last executing test programs: 1m47.434936865s ago: executing program 1 (id=973): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x25dfdbfc, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x4, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@empty, 0x2, 0x2b}, 0xa, @in6=@local, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) r1 = socket$inet_tcp(0x2, 0x1, 0x0) syz_emit_vhci(&(0x7f0000000080)=ANY=[], 0xe) setsockopt$inet_buf(r1, 0x0, 0x8008000000010, 0x0, 0x0) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="0213000002"], 0x33fe0}}, 0x0) 1m47.255187166s ago: executing program 1 (id=976): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0) sendmmsg$inet(r0, &(0x7f00000010c0)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000011c0)="93bffce623851797a8dc79018d7716840ffc6949c667f6d345b18bc896d8f016f5f206bb2b0eb2fe32d2f0048678cd35ef833c3522fff95a94770a6845b091e69f243dea0d601c54e9c93ee3568b89a3427c84262ff67b679ccac305b5cea1dcd151d7bb5754603b6b0e362d8041afc61529260e6c4046d55927c96dcce1609b9c4f8424b9da76", 0x87}, {&(0x7f00000007c0)="02999344565d9c61d3bb8cf353fd63c588ffa39f0ff0fced20927ea4b2a247d082247558bef6b2b2cd6a0dffece1b36526e9388c344fb7ac429e432bcb", 0x3d}, {&(0x7f0000000f00)="ec75d081fcb70000000000000000bb6a38b0c57cc77b83d2eea81aad8f73b36abc2019cb08fcaaec9647a07d0a0965f0f1e39afd84e7e2523aaded5e09aa1e36fcc90c269ad6d38d5761910df91e34b3b98e2f71054226c3b00b9ee6ae29f0b07bc6fe7981126ca8e32b991faed3b0293e4004c1f64e6c19ba36b2778c5f4a1c58625fe19516af43c9870c5b8191e23778abe7df2280d401feffffffffffff2dce9570444c153f9c2903ae4c868074e89477bf83d2ab648b0498ac8c0f90844ed9a26675199d5ff9b391c1dec077b5099cf9aecd1a8788fe098a501ea64185ddcddda7f7c66d819ca14f85b27079c7fd0b3b446915cd8f0f157f45d95f6bc1815edda1b5df880de18b18c03b3d946ae7732d01462f39dad739e6a2b79f039ecaa8432f17e20d4e3ddb088bb8aef5d4f4cd6a8cfb9cdf4035", 0x138}, {&(0x7f0000000240)="397d5f2e855cb2b0b1e61d3fe47dc3e798cf47cfebf169e77257f308b4", 0x1d}, {&(0x7f0000000440)="e78901b24f3291e9448af6bf802603c0a47d696e45734f3aadb096a0e9d428f71a7365c266b448adc5655f5b5c7574d6691fa86321c8ff9c33e6e68f073f3f5b289e9c2b6466853b8d401f3c95fee163c50a084fe2cd69d28ed65a", 0x5b}, {&(0x7f00000002c0)="b6139dc68c219b157760a3cbf255087b81aaba8e246b1d98cac2af5ddb62415a0c56728b0d360ce8a1fa", 0x2a}], 0x6}}], 0x1, 0x20008000) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r2, 0x201, 0x400000, 0x0, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40800}, 0x0) sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27) 1m47.103193766s ago: executing program 1 (id=980): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a44000000090a0104000000000000a58054dc000308000a40000000020900020073797a31000000000900010073797a3000000000080005400000000d0800098004000280140000001000010000000000000000000084000a"], 0x6c}}, 0x20050800) creat(&(0x7f0000001380)='./file0\x00', 0x4) syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0) (async) r1 = syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0) ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r1, 0xc2604111, &(0x7f0000000540)={0x0, [[0x223, 0x0, 0x20], [0xfffffffb, 0x0, 0x7], [0x3]], '\x00', [{}, {0x0, 0xffffffff, 0x0, 0x1}, {}, {0x0, 0xfffffffd}, {0x1}]}) r2 = epoll_create1(0x0) poll(&(0x7f0000000040)=[{r2, 0x10}], 0x1, 0x8000db3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)) (async) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)) shutdown(r3, 0x0) epoll_wait(r2, &(0x7f0000000000)=[{}], 0x1, 0x40101) (async) epoll_wait(r2, &(0x7f0000000000)=[{}], 0x1, 0x40101) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000140)={0x2000200b}) (async) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r3, &(0x7f0000000140)={0x2000200b}) mount(&(0x7f0000001400)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000001480)='qnx4\x00', 0x0, 0x0) 1m46.902620187s ago: executing program 1 (id=983): mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x1) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100)) r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x3f46137792f68265) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0) setreuid(0xee01, 0x0) timer_settime(0x0, 0x0, 0x0, 0x0) syz_clone(0x1b4a100, 0x0, 0x0, 0x0, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0xfffffffb}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r2, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x0, @dev={0xfe, 0x80, '\x00', 0x36}}}}, &(0x7f0000000040)=0x84) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000025c0)={r4, 0x200, 0x10}, 0x8) ioctl$AUTOFS_IOC_ASKUMOUNT(r0, 0xc0089364, &(0x7f00000001c0)) 1m46.697494s ago: executing program 1 (id=985): mknod$loop(&(0x7f0000000140)='./file0\x00', 0x20, 0x1) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0) r1 = open_tree(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x80100) connect$bt_sco(r1, &(0x7f0000000280)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x8) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002180)='blkio.bfq.io_merged\x00', 0x275a, 0x0) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000180)={'pim6reg\x00'}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r2, 0x0) r3 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, 0x0, 0x0) ftruncate(r2, 0xc17c) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000080)=0x9, 0x5, 0x0) mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil) ioctl$NBD_CLEAR_QUE(r2, 0xab05) setsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f00000002c0)=0x7, 0x4) r4 = shmget$private(0x0, 0x800000, 0x880, &(0x7f0000173000/0x800000)=nil) shmat(r4, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r8, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0xe1}]}) shmctl$IPC_RMID(r4, 0x0) ioctl$TUNSETOFFLOAD(r5, 0x400454ce, 0x6) mbind(&(0x7f0000872000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x2, 0x4) openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x300, 0x0) 1m46.472394908s ago: executing program 1 (id=986): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x40382, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0x1) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) (fail_nth: 2) write$dsp(r0, &(0x7f0000000140)="20795899ff6b620c2ddcc324d361b62a5f22a23c2cfc0d2813668a977e4be4f9c46f2ca2752bdcf4a6e1576b00ca1d3dc3517c5eecdf8947d0127b01000000000000004c73", 0x45) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 1m46.205096396s ago: executing program 32 (id=986): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x40382, 0x0) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040)=0x1) write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) (fail_nth: 2) write$dsp(r0, &(0x7f0000000140)="20795899ff6b620c2ddcc324d361b62a5f22a23c2cfc0d2813668a977e4be4f9c46f2ca2752bdcf4a6e1576b00ca1d3dc3517c5eecdf8947d0127b01000000000000004c73", 0x45) ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0) 5.405053581s ago: executing program 3 (id=1743): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@mcast2, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x26}}, @private2={0xfc, 0x2, '\x00', 0x1}, 0x10, 0xffff, 0xb, 0x0, 0x41, 0x2}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0) syz_usb_control_io$uac1(r3, 0x0, 0x0) (async) syz_usb_control_io(r3, 0x0, &(0x7f0000000640)={0x84, &(0x7f00000001c0)={0x0, 0x6, 0x4, "eae7e17d"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async) syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000a40)={0x2c, &(0x7f00000004c0)={0x20, 0x16, 0x13, "000000009c51a6f28814f296963910b8d0c9c7"}, 0x0, 0x0, 0x0, 0x0}) (async) syz_usb_control_io$printer(r3, 0x0, 0x0) (async) syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f0000000380)={0x44, &(0x7f0000000140)={0x0, 0x6, 0x4, "3783fc06"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async, rerun: 32) r4 = socket$can_raw(0x1d, 0x3, 0x1) (rerun: 32) setsockopt$CAN_RAW_RECV_OWN_MSGS(r4, 0x65, 0x8, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000500)={0x0, 0x636}, 0x8) (async) syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) (async) r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_CHANNELS_SET(r5, &(0x7f0000007640)={0x0, 0x0, &(0x7f0000007600)={&(0x7f0000000240)={0x2c, r6, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_CHANNELS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wg0\x00'}]}]}, 0x2c}}, 0x4) r7 = socket$netlink(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$team(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000240)={'team0\x00', 0x0}) (async) r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x141e42, 0x0) r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0) r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000073, 0x0, 0x5}]}) (async) sendmsg$TEAM_CMD_OPTIONS_SET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000840)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="01002abd7000fcdbdf250100000008000100", @ANYRES32=r9, @ANYBLOB="3c00028038000100240001"], 0x58}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840) (async) r13 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f00000000c0)={'gretap0\x00', 0x0}) sendto$packet(r13, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x11, 0x88a8, r14, 0x1, 0x1, 0x6, @local}, 0x14) (async, rerun: 64) sendmsg$ETHTOOL_MSG_DEBUG_GET(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000240)={0xbc, r6, 0x8, 0x70bd2a, 0x25dfdbfd, {}, [@HEADER={0x2c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_vlan\x00'}]}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_hsr\x00'}]}, @HEADER={0x64, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_FLAGS={0x8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'hsr0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0xbb10fc0a91c06a68}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r14}]}]}, 0xbc}, 0x1, 0x0, 0x0, 0x800}, 0x20048091) (rerun: 64) 2.057543498s ago: executing program 4 (id=1776): r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000b40)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{0x8000000}]}}) 2.056744364s ago: executing program 3 (id=1777): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003280)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a0102000000000000000001001c020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000108fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b816151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 1.945609043s ago: executing program 3 (id=1779): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r2, 0x2000) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r4 = dup(r3) fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000106000/0x4000)=nil, 0x4000, 0x10) write$binfmt_aout(r4, 0x0, 0xffffffdb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) r5 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000001180)={'erspan0\x00', {0x2, 0x4e22, @rand_addr=0x64010102}}) 1.893196439s ago: executing program 4 (id=1781): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000200)={0x2, 0x0, 0x0, 0x3}) r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/48, 0x30}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000000180)=""/107, 0x6b}], 0xff, 0x0) move_pages(r2, 0x0, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000) r3 = fcntl$getown(r1, 0x9) r4 = syz_open_procfs(r3, &(0x7f0000000000)='net/bnep\x00') ioctl$SG_BLKTRACESTOP(r4, 0x1275, 0x0) r5 = socket$inet_smc(0x2b, 0x1, 0x0) bind$inet(r5, &(0x7f0000000040)={0x2, 0x4e22, @private=0xa010102}, 0x10) 1.708608763s ago: executing program 4 (id=1783): r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x8943, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x76, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f0000000fc0)="374e1aa8a7c6ce1a2218ac42661dc4e2c1c3045e09cc34bca6e6db4842e7442ca774a96165b8ea0a04a1af699bcd9dfced1153f19b285be268448e31fd8f39a723a26667bd7b7952af9a7604b2a0ef5a991e86bcedc324d49653f7e04a8bef6b60de47eb2beba2fbf04b61821ac73c0bd940c041db56fcf20e856eab8915d3124115415124056d9f4983d279af0702490d0df73ec3e1", 0x96}], 0x1}}], 0x1, 0x8001) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='gre0\x00', 0x10) r4 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r4, 0x40085112, &(0x7f0000000040)=@l={0x92, 0x0, 0xe0}) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) r7 = dup(r6) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r7, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r8, 0xae80, 0x0) 1.61198125s ago: executing program 3 (id=1784): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0x28200, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2) syz_init_net_socket$802154_raw(0x24, 0x4, 0x0) syz_open_dev$vim2m(&(0x7f0000000000), 0xb7, 0x2) mmap(&(0x7f0000787000/0x4000)=nil, 0x4000, 0xb, 0x202812, r0, 0x7dfff000) 1.561531851s ago: executing program 2 (id=1785): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x12, r0, 0x46987000) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xb, 0xc3072, 0xffffffffffffffff, 0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x5, 0x5) 1.560965897s ago: executing program 0 (id=1786): r0 = syz_open_dev$vim2m(&(0x7f0000001200), 0x3ff, 0x2) (async) openat$fb0(0xffffffffffffff9c, &(0x7f0000000380), 0x109000, 0x0) r1 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x180300, 0x0) close(r1) read(r1, &(0x7f0000001080)=""/13, 0xd) r2 = socket$nl_generic(0x10, 0x3, 0x10) (async) r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010024bd6000ffdbdf250310f700182251b9dc3370596479070000000000000000000000000005000500000000000500030000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x0) r4 = socket$inet6(0xa, 0x805, 0x0) (async) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) (async) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60) (async) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) (async) r8 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="010000000a14010029bd7000fcdbdf250800010000000000"], 0x18}, 0x1, 0x0, 0x0, 0x60}, 0x0) (async) ioctl$F2FS_IOC_SET_PIN_FILE(0xffffffffffffffff, 0x4004f50d, &(0x7f0000001100)) (async) r9 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0) ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r9, 0xc0189375, &(0x7f0000000300)={{0x1, 0x1, 0x46}, './file0/../file0\x00'}) (async) r10 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000009700)='/sys/kernel/oops_count', 0x40, 0x2) read$FUSE(r10, &(0x7f0000009800)={0x2020}, 0x2020) ioctl$KVM_SET_REGS(r10, 0x4090ae82, &(0x7f0000001140)={[0x6, 0x7, 0x3, 0x2, 0x0, 0x6, 0x14, 0x800, 0xffff, 0x0, 0x9, 0x7, 0x0, 0x2f4, 0x8000, 0x8], 0xeeee0000, 0x4000}) (async) ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_IRQCHIP(r6, 0x8208ae63, &(0x7f0000000600)={0x1, 0x0, @pic={0x9, 0x7, 0x1, 0x4, 0x5, 0x1, 0x1, 0xff, 0x5, 0x0, 0x0, 0x10, 0xa, 0x1, 0xd, 0x5}}) (async) ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x0, 0x180, 0x7, 0x0, 0xf1, 0x0, 0x8000000000000, 0x1, 0x0, 0x9, 0x1, 0x0, 0x0, 0xbd9], 0x1, 0x3c4210}) (async) ioctl$KVM_RUN(r7, 0xae80, 0x0) (async) getsockopt$bt_hci(r4, 0x84, 0x85, &(0x7f0000000080)=""/4060, &(0x7f00000010c0)=0xfdc) (async) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0xb, 0x1, 0x4, 0x0, 0x7}) r11 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) ioctl$vim2m_VIDIOC_G_FMT(r11, 0xc0285629, &(0x7f0000000080)={0x3, @vbi={0x0, 0x5d7f, 0x80000001, 0x38414261, [0x7, 0x2], [0x5, 0x6], 0x1}}) 1.433513703s ago: executing program 3 (id=1787): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000001180)={'erspan0\x00', {0x2, 0x4e22, @rand_addr=0x64010102}}) (fail_nth: 9) 1.288761315s ago: executing program 4 (id=1788): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003280)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010020020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000108fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b816151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 1.193598409s ago: executing program 0 (id=1789): mount(&(0x7f0000000000)=@sr0, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='securityfs\x00', 0x1200051, 0x0) 1.185380894s ago: executing program 4 (id=1790): r0 = syz_open_dev$vim2m(&(0x7f00000003c0), 0x7, 0x2) ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000b40)={0x1, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0x0, [{0x9000000}]}}) 1.13309255s ago: executing program 0 (id=1791): write$sndseq(0xffffffffffffffff, &(0x7f0000000200)=[{0x0, 0x3, 0x0, 0x0, @tick, {}, {0x0, 0x4}, @addr={0xc, 0x5}}], 0x1c) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0) r0 = syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='memory.events.local\x00', 0x275a, 0x0) write$binfmt_misc(r1, &(0x7f0000000000)="180c4552", 0x4) write$binfmt_misc(r1, &(0x7f0000000040), 0xe09) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x204, 0x0, 0x0, 0x0, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000000000000000000000000000000900", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}}) 741.524967ms ago: executing program 3 (id=1792): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x20080, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text32={0x20, 0x0}], 0x1, 0x74, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000180)=[@in6={0xa, 0x4e23, 0x37e, @private2={0xfc, 0x2, '\x00', 0x1}, 0x13}], 0x1c) setsockopt(r3, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8) recvmsg(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYRES32=r2, @ANYRES16=r3]) 741.209126ms ago: executing program 2 (id=1793): openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r1 = dup(r0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r1, 0x2000) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0) r3 = dup(r2) fsetxattr$security_evm(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000106000/0x4000)=nil, 0x4000, 0x10) write$binfmt_aout(r3, 0x0, 0xffffffdb) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9) 728.079803ms ago: executing program 0 (id=1794): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000060a09040000000000000000020000000900010073797a30000000000900020073797a3200000000380000001c0a0500000000000000000002f4000a0c00034000000000a8283fcc0900020073797a32000000000900010073797a30"], 0x8c}}, 0x0) 713.065285ms ago: executing program 4 (id=1795): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) sendmmsg$inet(0xffffffffffffffff, &(0x7f0000006900)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x4}}], 0x18}}], 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYRESDEC=r1, @ANYRES16=r1], 0x248}}, 0x0) r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_usb_connect(0x2, 0x24, &(0x7f0000000ec0)=ANY=[@ANYBLOB="12010000efaa6e109713bd0066c5800000010902120001000000000904000800e62b3d00"], 0x0) r3 = socket(0x10, 0x3, 0x3) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000800)={0x4000, 0x2}, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)=ANY=[@ANYBLOB="180000001600010a00000000000000000a"], 0x20}, 0x1, 0x0, 0x0, 0x200c0801}, 0x0) ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r4, 0x800455cc, 0x0) openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3c8, 0x0, 0x0, 0x1d0, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0x1d0}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x46e, 0xfffc}}}, {{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @rand_addr=0x64010100, 0xff, 0x0, 0xf, 0xa, {@mac=@broadcast, {[0x0, 0xff, 0x0, 0xff, 0xff]}}, {@empty, {[0x0, 0x0, 0x0, 0xff, 0xff]}}, 0x1, 0x6, 0xb, 0xc41, 0x6, 0x7, 'team0\x00', 'pimreg\x00', {0xff}, {0xff}, 0x0, 0x34d}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xc}, @empty, @dev={0xac, 0x14, 0x14, 0x20}, @multicast2, 0x3, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$inet6_opts(r5, 0x29, 0x40, &(0x7f00000001c0)=ANY=[], 0xd0060) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000007c0)={'wlan1\x00'}) r6 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) ioctl$KVM_CAP_HYPERV_SYNIC2(r6, 0x4068aea3, &(0x7f0000000500)) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f0000000100)={"b46474f815e8d5535f0887c44335cc824dc6121bc72a77f532ff5dad4d643a9cab29d2310e04be14eb26c0af4985fe45e3b3b0680b3ec92725d74b9716e0f7c3119a2c9a0ae65ff4772e2e12733cb013c4308fe40863480747c0a7ddb9361b1578015ca1bb2c1677ebae096f08345476f567443842946ed946434c75916d1db83fe305920de65bfaf9bd940672216846cb16b8ae67cd3affc61375381f91b3b9f1cc5e38cafe5239aee71dcd481fbe1ecd2547ffbaad4469a74697c28fb9beefa6a5d736712a55eb9110c2cf7964062ba8cbc1c038e84f0f5db7fc7053118bf5221e3efa6fc3edb5d0ca3cde7054dd0751a332520aa8478b1775d552c5cc24d3c2df9eb333e5ca3aa06c1c2cf82d7714f5caff2f55b41976fc20b64f1fc61d5b44f50953582a1825d32130a31abfeafd1987317879e29ac51b84ea659e023fff3ddb5e39dd19cc3ef1d883c78b9e073d08a9197fb3717df238b9831831214b186693be9dd2568bb77272e80df5dfed03e8c467627bedfbd93359a9f79a3aa37e873dc1357b37b43d813ea85267b0dc8b1c4cc51bd985328833beb2679b7fb762555bbea2da936b36f8f1673fd5f606b2b6eb23b72bf947206e8dbfeb40ca6f265a3485c8446e0f0da652860b88328073d2282c14b48a7774e62754a968b60e92205e8fafcdd70a55c3c4d1a4821ff44e6e3681f15ae091262e3a3290a24d8ceae30ebbf9d24287bb8a6873c608d47d287f9e716cf02b4796a83fb0c05e45b89de9ef8bce834e6d7a0be6e30d2c66cb6e640cb01898454ad361bc0701d8fe56113335ae6adec59300db04691cc4a689034272a8e086a32ce7061b4f79fa8afbb48a4ce4b62bdc44af013d78980457e1fa61eb9204818606f4c3b03c0f33cd2a841ac9bc2b73151a96e31ab99e6ec969b5f2c3edd5f9abc69845e487af992758ba445368da93dae1d44360d52a534a88276b8aaf349841d8a4788c60408618437c442308dbf70efeda2e54e9b9e4fe5f76997c9dcb945a26bd75748c85d19ca8b99264dce50580e8d4dbda401dad7df31e9a7a6a3a83bfbdfb5394abd581ac0824fbcd75d2f5205c0b7c9188e6f26bfd97734d9a20433f6cdba9d14a5f32a4d97a57f4603b21146fd1aebf082e863d463c224ad6083f0322408dd6ead6915ac6a4222ab51480eb6e11a8913348219515170d9df90d72d7363bbda3e327d19f98c0a856f98076380e788e602e8a2ae0a1930786874dc21a2e99abda15f35457cf1dcb440c4b41350d0eda352aad7f57a0adc8a6914da06460635ed21c4c11cd1a8ec778064c9f62efba2927828b23f94b16619a5520731c2c40ab8583c9f2e73233d74b84f4877ce6b35bb1180300"}) ioctl$RTC_EPOCH_READ(r2, 0x8008700d, &(0x7f0000000040)) ioctl$KVM_RUN(r6, 0xae80, 0x0) 546.546788ms ago: executing program 0 (id=1796): r0 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000005c0)) mount(&(0x7f0000000080)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000400)='cramfs\x00', 0xc400, 0x0) 545.789913ms ago: executing program 2 (id=1797): r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x8943, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x76, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f0000000fc0)="374e1aa8a7c6ce1a2218ac42661dc4e2c1c3045e09cc34bca6e6db4842e7442ca774a96165b8ea0a04a1af699bcd9dfced1153f19b285be268448e31fd8f39a723a26667bd7b7952af9a7604b2a0ef5a991e86bcedc324d49653f7e04a8bef6b60de47eb2beba2fbf04b61821ac73c0bd940c041db56fcf20e856eab8915d3124115415124056d9f4983d279af0702490d0df73ec3e1", 0x96}], 0x1}}], 0x1, 0x8001) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='gre0\x00', 0x10) openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = dup(r5) ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r6, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r7, 0xae80, 0x0) 421.44418ms ago: executing program 0 (id=1798): r0 = syz_usb_connect(0x3, 0x24, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) mount$cgroup(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000100), 0x1200000, &(0x7f0000000040)={[{@name}, {@none}, {}]}) syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000540)=ANY=[], 0x0, 0x0}) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000380)={0x24, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_usb_control_io$uac1(r0, 0x0, 0x0) syz_open_dev$rtc(&(0x7f0000000080), 0x0, 0x80080) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000140)=ANY=[@ANYRES64=r1], 0x0) ptrace(0x10, r1) ioctl$RTC_RD_TIME(0xffffffffffffffff, 0x80247009, &(0x7f0000000180)) syz_usb_control_io$printer(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$printer(r0, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r3, &(0x7f0000000100)={0xa, 0x4, 0x6, @remote, 0x200000}, 0x1c) shutdown(r3, 0x1) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r3, 0x84, 0x7b, &(0x7f0000000300)={0x0, 0x4}, 0xf) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) 300.345243ms ago: executing program 2 (id=1799): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003280)=ANY=[@ANYBLOB="140000001000010000000000000000030000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010024020900010073797a30000000000900030073797a3200000000240b0000060a010400000000000000000100000008000b4000000000fc0a048028000180080001006c6f67001c0002800e00024073797a6b616c6c65720000000800054000000008d00a01800e000100696d6d656469617465000000bc0a0280640002804c0002800900020073797a32000000000900020073797a310000000008000180fffffffc0900020073797a31000000000800034000009c920900020073797a300000000008000180ffffffff14000280080003400000000808000108fffffffb0800014000000002080001400000000b500002804b000100fa62d7ba9ceeacf9aa4f832b78f35731f355d63e192a72aef5e68a05d1b816151b6bd1e2d74abafd383790ad363fdc1b7766748630b48f9beefdb33c86d5835a470b5ffd20d7e9006c0102805c00028008000180fffffffe0900020073797a30000000000900020073797a320000000008000180ffffffff0900020073797a320000000008000180fffffffd0900020073797a310000000008000180fffffffc0800034000000e5628000280080003400000000608000340000000070900020073797a320000000008000180fffffffe540002800900020073797a320000000008000180fffffffe0800034000000000080003400000000008000340000000090900020073797a310000000008000180fffffffe080003400000800108000180fffffffd8e000100818ce881ff18470752e86442e8b77ddcfc7a4c87f05cd36147be26c85cc854cc117db1906007a5a8c298f4724c8c743d46ec7f3ba478d9dfb10bbe9e4fdfc2188d62db9bb1364fed383fe0b0c3fbbab83959470cb0ffb14765c32f10b54d99531d04caaf264214997543a1c63637d9a3a20b7ce9312e545626eb375c88462c198f35cf8a11616de4fa0c000098020280eb00010099c8e680eb4d0e7f78e1fb62226ae541d997c8cb51c5ebd0bb7e2730b61310dcd7525807288a7ad8c00f6aa230a1d1b876ddb0e188384e7c79cd8af94a02451a04d8f116bde38077da45650d82bdd1767b03e3f35bc4a5769e659d8cdb6d9d9d717c78b50f6b3ac899b07a9eaf2c989654de7d6609299bad01ca1f3fa8b6229a6c69627a07f627880e902231b20368f3ae64fd12fc37afeb95f14a4dc3d0bc5f6e2afd0fc8ef6982054cffa703ee1376654019ad6d2add9052c5d2f2e0ba3318f931b2c5f2dcce5cbca6093c64d23b64e2f2061da3dd5983644280de22d592b63b5d7f6b571beb005400010041bbc64da6bacaad1bebec23352accccbca40d6ba87943f82df945bf4ccc5250a0c2b2cb13793380f424b280bfb960885af6df4afa26efa8fcd7a1243389ef3fcf1d709f775a9cd1dfb2b84fd03e5d70f800010001950b7c0ec30534e476b721ba6e82d03078fe63b683918ecbbb9c339c8cdd63689339ac43acd5973f4aac8720a98d18e13b98e11e291f3f3621ed29c717639f84bdd28810da6ae30538775f15e00133741e9de3f96f69ab363752fa962b3c71041ba1e463a91d782a968d9febb648b66e71a6827c53b3be014b785f61c4fd46fef00658f64cdd465edb61ba4c5f00849b2935c485da99a38489ecc29837433ac5446c3922d73153fd8fb2368a5ce4201760ca6778f570b7fcb38be633a02d57c5884b6bcbaf3bc28ca7686edb5d59e1b823a8f0f5ff788625995d51c16413783c6290a9714bd4dcbd2a388139f3e46f69916f335c0002800900020073797a3000000000080003400000000908000180000000000900020073797a3000000000080003400000000808000180fffffffd080003400000000408000340fffffff908000180fffffffb0800034000000003a80002801c000280080003400000020008000340fffffff508000340000000001400028008000340000000050800034000000007720001001c2cce526d2ee30fb33f426450278cb35ac06b1cef15fefc26b5c17a8c9251bed316fccb5588f2e071fc355537fcf458cf14217f16ce4c12a4b559f3e807c94c6cc4f418baebc6024b74b9dbc5ef66dbbe91812ea247db80670c101ed494f105ad9c09b4eaf8d5c133b46a311c1a00001c0302802000028008000180fffffffc0900020073797a320000000008000340000000035c00028008000180fffffffc08000180fffffffc08000180fffffffb0900020073797a300000000008000340000000060900020073797a30000000000900020073797a31000000000900020073797a310000000008000180fffffffbf6000100330e5af714359ac9da33381a13071148dbe4293800e6be0290efbb549850cda132ca27a55553fd77c3067504c4596086f4001f53d49e8111395ebccb983c6b04735a58ab2617dfc62123b09c8dc5a47154667414dc28e8369829764b2e3cc23303a882890bad6d3a70d9e15701ec8c4c15a46d38c9ed6bc8658f8a45a02083f563324a27c649bab7cbcb485c289bd8df0a040128df6891ab48095977e0463f8e3ed7ba6df976ee30768954dfeb3f08c942b2c9384aa0b78baf92ecf5e4d73788afb1bc5a8f7c4b454897cd8bcac7f19cdd949fac66756da3b9311e13362eee317df853f6bc7e4638eb145a1484d3780e09b50000c8000100d5c1e4159bf770e02e6e1ebe911d7513709588175328d2e11f2ebf3f6967c49bedcb2a5459a45272bb8084e3bb55ea7a80166d97ec16457ed7d2a834d9aafdb2a54110ddc7975eaeda4f897ec7d533c27df0ce5ff92cfedadc67fff850ee5d07822d72b27af229d17ad2f8d802ae40d98f373e348a04b4f0270c71f82319de3a0331f165204896e0e448cf7ea0f8eb32a312fda6716f72f0234742fe6708ad0adf587ea21d94b8c8f5080028dda1e21d3d9ac82d8edd12941631b72b692ecc262d6ae12393000100c56deda494a09379df59bad8f0f17376b307ce49571034af728b1c4bf694e3b91406b976944238ab36ccaf40e3d92952ba87aa27af6353a82868c9508577a1b6a349fce75b3e4952b04b9527f496b5555e6db110dec07430b01446635eff12f136dbcb54fd4dc90b02e1bc6488ed74efd9eeb1b6de6e2a234f6c323df5c28a0352d03b34ee4f64ab614078125aa3cc0048000280080003400000000c08000340000000010900020073797a310000000008000180fffffffd0800034000008000080003400000dc5b08000180fffffffc08000180fffffffb2c0202804b000100cece2d8ff50c68c1060c2e691ddc50c6d87b46b4e5f6695010163d98bac2d9d7693cff0ec1e2107f58d3c305c78e5a596df92f1dbe80793dce5424be9e7951890023db7d0b9b2700e5000100f46e4b21dd4b92221713eece21b0e3bfb3fe995725eca78713a8d11ac82a6aefeeeab4720bd136479523ccafa34771afedeafc55275842bb7adb37ff3c93b19d9d5139f8b67ee81e380faa9506e6c8e5956cf7efc9828438d340aa4bfe771769c6ddb2f8c31049c1fc37e8f28812ea0aadd0caa7e32f6bb4b2b7a4473e5fa876c87bf285a503660ea12a0cfff6863a87c64ea83c31e737e278edcad77cb964828c7049d335e25156fd4d1c2faada6a8363794fe487155fbfd7c2e1b8504d4a744357734f51fca0426ffe929280df27411f8a90a067b285e970fa1e403722ae91dd000000f400010073e22ba6603d1c92836887468b100c2dc430efeb2ef19c66bd0582fe94df7b5a20292fdfbd2009980dbf9651685f7713bfb0f42583e452670f29e2cabf848fcdcb7a2067f0b257efd7dc927e540584b08f026e14be231afa797e36410d8ad6cbced8c5d2cce2f5a8b75713e57b3161b5b4ce78f283bf59a04f90bc1c5a4371abed0124c621ecb51b6166ad39f14216c09456232b7ea8dd7058bbbeae8b1c13df7ffa1515a359309683421d783f4fb00547cb06b3f974e65f28397c2c16675436a414b6e28d61800c35bdc05f9837e14491ce0fa7c0fbf6f61dd8f7eceac62373ed913de212a188ad5fa12d0eab8a0b440900010073797a30"], 0xb98}, 0x1, 0x0, 0x0, 0x20000000}, 0x0) 254.173462ms ago: executing program 2 (id=1800): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x8943, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x76, 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) sendmmsg$inet(0xffffffffffffffff, &(0x7f00000031c0)=[{{0x0, 0x0, &(0x7f0000003040)=[{&(0x7f0000000fc0)="374e1aa8a7c6ce1a2218ac42661dc4e2c1c3045e09cc34bca6e6db4842e7442ca774a96165b8ea0a04a1af699bcd9dfced1153f19b285be268448e31fd8f39a723a26667bd7b7952af9a7604b2a0ef5a991e86bcedc324d49653f7e04a8bef6b60de47eb2beba2fbf04b61821ac73c0bd940c041db56fcf20e856eab8915d3124115415124056d9f4983d279af0702490d0df73ec3e1", 0x96}], 0x1}}], 0x1, 0x8001) ioctl$KVM_RUN(r2, 0xae80, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f0000000000)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d7", 0x20}], 0x1) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = dup(r4) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0) syz_kvm_setup_cpu$x86(r5, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) ioctl$KVM_RUN(r6, 0xae80, 0x0) 0s ago: executing program 2 (id=1801): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000001180)={'erspan0\x00', {0x2, 0x4e22, @rand_addr=0x64010102}}) (fail_nth: 10) kernel console output (not intermixed with test programs): r after parsing attributes in process `syz.3.1319'. [ 280.131256][ T1209] usb 4-1: new high-speed USB device number 79 using dummy_hcd [ 280.327821][ T1209] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 280.420633][ T1209] usb 4-1: config 0 interface 0 has no altsetting 0 [ 280.558524][ T1209] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 280.683085][ T1209] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 280.716097][ T1209] usb 4-1: Product: syz [ 280.728083][ T1209] usb 4-1: Manufacturer: syz [ 280.741420][ T1209] usb 4-1: SerialNumber: syz [ 280.760979][ T1209] usb 4-1: config 0 descriptor?? [ 280.789753][ T1209] usb 4-1: selecting invalid altsetting 0 [ 280.927307][T10344] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1325'. [ 281.116601][T10352] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 281.373876][ T1209] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 281.523951][ T1209] usb 1-1: device descriptor read/64, error -71 [ 281.777736][ T1209] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 281.795717][T10359] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1330'. [ 281.913700][ T1209] usb 1-1: device descriptor read/64, error -71 [ 282.025703][ T1209] usb usb1-port1: attempt power cycle [ 282.378903][ T5922] usb 5-1: USB disconnect, device number 10 [ 282.434586][ T1209] usb 1-1: new high-speed USB device number 69 using dummy_hcd [ 282.454299][ T1209] usb 1-1: device descriptor read/8, error -71 [ 282.693619][ T1209] usb 1-1: new high-speed USB device number 70 using dummy_hcd [ 282.724346][ T1209] usb 1-1: device descriptor read/8, error -71 [ 282.844953][ T1209] usb usb1-port1: unable to enumerate USB device [ 282.875817][ T1209] usb 4-1: USB disconnect, device number 79 [ 282.953666][ T5880] usb 5-1: new high-speed USB device number 11 using dummy_hcd [ 283.105328][ T5880] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 283.116392][ T5880] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 283.126478][ T5880] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 283.135632][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 283.146455][ T5880] usb 5-1: config 0 descriptor?? [ 283.303602][ T1209] usb 4-1: new high-speed USB device number 80 using dummy_hcd [ 283.463659][ T1209] usb 4-1: Using ep0 maxpacket: 32 [ 283.471136][ T1209] usb 4-1: no configurations [ 283.476021][ T1209] usb 4-1: can't read configurations, error -22 [ 283.605048][ T1209] usb 4-1: new high-speed USB device number 81 using dummy_hcd [ 283.763595][ T1209] usb 4-1: Using ep0 maxpacket: 32 [ 283.769435][ T1209] usb 4-1: no configurations [ 283.774348][ T1209] usb 4-1: can't read configurations, error -22 [ 283.780889][ T1209] usb usb4-port1: attempt power cycle [ 284.133893][ T1209] usb 4-1: new high-speed USB device number 82 using dummy_hcd [ 284.181118][ T1209] usb 4-1: Using ep0 maxpacket: 32 [ 284.187020][ T1209] usb 4-1: no configurations [ 284.191662][ T1209] usb 4-1: can't read configurations, error -22 [ 284.256486][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.268661][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.278319][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.288397][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.297827][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.308269][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.317665][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.327017][T10375] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1336'. [ 284.345154][ T1209] usb 4-1: new high-speed USB device number 83 using dummy_hcd [ 284.365053][ T1209] usb 4-1: Using ep0 maxpacket: 32 [ 284.373351][ T1209] usb 4-1: no configurations [ 284.385247][ T1209] usb 4-1: can't read configurations, error -22 [ 284.407333][ T1209] usb usb4-port1: unable to enumerate USB device [ 284.446147][ T5880] uclogic 0003:256C:006D.0017: failed retrieving string descriptor #100: -71 [ 284.459753][ T5880] uclogic 0003:256C:006D.0017: failed retrieving pen parameters: -71 [ 284.469944][ T5880] uclogic 0003:256C:006D.0017: failed probing pen v1 parameters: -71 [ 284.478423][ T5880] uclogic 0003:256C:006D.0017: failed probing parameters: -71 [ 284.486424][ T5880] uclogic 0003:256C:006D.0017: probe with driver uclogic failed with error -71 [ 284.498906][ T5880] usb 5-1: USB disconnect, device number 11 [ 285.253715][ T5894] usb 5-1: new high-speed USB device number 12 using dummy_hcd [ 285.418293][ T5894] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 285.431672][ T5894] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 285.442605][ T5894] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 285.452695][ T5894] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 285.468044][ T5894] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 285.481127][ T5894] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 285.493021][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 285.501368][ T5894] usb 5-1: Product: syz [ 285.506769][ T5894] usb 5-1: Manufacturer: syz [ 285.521187][ T5894] cdc_wdm 5-1:1.0: skipping garbage [ 285.526499][ T5894] cdc_wdm 5-1:1.0: skipping garbage [ 285.534276][ T5894] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 285.540213][ T5894] cdc_wdm 5-1:1.0: Unknown control protocol [ 285.723039][T10393] trusted_key: syz.4.1342 sent an empty control message without MSG_MORE. [ 285.825343][T10398] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 285.846246][T10398] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 286.093713][ T5880] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 286.266117][ T5880] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 286.277281][ T5880] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 286.287218][ T5880] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 286.300126][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 286.317657][ T5880] usb 1-1: config 0 descriptor?? [ 287.250494][T10423] netlink: 'syz.3.1353': attribute type 1 has an invalid length. [ 287.258807][T10423] netlink: 232 bytes leftover after parsing attributes in process `syz.3.1353'. [ 288.032722][ T10] usb 5-1: USB disconnect, device number 12 [ 288.265904][T10434] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 288.485273][T10440] loop3: detected capacity change from 0 to 1 [ 288.494785][ T6749] Dev loop3: unable to read RDB block 1 [ 288.500492][ T6749] loop3: unable to read partition table [ 288.507222][ T6749] loop3: partition table beyond EOD, truncated [ 288.517437][T10440] Dev loop3: unable to read RDB block 1 [ 288.524996][T10440] loop3: unable to read partition table [ 288.533067][T10440] loop3: partition table beyond EOD, truncated [ 288.547190][T10440] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 288.946126][ T5894] usb 1-1: USB disconnect, device number 71 [ 288.957020][T10452] IPv6: Can't replace route, no match found [ 289.909645][T10488] /dev/rnullb0: Can't open blockdev [ 290.233647][ T10] usb 5-1: new high-speed USB device number 13 using dummy_hcd [ 290.342885][T10507] /dev/sg0: Can't lookup blockdev [ 290.400435][ T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 290.422091][ T10] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 290.449969][ T10] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 290.460210][ T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 290.474886][ T10] usb 5-1: config 0 descriptor?? [ 290.624130][T10516] /dev/rnullb0: Can't open blockdev [ 290.645665][ T5880] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 290.747769][T10520] netlink: 10 bytes leftover after parsing attributes in process `syz.3.1394'. [ 290.758752][T10520] macvlan0: entered promiscuous mode [ 290.818298][ T5880] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 290.826847][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 290.838308][ T5880] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 290.847873][ T5880] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 290.856888][ T5880] usb 1-1: Manufacturer: syz [ 290.873167][ T5880] usb 1-1: config 0 descriptor?? [ 290.974123][ T5880] rc_core: IR keymap rc-hauppauge not found [ 290.983457][ T5880] Registered IR keymap rc-empty [ 290.991632][ T5880] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0 [ 291.005399][ T5880] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input19 [ 291.290770][ C1] igorplugusb 1-1:0.0: receive overflow invalid: 108 [ 291.433656][ T5894] usb 4-1: new full-speed USB device number 84 using dummy_hcd [ 291.596415][ T5894] usb 4-1: config 126 has too many interfaces: 198, using maximum allowed: 32 [ 291.613653][ T5894] usb 4-1: config 126 has an invalid descriptor of length 106, skipping remainder of the config [ 291.624291][ T5894] usb 4-1: config 126 has 0 interfaces, different from the descriptor's value: 198 [ 291.644188][ T5894] usb 4-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb [ 291.653290][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 291.666143][ T5894] usb 4-1: Product: syz [ 291.670341][ T5894] usb 4-1: Manufacturer: syz [ 291.675327][ T5894] usb 4-1: SerialNumber: syz [ 292.864743][T10540] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 292.880070][T10540] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 293.156926][ T10] usb 5-1: USB disconnect, device number 13 [ 293.203015][T10546] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 293.401144][T10553] /dev/rnullb0: Can't open blockdev [ 293.611069][ T24] usb 1-1: USB disconnect, device number 72 [ 293.986949][T10578] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1409'. [ 294.103703][ T24] usb 1-1: new full-speed USB device number 73 using dummy_hcd [ 294.285177][ T24] usb 1-1: config 0 has an invalid interface number: 41 but max is 0 [ 294.293332][ T24] usb 1-1: config 0 has no interface number 0 [ 294.303833][ T5894] usb 4-1: USB disconnect, device number 84 [ 294.307489][ T24] usb 1-1: config 0 interface 41 has no altsetting 0 [ 294.330853][ T24] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 294.340399][ T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 294.405084][ T24] usb 1-1: Product: syz [ 294.419709][ T24] usb 1-1: Manufacturer: syz [ 294.439898][ T24] usb 1-1: SerialNumber: syz [ 294.459795][ T24] usb 1-1: config 0 descriptor?? [ 294.714086][ T5894] usb 4-1: new high-speed USB device number 85 using dummy_hcd [ 294.873725][ T5894] usb 4-1: Using ep0 maxpacket: 16 [ 294.880965][ T5894] usb 4-1: config 166 has an invalid interface number: 177 but max is 1 [ 294.889434][ T5894] usb 4-1: config 166 has an invalid interface number: 34 but max is 1 [ 294.897604][ T1209] usb 5-1: new high-speed USB device number 14 using dummy_hcd [ 294.897894][ T5894] usb 4-1: config 166 has no interface number 0 [ 294.911574][ T5894] usb 4-1: config 166 has no interface number 1 [ 294.917923][ T5894] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 294.928996][ T5894] usb 4-1: config 166 interface 177 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 294.940129][ T5894] usb 4-1: config 166 interface 34 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 294.950943][ T5894] usb 4-1: config 166 interface 34 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86 [ 294.962724][ T5894] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024 [ 294.974728][ T5894] usb 4-1: config 166 interface 34 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024 [ 294.985096][ T5894] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has an invalid bInterval 0, changing to 7 [ 294.996272][ T5894] usb 4-1: config 166 interface 34 altsetting 1 endpoint 0x85 has invalid wMaxPacketSize 0 [ 295.006308][ T5894] usb 4-1: config 166 interface 34 altsetting 1 has 5 endpoint descriptors, different from the interface descriptor's value: 4 [ 295.019487][ T5894] usb 4-1: config 166 interface 177 has no altsetting 0 [ 295.026456][ T5894] usb 4-1: config 166 interface 34 has no altsetting 0 [ 295.035664][ T5894] usb 4-1: New USB device found, idVendor=0bda, idProduct=0138, bcdDevice=30.12 [ 295.044811][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 295.052789][ T5894] usb 4-1: Product: syz [ 295.057007][ T5894] usb 4-1: Manufacturer: syz [ 295.061616][ T5894] usb 4-1: SerialNumber: syz [ 295.075236][ T1209] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 295.081094][T10571] /dev/rnullb0: Can't open blockdev [ 295.090104][ T1209] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 295.101599][ T24] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71 [ 295.114978][ T1209] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 295.129463][ T24] usb 1-1: USB disconnect, device number 73 [ 295.135685][ T1209] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 295.155706][ T1209] usb 5-1: config 0 descriptor?? [ 295.278890][ T5894] ums-realtek 4-1:166.177: USB Mass Storage device detected [ 295.367133][ T5894] ums-realtek 4-1:166.34: USB Mass Storage device detected [ 295.417323][ T5894] ums-realtek 4-1:166.34: probe with driver ums-realtek failed with error -5 [ 295.429115][ T5894] usb 4-1: Found UVC 0.00 device syz (0bda:0138) [ 295.437048][ T5894] usb 4-1: No valid video chain found. [ 295.448317][ T24] usb 5-1: USB disconnect, device number 14 [ 295.449831][ T5894] usb 4-1: USB disconnect, device number 85 [ 295.884783][T10615] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 295.913576][T10615] FAULT_INJECTION: forcing a failure. [ 295.913576][T10615] name failslab, interval 1, probability 0, space 0, times 0 [ 295.926848][T10615] CPU: 1 UID: 0 PID: 10615 Comm: syz.3.1418 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 295.926870][T10615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 295.926881][T10615] Call Trace: [ 295.926888][T10615] [ 295.926896][T10615] dump_stack_lvl+0x189/0x250 [ 295.926920][T10615] ? __pfx____ratelimit+0x10/0x10 [ 295.926943][T10615] ? __pfx_dump_stack_lvl+0x10/0x10 [ 295.926963][T10615] ? __pfx__printk+0x10/0x10 [ 295.926986][T10615] ? __pfx___might_resched+0x10/0x10 [ 295.927001][T10615] ? fs_reclaim_acquire+0x7d/0x100 [ 295.927029][T10615] should_fail_ex+0x414/0x560 [ 295.927060][T10615] should_failslab+0xa8/0x100 [ 295.927082][T10615] __kmalloc_noprof+0xcb/0x4f0 [ 295.927100][T10615] ? kfree+0x4d/0x440 [ 295.927113][T10615] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 295.927137][T10615] tomoyo_realpath_from_path+0xe3/0x5d0 [ 295.927158][T10615] ? tomoyo_domain+0xd9/0x130 [ 295.927184][T10615] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 295.927210][T10615] tomoyo_path_number_perm+0x1e8/0x5a0 [ 295.927238][T10615] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 295.927279][T10615] ? __lock_acquire+0xab9/0xd20 [ 295.927317][T10615] ? __fget_files+0x2a/0x420 [ 295.927340][T10615] ? __fget_files+0x2a/0x420 [ 295.927358][T10615] ? __fget_files+0x3a0/0x420 [ 295.927376][T10615] ? __fget_files+0x2a/0x420 [ 295.927398][T10615] security_file_ioctl+0xcb/0x2d0 [ 295.927420][T10615] __se_sys_ioctl+0x47/0x170 [ 295.927438][T10615] do_syscall_64+0xfa/0x3b0 [ 295.927455][T10615] ? lockdep_hardirqs_on+0x9c/0x150 [ 295.927472][T10615] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.927486][T10615] ? clear_bhb_loop+0x60/0xb0 [ 295.927503][T10615] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 295.927516][T10615] RIP: 0033:0x7f854818e929 [ 295.927535][T10615] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 295.927547][T10615] RSP: 002b:00007f8549070038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 295.927562][T10615] RAX: ffffffffffffffda RBX: 00007f85483b5fa0 RCX: 00007f854818e929 [ 295.927572][T10615] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 295.927580][T10615] RBP: 00007f8549070090 R08: 0000000000000000 R09: 0000000000000000 [ 295.927588][T10615] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 295.927596][T10615] R13: 0000000000000000 R14: 00007f85483b5fa0 R15: 00007ffcbc1e59b8 [ 295.927617][T10615] [ 295.927627][T10615] ERROR: Out of memory at tomoyo_realpath_from_path. [ 296.367513][ T30] audit: type=1326 audit(1751424258.688:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10627 comm="syz.3.1422" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f854818e929 code=0x0 [ 296.483602][ T5905] usb 1-1: new high-speed USB device number 74 using dummy_hcd [ 296.665445][ T5905] usb 1-1: unable to get BOS descriptor or descriptor too short [ 296.676925][ T5905] usb 1-1: config 1 has an invalid interface number: 226 but max is 1 [ 296.685242][ T5905] usb 1-1: config 1 has no interface number 1 [ 296.691325][ T5905] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 296.704448][ T5905] usb 1-1: too many endpoints for config 1 interface 226 altsetting 17: 67, using maximum allowed: 30 [ 296.715569][ T5905] usb 1-1: config 1 interface 226 altsetting 17 has 0 endpoint descriptors, different from the interface descriptor's value: 67 [ 296.728926][ T5905] usb 1-1: config 1 interface 0 has no altsetting 0 [ 296.735564][ T5905] usb 1-1: config 1 interface 226 has no altsetting 0 [ 296.745007][ T5905] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75 [ 296.754320][ T5905] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 296.762378][ T5905] usb 1-1: Product: syz [ 296.766705][ T5905] usb 1-1: Manufacturer: syz [ 296.771305][ T5905] usb 1-1: SerialNumber: syz [ 296.986811][T10620] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 297.015517][ T5905] smsusb:smsusb_probe: board id=8, interface number 0 [ 297.036357][ T5905] smsusb:smsusb_probe: board id=8, interface number 226 [ 297.046038][ T5905] usb 1-1: USB disconnect, device number 74 [ 297.302628][T10640] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 297.727416][T10655] /dev/rnullb0: Can't open blockdev [ 297.785710][ T10] usb 5-1: new high-speed USB device number 15 using dummy_hcd [ 297.825871][T10660] /dev/rnullb0: Can't open blockdev [ 297.967719][ T10] usb 5-1: Using ep0 maxpacket: 8 [ 297.986729][ T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 298.013357][ T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 298.052172][ T10] usb 5-1: Product: syz [ 298.057401][ T10] usb 5-1: Manufacturer: syz [ 298.062928][ T10] usb 5-1: SerialNumber: syz [ 298.075742][ T10] usb 5-1: config 0 descriptor?? [ 298.294383][ T10] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 298.788944][T10687] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1442'. [ 298.874233][ T5905] usb 4-1: new high-speed USB device number 86 using dummy_hcd [ 299.053766][ T5905] usb 4-1: Using ep0 maxpacket: 8 [ 299.061121][ T5905] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 299.071418][ T5905] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a [ 299.080591][ T5905] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 299.096560][ T5905] usb 4-1: config 0 descriptor?? [ 299.106138][ T5905] gspca_main: vc032x-2.14.0 probing 046d:0892 [ 299.713017][ T10] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 300.361479][T10718] loop3: detected capacity change from 0 to 1 [ 300.373003][ T6749] Dev loop3: unable to read RDB block 1 [ 300.380358][ T6749] loop3: unable to read partition table [ 300.387036][ T6749] loop3: partition table beyond EOD, truncated [ 300.399122][T10718] Dev loop3: unable to read RDB block 1 [ 300.404978][T10718] loop3: unable to read partition table [ 300.410790][T10718] loop3: partition table beyond EOD, truncated [ 300.422449][T10718] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 300.522002][T10722] /dev/rnullb0: Can't open blockdev [ 300.571279][ T5905] usb 4-1: USB disconnect, device number 86 [ 300.604859][T10724] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 300.623371][T10724] FAULT_INJECTION: forcing a failure. [ 300.623371][T10724] name failslab, interval 1, probability 0, space 0, times 0 [ 300.637228][T10724] CPU: 0 UID: 0 PID: 10724 Comm: syz.0.1451 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 300.637252][T10724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 300.637263][T10724] Call Trace: [ 300.637270][T10724] [ 300.637278][T10724] dump_stack_lvl+0x189/0x250 [ 300.637303][T10724] ? __pfx____ratelimit+0x10/0x10 [ 300.637326][T10724] ? __pfx_dump_stack_lvl+0x10/0x10 [ 300.637345][T10724] ? __pfx__printk+0x10/0x10 [ 300.637371][T10724] ? __pfx___might_resched+0x10/0x10 [ 300.637387][T10724] ? fs_reclaim_acquire+0x7d/0x100 [ 300.637415][T10724] should_fail_ex+0x414/0x560 [ 300.637446][T10724] should_failslab+0xa8/0x100 [ 300.637468][T10724] __kmalloc_cache_noprof+0x70/0x3d0 [ 300.637488][T10724] ? vhost_task_create+0xf6/0x290 [ 300.637511][T10724] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 300.637534][T10724] vhost_task_create+0xf6/0x290 [ 300.637554][T10724] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 300.637578][T10724] ? __pfx_vhost_task_create+0x10/0x10 [ 300.637606][T10724] ? __pfx_vhost_task_fn+0x10/0x10 [ 300.637635][T10724] ? kasan_save_track+0x4f/0x80 [ 300.637651][T10724] ? kasan_save_track+0x3e/0x80 [ 300.637673][T10724] kvm_mmu_post_init_vm+0x147/0x2b0 [ 300.637700][T10724] kvm_arch_vcpu_ioctl_run+0xdc/0x1940 [ 300.637729][T10724] ? __mutex_trylock_common+0x153/0x260 [ 300.637752][T10724] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 300.637778][T10724] ? rcu_is_watching+0x15/0xb0 [ 300.637794][T10724] ? look_up_lock_class+0x74/0x170 [ 300.637817][T10724] ? register_lock_class+0x51/0x320 [ 300.637844][T10724] ? __lock_acquire+0xab9/0xd20 [ 300.637880][T10724] kvm_vcpu_ioctl+0x95c/0xe90 [ 300.637899][T10724] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 300.637912][T10724] ? __lock_acquire+0xab9/0xd20 [ 300.637943][T10724] ? __fget_files+0x2a/0x420 [ 300.637962][T10724] ? __fget_files+0x2a/0x420 [ 300.637979][T10724] ? __fget_files+0x3a0/0x420 [ 300.637995][T10724] ? __fget_files+0x2a/0x420 [ 300.638014][T10724] ? bpf_lsm_file_ioctl+0x9/0x20 [ 300.638026][T10724] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 300.638040][T10724] __se_sys_ioctl+0xfc/0x170 [ 300.638055][T10724] do_syscall_64+0xfa/0x3b0 [ 300.638070][T10724] ? lockdep_hardirqs_on+0x9c/0x150 [ 300.638090][T10724] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.638102][T10724] ? clear_bhb_loop+0x60/0xb0 [ 300.638117][T10724] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 300.638129][T10724] RIP: 0033:0x7fa56a38e929 [ 300.638140][T10724] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 300.638151][T10724] RSP: 002b:00007fa56b197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 300.638165][T10724] RAX: ffffffffffffffda RBX: 00007fa56a5b5fa0 RCX: 00007fa56a38e929 [ 300.638174][T10724] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 300.638181][T10724] RBP: 00007fa56b197090 R08: 0000000000000000 R09: 0000000000000000 [ 300.638189][T10724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 300.638197][T10724] R13: 0000000000000000 R14: 00007fa56a5b5fa0 R15: 00007fff051a4e88 [ 300.638216][T10724] [ 300.972193][ T5880] usb 5-1: USB disconnect, device number 15 [ 301.060237][T10730] /dev/rnullb0: Can't open blockdev [ 301.383688][ T24] usb 1-1: new high-speed USB device number 75 using dummy_hcd [ 301.555512][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 301.586097][ T24] usb 1-1: config 0 has no interfaces? [ 301.591997][ T24] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df [ 301.616436][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 301.638239][ T24] usb 1-1: config 0 descriptor?? [ 301.683323][T10752] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 301.867598][T10729] random: crng reseeded on system resumption [ 301.893271][ T24] usb 1-1: USB disconnect, device number 75 [ 302.041902][T10760] loop3: detected capacity change from 0 to 1 [ 302.051174][T10760] Dev loop3: unable to read RDB block 1 [ 302.056863][T10760] loop3: unable to read partition table [ 302.062670][T10760] loop3: partition table beyond EOD, truncated [ 302.080338][T10760] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 302.148310][ T30] audit: type=1326 audit(1751424264.468:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10761 comm="syz.4.1465" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa2b118e929 code=0x0 [ 302.906921][T10791] syzkaller1: entered promiscuous mode [ 302.912427][T10791] syzkaller1: entered allmulticast mode [ 303.159455][T10797] ./cgroup: Can't lookup blockdev [ 303.297925][T10804] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 303.325272][T10804] CIFS mount error: No usable UNC path provided in device string! [ 303.325272][T10804] [ 303.336816][T10804] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 303.349188][T10804] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1481'. [ 303.358616][T10804] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1481'. [ 303.758269][T10825] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 303.761693][T10828] /dev/rnullb0: Can't open blockdev [ 303.781704][T10825] FAULT_INJECTION: forcing a failure. [ 303.781704][T10825] name failslab, interval 1, probability 0, space 0, times 0 [ 303.795382][T10825] CPU: 0 UID: 0 PID: 10825 Comm: syz.3.1488 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 303.795421][T10825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 303.795433][T10825] Call Trace: [ 303.795440][T10825] [ 303.795448][T10825] dump_stack_lvl+0x189/0x250 [ 303.795474][T10825] ? __pfx____ratelimit+0x10/0x10 [ 303.795498][T10825] ? __pfx_dump_stack_lvl+0x10/0x10 [ 303.795519][T10825] ? __pfx__printk+0x10/0x10 [ 303.795542][T10825] ? __pfx___might_resched+0x10/0x10 [ 303.795561][T10825] ? fs_reclaim_acquire+0x7d/0x100 [ 303.795590][T10825] should_fail_ex+0x414/0x560 [ 303.795623][T10825] should_failslab+0xa8/0x100 [ 303.795647][T10825] __kmalloc_noprof+0xcb/0x4f0 [ 303.795666][T10825] ? security_task_alloc+0x4d/0x360 [ 303.795692][T10825] ? perf_event_init_task+0x12d/0x4b0 [ 303.795714][T10825] security_task_alloc+0x4d/0x360 [ 303.795745][T10825] copy_process+0x1530/0x3c00 [ 303.795786][T10825] ? copy_process+0x97f/0x3c00 [ 303.795814][T10825] ? __pfx_copy_process+0x10/0x10 [ 303.795845][T10825] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 303.795870][T10825] vhost_task_create+0x1c4/0x290 [ 303.795893][T10825] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 303.795918][T10825] ? __pfx_vhost_task_create+0x10/0x10 [ 303.795948][T10825] ? __pfx_vhost_task_fn+0x10/0x10 [ 303.795979][T10825] ? kasan_save_track+0x4f/0x80 [ 303.795996][T10825] ? kasan_save_track+0x3e/0x80 [ 303.796018][T10825] kvm_mmu_post_init_vm+0x147/0x2b0 [ 303.796049][T10825] kvm_arch_vcpu_ioctl_run+0xdc/0x1940 [ 303.796080][T10825] ? __mutex_trylock_common+0x153/0x260 [ 303.796104][T10825] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 303.796132][T10825] ? rcu_is_watching+0x15/0xb0 [ 303.796150][T10825] ? look_up_lock_class+0x74/0x170 [ 303.796175][T10825] ? register_lock_class+0x51/0x320 [ 303.796208][T10825] ? __lock_acquire+0xab9/0xd20 [ 303.796263][T10825] kvm_vcpu_ioctl+0x95c/0xe90 [ 303.796290][T10825] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 303.796309][T10825] ? __lock_acquire+0xab9/0xd20 [ 303.796355][T10825] ? __fget_files+0x2a/0x420 [ 303.796384][T10825] ? __fget_files+0x2a/0x420 [ 303.796408][T10825] ? __fget_files+0x3a0/0x420 [ 303.796432][T10825] ? __fget_files+0x2a/0x420 [ 303.796459][T10825] ? bpf_lsm_file_ioctl+0x9/0x20 [ 303.796476][T10825] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 303.796498][T10825] __se_sys_ioctl+0xfc/0x170 [ 303.796521][T10825] do_syscall_64+0xfa/0x3b0 [ 303.796543][T10825] ? lockdep_hardirqs_on+0x9c/0x150 [ 303.796565][T10825] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.796583][T10825] ? clear_bhb_loop+0x60/0xb0 [ 303.796606][T10825] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 303.796624][T10825] RIP: 0033:0x7f854818e929 [ 303.796640][T10825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 303.796656][T10825] RSP: 002b:00007f8549070038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 303.796675][T10825] RAX: ffffffffffffffda RBX: 00007f85483b5fa0 RCX: 00007f854818e929 [ 303.796688][T10825] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 303.796699][T10825] RBP: 00007f8549070090 R08: 0000000000000000 R09: 0000000000000000 [ 303.796710][T10825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 303.796721][T10825] R13: 0000000000000000 R14: 00007f85483b5fa0 R15: 00007ffcbc1e59b8 [ 303.796749][T10825] [ 304.398470][T10840] netlink: 'syz.0.1494': attribute type 3 has an invalid length. [ 304.558249][T10848] /dev/rnullb0: Can't open blockdev [ 304.889622][T10866] FAULT_INJECTION: forcing a failure. [ 304.889622][T10866] name failslab, interval 1, probability 0, space 0, times 0 [ 304.902931][T10866] CPU: 1 UID: 0 PID: 10866 Comm: syz.4.1504 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 304.902955][T10866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 304.902966][T10866] Call Trace: [ 304.902973][T10866] [ 304.902981][T10866] dump_stack_lvl+0x189/0x250 [ 304.903005][T10866] ? __pfx____ratelimit+0x10/0x10 [ 304.903028][T10866] ? __pfx_dump_stack_lvl+0x10/0x10 [ 304.903048][T10866] ? __pfx__printk+0x10/0x10 [ 304.903070][T10866] ? __pfx___might_resched+0x10/0x10 [ 304.903088][T10866] ? fs_reclaim_acquire+0x7d/0x100 [ 304.903116][T10866] should_fail_ex+0x414/0x560 [ 304.903148][T10866] should_failslab+0xa8/0x100 [ 304.903187][T10866] __kmalloc_noprof+0xcb/0x4f0 [ 304.903219][T10866] ? tomoyo_encode+0x28b/0x550 [ 304.903242][T10866] tomoyo_encode+0x28b/0x550 [ 304.903267][T10866] tomoyo_realpath_from_path+0x58d/0x5d0 [ 304.903289][T10866] ? tomoyo_domain+0xd9/0x130 [ 304.903315][T10866] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 304.903342][T10866] tomoyo_path_number_perm+0x1e8/0x5a0 [ 304.903371][T10866] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 304.903413][T10866] ? __lock_acquire+0xab9/0xd20 [ 304.903457][T10866] ? __fget_files+0x2a/0x420 [ 304.903484][T10866] ? __fget_files+0x2a/0x420 [ 304.903507][T10866] ? __fget_files+0x3a0/0x420 [ 304.903533][T10866] ? __fget_files+0x2a/0x420 [ 304.903559][T10866] security_file_ioctl+0xcb/0x2d0 [ 304.903587][T10866] __se_sys_ioctl+0x47/0x170 [ 304.903608][T10866] do_syscall_64+0xfa/0x3b0 [ 304.903630][T10866] ? lockdep_hardirqs_on+0x9c/0x150 [ 304.903650][T10866] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.903668][T10866] ? clear_bhb_loop+0x60/0xb0 [ 304.903696][T10866] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 304.903712][T10866] RIP: 0033:0x7fa2b118e929 [ 304.903727][T10866] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 304.903742][T10866] RSP: 002b:00007fa2b1f50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 304.903760][T10866] RAX: ffffffffffffffda RBX: 00007fa2b13b5fa0 RCX: 00007fa2b118e929 [ 304.903773][T10866] RDX: 0000200000000100 RSI: 000000004008ae89 RDI: 0000000000000005 [ 304.903784][T10866] RBP: 00007fa2b1f50090 R08: 0000000000000000 R09: 0000000000000000 [ 304.903796][T10866] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 304.903806][T10866] R13: 0000000000000000 R14: 00007fa2b13b5fa0 R15: 00007ffdb39f99a8 [ 304.903833][T10866] [ 305.083613][ T5905] usb 4-1: new high-speed USB device number 87 using dummy_hcd [ 305.096799][T10866] ERROR: Out of memory at tomoyo_realpath_from_path. [ 305.249395][T10871] can0: slcan on ptm0. [ 305.264372][ T5905] usb 4-1: device descriptor read/64, error -71 [ 305.305771][T10870] can0 (unregistered): slcan off ptm0. [ 305.516641][ T5905] usb 4-1: new high-speed USB device number 88 using dummy_hcd [ 305.653625][ T5905] usb 4-1: device descriptor read/64, error -71 [ 305.689075][T10889] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 305.724562][T10889] FAULT_INJECTION: forcing a failure. [ 305.724562][T10889] name failslab, interval 1, probability 0, space 0, times 0 [ 305.741144][T10889] CPU: 0 UID: 0 PID: 10889 Comm: syz.2.1509 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 305.741173][T10889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 305.741185][T10889] Call Trace: [ 305.741193][T10889] [ 305.741202][T10889] dump_stack_lvl+0x189/0x250 [ 305.741231][T10889] ? __pfx____ratelimit+0x10/0x10 [ 305.741256][T10889] ? __pfx_dump_stack_lvl+0x10/0x10 [ 305.741279][T10889] ? __pfx__printk+0x10/0x10 [ 305.741308][T10889] ? __pfx___might_resched+0x10/0x10 [ 305.741327][T10889] ? fs_reclaim_acquire+0x7d/0x100 [ 305.741358][T10889] should_fail_ex+0x414/0x560 [ 305.741393][T10889] should_failslab+0xa8/0x100 [ 305.741419][T10889] kmem_cache_alloc_noprof+0x73/0x3c0 [ 305.741440][T10889] ? alloc_pid+0x9f/0xab0 [ 305.741460][T10889] ? copy_thread+0x4c6/0x9a0 [ 305.741494][T10889] alloc_pid+0x9f/0xab0 [ 305.741527][T10889] copy_process+0x198e/0x3c00 [ 305.741566][T10889] ? copy_process+0x97f/0x3c00 [ 305.741595][T10889] ? __pfx_copy_process+0x10/0x10 [ 305.741646][T10889] ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10 [ 305.741670][T10889] vhost_task_create+0x1c4/0x290 [ 305.741693][T10889] ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10 [ 305.741719][T10889] ? __pfx_vhost_task_create+0x10/0x10 [ 305.741760][T10889] ? __pfx_vhost_task_fn+0x10/0x10 [ 305.741790][T10889] ? kasan_save_track+0x4f/0x80 [ 305.741804][T10889] ? kasan_save_track+0x3e/0x80 [ 305.741824][T10889] kvm_mmu_post_init_vm+0x147/0x2b0 [ 305.741851][T10889] kvm_arch_vcpu_ioctl_run+0xdc/0x1940 [ 305.741880][T10889] ? __mutex_trylock_common+0x153/0x260 [ 305.741903][T10889] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 305.741928][T10889] ? rcu_is_watching+0x15/0xb0 [ 305.741946][T10889] ? look_up_lock_class+0x74/0x170 [ 305.741969][T10889] ? register_lock_class+0x51/0x320 [ 305.742000][T10889] ? __lock_acquire+0xab9/0xd20 [ 305.742052][T10889] kvm_vcpu_ioctl+0x95c/0xe90 [ 305.742078][T10889] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 305.742096][T10889] ? __lock_acquire+0xab9/0xd20 [ 305.742140][T10889] ? __fget_files+0x2a/0x420 [ 305.742167][T10889] ? __fget_files+0x2a/0x420 [ 305.742190][T10889] ? __fget_files+0x3a0/0x420 [ 305.742212][T10889] ? __fget_files+0x2a/0x420 [ 305.742239][T10889] ? bpf_lsm_file_ioctl+0x9/0x20 [ 305.742256][T10889] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 305.742276][T10889] __se_sys_ioctl+0xfc/0x170 [ 305.742298][T10889] do_syscall_64+0xfa/0x3b0 [ 305.742319][T10889] ? lockdep_hardirqs_on+0x9c/0x150 [ 305.742340][T10889] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.742357][T10889] ? clear_bhb_loop+0x60/0xb0 [ 305.742378][T10889] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 305.742395][T10889] RIP: 0033:0x7f6e2d98e929 [ 305.742410][T10889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 305.742425][T10889] RSP: 002b:00007f6e2e8b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 305.742444][T10889] RAX: ffffffffffffffda RBX: 00007f6e2dbb5fa0 RCX: 00007f6e2d98e929 [ 305.742456][T10889] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 305.742467][T10889] RBP: 00007f6e2e8b3090 R08: 0000000000000000 R09: 0000000000000000 [ 305.742478][T10889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 305.742488][T10889] R13: 0000000000000000 R14: 00007f6e2dbb5fa0 R15: 00007ffe64537f68 [ 305.742515][T10889] [ 305.789125][T10891] loop3: detected capacity change from 0 to 1 [ 305.802343][ T5905] usb usb4-port1: attempt power cycle [ 305.814760][ T6749] Dev loop3: unable to read RDB block 1 [ 306.097535][ T6749] loop3: unable to read partition table [ 306.103446][ T6749] loop3: partition table beyond EOD, truncated [ 306.131255][T10891] Dev loop3: unable to read RDB block 1 [ 306.143242][T10891] loop3: unable to read partition table [ 306.152829][T10891] loop3: partition table beyond EOD, truncated [ 306.161531][ T5905] usb 4-1: new high-speed USB device number 89 using dummy_hcd [ 306.162590][T10891] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 306.207411][ T5905] usb 4-1: device descriptor read/8, error -71 [ 306.454160][ T5905] usb 4-1: new high-speed USB device number 90 using dummy_hcd [ 306.484519][ T5905] usb 4-1: device descriptor read/8, error -71 [ 306.597793][ T5905] usb usb4-port1: unable to enumerate USB device [ 306.831671][T10933] netlink: 'syz.0.1520': attribute type 21 has an invalid length. [ 306.839852][T10933] netlink: 'syz.0.1520': attribute type 5 has an invalid length. [ 306.850777][T10933] netlink: 128 bytes leftover after parsing attributes in process `syz.0.1520'. [ 307.047456][T10944] netlink: 56 bytes leftover after parsing attributes in process `syz.0.1523'. [ 307.453337][T10951] /dev/rnullb0: Can't open blockdev [ 307.482256][T10953] loop3: detected capacity change from 0 to 1 [ 307.489849][T10953] Dev loop3: unable to read RDB block 1 [ 307.498059][T10953] loop3: unable to read partition table [ 307.504071][T10953] loop3: partition table beyond EOD, truncated [ 307.520729][T10953] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 307.881961][T10969] /dev/rnullb0: Can't open blockdev [ 308.603410][T11002] loop3: detected capacity change from 0 to 1 [ 308.610966][T11002] Dev loop3: unable to read RDB block 1 [ 308.622756][T11002] loop3: unable to read partition table [ 308.629340][T11002] loop3: partition table beyond EOD, truncated [ 308.649211][T11002] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 308.703622][ T5880] usb 1-1: new high-speed USB device number 76 using dummy_hcd [ 308.864775][ T5880] usb 1-1: Using ep0 maxpacket: 8 [ 308.887376][ T5880] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x99, changing to 0x89 [ 308.908744][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0 [ 308.921898][ T5880] usb 1-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e [ 308.931586][ T5880] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 308.957830][ T5880] usb 1-1: Product: syz [ 308.969347][ T5880] usb 1-1: Manufacturer: syz [ 308.976303][ T5880] usb 1-1: SerialNumber: syz [ 309.023760][ T5880] usb 1-1: config 0 descriptor?? [ 309.032168][ T5880] streamzap 1-1:0.0: streamzap_probe: endpoint attributes don't match xfer 0200 [ 309.232701][T10994] netlink: 'syz.0.1540': attribute type 10 has an invalid length. [ 309.251661][T10994] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.271377][T10994] bridge_slave_1: left allmulticast mode [ 309.277621][T10994] bridge_slave_1: left promiscuous mode [ 309.288482][T10994] bridge0: port 2(bridge_slave_1) entered disabled state [ 309.319479][T10994] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link [ 309.346462][T11028] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 309.649623][T11036] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 309.684795][T11036] FAULT_INJECTION: forcing a failure. [ 309.684795][T11036] name failslab, interval 1, probability 0, space 0, times 0 [ 309.697982][T11036] CPU: 0 UID: 0 PID: 11036 Comm: syz.4.1549 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 309.698007][T11036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 309.698018][T11036] Call Trace: [ 309.698025][T11036] [ 309.698033][T11036] dump_stack_lvl+0x189/0x250 [ 309.698059][T11036] ? __pfx____ratelimit+0x10/0x10 [ 309.698081][T11036] ? __pfx_dump_stack_lvl+0x10/0x10 [ 309.698100][T11036] ? __pfx__printk+0x10/0x10 [ 309.698122][T11036] ? __pfx___might_resched+0x10/0x10 [ 309.698140][T11036] ? fs_reclaim_acquire+0x7d/0x100 [ 309.698166][T11036] should_fail_ex+0x414/0x560 [ 309.698195][T11036] ? __kvm_mmu_topup_memory_cache+0x45e/0x610 [ 309.698222][T11036] should_failslab+0xa8/0x100 [ 309.698252][T11036] __kvmalloc_node_noprof+0x161/0x5f0 [ 309.698273][T11036] ? __kvm_mmu_topup_memory_cache+0x45e/0x610 [ 309.698305][T11036] __kvm_mmu_topup_memory_cache+0x45e/0x610 [ 309.698342][T11036] mmu_topup_memory_caches+0x21/0x170 [ 309.698365][T11036] kvm_mmu_load+0x9d/0x22f0 [ 309.698387][T11036] ? kvm_lapic_sync_to_vapic+0x2a3/0x830 [ 309.698417][T11036] ? __pfx_kvm_lapic_sync_to_vapic+0x10/0x10 [ 309.698446][T11036] ? vmx_update_cr8_intercept+0x151/0x340 [ 309.698468][T11036] vcpu_run+0x484e/0x6fa0 [ 309.698500][T11036] ? sched_clock+0x3f/0x60 [ 309.698571][T11036] ? __pfx_vcpu_run+0x10/0x10 [ 309.698598][T11036] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 309.698626][T11036] ? rcu_is_watching+0x15/0xb0 [ 309.698646][T11036] kvm_arch_vcpu_ioctl_run+0xfc9/0x1940 [ 309.698678][T11036] ? kvm_arch_vcpu_ioctl_run+0x1f3/0x1940 [ 309.698698][T11036] ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10 [ 309.698723][T11036] ? rcu_is_watching+0x15/0xb0 [ 309.698739][T11036] ? look_up_lock_class+0x74/0x170 [ 309.698761][T11036] ? register_lock_class+0x51/0x320 [ 309.698792][T11036] ? __lock_acquire+0xab9/0xd20 [ 309.698842][T11036] kvm_vcpu_ioctl+0x95c/0xe90 [ 309.698867][T11036] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 309.698884][T11036] ? __lock_acquire+0xab9/0xd20 [ 309.698927][T11036] ? __fget_files+0x2a/0x420 [ 309.698953][T11036] ? __fget_files+0x2a/0x420 [ 309.698974][T11036] ? __fget_files+0x3a0/0x420 [ 309.698996][T11036] ? __fget_files+0x2a/0x420 [ 309.699022][T11036] ? bpf_lsm_file_ioctl+0x9/0x20 [ 309.699038][T11036] ? __pfx_kvm_vcpu_ioctl+0x10/0x10 [ 309.699057][T11036] __se_sys_ioctl+0xfc/0x170 [ 309.699078][T11036] do_syscall_64+0xfa/0x3b0 [ 309.699099][T11036] ? lockdep_hardirqs_on+0x9c/0x150 [ 309.699119][T11036] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.699135][T11036] ? clear_bhb_loop+0x60/0xb0 [ 309.699156][T11036] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 309.699172][T11036] RIP: 0033:0x7fa2b118e929 [ 309.699187][T11036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 309.699201][T11036] RSP: 002b:00007fa2b1f50038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 309.699219][T11036] RAX: ffffffffffffffda RBX: 00007fa2b13b5fa0 RCX: 00007fa2b118e929 [ 309.699231][T11036] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 309.699247][T11036] RBP: 00007fa2b1f50090 R08: 0000000000000000 R09: 0000000000000000 [ 309.699257][T11036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 309.699266][T11036] R13: 0000000000000000 R14: 00007fa2b13b5fa0 R15: 00007ffdb39f99a8 [ 309.699293][T11036] [ 310.321972][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.354939][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.387558][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.411769][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.441044][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.470998][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.483314][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.502031][T11054] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1556'. [ 310.583917][ T5880] usb 4-1: new high-speed USB device number 91 using dummy_hcd [ 310.757440][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 310.774753][ T5880] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 310.795964][ T5880] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 310.832980][ T5880] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 310.846221][ T5880] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 310.857972][ T5880] usb 4-1: config 0 descriptor?? [ 311.067087][T11056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.076996][T11056] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 311.088073][T11056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.096800][T11056] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 311.106213][T11056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.115134][T11056] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 311.124694][T11056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.133376][T11056] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 311.145843][T11056] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 311.156836][T11056] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 311.189339][ T5880] plantronics 0003:047F:FFFF.0018: reserved main item tag 0xd [ 311.197522][ T9986] usb 5-1: new high-speed USB device number 16 using dummy_hcd [ 311.221757][ T5880] plantronics 0003:047F:FFFF.0018: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0 [ 311.272945][ T5880] usb 4-1: USB disconnect, device number 91 [ 311.334353][T11085] fido_id[11085]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 311.348672][ T9986] usb 5-1: device descriptor read/64, error -71 [ 311.484117][ T5863] usb 1-1: USB disconnect, device number 76 [ 311.554693][T11088] tipc: Enabling of bearer rejected, failed to enable media [ 311.593673][ T9986] usb 5-1: new high-speed USB device number 17 using dummy_hcd [ 311.606682][ T5880] usb 4-1: new high-speed USB device number 92 using dummy_hcd [ 311.723623][ T9986] usb 5-1: device descriptor read/64, error -71 [ 311.763605][ T5880] usb 4-1: Using ep0 maxpacket: 8 [ 311.780598][ T5880] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 311.803641][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 311.811666][ T5880] usb 4-1: Product: syz [ 311.820151][ T5880] usb 4-1: Manufacturer: syz [ 311.825867][ T5880] usb 4-1: SerialNumber: syz [ 311.833391][ T5880] usb 4-1: config 0 descriptor?? [ 311.840390][ T9986] usb usb5-port1: attempt power cycle [ 311.930292][T11102] loop3: detected capacity change from 0 to 1 [ 311.939798][ T6116] Dev loop3: unable to read RDB block 1 [ 311.946344][ T6116] loop3: unable to read partition table [ 311.952169][ T6116] loop3: partition table beyond EOD, truncated [ 311.959293][T11102] Dev loop3: unable to read RDB block 1 [ 311.966900][T11102] loop3: unable to read partition table [ 311.972708][T11102] loop3: partition table beyond EOD, truncated [ 311.983615][T11102] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 312.058643][ T5880] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 312.183646][ T9986] usb 5-1: new high-speed USB device number 18 using dummy_hcd [ 312.214008][ T9986] usb 5-1: device descriptor read/8, error -71 [ 312.454126][ T9986] usb 5-1: new high-speed USB device number 19 using dummy_hcd [ 312.474005][ T9986] usb 5-1: device descriptor read/8, error -71 [ 312.583645][ T24] usb 1-1: new high-speed USB device number 77 using dummy_hcd [ 312.591535][ T9986] usb usb5-port1: unable to enumerate USB device [ 312.763619][ T24] usb 1-1: Using ep0 maxpacket: 32 [ 312.772115][ T24] usb 1-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30 [ 312.783119][ T24] usb 1-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 312.794271][ T24] usb 1-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 312.807355][ T24] usb 1-1: config 0 interface 0 has no altsetting 0 [ 312.814042][ T24] usb 1-1: New USB device found, idVendor=8920, idProduct=0030, bcdDevice= 0.00 [ 312.823088][ T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 312.837132][ T24] usb 1-1: config 0 descriptor?? [ 313.046866][T11110] Invalid/unusable pipe [ 313.073607][ T5880] dvb_usb_rtl28xxu 4-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 313.077531][T11086] __nla_validate_parse: 57 callbacks suppressed [ 313.077547][T11086] netlink: 256 bytes leftover after parsing attributes in process `syz.3.1562'. [ 313.282315][ T24] hid-generic 0003:8920:0030.0019: hidraw0: USB HID v0.03 Device [HID 8920:0030] on usb-dummy_hcd.0-1/input0 [ 313.531173][T11115] mac80211_hwsim hwsim2 »»»»»»: renamed from wlan0 [ 313.559737][ T10] usb 1-1: USB disconnect, device number 77 [ 314.125440][T11123] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 314.341203][ T5863] usb 4-1: USB disconnect, device number 92 [ 314.399967][T11136] /dev/rnullb0: Can't open blockdev [ 314.596729][T11147] /dev/rnullb0: Can't open blockdev [ 314.668339][T11150] /dev/rnullb0: Can't open blockdev [ 314.729088][T11153] ip6tnl0: mtu less than device minimum [ 314.969152][T11154] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 315.041105][T11171] netlink: 'syz.3.1588': attribute type 29 has an invalid length. [ 315.144610][ T24] usb 1-1: new low-speed USB device number 78 using dummy_hcd [ 315.293594][ T24] usb 1-1: device descriptor read/64, error -71 [ 315.310179][T11186] /dev/rnullb0: Can't open blockdev [ 315.553591][ T24] usb 1-1: new low-speed USB device number 79 using dummy_hcd [ 315.705058][ T24] usb 1-1: device descriptor read/64, error -71 [ 315.825184][ T24] usb usb1-port1: attempt power cycle [ 316.243646][ T24] usb 1-1: new low-speed USB device number 80 using dummy_hcd [ 316.265872][ T24] usb 1-1: device descriptor read/8, error -71 [ 316.518835][ T24] usb 1-1: new low-speed USB device number 81 using dummy_hcd [ 316.544115][ T24] usb 1-1: device descriptor read/8, error -71 [ 316.601857][T11223] loop3: detected capacity change from 0 to 1 [ 316.609233][T11223] Dev loop3: unable to read RDB block 1 [ 316.618431][T11212] usb usb8: usbfs: process 11212 (syz.2.1601) did not claim interface 0 before use [ 316.620699][T11223] loop3: unable to read partition table [ 316.634005][T11223] loop3: partition table beyond EOD, truncated [ 316.640198][T11223] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 316.659194][ T24] usb usb1-port1: unable to enumerate USB device [ 316.680875][ T5205] Dev loop3: unable to read RDB block 1 [ 316.688929][ T5205] loop3: unable to read partition table [ 316.696208][ T5205] loop3: partition table beyond EOD, truncated [ 316.898008][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 316.936596][T11235] /dev/rnullb0: Can't open blockdev [ 317.254685][T11245] /dev/rnullb0: Can't open blockdev [ 317.454859][T11260] NILFS (nbd4): device size too small [ 317.503655][ T5863] usb 4-1: new high-speed USB device number 93 using dummy_hcd [ 317.523176][T11262] loop3: detected capacity change from 0 to 1 [ 317.531732][ T6749] Dev loop3: unable to read RDB block 1 [ 317.540055][ T6749] loop3: unable to read partition table [ 317.548825][ T6749] loop3: partition table beyond EOD, truncated [ 317.565196][T11262] Dev loop3: unable to read RDB block 1 [ 317.577060][T11262] loop3: unable to read partition table [ 317.582889][T11262] loop3: partition table beyond EOD, truncated [ 317.589736][T11262] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 317.674143][ T5863] usb 4-1: Using ep0 maxpacket: 16 [ 317.682050][ T5863] usb 4-1: config 0 has an invalid interface number: 126 but max is 0 [ 317.695884][ T5863] usb 4-1: config 0 has an invalid descriptor of length 49, skipping remainder of the config [ 317.707084][ T5863] usb 4-1: config 0 has no interface number 0 [ 317.713222][ T5863] usb 4-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87 [ 317.728350][ T5863] usb 4-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024 [ 317.739972][ T5863] usb 4-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64 [ 317.753782][ T5863] usb 4-1: config 0 interface 126 altsetting 0 endpoint 0x4 has invalid maxpacket 26159, setting to 1024 [ 317.767864][ T5863] usb 4-1: config 0 interface 126 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024 [ 317.780642][ T5863] usb 4-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4 [ 317.794172][ T5863] usb 4-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88 [ 317.803234][ T5863] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 317.814913][ T5863] usb 4-1: config 0 descriptor?? [ 317.820680][T11248] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 317.833899][T11248] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22 [ 317.851788][ T5863] usb 4-1: Quirk or no altset; falling back to MIDI 1.0 [ 318.123253][ T24] usb 4-1: USB disconnect, device number 93 [ 318.315379][ T9986] usb 1-1: new low-speed USB device number 82 using dummy_hcd [ 318.487086][ T9986] usb 1-1: config 0 has an invalid interface number: 55 but max is 0 [ 318.495738][ T9986] usb 1-1: config 0 has no interface number 0 [ 318.502731][ T9986] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 318.514552][ T9986] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 318.525570][ T9986] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 318.537283][ T9986] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 318.550816][ T9986] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 318.561016][ T9986] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 318.576596][ T9986] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 318.585934][ T9986] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 318.603935][ T9986] usb 1-1: config 0 descriptor?? [ 318.609756][T11281] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 318.630319][ T9986] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 318.661188][T11298] loop3: detected capacity change from 0 to 1 [ 318.670448][T11298] Dev loop3: unable to read RDB block 1 [ 318.676083][T11298] loop3: unable to read partition table [ 318.682029][T11298] loop3: partition table beyond EOD, truncated [ 318.688431][T11298] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 318.781772][T11302] /dev/rnullb0: Can't open blockdev [ 318.844252][T11281] ldusb 1-1:0.55: Couldn't submit interrupt_in_urb -90 [ 318.958741][ T24] usb 1-1: USB disconnect, device number 82 [ 318.970803][ T24] ldusb 1-1:0.55: LD USB Device #0 now disconnected [ 319.063847][ T5905] usb 5-1: new high-speed USB device number 20 using dummy_hcd [ 319.233646][ T5905] usb 5-1: Using ep0 maxpacket: 8 [ 319.242305][ T5905] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea [ 319.251571][ T5905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 319.262087][ T5905] usb 5-1: Product: syz [ 319.266285][ T5905] usb 5-1: Manufacturer: syz [ 319.270889][ T5905] usb 5-1: SerialNumber: syz [ 319.279770][ T5905] usb 5-1: config 0 descriptor?? [ 319.393786][ T10] usb 4-1: new high-speed USB device number 94 using dummy_hcd [ 319.489569][ T5905] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state [ 319.523683][ T10] usb 4-1: device descriptor read/64, error -71 [ 319.783684][ T10] usb 4-1: new high-speed USB device number 95 using dummy_hcd [ 319.923697][ T5894] usb 1-1: new high-speed USB device number 83 using dummy_hcd [ 319.931370][ T10] usb 4-1: device descriptor read/64, error -71 [ 320.054275][ T10] usb usb4-port1: attempt power cycle [ 320.106687][ T5894] usb 1-1: config index 0 descriptor too short (expected 44306, got 18) [ 320.115170][ T5894] usb 1-1: config 0 has too many interfaces: 140, using maximum allowed: 32 [ 320.125049][ T5894] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 140 [ 320.134309][ T5894] usb 1-1: config 0 has no interface number 0 [ 320.140440][ T5894] usb 1-1: New USB device found, idVendor=24cf, idProduct=59e4, bcdDevice= 9.22 [ 320.149638][ T5894] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 320.160099][ T5894] usb 1-1: config 0 descriptor?? [ 320.168487][ T5894] usb-storage 1-1:0.33: USB Mass Storage device detected [ 320.371581][ T9986] usb 1-1: USB disconnect, device number 83 [ 320.403623][ T10] usb 4-1: new high-speed USB device number 96 using dummy_hcd [ 320.424864][ T10] usb 4-1: device descriptor read/8, error -71 [ 320.673773][ T10] usb 4-1: new high-speed USB device number 97 using dummy_hcd [ 320.709420][ T10] usb 4-1: device descriptor read/8, error -71 [ 320.781708][T11332] loop3: detected capacity change from 0 to 1 [ 320.790331][ T6116] Dev loop3: unable to read RDB block 1 [ 320.796465][ T6116] loop3: unable to read partition table [ 320.802312][ T6116] loop3: partition table beyond EOD, truncated [ 320.811053][T11332] Dev loop3: unable to read RDB block 1 [ 320.817966][T11332] loop3: unable to read partition table [ 320.826160][ T10] usb usb4-port1: unable to enumerate USB device [ 320.832794][T11332] loop3: partition table beyond EOD, truncated [ 320.846382][T11332] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 320.946706][T11335] /dev/rnullb0: Can't open blockdev [ 321.031769][T11341] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 321.312970][ T5905] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32 [ 321.333058][ T5905] usb 5-1: USB disconnect, device number 20 [ 321.467188][T11354] loop3: detected capacity change from 0 to 1 [ 321.475143][T11354] Dev loop3: unable to read RDB block 1 [ 321.480821][T11354] loop3: unable to read partition table [ 321.490075][T11354] loop3: partition table beyond EOD, truncated [ 321.496977][T11354] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 321.619067][T11357] /dev/rnullb0: Can't open blockdev [ 321.901512][T11359] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 321.914396][T11359] /dev/rnullb0: Can't open blockdev [ 322.274698][T11364] syz.2.1652: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 322.316169][T11364] CPU: 0 UID: 0 PID: 11364 Comm: syz.2.1652 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 322.316195][T11364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 322.316207][T11364] Call Trace: [ 322.316214][T11364] [ 322.316222][T11364] dump_stack_lvl+0x189/0x250 [ 322.316250][T11364] ? __pfx_dump_stack_lvl+0x10/0x10 [ 322.316271][T11364] ? __pfx__printk+0x10/0x10 [ 322.316293][T11364] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 322.316313][T11364] ? cpuset_print_current_mems_allowed+0x1f/0x360 [ 322.316336][T11364] ? cpuset_print_current_mems_allowed+0x2ee/0x360 [ 322.316360][T11364] warn_alloc+0x214/0x310 [ 322.316383][T11364] ? stack_depot_save_flags+0x429/0x900 [ 322.316417][T11364] ? __pfx_warn_alloc+0x10/0x10 [ 322.316442][T11364] ? kasan_save_track+0x4f/0x80 [ 322.316460][T11364] ? xskq_create+0x56/0x170 [ 322.316480][T11364] ? xsk_init_queue+0xb0/0x110 [ 322.316498][T11364] ? xsk_setsockopt+0x43f/0x710 [ 322.316514][T11364] ? do_sock_setsockopt+0x25a/0x3e0 [ 322.316540][T11364] ? __x64_sys_setsockopt+0x18b/0x220 [ 322.316564][T11364] ? do_syscall_64+0xfa/0x3b0 [ 322.316586][T11364] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.316611][T11364] __vmalloc_node_range_noprof+0x125/0x12f0 [ 322.316659][T11364] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 322.316688][T11364] ? __kasan_kmalloc+0x93/0xb0 [ 322.316711][T11364] vmalloc_user_noprof+0xad/0xf0 [ 322.316733][T11364] ? xskq_create+0xbf/0x170 [ 322.316754][T11364] xskq_create+0xbf/0x170 [ 322.316778][T11364] xsk_init_queue+0xb0/0x110 [ 322.316800][T11364] xsk_setsockopt+0x43f/0x710 [ 322.316821][T11364] ? __pfx_xsk_setsockopt+0x10/0x10 [ 322.316839][T11364] ? __lock_acquire+0xab9/0xd20 [ 322.316868][T11364] ? aa_sock_opt_perm+0xff/0x1b0 [ 322.316891][T11364] ? bpf_lsm_socket_setsockopt+0x9/0x20 [ 322.316916][T11364] ? __pfx_xsk_setsockopt+0x10/0x10 [ 322.316937][T11364] do_sock_setsockopt+0x25a/0x3e0 [ 322.316966][T11364] ? __pfx_do_sock_setsockopt+0x10/0x10 [ 322.316996][T11364] ? __fget_files+0x2a/0x420 [ 322.317028][T11364] __x64_sys_setsockopt+0x18b/0x220 [ 322.317069][T11364] do_syscall_64+0xfa/0x3b0 [ 322.317090][T11364] ? lockdep_hardirqs_on+0x9c/0x150 [ 322.317111][T11364] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.317129][T11364] ? clear_bhb_loop+0x60/0xb0 [ 322.317154][T11364] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 322.317172][T11364] RIP: 0033:0x7f6e2d98e929 [ 322.317188][T11364] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 322.317203][T11364] RSP: 002b:00007f6e2e8b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 322.317223][T11364] RAX: ffffffffffffffda RBX: 00007f6e2dbb5fa0 RCX: 00007f6e2d98e929 [ 322.317236][T11364] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005 [ 322.317246][T11364] RBP: 00007f6e2da10b39 R08: 0000000000000004 R09: 0000000000000000 [ 322.317257][T11364] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000 [ 322.317268][T11364] R13: 0000000000000000 R14: 00007f6e2dbb5fa0 R15: 00007ffe64537f68 [ 322.317295][T11364] [ 322.318461][T11364] Mem-Info: [ 322.409453][T11356] syz.0.1649 (11356): drop_caches: 2 [ 322.604085][T11364] active_anon:6877 inactive_anon:0 isolated_anon:0 [ 322.604085][T11364] active_file:18195 inactive_file:47848 isolated_file:0 [ 322.604085][T11364] unevictable:3637 dirty:188 writeback:0 [ 322.604085][T11364] slab_reclaimable:11928 slab_unreclaimable:94038 [ 322.604085][T11364] mapped:25562 shmem:1429 pagetables:1435 [ 322.604085][T11364] sec_pagetables:0 bounce:0 [ 322.604085][T11364] kernel_misc_reclaimable:0 [ 322.604085][T11364] free:1311640 free_pcp:14713 free_cma:0 [ 322.692376][T11364] Node 0 active_anon:27540kB inactive_anon:0kB active_file:72680kB inactive_file:191188kB unevictable:13012kB isolated(anon):0kB isolated(file):0kB mapped:102048kB dirty:752kB writeback:0kB shmem:4180kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12052kB pagetables:5680kB sec_pagetables:12kB all_unreclaimable? no Balloon:0kB [ 322.730142][T11364] Node 1 active_anon:0kB inactive_anon:0kB active_file:100kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:92kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:160kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB [ 322.782598][T11376] /dev/rnullb0: Can't open blockdev [ 322.793018][T11364] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 322.835887][T11364] lowmem_reserve[]: 0 2496 2498 2498 2498 [ 322.841762][T11364] Node 0 DMA32 free:1339392kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:30792kB inactive_anon:0kB active_file:72680kB inactive_file:189876kB unevictable:13012kB writepending:752kB present:3129332kB managed:2556908kB mlocked:11476kB bounce:0kB free_pcp:41052kB local_pcp:20312kB free_cma:0kB [ 322.877588][T11364] lowmem_reserve[]: 0 0 1 1 1 [ 322.882560][T11364] Node 0 Normal free:20kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1312kB unevictable:0kB writepending:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 322.925932][T11364] lowmem_reserve[]: 0 0 0 0 0 [ 322.930701][T11364] Node 1 Normal free:3887932kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:100kB inactive_file:204kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:19360kB local_pcp:12800kB free_cma:0kB [ 322.999299][T11364] lowmem_reserve[]: 0 0 0 0 0 [ 323.038749][T11364] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB [ 323.075723][T11364] Node 0 DMA32: 836*4kB (UM) 384*8kB (M) 143*16kB (UME) 810*32kB (UME) 374*64kB (UME) 84*128kB (UM) 21*256kB (UM) 8*512kB (M) 4*1024kB (UME) 8*2048kB (UM) 303*4096kB (UM) = 1340352kB [ 323.111277][T11384] /dev/rnullb0: Can't open blockdev [ 323.116824][T11364] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB [ 323.145823][T11385] /dev/rnullb0: Can't open blockdev [ 323.147083][T11364] Node 1 Normal: 159*4kB (UM) 38*8kB (UE) 39*16kB (UME) 103*32kB (UME) 27*64kB (UE) 9*128kB (UME) 7*256kB (UM) 5*512kB (UME) 1*1024kB (M) 2*2048kB (UE) 945*4096kB (M) = 3887932kB [ 323.222988][T11364] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 323.383808][T11364] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB [ 323.411179][T11364] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 323.458151][T11364] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 323.499893][T11364] 72338 total pagecache pages [ 323.517327][T11364] 0 pages in swap cache [ 323.521605][T11364] Free swap = 124996kB [ 323.561793][T11364] Total swap = 124996kB [ 323.578113][T11364] 2097051 pages RAM [ 323.592419][T11364] 0 pages HighMem/MovableOnly [ 323.612030][T11364] 425846 pages reserved [ 323.633631][T11364] 0 pages cma reserved [ 323.663593][ T5905] usb 5-1: new full-speed USB device number 21 using dummy_hcd [ 323.812849][T11399] /dev/rnullb0: Can't open blockdev [ 323.837969][ T5905] usb 5-1: config 0 has an invalid interface number: 41 but max is 0 [ 323.861477][ T5905] usb 5-1: config 0 has no interface number 0 [ 323.883594][ T5905] usb 5-1: config 0 interface 41 has no altsetting 0 [ 323.933041][ T5905] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a [ 323.989679][ T5905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 324.023334][ T5905] usb 5-1: Product: syz [ 324.049891][ T5905] usb 5-1: Manufacturer: syz [ 324.078229][ T5905] usb 5-1: SerialNumber: syz [ 324.125000][ T5905] usb 5-1: config 0 descriptor?? [ 324.319475][T11413] loop3: detected capacity change from 0 to 1 [ 324.355706][T11413] Dev loop3: unable to read RDB block 1 [ 324.366680][T11413] loop3: unable to read partition table [ 324.373431][T11413] loop3: partition table beyond EOD, truncated [ 324.392705][T11413] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 324.794055][ T5863] usb 1-1: new high-speed USB device number 84 using dummy_hcd [ 324.956595][ T5863] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 324.970481][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0 [ 324.990460][ T5863] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 325.002103][ T5863] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0 [ 325.014610][ T5863] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 325.029608][ T5863] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 325.039102][ T5863] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.058855][ T5863] usb 1-1: config 0 descriptor?? [ 325.223753][ T5894] usb 4-1: new high-speed USB device number 98 using dummy_hcd [ 325.383704][ T5894] usb 4-1: Using ep0 maxpacket: 16 [ 325.395900][ T5894] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30 [ 325.408769][ T5894] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254 [ 325.425811][ T5894] usb 4-1: New USB device found, idVendor=06a3, idProduct=0621, bcdDevice= 0.00 [ 325.437841][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 325.451725][ T5894] usb 4-1: config 0 descriptor?? [ 325.531032][ T5863] plantronics 0003:047F:FFFF.001A: ignoring exceeding usage max [ 325.544880][ T5863] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 325.733260][T11424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 325.742093][T11424] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 325.882555][ T5894] hid_parser_main: 1197 callbacks suppressed [ 325.882577][ T5894] saitek 0003:06A3:0621.001B: unknown main item tag 0x0 [ 325.896056][ T5894] saitek 0003:06A3:0621.001B: unknown main item tag 0x0 [ 325.903028][ T5894] saitek 0003:06A3:0621.001B: unknown main item tag 0x0 [ 325.910052][ T5894] saitek 0003:06A3:0621.001B: unknown main item tag 0x0 [ 325.917050][ T5894] saitek 0003:06A3:0621.001B: unknown main item tag 0x0 [ 325.927875][ T5894] saitek 0003:06A3:0621.001B: hidraw1: USB HID v0.05 Device [HID 06a3:0621] on usb-dummy_hcd.3-1/input0 [ 326.090066][T11423] proc: Unknown parameter 'huge' [ 326.098542][ T5894] usb 4-1: USB disconnect, device number 98 [ 326.329017][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Error reading RX_CTL register:ffffffe0 [ 326.348967][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Error reading RX_CTL register:ffffffb9 [ 326.366064][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.380247][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.392217][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.403996][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.415827][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.427028][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.438889][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.450037][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.461746][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.472828][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.484639][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.495966][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.507938][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.519340][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.531246][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.542368][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.554929][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.566098][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.578116][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.589383][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.601452][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.612650][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.624474][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.635735][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.647508][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.664034][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.677131][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.688487][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.700470][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.711947][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.724032][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.735628][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.748010][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.759316][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.771220][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.784614][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.796475][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.807802][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.819770][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.831187][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.832956][T11431] /dev/rnullb0: Can't open blockdev [ 326.843646][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.858461][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.874944][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.886253][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.898139][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.909454][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.921341][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.932775][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.944761][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.956386][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 326.973724][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 326.983739][ T9986] usb 1-1: reset high-speed USB device number 84 using dummy_hcd [ 326.986391][T11434] /dev/rnullb0: Can't open blockdev [ 326.997865][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.047588][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.061064][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.073195][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.086394][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.098969][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.151752][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.185907][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.198244][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.213062][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.237025][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.253201][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.271666][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.290390][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.302960][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.357638][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.369394][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.399952][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.431962][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.478448][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.525370][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.597211][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.617717][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.647899][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.683881][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.709383][T11451] /dev/rnullb0: Can't open blockdev [ 327.723892][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.758376][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.804997][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.834240][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.867433][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.894484][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.924920][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.961224][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 327.982442][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 327.995719][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.008792][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.024443][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.037149][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.048842][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.060785][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.084398][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.096335][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.115022][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.127318][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.138647][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.151028][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.172738][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.201022][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.225225][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.238967][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.261326][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.275182][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.286561][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.298312][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.309609][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.321371][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.332428][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.344287][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.355469][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.367346][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.378486][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.390280][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.401335][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.413111][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.424903][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.436654][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.448175][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.460053][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.471387][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.483259][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.494747][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.506532][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.517619][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.529362][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.540514][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.552236][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.563355][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.575255][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.586437][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.598165][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.609495][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.621382][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.632594][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.635604][ T24] usb 1-1: USB disconnect, device number 84 [ 328.647494][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.664870][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.678844][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.690518][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.703245][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.714816][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.726851][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.742541][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.754698][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.766162][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.778798][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.790023][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.801912][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.811485][ T24] usb 1-1: new low-speed USB device number 85 using dummy_hcd [ 328.813211][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.854448][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.862962][T11473] /dev/rnullb0: Can't open blockdev [ 328.865753][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.882526][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.894509][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.906368][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.917792][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.929804][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.941446][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.953574][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 328.957012][ T24] usb 1-1: device descriptor read/64, error -71 [ 328.964823][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 328.989198][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.000774][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.021891][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.047761][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.060102][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.075770][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.092280][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.104107][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.116037][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.127358][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.162943][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.178575][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.190506][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.207184][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.217935][ T24] usb 1-1: new low-speed USB device number 86 using dummy_hcd [ 329.227141][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.250622][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.268196][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.280193][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.305527][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.318789][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.320037][T11485] FAULT_INJECTION: forcing a failure. [ 329.320037][T11485] name failslab, interval 1, probability 0, space 0, times 0 [ 329.330725][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.343487][T11485] CPU: 1 UID: 0 PID: 11485 Comm: syz.3.1695 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 329.343513][T11485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 329.343526][T11485] Call Trace: [ 329.343534][T11485] [ 329.343542][T11485] dump_stack_lvl+0x189/0x250 [ 329.343571][T11485] ? __pfx____ratelimit+0x10/0x10 [ 329.343596][T11485] ? __pfx_dump_stack_lvl+0x10/0x10 [ 329.343619][T11485] ? __pfx__printk+0x10/0x10 [ 329.343644][T11485] ? __pfx___might_resched+0x10/0x10 [ 329.343665][T11485] ? fs_reclaim_acquire+0x7d/0x100 [ 329.343697][T11485] should_fail_ex+0x414/0x560 [ 329.343732][T11485] should_failslab+0xa8/0x100 [ 329.343759][T11485] __kmalloc_noprof+0xcb/0x4f0 [ 329.343779][T11485] ? tomoyo_encode+0x28b/0x550 [ 329.343806][T11485] tomoyo_encode+0x28b/0x550 [ 329.343834][T11485] tomoyo_realpath_from_path+0x58d/0x5d0 [ 329.343858][T11485] ? tomoyo_domain+0xd9/0x130 [ 329.343888][T11485] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 329.343918][T11485] tomoyo_path_number_perm+0x1e8/0x5a0 [ 329.343950][T11485] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 329.343998][T11485] ? __lock_acquire+0xab9/0xd20 [ 329.344046][T11485] ? __fget_files+0x2a/0x420 [ 329.344076][T11485] ? __fget_files+0x2a/0x420 [ 329.344101][T11485] ? __fget_files+0x3a0/0x420 [ 329.344136][T11485] ? __fget_files+0x2a/0x420 [ 329.344166][T11485] security_file_ioctl+0xcb/0x2d0 [ 329.344197][T11485] __se_sys_ioctl+0x47/0x170 [ 329.344223][T11485] do_syscall_64+0xfa/0x3b0 [ 329.344265][T11485] ? lockdep_hardirqs_on+0x9c/0x150 [ 329.344290][T11485] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.344311][T11485] ? clear_bhb_loop+0x60/0xb0 [ 329.344336][T11485] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 329.344356][T11485] RIP: 0033:0x7f854818e929 [ 329.344390][T11485] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 329.344407][T11485] RSP: 002b:00007f8549070038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 329.344429][T11485] RAX: ffffffffffffffda RBX: 00007f85483b5fa0 RCX: 00007f854818e929 [ 329.344443][T11485] RDX: 0000200000001180 RSI: 0000000000008916 RDI: 0000000000000005 [ 329.344456][T11485] RBP: 00007f8549070090 R08: 0000000000000000 R09: 0000000000000000 [ 329.344468][T11485] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 329.344480][T11485] R13: 0000000000000000 R14: 00007f85483b5fa0 R15: 00007ffcbc1e59b8 [ 329.344510][T11485] [ 329.348468][T11485] ERROR: Out of memory at tomoyo_realpath_from_path. [ 329.357918][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.387036][ T24] usb 1-1: device descriptor read/64, error -71 [ 329.397745][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.514078][ T24] usb usb1-port1: attempt power cycle [ 329.557827][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.650594][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.662080][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.708423][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.726385][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.750732][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.766116][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.782394][T11494] binder: 11493:11494 ioctl c0306201 2000000003c0 returned -14 [ 329.790406][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.804565][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.818771][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.837423][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.850976][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.881624][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.897117][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 329.926790][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 329.934342][ T24] usb 1-1: new low-speed USB device number 87 using dummy_hcd [ 329.950747][T11496] kvm: pic: non byte write [ 329.976119][ T24] usb 1-1: device descriptor read/8, error -71 [ 329.976583][T11496] kvm: vcpu 0: requested 64 ns lapic timer period limited to 200000 ns [ 329.992713][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 330.005006][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 330.017286][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 330.029049][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 330.040940][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 330.052371][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 330.063269][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 330.074661][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 330.087213][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable software MII access [ 330.098798][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to enable hardware MII access [ 330.109861][ T5905] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to write Medium Mode mode to 0x0336:ffffffb9 [ 330.122334][ T5905] CoreChips 5-1:0.41: probe with driver CoreChips failed with error -71 [ 330.140326][ T5905] usb 5-1: USB disconnect, device number 21 [ 330.223702][ T24] usb 1-1: new low-speed USB device number 88 using dummy_hcd [ 330.254940][ T24] usb 1-1: device descriptor read/8, error -71 [ 330.379176][ T24] usb usb1-port1: unable to enumerate USB device [ 330.427614][T11510] netlink: 'syz.3.1702': attribute type 1 has an invalid length. [ 330.438468][T11510] netlink: 'syz.3.1702': attribute type 2 has an invalid length. [ 330.449044][T11510] /dev/rnullb0: Can't open blockdev [ 330.473618][ T5905] usb 5-1: new high-speed USB device number 22 using dummy_hcd [ 330.653775][ T5905] usb 5-1: Using ep0 maxpacket: 16 [ 330.660831][ T5905] usb 5-1: config 0 has an invalid interface number: 214 but max is 0 [ 330.669156][ T5905] usb 5-1: config 0 has no interface number 0 [ 330.675679][ T5905] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 330.688957][ T5905] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 330.701594][ T5905] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 330.710881][ T5905] usb 5-1: Product: syz [ 330.716330][ T5905] usb 5-1: Manufacturer: syz [ 330.721038][ T5905] usb 5-1: SerialNumber: syz [ 330.728760][ T5905] usb 5-1: config 0 descriptor?? [ 330.768043][ T5905] usbtouchscreen 5-1:0.214: Failed to read FW rev: -71 [ 330.786436][ T5905] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71 [ 330.825162][ T5905] usb 5-1: USB disconnect, device number 22 [ 331.382505][T11539] /dev/rnullb0: Can't open blockdev [ 331.734190][ T9986] usb 5-1: new high-speed USB device number 23 using dummy_hcd [ 331.780748][T11554] loop3: detected capacity change from 0 to 1 [ 331.788704][ T6749] Dev loop3: unable to read RDB block 1 [ 331.794781][ T6749] loop3: unable to read partition table [ 331.800692][ T6749] loop3: partition table beyond EOD, truncated [ 331.809442][T11554] Dev loop3: unable to read RDB block 1 [ 331.815442][T11554] loop3: unable to read partition table [ 331.823072][T11554] loop3: partition table beyond EOD, truncated [ 331.830475][T11554] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 331.905206][ T9986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 331.941111][ T9986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 331.951398][ T9986] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 331.967003][ T9986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 331.994806][ T9986] usb 5-1: config 0 descriptor?? [ 332.273090][T11583] /dev/rnullb0: Can't open blockdev [ 332.379378][T11589] loop3: detected capacity change from 0 to 1 [ 332.389412][T11589] Dev loop3: unable to read RDB block 1 [ 332.397502][T11589] loop3: unable to read partition table [ 332.403395][T11589] loop3: partition table beyond EOD, truncated [ 332.410595][T11589] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 332.411288][ T9986] hid (null): invalid report_count 1204730351 [ 332.446833][ T9986] hid-led 0003:27B8:01ED.001C: invalid report_count 1204730351 [ 332.459529][ T9986] hid-led 0003:27B8:01ED.001C: item 0 4 1 9 parsing failed [ 332.494430][ T9986] hid-led 0003:27B8:01ED.001C: probe with driver hid-led failed with error -22 [ 332.515264][T11591] FAULT_INJECTION: forcing a failure. [ 332.515264][T11591] name failslab, interval 1, probability 0, space 0, times 0 [ 332.553650][T11591] CPU: 0 UID: 0 PID: 11591 Comm: syz.0.1731 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 332.553679][T11591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 332.553692][T11591] Call Trace: [ 332.553700][T11591] [ 332.553709][T11591] dump_stack_lvl+0x189/0x250 [ 332.553736][T11591] ? __pfx____ratelimit+0x10/0x10 [ 332.553762][T11591] ? __pfx_dump_stack_lvl+0x10/0x10 [ 332.553785][T11591] ? __pfx__printk+0x10/0x10 [ 332.553822][T11591] ? __pfx___might_resched+0x10/0x10 [ 332.553841][T11591] ? fs_reclaim_acquire+0x7d/0x100 [ 332.553872][T11591] should_fail_ex+0x414/0x560 [ 332.553907][T11591] should_failslab+0xa8/0x100 [ 332.553933][T11591] kmem_cache_alloc_noprof+0x73/0x3c0 [ 332.553955][T11591] ? ptlock_alloc+0x20/0x70 [ 332.553981][T11591] ptlock_alloc+0x20/0x70 [ 332.554002][T11591] pte_alloc_one+0x7d/0x170 [ 332.554025][T11591] __handle_mm_fault+0x2795/0x5440 [ 332.554062][T11591] ? __pfx___handle_mm_fault+0x10/0x10 [ 332.554102][T11591] ? find_vma+0xe7/0x160 [ 332.554122][T11591] ? __pfx_find_vma+0x10/0x10 [ 332.554146][T11591] handle_mm_fault+0x40a/0x8e0 [ 332.554178][T11591] do_user_addr_fault+0x764/0x1390 [ 332.554225][T11591] exc_page_fault+0x76/0xf0 [ 332.554245][T11591] ? __might_fault+0xb0/0x130 [ 332.554268][T11591] asm_exc_page_fault+0x26/0x30 [ 332.554286][T11591] RIP: 0010:rep_movs_alternative+0x30/0x90 [ 332.554317][T11591] Code: 83 f9 08 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 <48> 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 [ 332.554333][T11591] RSP: 0018:ffffc900046a7b60 EFLAGS: 00050202 [ 332.554350][T11591] RAX: 00007ffffffff001 RBX: 0000000000000028 RCX: 0000000000000028 [ 332.554361][T11591] RDX: 0000000000000001 RSI: 0000200000001180 RDI: ffffc900046a7c00 [ 332.554374][T11591] RBP: 0000000000000000 R08: ffffc900046a7c27 R09: 1ffff920008d4f84 [ 332.554386][T11591] R10: dffffc0000000000 R11: fffff520008d4f85 R12: ffff88807cc55a10 [ 332.554399][T11591] R13: dffffc0000000000 R14: ffffc900046a7c00 R15: 0000200000001180 [ 332.554430][T11591] _copy_from_user+0x7a/0xb0 [ 332.554459][T11591] get_user_ifreq+0x6c/0x180 [ 332.554482][T11591] ieee802154_sock_ioctl+0xe2/0x3e0 [ 332.554502][T11591] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 332.554531][T11591] ? __pfx_ieee802154_sock_ioctl+0x10/0x10 [ 332.554547][T11591] ? tomoyo_path_number_perm+0x4e2/0x5a0 [ 332.554578][T11591] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 332.554616][T11591] sock_do_ioctl+0xdc/0x300 [ 332.554640][T11591] ? __pfx_sock_do_ioctl+0x10/0x10 [ 332.554659][T11591] ? __lock_acquire+0xab9/0xd20 [ 332.554702][T11591] sock_ioctl+0x576/0x790 [ 332.554725][T11591] ? __pfx_sock_ioctl+0x10/0x10 [ 332.554745][T11591] ? __fget_files+0x2a/0x420 [ 332.554770][T11591] ? __fget_files+0x3a0/0x420 [ 332.554793][T11591] ? __fget_files+0x2a/0x420 [ 332.554831][T11591] ? bpf_lsm_file_ioctl+0x9/0x20 [ 332.554849][T11591] ? __pfx_sock_ioctl+0x10/0x10 [ 332.554869][T11591] __se_sys_ioctl+0xfc/0x170 [ 332.554892][T11591] do_syscall_64+0xfa/0x3b0 [ 332.554914][T11591] ? lockdep_hardirqs_on+0x9c/0x150 [ 332.554936][T11591] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.554954][T11591] ? clear_bhb_loop+0x60/0xb0 [ 332.554977][T11591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 332.554994][T11591] RIP: 0033:0x7fa56a38e929 [ 332.555011][T11591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 332.555026][T11591] RSP: 002b:00007fa56b197038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 332.555044][T11591] RAX: ffffffffffffffda RBX: 00007fa56a5b5fa0 RCX: 00007fa56a38e929 [ 332.555057][T11591] RDX: 0000200000001180 RSI: 0000000000008916 RDI: 0000000000000005 [ 332.555069][T11591] RBP: 00007fa56b197090 R08: 0000000000000000 R09: 0000000000000000 [ 332.555081][T11591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 332.555092][T11591] R13: 0000000000000000 R14: 00007fa56a5b5fa0 R15: 00007fff051a4e88 [ 332.555120][T11591] [ 333.081806][T11546] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 333.195629][ T5905] usb 5-1: USB disconnect, device number 23 [ 333.308761][T11607] /dev/rnullb0: Can't open blockdev [ 333.525483][T11617] loop3: detected capacity change from 0 to 1 [ 333.536951][ T6749] Dev loop3: unable to read RDB block 1 [ 333.542549][ T6749] loop3: unable to read partition table [ 333.548868][ T6749] loop3: partition table beyond EOD, truncated [ 333.558715][T11617] Dev loop3: unable to read RDB block 1 [ 333.569694][T11617] loop3: unable to read partition table [ 333.575921][T11617] loop3: partition table beyond EOD, truncated [ 333.582863][T11617] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 333.945330][ T1209] usb 1-1: new high-speed USB device number 89 using dummy_hcd [ 333.963743][ T5894] usb 4-1: new high-speed USB device number 99 using dummy_hcd [ 334.103682][ T1209] usb 1-1: Using ep0 maxpacket: 16 [ 334.105319][ T5894] usb 4-1: device descriptor read/64, error -71 [ 334.110831][ T1209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 334.126171][ T1209] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 334.135984][ T1209] usb 1-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00 [ 334.145139][ T1209] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 334.156357][ T1209] usb 1-1: config 0 descriptor?? [ 334.223596][ T24] usb 5-1: new high-speed USB device number 24 using dummy_hcd [ 334.353572][ T5894] usb 4-1: new high-speed USB device number 100 using dummy_hcd [ 334.373718][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 334.385619][ T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 8 [ 334.397177][ T24] usb 5-1: can't read configurations, error -22 [ 334.498408][ T5894] usb 4-1: device descriptor read/64, error -71 [ 334.534317][ T24] usb 5-1: new high-speed USB device number 25 using dummy_hcd [ 334.582368][T11645] /dev/rnullb0: Can't open blockdev [ 334.585414][ T1209] playstation 0003:054C:05C4.001D: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.0-1/input0 [ 334.627523][ T5894] usb usb4-port1: attempt power cycle [ 334.683940][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 334.694016][ T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 8 [ 334.702576][ T24] usb 5-1: can't read configurations, error -22 [ 334.709407][ T24] usb usb5-port1: attempt power cycle [ 334.768199][T11623] /dev/rnullb0: Can't open blockdev [ 334.781327][ T1209] playstation 0003:054C:05C4.001D: Failed to retrieve feature with reportID 18: -71 [ 334.792071][ T1209] playstation 0003:054C:05C4.001D: Failed to retrieve DualShock4 pairing info: -71 [ 334.801528][ T1209] playstation 0003:054C:05C4.001D: Failed to get MAC address from DualShock4 [ 334.810373][ T1209] playstation 0003:054C:05C4.001D: Failed to create dualshock4. [ 334.826810][ T1209] playstation 0003:054C:05C4.001D: probe with driver playstation failed with error -71 [ 334.866675][ T1209] usb 1-1: USB disconnect, device number 89 [ 334.974282][ T5894] usb 4-1: new high-speed USB device number 101 using dummy_hcd [ 334.996441][T11654] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2142054965 (4284109930 ns) > initial count (2850433972 ns). Using initial count to start timer. [ 335.014526][ T5894] usb 4-1: device descriptor read/8, error -71 [ 335.054118][ T24] usb 5-1: new high-speed USB device number 26 using dummy_hcd [ 335.097067][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 335.104091][ T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 8 [ 335.112625][ T24] usb 5-1: can't read configurations, error -22 [ 335.243698][ T24] usb 5-1: new high-speed USB device number 27 using dummy_hcd [ 335.264385][ T24] usb 5-1: Using ep0 maxpacket: 32 [ 335.264423][ T5894] usb 4-1: new high-speed USB device number 102 using dummy_hcd [ 335.281037][ T24] usb 5-1: invalid descriptor for config index 0: type = 0x2, length = 8 [ 335.290039][ T24] usb 5-1: can't read configurations, error -22 [ 335.302043][ T24] usb usb5-port1: unable to enumerate USB device [ 335.323033][ T5894] usb 4-1: device descriptor read/8, error -71 [ 335.433117][T11662] /dev/rnullb0: Can't open blockdev [ 335.454075][ T5894] usb usb4-port1: unable to enumerate USB device [ 335.567997][T11670] loop3: detected capacity change from 0 to 1 [ 335.575864][ T6749] Dev loop3: unable to read RDB block 1 [ 335.581489][ T6749] loop3: unable to read partition table [ 335.590172][ T6749] loop3: partition table beyond EOD, truncated [ 335.603441][T11670] Dev loop3: unable to read RDB block 1 [ 335.609202][T11670] loop3: unable to read partition table [ 335.618595][T11670] loop3: partition table beyond EOD, truncated [ 335.624839][T11670] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 335.727834][ T30] audit: type=1326 audit(1751424298.048:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11673 comm="syz.2.1762" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6e2d98e929 code=0x0 [ 336.461636][T11697] loop3: detected capacity change from 0 to 1 [ 336.469018][T11697] Dev loop3: unable to read RDB block 1 [ 336.474992][T11697] loop3: unable to read partition table [ 336.481033][T11697] loop3: partition table beyond EOD, truncated [ 336.488345][T11697] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 336.663029][T11703] FAULT_INJECTION: forcing a failure. [ 336.663029][T11703] name failslab, interval 1, probability 0, space 0, times 0 [ 336.681859][T11703] CPU: 1 UID: 0 PID: 11703 Comm: syz.2.1774 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 336.681885][T11703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 336.681897][T11703] Call Trace: [ 336.681905][T11703] [ 336.681913][T11703] dump_stack_lvl+0x189/0x250 [ 336.681940][T11703] ? __pfx____ratelimit+0x10/0x10 [ 336.681962][T11703] ? __pfx_dump_stack_lvl+0x10/0x10 [ 336.681983][T11703] ? __pfx__printk+0x10/0x10 [ 336.682010][T11703] ? __pfx___might_resched+0x10/0x10 [ 336.682034][T11703] should_fail_ex+0x414/0x560 [ 336.682067][T11703] should_failslab+0xa8/0x100 [ 336.682091][T11703] __kmalloc_cache_noprof+0x70/0x3d0 [ 336.682112][T11703] ? call_usermodehelper_setup+0x8e/0x270 [ 336.682139][T11703] ? __kmalloc_node_track_caller_noprof+0x28e/0x4e0 [ 336.682165][T11703] call_usermodehelper_setup+0x8e/0x270 [ 336.682191][T11703] ? __pfx_free_modprobe_argv+0x10/0x10 [ 336.682223][T11703] __request_module+0x39f/0x5e0 [ 336.682256][T11703] ? __pfx___request_module+0x10/0x10 [ 336.682285][T11703] ? rcu_is_watching+0x15/0xb0 [ 336.682310][T11703] ? bpf_lsm_capable+0x9/0x20 [ 336.682329][T11703] ? security_capable+0x7e/0x2e0 [ 336.682351][T11703] ? dev_load+0x21/0x1f0 [ 336.682373][T11703] dev_load+0x190/0x1f0 [ 336.682396][T11703] ieee802154_sock_ioctl+0x1a2/0x3e0 [ 336.682416][T11703] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 336.682454][T11703] ? __pfx_ieee802154_sock_ioctl+0x10/0x10 [ 336.682469][T11703] ? tomoyo_path_number_perm+0x4e2/0x5a0 [ 336.682498][T11703] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 336.682534][T11703] sock_do_ioctl+0xdc/0x300 [ 336.682557][T11703] ? __pfx_sock_do_ioctl+0x10/0x10 [ 336.682573][T11703] ? __lock_acquire+0xab9/0xd20 [ 336.682613][T11703] sock_ioctl+0x576/0x790 [ 336.682634][T11703] ? __pfx_sock_ioctl+0x10/0x10 [ 336.682652][T11703] ? __fget_files+0x2a/0x420 [ 336.682675][T11703] ? __fget_files+0x3a0/0x420 [ 336.682704][T11703] ? __fget_files+0x2a/0x420 [ 336.682730][T11703] ? bpf_lsm_file_ioctl+0x9/0x20 [ 336.682746][T11703] ? __pfx_sock_ioctl+0x10/0x10 [ 336.682764][T11703] __se_sys_ioctl+0xfc/0x170 [ 336.682786][T11703] do_syscall_64+0xfa/0x3b0 [ 336.682807][T11703] ? lockdep_hardirqs_on+0x9c/0x150 [ 336.682828][T11703] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.682846][T11703] ? clear_bhb_loop+0x60/0xb0 [ 336.682867][T11703] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 336.682883][T11703] RIP: 0033:0x7f6e2d98e929 [ 336.682898][T11703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 336.682914][T11703] RSP: 002b:00007f6e2e8b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 336.682932][T11703] RAX: ffffffffffffffda RBX: 00007f6e2dbb5fa0 RCX: 00007f6e2d98e929 [ 336.682945][T11703] RDX: 0000200000001180 RSI: 0000000000008916 RDI: 0000000000000005 [ 336.682956][T11703] RBP: 00007f6e2e8b3090 R08: 0000000000000000 R09: 0000000000000000 [ 336.682967][T11703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 336.682978][T11703] R13: 0000000000000000 R14: 00007f6e2dbb5fa0 R15: 00007ffe64537f68 [ 336.683004][T11703] [ 337.152911][T11715] /dev/rnullb0: Can't open blockdev [ 337.176826][T11709] binder: 11708:11709 ioctl c0306201 200000000640 returned -22 [ 337.250290][T11720] loop3: detected capacity change from 0 to 1 [ 337.275122][T11720] Dev loop3: unable to read RDB block 1 [ 337.306707][T11720] loop3: unable to read partition table [ 337.314598][T11720] loop3: partition table beyond EOD, truncated [ 337.320880][T11720] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 337.583452][T11733] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1786'. [ 337.958683][T11745] FAULT_INJECTION: forcing a failure. [ 337.958683][T11745] name failslab, interval 1, probability 0, space 0, times 0 [ 338.011384][T11745] CPU: 1 UID: 0 PID: 11745 Comm: syz.3.1787 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 338.011411][T11745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 338.011423][T11745] Call Trace: [ 338.011430][T11745] [ 338.011437][T11745] dump_stack_lvl+0x189/0x250 [ 338.011462][T11745] ? __pfx____ratelimit+0x10/0x10 [ 338.011485][T11745] ? __pfx_dump_stack_lvl+0x10/0x10 [ 338.011504][T11745] ? __pfx__printk+0x10/0x10 [ 338.011529][T11745] ? __pfx___might_resched+0x10/0x10 [ 338.011554][T11745] ? fs_reclaim_acquire+0x7d/0x100 [ 338.011581][T11745] should_fail_ex+0x414/0x560 [ 338.011612][T11745] should_failslab+0xa8/0x100 [ 338.011635][T11745] __kmalloc_cache_noprof+0x70/0x3d0 [ 338.011655][T11745] ? __request_module+0x2b5/0x5e0 [ 338.011685][T11745] __request_module+0x2b5/0x5e0 [ 338.011711][T11745] ? __pfx_aa_get_newest_label+0x10/0x10 [ 338.011733][T11745] ? __pfx___request_module+0x10/0x10 [ 338.011762][T11745] ? apparmor_capable+0x137/0x1b0 [ 338.011793][T11745] ? capable+0x89/0xe0 [ 338.011807][T11745] ? dev_load+0x21/0x1f0 [ 338.011832][T11745] ieee802154_sock_ioctl+0x1a2/0x3e0 [ 338.011851][T11745] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 338.011877][T11745] ? __pfx_ieee802154_sock_ioctl+0x10/0x10 [ 338.011892][T11745] ? tomoyo_path_number_perm+0x4e2/0x5a0 [ 338.011921][T11745] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 338.011957][T11745] sock_do_ioctl+0xdc/0x300 [ 338.011979][T11745] ? __pfx_sock_do_ioctl+0x10/0x10 [ 338.011997][T11745] ? __lock_acquire+0xab9/0xd20 [ 338.012055][T11745] sock_ioctl+0x576/0x790 [ 338.012077][T11745] ? __pfx_sock_ioctl+0x10/0x10 [ 338.012096][T11745] ? __fget_files+0x2a/0x420 [ 338.012118][T11745] ? __fget_files+0x3a0/0x420 [ 338.012140][T11745] ? __fget_files+0x2a/0x420 [ 338.012182][T11745] ? bpf_lsm_file_ioctl+0x9/0x20 [ 338.012198][T11745] ? __pfx_sock_ioctl+0x10/0x10 [ 338.012216][T11745] __se_sys_ioctl+0xfc/0x170 [ 338.012237][T11745] do_syscall_64+0xfa/0x3b0 [ 338.012258][T11745] ? lockdep_hardirqs_on+0x9c/0x150 [ 338.012279][T11745] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.012296][T11745] ? clear_bhb_loop+0x60/0xb0 [ 338.012317][T11745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 338.012334][T11745] RIP: 0033:0x7f854818e929 [ 338.012349][T11745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 338.012364][T11745] RSP: 002b:00007f8549070038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 338.012383][T11745] RAX: ffffffffffffffda RBX: 00007f85483b5fa0 RCX: 00007f854818e929 [ 338.012396][T11745] RDX: 0000200000001180 RSI: 0000000000008916 RDI: 0000000000000005 [ 338.012407][T11745] RBP: 00007f8549070090 R08: 0000000000000000 R09: 0000000000000000 [ 338.012417][T11745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 338.012428][T11745] R13: 0000000000000000 R14: 00007f85483b5fa0 R15: 00007ffcbc1e59b8 [ 338.012454][T11745] [ 338.322053][T11754] loop3: detected capacity change from 0 to 1 [ 338.350472][T11754] Dev loop3: unable to read RDB block 1 [ 338.358410][T11754] loop3: unable to read partition table [ 338.364294][T11754] loop3: partition table beyond EOD, truncated [ 338.370516][T11754] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5) [ 338.637436][T11765] /dev/rnullb0: Can't open blockdev [ 338.775973][ T5894] usb 5-1: new full-speed USB device number 28 using dummy_hcd [ 338.933619][ T10] usb 1-1: new high-speed USB device number 90 using dummy_hcd [ 338.943461][ T5894] usb 5-1: config 0 interface 0 has no altsetting 0 [ 338.953570][ T5894] usb 5-1: New USB device found, idVendor=1397, idProduct=00bd, bcdDevice=c5.66 [ 338.962619][ T5894] usb 5-1: New USB device strings: Mfr=128, Product=0, SerialNumber=0 [ 338.971006][ T5894] usb 5-1: Manufacturer: syz [ 338.978151][ T5894] usb 5-1: config 0 descriptor?? [ 338.991282][ T5894] usb 5-1: invalid MIDI EP [ 338.998731][ T5894] usb 5-1: snd-bcd2000: error during probing [ 339.006137][ T5894] snd-bcd2000 5-1:0.0: probe with driver snd-bcd2000 failed with error -22 [ 339.083568][ T10] usb 1-1: device descriptor read/64, error -71 [ 339.181679][T11781] FAULT_INJECTION: forcing a failure. [ 339.181679][T11781] name failslab, interval 1, probability 0, space 0, times 0 [ 339.197077][T11781] CPU: 0 UID: 0 PID: 11781 Comm: syz.2.1801 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 339.197102][T11781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 339.197113][T11781] Call Trace: [ 339.197119][T11781] [ 339.197127][T11781] dump_stack_lvl+0x189/0x250 [ 339.197151][T11781] ? __pfx____ratelimit+0x10/0x10 [ 339.197172][T11781] ? __pfx_dump_stack_lvl+0x10/0x10 [ 339.197192][T11781] ? __pfx__printk+0x10/0x10 [ 339.197212][T11781] ? __pfx___might_resched+0x10/0x10 [ 339.197230][T11781] ? fs_reclaim_acquire+0x7d/0x100 [ 339.197256][T11781] should_fail_ex+0x414/0x560 [ 339.197286][T11781] should_failslab+0xa8/0x100 [ 339.197308][T11781] __kmalloc_node_track_caller_noprof+0xcc/0x4e0 [ 339.197329][T11781] ? __request_module+0x2d1/0x5e0 [ 339.197360][T11781] kstrdup+0x42/0x100 [ 339.197385][T11781] __request_module+0x2d1/0x5e0 [ 339.197410][T11781] ? __pfx_aa_get_newest_label+0x10/0x10 [ 339.197440][T11781] ? __pfx___request_module+0x10/0x10 [ 339.197469][T11781] ? apparmor_capable+0x137/0x1b0 [ 339.197497][T11781] ? capable+0x89/0xe0 [ 339.197512][T11781] ? dev_load+0x21/0x1f0 [ 339.197535][T11781] ieee802154_sock_ioctl+0x1a2/0x3e0 [ 339.197554][T11781] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 339.197581][T11781] ? __pfx_ieee802154_sock_ioctl+0x10/0x10 [ 339.197596][T11781] ? tomoyo_path_number_perm+0x4e2/0x5a0 [ 339.197624][T11781] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 339.197659][T11781] sock_do_ioctl+0xdc/0x300 [ 339.197682][T11781] ? __pfx_sock_do_ioctl+0x10/0x10 [ 339.197699][T11781] ? __lock_acquire+0xab9/0xd20 [ 339.197730][T11781] sock_ioctl+0x576/0x790 [ 339.197746][T11781] ? __pfx_sock_ioctl+0x10/0x10 [ 339.197761][T11781] ? __fget_files+0x2a/0x420 [ 339.197780][T11781] ? __fget_files+0x3a0/0x420 [ 339.197798][T11781] ? __fget_files+0x2a/0x420 [ 339.197818][T11781] ? bpf_lsm_file_ioctl+0x9/0x20 [ 339.197831][T11781] ? __pfx_sock_ioctl+0x10/0x10 [ 339.197845][T11781] __se_sys_ioctl+0xfc/0x170 [ 339.197862][T11781] do_syscall_64+0xfa/0x3b0 [ 339.197879][T11781] ? lockdep_hardirqs_on+0x9c/0x150 [ 339.197895][T11781] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.197909][T11781] ? clear_bhb_loop+0x60/0xb0 [ 339.197926][T11781] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 339.197939][T11781] RIP: 0033:0x7f6e2d98e929 [ 339.197952][T11781] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 339.197964][T11781] RSP: 002b:00007f6e2e8b3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 339.197979][T11781] RAX: ffffffffffffffda RBX: 00007f6e2dbb5fa0 RCX: 00007f6e2d98e929 [ 339.197990][T11781] RDX: 0000200000001180 RSI: 0000000000008916 RDI: 0000000000000005 [ 339.197999][T11781] RBP: 00007f6e2e8b3090 R08: 0000000000000000 R09: 0000000000000000 [ 339.198007][T11781] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 339.198016][T11781] R13: 0000000000000000 R14: 00007f6e2dbb5fa0 R15: 00007ffe64537f68 [ 339.198037][T11781] [ 339.521052][ T31] INFO: task kworker/1:1:43 blocked for more than 143 seconds. [ 339.531004][ T31] Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 [ 339.541242][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 339.549963][ T31] task:kworker/1:1 state:D stack:21048 pid:43 tgid:43 ppid:2 task_flags:0x4208060 flags:0x00004000 [ 339.562036][ T31] Workqueue: events_power_efficient hub_init_func2 [ 339.568586][ T31] Call Trace: [ 339.571873][ T31] [ 339.574843][ T31] __schedule+0x16f5/0x4d00 [ 339.579396][ T31] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 339.584837][ T31] ? schedule+0x165/0x360 [ 339.589194][ T31] ? __pfx___schedule+0x10/0x10 [ 339.594122][ T31] ? schedule+0x91/0x360 [ 339.598388][ T31] schedule+0x165/0x360 [ 339.602565][ T31] schedule_preempt_disabled+0x13/0x30 [ 339.608065][ T31] __mutex_lock+0x724/0xe80 [ 339.612586][ T31] ? do_raw_spin_unlock+0x122/0x240 [ 339.617966][ T31] ? __mutex_lock+0x51b/0xe80 [ 339.622673][ T31] ? hub_activate+0xb7/0x1ea0 [ 339.627409][ T31] ? __pfx___mutex_lock+0x10/0x10 [ 339.632452][ T31] ? do_raw_spin_lock+0x121/0x290 [ 339.637557][ T31] ? __lock_acquire+0xab9/0xd20 [ 339.642431][ T31] hub_activate+0xb7/0x1ea0 [ 339.646971][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 339.652714][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 339.657935][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 339.663698][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 339.669438][ T31] process_scheduled_works+0xae1/0x17b0 [ 339.675033][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 339.681046][ T31] worker_thread+0x8a0/0xda0 [ 339.685708][ T31] kthread+0x70e/0x8a0 [ 339.689800][ T31] ? __pfx_worker_thread+0x10/0x10 [ 339.695422][ T31] ? __pfx_kthread+0x10/0x10 [ 339.700023][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 339.705261][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 339.710474][ T31] ? __pfx_kthread+0x10/0x10 [ 339.715097][ T31] ret_from_fork+0x3fc/0x770 [ 339.719708][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 339.724874][ T31] ? __switch_to_asm+0x39/0x70 [ 339.729656][ T31] ? __switch_to_asm+0x33/0x70 [ 339.734473][ T31] ? __pfx_kthread+0x10/0x10 [ 339.739079][ T31] ret_from_fork_asm+0x1a/0x30 [ 339.743906][ T31] [ 339.747030][ T31] INFO: task kworker/1:3:5837 blocked for more than 143 seconds. [ 339.756349][ T31] Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 [ 339.763655][ T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 339.773279][ T31] task:kworker/1:3 state:D stack:21192 pid:5837 tgid:5837 ppid:2 task_flags:0x4288060 flags:0x00004000 [ 339.785416][ T31] Workqueue: usb_hub_wq hub_event [ 339.790467][ T31] Call Trace: [ 339.793815][ T31] [ 339.796766][ T31] __schedule+0x16f5/0x4d00 [ 339.805389][ T31] ? schedule+0x165/0x360 [ 339.809750][ T31] ? __pfx___schedule+0x10/0x10 [ 339.814676][ T31] ? preempt_schedule_common+0x83/0xd0 [ 339.820321][ T31] ? __pfx_preempt_schedule+0x10/0x10 [ 339.825864][ T31] ? schedule+0x91/0x360 [ 339.830130][ T31] schedule+0x165/0x360 [ 339.834475][ T31] schedule_timeout+0x9a/0x270 [ 339.839415][ T31] ? __pfx_schedule_timeout+0x10/0x10 [ 339.843184][ T1209] usb 5-1: USB disconnect, device number 28 [ 339.844845][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 339.844871][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 339.844892][ T31] ? wait_for_completion+0x267/0x5d0 [ 339.844917][ T31] wait_for_completion+0x2bf/0x5d0 [ 339.844952][ T31] ? __pfx_wait_for_completion+0x10/0x10 [ 339.844981][ T31] ? __flush_work+0xd2/0xbc0 [ 339.882033][ T10] usb 1-1: new high-speed USB device number 91 using dummy_hcd [ 339.891367][ T31] ? __flush_work+0xd2/0xbc0 [ 339.896225][ T31] __flush_work+0x9b9/0xbc0 [ 339.901405][ T31] ? __flush_work+0xd2/0xbc0 [ 339.906315][ T31] ? __pfx___flush_work+0x10/0x10 [ 339.911368][ T31] ? __pfx_wq_barrier_func+0x10/0x10 [ 339.916884][ T31] ? __queue_work+0xc56/0xfb0 [ 339.921687][ T31] ? flush_delayed_work+0x11d/0x190 [ 339.928477][ T31] flush_delayed_work+0x13e/0x190 [ 339.936902][ T31] ? __pfx_flush_delayed_work+0x10/0x10 [ 339.942456][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 339.949331][ T31] ? usb_hcd_flush_endpoint+0x3e9/0x400 [ 339.954983][ T31] hub_quiesce+0x1f0/0x330 [ 339.959440][ T31] hub_disconnect+0xc8/0x470 [ 339.964169][ T31] usb_unbind_interface+0x26b/0x910 [ 339.969573][ T31] ? __pfx_usb_unbind_interface+0x10/0x10 [ 339.975647][ T31] device_release_driver_internal+0x4d6/0x7c0 [ 339.981821][ T31] bus_remove_device+0x34d/0x410 [ 339.987114][ T31] device_del+0x511/0x8e0 [ 339.991466][ T31] ? kfree+0x18e/0x440 [ 339.995977][ T31] ? __pfx_device_del+0x10/0x10 [ 340.000841][ T31] ? kobject_put+0x446/0x480 [ 340.005485][ T31] usb_disable_device+0x3e9/0x8a0 [ 340.010524][ T31] usb_disconnect+0x330/0x950 [ 340.015540][ T31] hub_event+0x1cdb/0x4a00 [ 340.019988][ T31] ? do_raw_spin_lock+0x121/0x290 [ 340.025572][ T31] ? register_lock_class+0x51/0x320 [ 340.030797][ T31] ? __pfx_hub_event+0x10/0x10 [ 340.035060][ T10] usb 1-1: device descriptor read/64, error -71 [ 340.035663][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 340.047612][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 340.052835][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 340.058766][ T31] ? process_scheduled_works+0x9ef/0x17b0 [ 340.064556][ T31] process_scheduled_works+0xae1/0x17b0 [ 340.070125][ T31] ? __pfx_process_scheduled_works+0x10/0x10 [ 340.076229][ T31] worker_thread+0x8a0/0xda0 [ 340.080835][ T31] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 340.087227][ T31] ? __kthread_parkme+0x7b/0x200 [ 340.092185][ T31] kthread+0x70e/0x8a0 [ 340.096339][ T31] ? __pfx_worker_thread+0x10/0x10 [ 340.101463][ T31] ? __pfx_kthread+0x10/0x10 [ 340.106152][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 340.111373][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 340.116664][ T31] ? __pfx_kthread+0x10/0x10 [ 340.121277][ T31] ret_from_fork+0x3fc/0x770 [ 340.126131][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 340.131277][ T31] ? __switch_to_asm+0x39/0x70 [ 340.136283][ T31] ? __switch_to_asm+0x33/0x70 [ 340.141069][ T31] ? __pfx_kthread+0x10/0x10 [ 340.145868][ T31] ret_from_fork_asm+0x1a/0x30 [ 340.150685][ T31] [ 340.154033][ T31] [ 340.154033][ T31] Showing all locks held in the system: [ 340.154537][ T10] usb usb1-port1: attempt power cycle [ 340.161912][ T31] 8 locks held by kworker/0:1/10: [ 340.179227][ T31] #0: ffff8880216a5d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 340.190988][ T31] #1: ffffc900000f7bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 340.203103][ T31] #2: ffff88802874b198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 340.212191][ T31] #3: ffff88802874e510 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21a3/0x4a00 [ 340.231005][ T31] #4: ffff8880285af768 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21cb/0x4a00 [ 340.241234][ T31] #5: ffffffff8eff2ed0 (ehci_cf_port_reset_rwsem){.+.+}-{4:4}, at: hub_port_reset+0x163/0x1750 [ 340.251751][ T31] #6: ffff8880b8639f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 340.261820][ T31] #7: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x314/0x6d0 [ 340.277249][ T31] 1 lock held by khungtaskd/31: [ 340.282099][ T31] #0: ffffffff8e33bee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180 [ 340.292240][ T31] 3 locks held by kworker/1:1/43: [ 340.299115][ T31] #0: ffff88801a882148 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 340.311520][ T31] #1: ffffc90000b37bc0 ((work_completion)(&(&hub->init_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 340.324696][ T31] #2: ffff88805b4d3198 (&dev->mutex){....}-{4:4}, at: hub_activate+0xb7/0x1ea0 [ 340.333958][ T31] 1 lock held by klogd/5194: [ 340.338554][ T31] #0: ffff8880b8639f58 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140 [ 340.348594][ T31] 2 locks held by getty/5596: [ 340.353293][ T31] #0: ffff8880303790a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70 [ 340.363083][ T31] #1: ffffc90002fee2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400 [ 340.373298][ T31] 5 locks held by kworker/1:3/5837: [ 340.378537][ T31] #0: ffff8880216a5d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0 [ 340.389992][ T31] #1: ffffc90003da7bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0 [ 340.402048][ T31] #2: ffff888028823198 (&dev->mutex){....}-{4:4}, at: hub_event+0x184/0x4a00 [ 340.411000][ T31] #3: ffff88805b4d3198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x950 [ 340.420912][ T31] #4: ffff8880797c1160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x7c0 [ 340.431517][ T31] 1 lock held by syz.4.1795/11761: [ 340.436655][ T31] #0: ffffffff8e3418c0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570 [ 340.446641][ T31] [ 340.448968][ T31] ============================================= [ 340.448968][ T31] [ 340.457477][ T31] NMI backtrace for cpu 1 [ 340.457490][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 340.457510][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 340.457521][ T31] Call Trace: [ 340.457528][ T31] [ 340.457535][ T31] dump_stack_lvl+0x189/0x250 [ 340.457557][ T31] ? __wake_up_klogd+0xd9/0x110 [ 340.457583][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 340.457604][ T31] ? __pfx__printk+0x10/0x10 [ 340.457633][ T31] nmi_cpu_backtrace+0x39e/0x3d0 [ 340.457655][ T31] ? __pfx_nmi_cpu_backtrace+0x10/0x10 [ 340.457670][ T31] ? _printk+0xcf/0x120 [ 340.457694][ T31] ? __pfx__printk+0x10/0x10 [ 340.457716][ T31] ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10 [ 340.457745][ T31] nmi_trigger_cpumask_backtrace+0x17a/0x300 [ 340.457766][ T31] watchdog+0xfee/0x1030 [ 340.457793][ T31] ? watchdog+0x1de/0x1030 [ 340.457825][ T31] kthread+0x70e/0x8a0 [ 340.457849][ T31] ? __pfx_watchdog+0x10/0x10 [ 340.457873][ T31] ? __pfx_kthread+0x10/0x10 [ 340.457896][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 340.457915][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 340.457935][ T31] ? __pfx_kthread+0x10/0x10 [ 340.457958][ T31] ret_from_fork+0x3fc/0x770 [ 340.457988][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 340.458021][ T31] ? __switch_to_asm+0x39/0x70 [ 340.458042][ T31] ? __switch_to_asm+0x33/0x70 [ 340.458062][ T31] ? __pfx_kthread+0x10/0x10 [ 340.458085][ T31] ret_from_fork_asm+0x1a/0x30 [ 340.458120][ T31] [ 340.458127][ T31] Sending NMI from CPU 1 to CPUs 0: [ 340.553598][ T10] usb 1-1: new high-speed USB device number 92 using dummy_hcd [ 340.557968][ C0] NMI backtrace for cpu 0 [ 340.557980][ C0] CPU: 0 UID: 0 PID: 10 Comm: kworker/0:1 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 340.557998][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 340.558009][ C0] Workqueue: usb_hub_wq hub_event [ 340.558028][ C0] RIP: 0010:io_serial_in+0x77/0xc0 [ 340.558047][ C0] Code: e8 8e ce 6b fc 44 89 f9 d3 e3 49 83 c6 40 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 6f e2 cf fc 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f c3 cc cc cc cc cc 44 89 f9 80 e1 07 [ 340.558067][ C0] RSP: 0018:ffffc900000f6e58 EFLAGS: 00000006 [ 340.558079][ C0] RAX: 1ffffffff3406b05 RBX: 00000000000003f9 RCX: 0000000000000000 [ 340.558089][ C0] RDX: 00000000000003f9 RSI: 0000000000038531 RDI: 0000000000038532 [ 340.558098][ C0] RBP: ffffc900000f7030 R08: 0000000000000003 R09: 0000000000000004 [ 340.558107][ C0] R10: dffffc0000000000 R11: ffffffff85544cb0 R12: dffffc0000000000 [ 340.558118][ C0] R13: dffffc0000000000 R14: ffffffff9a0358a0 R15: 0000000000000000 [ 340.558129][ C0] FS: 0000000000000000(0000) GS:ffff8881259e4000(0000) knlGS:0000000000000000 [ 340.558140][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 340.558150][ C0] CR2: 00007f8548380ab8 CR3: 000000007677a000 CR4: 00000000003526f0 [ 340.558163][ C0] DR0: 0000000000000000 DR1: 0000000000000097 DR2: 0000000000000000 [ 340.558172][ C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 340.558180][ C0] Call Trace: [ 340.558187][ C0] [ 340.558194][ C0] serial8250_console_write+0x584/0x1ba0 [ 340.558217][ C0] ? __lock_acquire+0xab9/0xd20 [ 340.558239][ C0] ? __pfx_serial8250_console_write+0x10/0x10 [ 340.558256][ C0] ? console_flush_all+0x13a/0xc40 [ 340.558274][ C0] ? console_flush_all+0x13a/0xc40 [ 340.558293][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 340.558311][ C0] ? console_flush_all+0x13a/0xc40 [ 340.558327][ C0] ? console_flush_all+0x13a/0xc40 [ 340.558344][ C0] console_flush_all+0x725/0xc40 [ 340.558361][ C0] ? console_flush_all+0x13a/0xc40 [ 340.558381][ C0] ? __pfx_console_flush_all+0x10/0x10 [ 340.558402][ C0] ? is_printk_cpu_sync_owner+0x32/0x40 [ 340.558424][ C0] console_unlock+0xc4/0x270 [ 340.558439][ C0] ? __pfx_console_unlock+0x10/0x10 [ 340.558453][ C0] ? vprintk_emit+0x400/0x7a0 [ 340.558468][ C0] ? vprintk_emit+0x587/0x7a0 [ 340.558482][ C0] ? vprintk_emit+0x444/0x7a0 [ 340.558495][ C0] ? vprintk_emit+0x444/0x7a0 [ 340.558510][ C0] vprintk_emit+0x5b7/0x7a0 [ 340.558524][ C0] ? vprintk_emit+0x444/0x7a0 [ 340.558539][ C0] ? __pfx_vprintk_emit+0x10/0x10 [ 340.558553][ C0] ? do_raw_spin_unlock+0x122/0x240 [ 340.558571][ C0] ? __pfx_snprintf+0x10/0x10 [ 340.558591][ C0] dev_vprintk_emit+0x337/0x3f0 [ 340.558611][ C0] ? __pfx_dev_vprintk_emit+0x10/0x10 [ 340.558635][ C0] dev_printk_emit+0xe0/0x130 [ 340.558652][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 340.558671][ C0] ? __pfx_dev_printk_emit+0x10/0x10 [ 340.558688][ C0] ? __up_read+0x280/0x680 [ 340.558705][ C0] ? __dev_printk+0x131/0x190 [ 340.558722][ C0] _dev_info+0x10a/0x160 [ 340.558741][ C0] ? __pfx__dev_info+0x10/0x10 [ 340.558765][ C0] hub_port_init+0x5cf/0x2800 [ 340.558789][ C0] hub_event+0x2518/0x4a00 [ 340.558826][ C0] ? __pfx_hub_event+0x10/0x10 [ 340.558841][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 340.558866][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 340.558881][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 340.558904][ C0] ? process_scheduled_works+0x9ef/0x17b0 [ 340.558927][ C0] process_scheduled_works+0xae1/0x17b0 [ 340.558961][ C0] ? __pfx_process_scheduled_works+0x10/0x10 [ 340.558991][ C0] worker_thread+0x8a0/0xda0 [ 340.559015][ C0] kthread+0x70e/0x8a0 [ 340.559033][ C0] ? __pfx_worker_thread+0x10/0x10 [ 340.559046][ C0] ? __pfx_kthread+0x10/0x10 [ 340.559069][ C0] ? _raw_spin_unlock_irq+0x23/0x50 [ 340.559083][ C0] ? lockdep_hardirqs_on+0x9c/0x150 [ 340.559099][ C0] ? __pfx_kthread+0x10/0x10 [ 340.559115][ C0] ret_from_fork+0x3fc/0x770 [ 340.559138][ C0] ? __pfx_ret_from_fork+0x10/0x10 [ 340.559162][ C0] ? __switch_to_asm+0x39/0x70 [ 340.559179][ C0] ? __switch_to_asm+0x33/0x70 [ 340.559195][ C0] ? __pfx_kthread+0x10/0x10 [ 340.559212][ C0] ret_from_fork_asm+0x1a/0x30 [ 340.559236][ C0] [ 340.560029][ T31] Kernel panic - not syncing: hung_task: blocked tasks [ 340.560045][ T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) [ 340.560068][ T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 340.560081][ T31] Call Trace: [ 340.560090][ T31] [ 340.560099][ T31] dump_stack_lvl+0x99/0x250 [ 340.560123][ T31] ? __asan_memcpy+0x40/0x70 [ 340.560155][ T31] ? __pfx_dump_stack_lvl+0x10/0x10 [ 340.560178][ T31] ? __pfx__printk+0x10/0x10 [ 340.560214][ T31] panic+0x2db/0x790 [ 340.560238][ T31] ? __pfx_panic+0x10/0x10 [ 340.560256][ T31] ? nmi_backtrace_stall_check+0x433/0x440 [ 340.560283][ T31] ? preempt_schedule_thunk+0x16/0x30 [ 340.560319][ T31] ? nmi_trigger_cpumask_backtrace+0x2b6/0x300 [ 340.560347][ T31] watchdog+0x102d/0x1030 [ 340.560378][ T31] ? watchdog+0x1de/0x1030 [ 340.560412][ T31] kthread+0x70e/0x8a0 [ 340.560440][ T31] ? __pfx_watchdog+0x10/0x10 [ 340.560466][ T31] ? __pfx_kthread+0x10/0x10 [ 340.560491][ T31] ? _raw_spin_unlock_irq+0x23/0x50 [ 340.560513][ T31] ? lockdep_hardirqs_on+0x9c/0x150 [ 340.560536][ T31] ? __pfx_kthread+0x10/0x10 [ 340.560561][ T31] ret_from_fork+0x3fc/0x770 [ 340.560593][ T31] ? __pfx_ret_from_fork+0x10/0x10 [ 340.560630][ T31] ? __switch_to_asm+0x39/0x70 [ 340.560654][ T31] ? __switch_to_asm+0x33/0x70 [ 340.560678][ T31] ? __pfx_kthread+0x10/0x10 [ 340.560704][ T31] ret_from_fork_asm+0x1a/0x30 [ 340.560745][ T31] [ 340.564106][ T31] Kernel Offset: disabled