983][ T5832] ? __pfx___timer_delete_sync+0x10/0x10 [ 168.428669][ T5832] ? __try_to_del_timer_sync+0x34a/0x3a0 [ 168.435142][ T5832] ? flush_delayed_work+0x11d/0x190 [ 168.440368][ T5832] flush_delayed_work+0x13e/0x190 [ 168.446078][ T5832] ? __pfx_flush_delayed_work+0x10/0x10 [ 168.451647][ T5832] ? _dev_err+0x10a/0x160 [ 168.456304][ T5832] hub_quiesce+0x1f0/0x330 [ 168.460743][ T5832] hub_disconnect+0xc8/0x470 [ 168.465635][ T5832] hub_probe+0x132f/0x36e0 [ 168.470086][ T5832] ? __pfx_hub_probe+0x10/0x10 [ 168.474899][ T5832] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 168.480804][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 168.487193][ T5832] ? ktime_get_mono_fast_ns+0x2af/0x2d0 [ 168.492756][ T5832] ? pm_runtime_enable+0x1f3/0x340 [ 168.498098][ T5832] usb_probe_interface+0x634/0xbf0 [ 168.503238][ T5832] ? __pfx_usb_probe_interface+0x10/0x10 [ 168.508936][ T5832] really_probe+0x26d/0x9a0 [ 168.513459][ T5832] __driver_probe_device+0x18c/0x2f0 [ 168.518806][ T5832] driver_probe_device+0x4f/0x430 [ 168.523844][ T5832] __device_attach_driver+0x2ce/0x530 [ 168.529275][ T5832] bus_for_each_drv+0x24e/0x2e0 [ 168.534941][ T5832] ? __pfx___device_attach_driver+0x10/0x10 [ 168.540853][ T5832] ? __pfx_bus_for_each_drv+0x10/0x10 [ 168.546880][ T5832] __device_attach+0x2b8/0x400 [ 168.551664][ T5832] ? __pfx___device_attach+0x10/0x10 [ 168.557005][ T5832] ? do_raw_spin_unlock+0x122/0x240 [ 168.562492][ T5832] bus_probe_device+0x185/0x260 [ 168.567670][ T5832] device_add+0x7b6/0xb50 [ 168.572029][ T5832] usb_set_configuration+0x1a87/0x20e0 [ 168.578282][ T5832] usb_generic_driver_probe+0x8d/0x150 [ 168.583767][ T5832] usb_probe_device+0x1c4/0x390 [ 168.588693][ T5832] ? __pfx_usb_probe_device+0x10/0x10 [ 168.594118][ T5832] really_probe+0x26d/0x9a0 [ 168.598640][ T5832] __driver_probe_device+0x18c/0x2f0 [ 168.603941][ T5832] driver_probe_device+0x4f/0x430 [ 168.609039][ T5832] __device_attach_driver+0x2ce/0x530 [ 168.614458][ T5832] bus_for_each_drv+0x24e/0x2e0 [ 168.619325][ T5832] ? __pfx___device_attach_driver+0x10/0x10 [ 168.625304][ T5832] ? __pfx_bus_for_each_drv+0x10/0x10 [ 168.630709][ T5832] __device_attach+0x2b8/0x400 [ 168.635520][ T5832] ? __pfx___device_attach+0x10/0x10 [ 168.641551][ T5832] ? do_raw_spin_unlock+0x122/0x240 [ 168.647435][ T5832] bus_probe_device+0x185/0x260 [ 168.652315][ T5832] device_add+0x7b6/0xb50 [ 168.656701][ T5832] usb_new_device+0xa39/0x16f0 [ 168.661770][ T5832] ? __pfx_usb_new_device+0x10/0x10 [ 168.667238][ T5832] ? _raw_spin_unlock_irq+0x23/0x50 [ 168.672452][ T5832] ? lockdep_hardirqs_on+0x9c/0x150 [ 168.677711][ T5832] hub_event+0x2941/0x4a00 [ 168.682190][ T5832] ? __pfx_hub_event+0x10/0x10 [ 168.687000][ T5832] ? process_scheduled_works+0x9ef/0x17b0 [ 168.692741][ T5832] ? _raw_spin_unlock_irq+0x23/0x50 [ 168.697983][ T5832] ? process_scheduled_works+0x9ef/0x17b0 [ 168.703717][ T5832] ? process_scheduled_works+0x9ef/0x17b0 [ 168.709513][ T5832] process_scheduled_works+0xae1/0x17b0 [ 168.715166][ T5832] ? __pfx_process_scheduled_works+0x10/0x10 [ 168.721183][ T5832] worker_thread+0x8a0/0xda0 [ 168.725823][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 168.732170][ T5832] ? __kthread_parkme+0x7b/0x200 [ 168.737161][ T5832] kthread+0x70e/0x8a0 [ 168.741992][ T5832] ? __pfx_worker_thread+0x10/0x10 [ 168.747768][ T5832] ? __pfx_kthread+0x10/0x10 [ 168.752379][ T5832] ? _raw_spin_unlock_irq+0x23/0x50 [ 168.757623][ T5832] ? lockdep_hardirqs_on+0x9c/0x150 [ 168.763099][ T5832] ? __pfx_kthread+0x10/0x10 [ 168.767955][ T5832] ret_from_fork+0x3fc/0x770 [ 168.772575][ T5832] ? __pfx_ret_from_fork+0x10/0x10 [ 168.777763][ T5832] ? __switch_to_asm+0x39/0x70 [ 168.782539][ T5832] ? __switch_to_asm+0x33/0x70 [ 168.787339][ T5832] ? __pfx_kthread+0x10/0x10 [ 168.791945][ T5832] ret_from_fork_asm+0x1a/0x30 [ 168.796790][ T5832] [ 168.799817][ T5832] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 168.807098][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/0:3 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 168.818638][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 168.828789][ T5832] Workqueue: usb_hub_wq hub_event [ 168.833830][ T5832] Call Trace: [ 168.837117][ T5832] [ 168.840051][ T5832] dump_stack_lvl+0x99/0x250 [ 168.844649][ T5832] ? __asan_memcpy+0x40/0x70 [ 168.849254][ T5832] ? __pfx_dump_stack_lvl+0x10/0x10 [ 168.854459][ T5832] ? __pfx__printk+0x10/0x10 [ 168.859065][ T5832] panic+0x2db/0x790 [ 168.862954][ T5832] ? __pfx_panic+0x10/0x10 [ 168.867367][ T5832] ? ret_from_fork_asm+0x1a/0x30 [ 168.872299][ T5832] __warn+0x334/0x4c0 [ 168.876262][ T5832] ? __flush_work+0xabc/0xbc0 [ 168.880927][ T5832] ? __flush_work+0xabc/0xbc0 [ 168.885588][ T5832] report_bug+0x2be/0x4f0 [ 168.889917][ T5832] ? __flush_work+0xabc/0xbc0 [ 168.894594][ T5832] ? __flush_work+0xabc/0xbc0 [ 168.899266][ T5832] ? __flush_work+0xabe/0xbc0 [ 168.903933][ T5832] handle_bug+0x84/0x160 [ 168.908167][ T5832] exc_invalid_op+0x1a/0x50 [ 168.912667][ T5832] asm_exc_invalid_op+0x1a/0x20 [ 168.917501][ T5832] RIP: 0010:__flush_work+0xabc/0xbc0 [ 168.922773][ T5832] Code: 01 00 00 75 53 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 60 3d 35 00 90 0f 0b 90 eb a5 e8 55 3d 35 00 90 <0f> 0b 90 31 c0 48 8b 5c 24 18 eb 95 e8 43 3d 35 00 e9 92 fc ff ff [ 168.942365][ T5832] RSP: 0018:ffffc90004216940 EFLAGS: 00010283 [ 168.948427][ T5832] RAX: ffffffff818ade3b RBX: 1ffff1100f6c3a54 RCX: 0000000000100000 [ 168.956389][ T5832] RDX: ffffc90017762000 RSI: 000000000002267f RDI: 0000000000022680 [ 168.964348][ T5832] RBP: ffffc90004216b10 R08: ffffffff8fc29737 R09: 1ffffffff1f852e6 [ 168.972306][ T5832] R10: dffffc0000000000 R11: fffffbfff1f852e7 R12: 0000000000000000 [ 168.980269][ T5832] R13: ffff88807b61d2a0 R14: dffffc0000000000 R15: ffff88807b61d288 [ 168.988245][ T5832] ? __flush_work+0xabb/0xbc0 [ 168.992927][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 168.999246][ T5832] ? __pfx___flush_work+0x10/0x10 [ 169.004268][ T5832] ? __timer_delete_sync+0x218/0x2d0 [ 169.009543][ T5832] ? __pfx___might_resched+0x10/0x10 [ 169.014815][ T5832] ? __pfx___timer_delete_sync+0x10/0x10 [ 169.020436][ T5832] ? __try_to_del_timer_sync+0x34a/0x3a0 [ 169.026549][ T5832] ? flush_delayed_work+0x11d/0x190 [ 169.031740][ T5832] flush_delayed_work+0x13e/0x190 [ 169.036754][ T5832] ? __pfx_flush_delayed_work+0x10/0x10 [ 169.042287][ T5832] ? _dev_err+0x10a/0x160 [ 169.046618][ T5832] hub_quiesce+0x1f0/0x330 [ 169.051040][ T5832] hub_disconnect+0xc8/0x470 [ 169.055624][ T5832] hub_probe+0x132f/0x36e0 [ 169.060050][ T5832] ? __pfx_hub_probe+0x10/0x10 [ 169.064803][ T5832] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 169.070684][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 169.076997][ T5832] ? ktime_get_mono_fast_ns+0x2af/0x2d0 [ 169.082538][ T5832] ? pm_runtime_enable+0x1f3/0x340 [ 169.087655][ T5832] usb_probe_interface+0x634/0xbf0 [ 169.092765][ T5832] ? __pfx_usb_probe_interface+0x10/0x10 [ 169.098386][ T5832] really_probe+0x26d/0x9a0 [ 169.102883][ T5832] __driver_probe_device+0x18c/0x2f0 [ 169.108158][ T5832] driver_probe_device+0x4f/0x430 [ 169.113174][ T5832] __device_attach_driver+0x2ce/0x530 [ 169.118541][ T5832] bus_for_each_drv+0x24e/0x2e0 [ 169.123386][ T5832] ? __pfx___device_attach_driver+0x10/0x10 [ 169.129269][ T5832] ? __pfx_bus_for_each_drv+0x10/0x10 [ 169.134647][ T5832] __device_attach+0x2b8/0x400 [ 169.139403][ T5832] ? __pfx___device_attach+0x10/0x10 [ 169.144679][ T5832] ? do_raw_spin_unlock+0x122/0x240 [ 169.149874][ T5832] bus_probe_device+0x185/0x260 [ 169.154725][ T5832] device_add+0x7b6/0xb50 [ 169.159046][ T5832] usb_set_configuration+0x1a87/0x20e0 [ 169.164514][ T5832] usb_generic_driver_probe+0x8d/0x150 [ 169.169970][ T5832] usb_probe_device+0x1c4/0x390 [ 169.174821][ T5832] ? __pfx_usb_probe_device+0x10/0x10 [ 169.180183][ T5832] really_probe+0x26d/0x9a0 [ 169.184683][ T5832] __driver_probe_device+0x18c/0x2f0 [ 169.189957][ T5832] driver_probe_device+0x4f/0x430 [ 169.194972][ T5832] __device_attach_driver+0x2ce/0x530 [ 169.200334][ T5832] bus_for_each_drv+0x24e/0x2e0 [ 169.205179][ T5832] ? __pfx___device_attach_driver+0x10/0x10 [ 169.211059][ T5832] ? __pfx_bus_for_each_drv+0x10/0x10 [ 169.216430][ T5832] __device_attach+0x2b8/0x400 [ 169.221184][ T5832] ? __pfx___device_attach+0x10/0x10 [ 169.226465][ T5832] ? do_raw_spin_unlock+0x122/0x240 [ 169.231659][ T5832] bus_probe_device+0x185/0x260 [ 169.236501][ T5832] device_add+0x7b6/0xb50 [ 169.240820][ T5832] usb_new_device+0xa39/0x16f0 [ 169.245588][ T5832] ? __pfx_usb_new_device+0x10/0x10 [ 169.250788][ T5832] ? _raw_spin_unlock_irq+0x23/0x50 [ 169.255981][ T5832] ? lockdep_hardirqs_on+0x9c/0x150 [ 169.261172][ T5832] hub_event+0x2941/0x4a00 [ 169.265618][ T5832] ? __pfx_hub_event+0x10/0x10 [ 169.270372][ T5832] ? process_scheduled_works+0x9ef/0x17b0 [ 169.276092][ T5832] ? _raw_spin_unlock_irq+0x23/0x50 [ 169.281276][ T5832] ? process_scheduled_works+0x9ef/0x17b0 [ 169.286983][ T5832] ? process_scheduled_works+0x9ef/0x17b0 [ 169.292693][ T5832] process_scheduled_works+0xae1/0x17b0 [ 169.298256][ T5832] ? __pfx_process_scheduled_works+0x10/0x10 [ 169.304245][ T5832] worker_thread+0x8a0/0xda0 [ 169.308825][ T5832] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 169.315146][ T5832] ? __kthread_parkme+0x7b/0x200 [ 169.320081][ T5832] kthread+0x70e/0x8a0 [ 169.324139][ T5832] ? __pfx_worker_thread+0x10/0x10 [ 169.329233][ T5832] ? __pfx_kthread+0x10/0x10 [ 169.333809][ T5832] ? _raw_spin_unlock_irq+0x23/0x50 [ 169.338991][ T5832] ? lockdep_hardirqs_on+0x9c/0x150 [ 169.344173][ T5832] ? __pfx_kthread+0x10/0x10 [ 169.348752][ T5832] ret_from_fork+0x3fc/0x770 [ 169.353337][ T5832] ? __pfx_ret_from_fork+0x10/0x10 [ 169.358449][ T5832] ? __switch_to_asm+0x39/0x70 [ 169.363204][ T5832] ? __switch_to_asm+0x33/0x70 [ 169.367965][ T5832] ? __pfx_kthread+0x10/0x10 [ 169.372544][ T5832] ret_from_fork_asm+0x1a/0x30 [ 169.377308][ T5832] [ 169.380545][ T5832] Kernel Offset: disabled [ 169.384856][ T5832] Rebooting in 86400 seconds..