last executing test programs: 10.735080668s ago: executing program 0 (id=1041): r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65) write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc) ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r2, 0xc0884123, &(0x7f0000000300)={0x3, "244689261a3365eb47c14247a532ccbd3bf3b29282987c7cc12acb8ae6d2fbd3428a0df873e1d58af8bf70c05fc6c43edcdaa8e7db0700", {0x3, 0x8}}) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc06c4124, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 9.484564157s ago: executing program 0 (id=1053): prlimit64(0x0, 0xe, 0x0, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1e, 0x0, 0x3, 0xff}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x2000002, 0x3a, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 8.744644556s ago: executing program 0 (id=1059): mkdir(&(0x7f00000020c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) 6.762437607s ago: executing program 0 (id=1063): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000020bd28940000000000000109022400010000000009040100010300000009210000000122070009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000340)={0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB='\x00#\a'], 0x0}, 0x0) syz_usb_control_io(r0, &(0x7f0000000300)={0x2c, 0x0, &(0x7f0000000200)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x41b}}, 0x0, 0x0, 0x0}, 0x0) 6.451361183s ago: executing program 1 (id=1068): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)={0x1c, r1, 0x79f70b28a21117bf, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}]}, 0x1c}}, 0x4000050) 5.629042683s ago: executing program 1 (id=1076): syz_usb_connect(0x5, 0x36, &(0x7f0000000580)={{0x12, 0x1, 0x310, 0x35, 0xfe, 0x65, 0x10, 0x1aca, 0xb28e, 0x9232, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0xd, 0x1, 0x90, 0x2, [{{0x9, 0x4, 0x32, 0xa7, 0x2, 0x1, 0x3, 0x9e, 0x8, [], [{{0x9, 0x5, 0x8, 0x6, 0x10, 0x6, 0x4, 0x8}}, {{0x9, 0x5, 0x7, 0x2, 0x200, 0x4, 0x2, 0x66}}]}}]}}]}}, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0}) 5.346094408s ago: executing program 2 (id=1079): socket$inet_udp(0x2, 0x2, 0x0) syz_open_dev$sndctrl(&(0x7f0000002540), 0x2, 0x101000) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bca, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r4, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103}) socket$inet6_sctp(0xa, 0x5, 0x84) socket$inet6_sctp(0xa, 0x5, 0x84) pselect6(0x40, &(0x7f00000000c0)={0x6, 0xfffffffffffffffd, 0x9, 0x40, 0x2, 0xd}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x5, 0x7, 0xffffffffffffff22, 0x2, 0x5, 0x8}, 0x0, 0x0) io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0) write(r3, 0x0, 0x0) 4.452708737s ago: executing program 0 (id=1086): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5", 0x4) r5 = accept4(r4, 0x0, 0x0, 0x80800) sendmmsg$alg(r5, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x1cba8c72}], 0x1, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x177ffb498171ed1, 0x8040010) recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1, 0x0, 0x0, 0xf5000000}, 0x0) 4.356503148s ago: executing program 2 (id=1088): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(r0, &(0x7f0000002080)={0xfc, {"a2336848149e516d4b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f383563030890e0879b0a71c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b3e31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9903f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928d28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f2730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b81305c038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849cd9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484539ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1f93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb8843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b2804563407308c58c89d9e99c81769177e6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463373b4b87c9050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e080000007ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e3933ed07c2b8081c128ad2706f48261ff07000000000000613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59500000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) ioctl$TIOCL_UNBLANKSCREEN(r0, 0x541c, &(0x7f00000001c0)) 3.470292926s ago: executing program 0 (id=1089): socket$inet_tcp(0x2, 0x1, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x222a00, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) getpid() mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/pid\x00') sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x1d2) fcntl$setlease(r4, 0x400, 0x0) acct(&(0x7f0000000040)='./file0\x00') close_range(r2, 0xffffffffffffffff, 0x0) 3.456558403s ago: executing program 1 (id=1090): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x48, 0x10, 0x401, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x503}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x10, 0x2, 0x0, 0x1, [@IFLA_VLAN_EGRESS_QOS={0x4}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x48}, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000) 3.13876478s ago: executing program 1 (id=1093): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3) bind$bt_l2cap(r0, &(0x7f0000000000), 0xe) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000040)=0x1, 0x4) 3.022904004s ago: executing program 2 (id=1095): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000005c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfff}]}, 0x30}, 0x1, 0x0, 0x0, 0x40420d5}, 0x80) 2.918906224s ago: executing program 1 (id=1098): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x400000000008d}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f00000000c0), 0xc0542, 0x0) readv(r0, &(0x7f00000018c0)=[{&(0x7f0000000840)=""/4096, 0x1000}], 0x1) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=0x0) fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 2.868063738s ago: executing program 3 (id=1099): capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) r0 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x42) ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f0000000580)=ANY=[@ANYBLOB="0000000004000000bf"]) 2.772775283s ago: executing program 2 (id=1100): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb01063d0000000000000028000000280000000200000000000000000000030000020000000200000000000000010000000000000104"], 0x0, 0x42}, 0x28) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94) write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd63"], 0xfdef) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48) 2.61424403s ago: executing program 3 (id=1102): socket$inet_udp(0x2, 0x2, 0x0) r0 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x3}}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 2.284768358s ago: executing program 4 (id=1103): r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000440), 0x80881, 0x0) ioctl$RTC_SET_TIME(r0, 0x4008700c, 0x0) 2.050982535s ago: executing program 4 (id=1104): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000700)={0x30, r1, 0xd66771a5e8224ded, 0x0, 0x1, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xffffff65, 0x52}}}}, [@NL80211_ATTR_PID={0x8}]}, 0x30}}, 0x0) 2.050777237s ago: executing program 3 (id=1105): r0 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862) r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/kernel/address_bits', 0x80401, 0x8) ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26c3061a54df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a1d83cd4a524bd3ffe70c7f3f800b337b6aa54cc50a1fcaed1e831fa79a", "715237601a8ca5b07dcc141802c4dacf162e43ac61f7ad330000000000a04100", [0xfffffffffffffce8, 0xa]}}) pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000380)="9e", 0x1}], 0x1, 0x5, 0xfffffff9) 1.783426115s ago: executing program 4 (id=1106): r0 = fanotify_init(0x4, 0x1) r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) fanotify_mark(r0, 0x61, 0x40001002, r1, 0x0) fanotify_mark(r0, 0x441, 0x4000001a, 0xffffffffffffffff, 0x0) 1.688427627s ago: executing program 3 (id=1107): r0 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$sock_int(r0, 0x1, 0x2f, 0x0, &(0x7f0000000780)=0x700) 1.688132525s ago: executing program 1 (id=1108): r0 = socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) semctl$GETALL(0x0, 0x0, 0xd, 0xfffffffffffffffe) r4 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_tx_ring(r4, 0x107, 0xd, &(0x7f00000002c0)=@req3={0x10000, 0xfffffffd, 0x100, 0x100, 0x10, 0x0, 0xc2}, 0x1c) r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x14, r5, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x20000801}, 0x4) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000600)={0xffffffffffffffff}) ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000014c0)={'macvtap0\x00', &(0x7f00000013c0)=@ethtool_drvinfo={0x3, "3768ca9bdb9072480b2f1c8f8182ce0898651461231fb740854b22a4379de586", "43a38879022a99b405a660e7cd1d15725e68a25c5152bd0bd227ffb8739f1cfc", "131c5b4bdb8af434447f3cb705650db1c0f8ddb541648cc0b1d318873f8c9a85", "f16051bbcb4dda20aea0d433f8c6f05bce62635e71c972c7929a58603233d497", "1cb283a6b524caa0cfd3fc2d99e7cad81b31b74f347dff63fa93236b8a8a2ccb"}}) socket$can_j1939(0x1d, 0x2, 0x7) r7 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x60, 0x1403, 0xc23, 0x70bd2a, 0x25dfdbff, "", [{{0x9, 0x2, 'syz1\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'virt_wifi0\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'wg2\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x400c080}, 0x0) 1.633805925s ago: executing program 4 (id=1109): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x0, 0x80, 0x0, 0x4000}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000440)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_STATX={0x15, 0x10, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000200)='./file0\x00', 0x40}) io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.602292994s ago: executing program 3 (id=1110): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$NL80211_CMD_DISASSOCIATE(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000140)={0x30, r1, 0x1, 0x70bd2b, 0x25dfdbff, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_REASON_CODE={0x6, 0x36, 0xfff}]}, 0x30}, 0x1, 0x0, 0x0, 0x40420d5}, 0x80) 1.537098167s ago: executing program 2 (id=1111): clock_gettime(0x9b66eb86abcbcaed, 0x0) 1.434899217s ago: executing program 4 (id=1112): munmap(&(0x7f0000001000/0x2000)=nil, 0x2000) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x2, [@union={0x0, 0x1, 0x0, 0x5, 0x0, 0x1, [{0x1000000, 0x2}]}]}}, &(0x7f0000000f40)=""/4089, 0x32, 0xff9, 0xa, 0x7ff}, 0x28) 1.423731385s ago: executing program 2 (id=1113): syz_usb_connect(0x5, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="1201500285d5c2086004040031960154030109021b000100031003090458080119662194090586d7"], &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2b6}) 1.23626089s ago: executing program 4 (id=1114): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)={0x7c, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x2}, [@CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x2, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_MASTER={0x18, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @rand_addr=0x64010102}}}]}]}, 0x7c}}, 0x0) 0s ago: executing program 3 (id=1115): r0 = memfd_create(&(0x7f0000000380)='-&:{-\xaa\x05\x00\x00\xbd\x90V\xbb\xf2\xa9[RU\xfcm0\xe9\x04\xf3\xcb\xcbb4\xbf\xe3\xba\xda\v\xf0\xf7\xdf\xc2\x00\xdd\x17Y\x81\xb0\xa7\x94nYx!\xd3\xa9\x9b\x8b\x93s\xa1R\xb7R\x012:(2\xbb\xda>\x91z\x99\x1c\xbc\x83\xbfT`\xc8\au\xc7\xbf\xea-\x19\xdd\x92\xd2\x8a0\a\xf8b\x04\x17N LE', 0x1) r1 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2) r2 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2) ftruncate(r2, 0xffff) fcntl$addseals(r2, 0x409, 0x7) r3 = ioctl$UDMABUF_CREATE(r1, 0x40187542, &(0x7f0000000140)={r2, 0x1, 0x1000, 0x4000}) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x11, r3, 0x0) writev(r0, &(0x7f0000000040)=[{&(0x7f0000000080)="b97adadd50896a", 0xfffffe19}], 0x1) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x3) kernel console output (not intermixed with test programs): x_bpf_raw_tp_link_attach+0x10/0x10 [ 369.940944][ T8047] ? __fget_files+0x2a/0x420 [ 369.940975][ T8047] bpf_raw_tracepoint_open+0x1b8/0x220 [ 369.941008][ T8047] __sys_bpf+0x73e/0x860 [ 369.941036][ T8047] ? __pfx___sys_bpf+0x10/0x10 [ 369.941057][ T8047] ? rt_mutex_slowunlock+0x1be/0x2e0 [ 369.941103][ T8047] ? ksys_write+0x230/0x260 [ 369.941134][ T8047] ? __pfx_ksys_write+0x10/0x10 [ 369.941168][ T8047] __x64_sys_bpf+0x7c/0x90 [ 369.941189][ T8047] do_syscall_64+0xfa/0xf80 [ 369.941211][ T8047] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.941232][ T8047] ? clear_bhb_loop+0x60/0xb0 [ 369.941258][ T8047] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 369.941279][ T8047] RIP: 0033:0x7f5438faf749 [ 369.941310][ T8047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 369.941328][ T8047] RSP: 002b:00007f5437216038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 369.941351][ T8047] RAX: ffffffffffffffda RBX: 00007f5439205fa0 RCX: 00007f5438faf749 [ 369.941367][ T8047] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000011 [ 369.941380][ T8047] RBP: 00007f5437216090 R08: 0000000000000000 R09: 0000000000000000 [ 369.941394][ T8047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 369.941407][ T8047] R13: 00007f5439206038 R14: 00007f5439205fa0 R15: 00007ffcf630dad8 [ 369.941442][ T8047] [ 370.842426][ T9] usb 1-1: new high-speed USB device number 33 using dummy_hcd [ 371.094838][ T9] usb 1-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 371.094944][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 371.156817][ T9] usb 1-1: config 0 descriptor?? [ 371.580241][ T9] udl 1-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 371.792555][ T8059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 371.798767][ T8059] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 371.802480][ T9] [drm:udl_init] *ERROR* Selecting channel failed [ 371.886284][ T9] [drm] Initialized udl 0.0.1 for 1-1:0.0 on minor 2 [ 371.886316][ T9] [drm] Initialized udl on minor 2 [ 371.914492][ T9] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 371.915072][ T9] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 371.916232][ T5945] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 371.927217][ T5945] udl 1-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 371.927489][ T5945] udl 1-1:0.0: [drm] Cannot find any crtc or sizes [ 371.959744][ T9] usb 1-1: USB disconnect, device number 33 [ 373.940454][ T5119] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection [ 373.992353][ T805] usb 1-1: new full-speed USB device number 34 using dummy_hcd [ 374.158943][ T805] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 374.159033][ T805] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E [ 374.159064][ T805] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10 [ 374.159093][ T805] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0 [ 374.159118][ T805] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 374.204662][ T805] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46 [ 374.204699][ T805] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35 [ 374.204720][ T805] usb 1-1: Product: syz [ 374.204736][ T805] usb 1-1: Manufacturer: syz [ 374.204751][ T805] usb 1-1: SerialNumber: syz [ 374.266157][ T805] usb 1-1: config 0 descriptor?? [ 374.471911][ T805] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000 [ 374.471945][ T805] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0. [ 374.683027][ T805] radio-si470x 1-1:0.0: software version 0, hardware version 0 [ 374.683062][ T805] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0. [ 374.683086][ T805] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org [ 374.901778][ T805] radio-si470x 1-1:0.0: submitting int urb failed (-90) [ 375.234959][ T8090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.589'. [ 375.235003][ T8090] netlink: 8 bytes leftover after parsing attributes in process `syz.4.589'. [ 375.392434][ T5960] usb 3-1: new high-speed USB device number 33 using dummy_hcd [ 375.548196][ T5960] usb 3-1: Using ep0 maxpacket: 32 [ 375.571397][ T5960] usb 3-1: config 0 has an invalid interface number: 51 but max is 0 [ 375.571437][ T5960] usb 3-1: config 0 has no interface number 0 [ 375.587184][ T5960] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f [ 375.587226][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 375.587251][ T5960] usb 3-1: Product: syz [ 375.587267][ T5960] usb 3-1: Manufacturer: syz [ 375.587284][ T5960] usb 3-1: SerialNumber: syz [ 375.597530][ T5960] usb 3-1: config 0 descriptor?? [ 375.603333][ T8077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 375.603939][ T8077] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 375.609035][ T5960] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected [ 375.802703][ T805] radio-si470x 1-1:0.0: si470x_set_report: usb_control_msg returned -110 [ 375.803242][ T805] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22 [ 377.602770][ T5960] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0 [ 377.625610][ T5960] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1 [ 377.890388][ T8105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 377.998120][ T5895] usb 1-1: USB disconnect, device number 34 [ 378.019852][ T8105] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.094019][ T8105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.094755][ T8105] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.097758][ T8105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.098332][ T8105] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.101889][ T8105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.144318][ T8105] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.162388][ T8105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 378.163009][ T8105] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 378.235738][ C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71 [ 378.236672][ T5895] usb 3-1: USB disconnect, device number 33 [ 378.275032][ T5895] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0 [ 378.310778][ T5895] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1 [ 378.311886][ T5895] quatech2 3-1:0.51: device disconnected [ 379.517530][ T8126] 9p: Bad value for 'wfdno' [ 379.592322][ T5895] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 379.722334][ T5895] usb 3-1: device descriptor read/64, error -71 [ 382.282521][ T5895] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 383.605699][ T8154] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 384.320798][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 384.320981][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.702298][ T5895] usb 4-1: new full-speed USB device number 29 using dummy_hcd [ 384.861508][ T5895] usb 4-1: not running at top speed; connect to a high speed hub [ 384.872890][ T5895] usb 4-1: config 4 has an invalid interface number: 39 but max is 3 [ 384.872924][ T5895] usb 4-1: config 4 has an invalid interface number: 212 but max is 3 [ 384.872946][ T5895] usb 4-1: config 4 has an invalid interface number: 10 but max is 3 [ 384.872970][ T5895] usb 4-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 384.872993][ T5895] usb 4-1: config 4 has no interface number 0 [ 384.873011][ T5895] usb 4-1: config 4 has no interface number 1 [ 384.873029][ T5895] usb 4-1: config 4 has no interface number 2 [ 384.873142][ T5895] usb 4-1: config 4 interface 212 altsetting 90 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 384.873201][ T5895] usb 4-1: config 4 interface 10 altsetting 6 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 384.873229][ T5895] usb 4-1: config 4 interface 10 altsetting 6 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 384.873258][ T5895] usb 4-1: config 4 interface 10 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 384.873285][ T5895] usb 4-1: config 4 interface 10 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 384.873309][ T5895] usb 4-1: config 4 interface 10 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 384.873338][ T5895] usb 4-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 384.873364][ T5895] usb 4-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 384.873412][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 384.873437][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xA, skipping [ 384.873462][ T5895] usb 4-1: config 4 interface 3 altsetting 4 endpoint 0x6 has invalid maxpacket 520, setting to 64 [ 384.873490][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 384.873516][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 384.873540][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x8, skipping [ 384.873566][ T5895] usb 4-1: config 4 interface 3 altsetting 4 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 384.873594][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 384.873617][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 384.873641][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x9, skipping [ 384.873666][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 384.873690][ T5895] usb 4-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 384.873713][ T5895] usb 4-1: config 4 interface 39 has no altsetting 0 [ 384.873733][ T5895] usb 4-1: config 4 interface 212 has no altsetting 0 [ 384.873752][ T5895] usb 4-1: config 4 interface 10 has no altsetting 0 [ 384.873771][ T5895] usb 4-1: config 4 interface 3 has no altsetting 0 [ 384.879377][ T5895] usb 4-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice=49.60 [ 384.879413][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 384.879435][ T5895] usb 4-1: Product: syz [ 384.879451][ T5895] usb 4-1: Manufacturer: syz [ 384.879467][ T5895] usb 4-1: SerialNumber: syz [ 386.542622][ T5895] usb 4-1: can't set config #4, error -71 [ 386.549678][ T5895] usb 4-1: USB disconnect, device number 29 [ 386.923344][ T8179] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 388.159468][ T8192] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 388.187526][ T8192] netlink: 76 bytes leftover after parsing attributes in process `syz.4.620'. [ 388.188406][ T8192] netlink: 4 bytes leftover after parsing attributes in process `syz.4.620'. [ 388.978173][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 389.485982][ T8209] netlink: 136 bytes leftover after parsing attributes in process `syz.1.626'. [ 389.486017][ T8209] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check. [ 389.682321][ T6153] usb 1-1: new high-speed USB device number 35 using dummy_hcd [ 389.862413][ T6153] usb 1-1: Using ep0 maxpacket: 32 [ 389.880803][ T6153] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88 [ 389.880839][ T6153] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 389.890870][ T6153] usb 1-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 389.890901][ T6153] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 389.890921][ T6153] usb 1-1: Product: syz [ 389.890943][ T6153] usb 1-1: Manufacturer: syz [ 389.890958][ T6153] usb 1-1: SerialNumber: syz [ 389.900957][ T6153] usb 1-1: config 0 descriptor?? [ 389.929974][ T6153] usb 1-1: no audio or video endpoints found [ 389.983842][ T8217] netlink: 28 bytes leftover after parsing attributes in process `syz.2.629'. [ 390.159429][ T6153] usb 1-1: USB disconnect, device number 35 [ 390.299270][ T5119] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201' [ 390.299296][ T5119] CPU: 1 UID: 0 PID: 5119 Comm: kworker/u9:1 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 390.299317][ T5119] Tainted: [L]=SOFTLOCKUP [ 390.299323][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 390.299333][ T5119] Workqueue: hci1 hci_rx_work [ 390.299352][ T5119] Call Trace: [ 390.299356][ T5119] [ 390.299362][ T5119] dump_stack_lvl+0x189/0x250 [ 390.299382][ T5119] ? __pfx_dump_stack_lvl+0x10/0x10 [ 390.299402][ T5119] ? __pfx__printk+0x10/0x10 [ 390.299422][ T5119] ? kernfs_path_from_node+0x2c/0x280 [ 390.299447][ T5119] ? kernfs_path_from_node+0x243/0x280 [ 390.299471][ T5119] ? kernfs_path_from_node+0x2c/0x280 [ 390.299496][ T5119] sysfs_create_dir_ns+0x259/0x280 [ 390.299511][ T5119] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 390.299527][ T5119] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 390.299544][ T5119] ? rt_spin_unlock+0x161/0x200 [ 390.299560][ T5119] kobject_add_internal+0x6b1/0xcd0 [ 390.299577][ T5119] kobject_add+0x155/0x220 [ 390.299591][ T5119] ? __pfx_kobject_add+0x10/0x10 [ 390.299607][ T5119] ? get_device_parent+0x370/0x3a0 [ 390.299621][ T5119] device_add+0x408/0xb80 [ 390.299634][ T5119] hci_conn_add_sysfs+0xd5/0x210 [ 390.299662][ T5119] le_conn_complete_evt+0xf1d/0x1420 [ 390.299677][ T5119] ? lockdep_hardirqs_on+0x98/0x140 [ 390.299692][ T5119] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 390.299704][ T5119] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 390.299715][ T5119] ? lockdep_hardirqs_on+0x98/0x140 [ 390.299728][ T5119] ? skb_pull_data+0xfb/0x200 [ 390.299747][ T5119] hci_le_conn_complete_evt+0x187/0x480 [ 390.299763][ T5119] hci_event_packet+0x78f/0x1260 [ 390.299773][ T5119] ? reacquire_held_locks+0x121/0x1c0 [ 390.299791][ T5119] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 390.299805][ T5119] ? __pfx_hci_event_packet+0x10/0x10 [ 390.299814][ T5119] ? rt_spin_unlock+0x150/0x200 [ 390.299832][ T5119] ? hci_send_to_monitor+0xe2/0x590 [ 390.299846][ T5119] hci_rx_work+0x3ee/0x1060 [ 390.299860][ T5119] ? process_scheduled_works+0x9ef/0x1770 [ 390.299873][ T5119] process_scheduled_works+0xad1/0x1770 [ 390.299904][ T5119] ? __pfx_process_scheduled_works+0x10/0x10 [ 390.299924][ T5119] worker_thread+0x8a0/0xda0 [ 390.299949][ T5119] kthread+0x711/0x8a0 [ 390.299964][ T5119] ? __pfx_worker_thread+0x10/0x10 [ 390.299976][ T5119] ? __pfx_kthread+0x10/0x10 [ 390.299991][ T5119] ? rt_spin_unlock+0x150/0x200 [ 390.300010][ T5119] ? rt_spin_unlock+0x161/0x200 [ 390.300026][ T5119] ? __pfx_kthread+0x10/0x10 [ 390.300045][ T5119] ret_from_fork+0x599/0xb30 [ 390.300061][ T5119] ? __pfx_ret_from_fork+0x10/0x10 [ 390.300082][ T5119] ? __switch_to_asm+0x39/0x70 [ 390.300100][ T5119] ? __switch_to_asm+0x33/0x70 [ 390.300117][ T5119] ? __pfx_kthread+0x10/0x10 [ 390.300136][ T5119] ret_from_fork_asm+0x1a/0x30 [ 390.300169][ T5119] [ 390.300189][ T5119] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 390.300217][ T5119] Bluetooth: hci1: failed to register connection device [ 390.952363][ T6153] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 391.192260][ T6153] usb 3-1: Using ep0 maxpacket: 8 [ 391.194475][ T6153] usb 3-1: config index 0 descriptor too short (expected 30, got 18) [ 391.197422][ T6153] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea [ 391.197449][ T6153] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 391.197465][ T6153] usb 3-1: Product: syz [ 391.197474][ T6153] usb 3-1: Manufacturer: syz [ 391.197481][ T6153] usb 3-1: SerialNumber: syz [ 391.208538][ T6153] usb 3-1: config 0 descriptor?? [ 391.279898][ T6153] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state. [ 391.279975][ T6153] usb 3-1: setting power ON [ 391.280726][ T6153] dvb-usb: bulk message failed: -22 (2/0) [ 391.303478][ T6153] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 391.339945][ T6153] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID)) [ 391.340043][ T6153] usb 3-1: media controller created [ 391.370991][ T6153] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 391.459016][ T6153] usb 3-1: selecting invalid altsetting 6 [ 391.459049][ T6153] usb 3-1: digital interface selection failed (-22) [ 391.459069][ T6153] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)' [ 391.473904][ T6153] usb 3-1: setting power OFF [ 391.474436][ T6153] dvb-usb: bulk message failed: -22 (2/0) [ 391.474459][ T6153] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected. [ 391.474474][ T6153] (NULL device *): no alternate interface [ 391.760089][ T8224] dvb-usb: bulk message failed: -22 (3/0) [ 391.760122][ T8224] cxusb: i2c rd: len=4100 is too big! [ 391.760122][ T8224] [ 392.643951][ T6153] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected. [ 392.679683][ T6153] usb 3-1: USB disconnect, device number 36 [ 392.772268][ T8241] fuse: Bad value for 'fd' [ 393.238403][ T8249] FAULT_INJECTION: forcing a failure. [ 393.238403][ T8249] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 393.238447][ T8249] CPU: 0 UID: 0 PID: 8249 Comm: syz.3.640 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 393.238477][ T8249] Tainted: [L]=SOFTLOCKUP [ 393.238485][ T8249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 393.238497][ T8249] Call Trace: [ 393.238506][ T8249] [ 393.238516][ T8249] dump_stack_lvl+0x189/0x250 [ 393.238550][ T8249] ? __pfx____ratelimit+0x10/0x10 [ 393.238584][ T8249] ? __pfx_dump_stack_lvl+0x10/0x10 [ 393.238612][ T8249] ? __pfx__printk+0x10/0x10 [ 393.238654][ T8249] should_fail_ex+0x46c/0x600 [ 393.238688][ T8249] _copy_to_user+0x31/0xb0 [ 393.238714][ T8249] simple_read_from_buffer+0xe1/0x170 [ 393.238743][ T8249] proc_fail_nth_read+0x1b6/0x220 [ 393.238778][ T8249] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 393.238811][ T8249] ? rw_verify_area+0x2ac/0x4e0 [ 393.238841][ T8249] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 393.238883][ T8249] vfs_read+0x206/0xa30 [ 393.238921][ T8249] ? __pfx_vfs_read+0x10/0x10 [ 393.238946][ T8249] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 393.238987][ T8249] ? mutex_lock_nested+0x154/0x1d0 [ 393.239013][ T8249] ? fdget_pos+0x253/0x320 [ 393.239047][ T8249] ksys_read+0x14b/0x260 [ 393.239081][ T8249] ? __pfx_ksys_read+0x10/0x10 [ 393.239114][ T8249] ? do_syscall_64+0xbe/0xf80 [ 393.239141][ T8249] do_syscall_64+0xfa/0xf80 [ 393.239164][ T8249] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.239185][ T8249] ? clear_bhb_loop+0x60/0xb0 [ 393.239213][ T8249] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 393.239235][ T8249] RIP: 0033:0x7f373936e15c [ 393.239255][ T8249] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 393.239272][ T8249] RSP: 002b:00007f37375b5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 393.239297][ T8249] RAX: ffffffffffffffda RBX: 00007f37395c6090 RCX: 00007f373936e15c [ 393.239313][ T8249] RDX: 000000000000000f RSI: 00007f37375b50a0 RDI: 0000000000000005 [ 393.239327][ T8249] RBP: 00007f37375b5090 R08: 0000000000000000 R09: 0000000000000000 [ 393.239341][ T8249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 393.239354][ T8249] R13: 00007f37395c6128 R14: 00007f37395c6090 R15: 00007ffdc510d6a8 [ 393.239388][ T8249] [ 393.396228][ T5895] usb 2-1: new high-speed USB device number 28 using dummy_hcd [ 393.569527][ T5895] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 393.569573][ T5895] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 393.570557][ T5895] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 393.570575][ T5895] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 393.570587][ T5895] usb 2-1: Manufacturer: syz [ 393.630783][ T5895] usb 2-1: config 0 descriptor?? [ 394.042258][ T5895] rc_core: IR keymap rc-hauppauge not found [ 394.042284][ T5895] Registered IR keymap rc-empty [ 394.044355][ T5895] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 394.048291][ T5895] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input34 [ 395.828358][ T8284] FAULT_INJECTION: forcing a failure. [ 395.828358][ T8284] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 395.828389][ T8284] CPU: 1 UID: 0 PID: 8284 Comm: syz.0.651 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 395.828408][ T8284] Tainted: [L]=SOFTLOCKUP [ 395.828412][ T8284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 395.828421][ T8284] Call Trace: [ 395.828426][ T8284] [ 395.828432][ T8284] dump_stack_lvl+0x189/0x250 [ 395.828454][ T8284] ? __pfx____ratelimit+0x10/0x10 [ 395.828479][ T8284] ? __pfx_dump_stack_lvl+0x10/0x10 [ 395.828496][ T8284] ? __pfx__printk+0x10/0x10 [ 395.828510][ T8284] ? __might_fault+0xb0/0x130 [ 395.828536][ T8284] should_fail_ex+0x46c/0x600 [ 395.828557][ T8284] _copy_from_user+0x2d/0xb0 [ 395.828572][ T8284] video_usercopy+0x349/0x13f0 [ 395.828590][ T8284] ? smk_tskacc+0x2fc/0x370 [ 395.828606][ T8284] ? __pfx___video_do_ioctl+0x10/0x10 [ 395.828619][ T8284] ? __pfx_video_usercopy+0x10/0x10 [ 395.828631][ T8284] ? smack_file_ioctl+0x2ac/0x340 [ 395.828656][ T8284] ? __fget_files+0x3a6/0x420 [ 395.828673][ T8284] v4l2_ioctl+0x190/0x1e0 [ 395.828687][ T8284] ? __pfx_v4l2_ioctl+0x10/0x10 [ 395.828700][ T8284] __se_sys_ioctl+0xff/0x170 [ 395.828719][ T8284] do_syscall_64+0xfa/0xf80 [ 395.828733][ T8284] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.828745][ T8284] ? clear_bhb_loop+0x60/0xb0 [ 395.828761][ T8284] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 395.828772][ T8284] RIP: 0033:0x7fdc38fbf749 [ 395.828786][ T8284] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 395.828797][ T8284] RSP: 002b:00007fdc3721e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 395.828813][ T8284] RAX: ffffffffffffffda RBX: 00007fdc39215fa0 RCX: 00007fdc38fbf749 [ 395.828822][ T8284] RDX: 0000200000000040 RSI: 00000000c008561c RDI: 0000000000000003 [ 395.828831][ T8284] RBP: 00007fdc3721e090 R08: 0000000000000000 R09: 0000000000000000 [ 395.828839][ T8284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 395.828846][ T8284] R13: 00007fdc39216038 R14: 00007fdc39215fa0 R15: 00007fff6153f9f8 [ 395.828866][ T8284] [ 396.249019][ T5811] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 396.318960][ T8291] fuse: Bad value for 'fd' [ 396.960258][ T8301] hub 8-0:1.0: USB hub found [ 396.983597][ T8301] hub 8-0:1.0: 1 port detected [ 397.763516][ T5985] usb 2-1: USB disconnect, device number 28 [ 398.112272][ T9] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 398.244489][ T5895] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 398.272925][ T9] usb 3-1: Using ep0 maxpacket: 32 [ 398.287632][ T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 32: 253, using maximum allowed: 30 [ 398.287786][ T9] usb 3-1: config 0 interface 0 altsetting 32 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 398.287814][ T9] usb 3-1: config 0 interface 0 altsetting 32 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 398.287843][ T9] usb 3-1: config 0 interface 0 has no altsetting 0 [ 398.287877][ T9] usb 3-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00 [ 398.287900][ T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 398.337145][ T9] usb 3-1: config 0 descriptor?? [ 398.432214][ T5895] usb 4-1: Using ep0 maxpacket: 8 [ 398.440303][ T5895] usb 4-1: config 0 has an invalid interface number: 96 but max is 0 [ 398.440338][ T5895] usb 4-1: config 0 has no interface number 0 [ 398.440392][ T5895] usb 4-1: config 0 interface 96 altsetting 3 endpoint 0x88 has invalid wMaxPacketSize 0 [ 398.440419][ T5895] usb 4-1: config 0 interface 96 has no altsetting 0 [ 398.444490][ T5895] usb 4-1: New USB device found, idVendor=0b57, idProduct=2a8a, bcdDevice=33.74 [ 398.444611][ T5895] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 398.444637][ T5895] usb 4-1: Product: syz [ 398.444653][ T5895] usb 4-1: Manufacturer: syz [ 398.444668][ T5895] usb 4-1: SerialNumber: syz [ 398.454375][ T5895] usb 4-1: config 0 descriptor?? [ 398.547002][ T5895] usbhid 4-1:0.96: couldn't find an input interrupt endpoint [ 398.576849][ T8320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 398.603842][ T8320] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 398.756806][ T5895] usb 4-1: USB disconnect, device number 30 [ 398.858605][ T9] usbhid 3-1:0.0: can't add hid device: -71 [ 398.858761][ T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 398.872219][ T5887] usb 2-1: new full-speed USB device number 29 using dummy_hcd [ 398.899702][ T9] usb 3-1: USB disconnect, device number 37 [ 399.037774][ T5887] usb 2-1: not running at top speed; connect to a high speed hub [ 399.053875][ T5887] usb 2-1: config 4 has an invalid interface number: 39 but max is 3 [ 399.053912][ T5887] usb 2-1: config 4 has an invalid interface number: 212 but max is 3 [ 399.053936][ T5887] usb 2-1: config 4 has an invalid interface number: 10 but max is 3 [ 399.053958][ T5887] usb 2-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 399.053982][ T5887] usb 2-1: config 4 has no interface number 0 [ 399.054000][ T5887] usb 2-1: config 4 has no interface number 1 [ 399.054017][ T5887] usb 2-1: config 4 has no interface number 2 [ 399.054189][ T5887] usb 2-1: config 4 interface 212 altsetting 90 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 399.054323][ T5887] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 399.054351][ T5887] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 399.054379][ T5887] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 399.054406][ T5887] usb 2-1: config 4 interface 10 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 399.054432][ T5887] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 399.054459][ T5887] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 399.054482][ T5887] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 399.054525][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 399.054548][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xA, skipping [ 399.054573][ T5887] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x6 has invalid maxpacket 520, setting to 64 [ 399.054596][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 399.054618][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 399.054641][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x8, skipping [ 399.054663][ T5887] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 399.054707][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 399.054731][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x9, skipping [ 399.054755][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 399.054778][ T5887] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 399.054800][ T5887] usb 2-1: config 4 interface 39 has no altsetting 0 [ 399.054819][ T5887] usb 2-1: config 4 interface 212 has no altsetting 0 [ 399.054836][ T5887] usb 2-1: config 4 interface 10 has no altsetting 0 [ 399.054855][ T5887] usb 2-1: config 4 interface 3 has no altsetting 0 [ 399.070448][ T5887] usb 2-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice=49.60 [ 399.070483][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 399.070504][ T5887] usb 2-1: Product: syz [ 399.070518][ T5887] usb 2-1: Manufacturer: syz [ 399.070532][ T5887] usb 2-1: SerialNumber: syz [ 399.174262][ T5811] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 400.437813][ T8339] FAULT_INJECTION: forcing a failure. [ 400.437813][ T8339] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 400.437897][ T8339] CPU: 1 UID: 0 PID: 8339 Comm: syz.0.671 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 400.437929][ T8339] Tainted: [L]=SOFTLOCKUP [ 400.437937][ T8339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 400.437950][ T8339] Call Trace: [ 400.437958][ T8339] [ 400.437968][ T8339] dump_stack_lvl+0x189/0x250 [ 400.438004][ T8339] ? __pfx____ratelimit+0x10/0x10 [ 400.438039][ T8339] ? __pfx_dump_stack_lvl+0x10/0x10 [ 400.438076][ T8339] ? __pfx__printk+0x10/0x10 [ 400.438118][ T8339] should_fail_ex+0x46c/0x600 [ 400.438154][ T8339] _copy_to_user+0x31/0xb0 [ 400.438181][ T8339] simple_read_from_buffer+0xe1/0x170 [ 400.438211][ T8339] proc_fail_nth_read+0x1b6/0x220 [ 400.438248][ T8339] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 400.438278][ T8339] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 400.438309][ T8339] ? vfs_read+0x1eb/0xa30 [ 400.438342][ T8339] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 400.438376][ T8339] vfs_read+0x206/0xa30 [ 400.438417][ T8339] ? __pfx_vfs_read+0x10/0x10 [ 400.438443][ T8339] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 400.438485][ T8339] ? mutex_lock_nested+0x154/0x1d0 [ 400.438512][ T8339] ? fdget_pos+0x253/0x320 [ 400.438546][ T8339] ksys_read+0x14b/0x260 [ 400.438578][ T8339] ? __pfx_ksys_read+0x10/0x10 [ 400.438621][ T8339] do_syscall_64+0xfa/0xf80 [ 400.438645][ T8339] ? rcu_is_watching+0x15/0xb0 [ 400.438665][ T8339] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.438687][ T8339] ? clear_bhb_loop+0x60/0xb0 [ 400.438715][ T8339] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 400.438737][ T8339] RIP: 0033:0x7fdc38fbe15c [ 400.438757][ T8339] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 400.438776][ T8339] RSP: 002b:00007fdc371dc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 400.438800][ T8339] RAX: ffffffffffffffda RBX: 00007fdc39216180 RCX: 00007fdc38fbe15c [ 400.438816][ T8339] RDX: 000000000000000f RSI: 00007fdc371dc0a0 RDI: 0000000000000007 [ 400.438829][ T8339] RBP: 00007fdc371dc090 R08: 0000000000000000 R09: 0000000000000000 [ 400.438843][ T8339] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 400.438857][ T8339] R13: 00007fdc39216218 R14: 00007fdc39216180 R15: 00007fff6153f9f8 [ 400.438895][ T8339] [ 403.219724][ T5887] usb 2-1: USB disconnect, device number 29 [ 403.362397][ T5932] usb 4-1: new high-speed USB device number 31 using dummy_hcd [ 403.732388][ T6450] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 404.798942][ T5932] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 404.798981][ T5932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 404.805481][ T5932] usb 4-1: config 0 descriptor?? [ 404.834867][ T6450] usb 3-1: device descriptor read/64, error -71 [ 405.162408][ T6450] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 405.290981][ T5932] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 405.300067][ T6450] usb 3-1: device descriptor read/64, error -71 [ 405.403358][ T6450] usb usb3-port1: attempt power cycle [ 405.462272][ T9] usb 2-1: new high-speed USB device number 30 using dummy_hcd [ 405.495182][ T8351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 405.495790][ T8351] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 405.503475][ T5932] [drm:udl_init] *ERROR* Selecting channel failed [ 405.550451][ T5932] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2 [ 405.550482][ T5932] [drm] Initialized udl on minor 2 [ 405.574964][ T5932] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 405.575568][ T5932] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 405.576898][ T7710] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 405.577755][ T7710] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 405.578027][ T7710] udl 4-1:0.0: [drm] Cannot find any crtc or sizes [ 405.581487][ T5932] usb 4-1: USB disconnect, device number 31 [ 405.642892][ T9] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 405.642969][ T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 405.645769][ T9] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 405.645802][ T9] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 405.645824][ T9] usb 2-1: Manufacturer: syz [ 405.745640][ T9] usb 2-1: config 0 descriptor?? [ 405.752353][ T6450] usb 3-1: new high-speed USB device number 40 using dummy_hcd [ 405.775077][ T6450] usb 3-1: device descriptor read/8, error -71 [ 405.974289][ T9] rc_core: IR keymap rc-hauppauge not found [ 405.974317][ T9] Registered IR keymap rc-empty [ 405.979591][ T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 405.998016][ T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input36 [ 406.014362][ T6450] usb 3-1: new high-speed USB device number 41 using dummy_hcd [ 406.032510][ C1] raw-gadget.1 gadget.2: ignoring, device is not running [ 406.032655][ T6450] usb 3-1: device descriptor read/8, error -32 [ 406.143669][ T6450] usb usb3-port1: unable to enumerate USB device [ 409.816468][ T6450] usb 2-1: USB disconnect, device number 30 [ 411.662570][ T6450] usb 2-1: new full-speed USB device number 31 using dummy_hcd [ 411.682312][ T5985] usb 4-1: new high-speed USB device number 32 using dummy_hcd [ 411.812313][ T5985] usb 4-1: device descriptor read/64, error -71 [ 411.833370][ T6450] usb 2-1: not running at top speed; connect to a high speed hub [ 411.836227][ T6450] usb 2-1: config 4 has an invalid interface number: 39 but max is 3 [ 411.836258][ T6450] usb 2-1: config 4 has an invalid interface number: 212 but max is 3 [ 411.836280][ T6450] usb 2-1: config 4 has an invalid interface number: 10 but max is 3 [ 411.836303][ T6450] usb 2-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 411.836326][ T6450] usb 2-1: config 4 has no interface number 0 [ 411.836343][ T6450] usb 2-1: config 4 has no interface number 1 [ 411.836360][ T6450] usb 2-1: config 4 has no interface number 2 [ 411.836465][ T6450] usb 2-1: config 4 interface 212 altsetting 90 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 411.836515][ T6450] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 411.836544][ T6450] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 411.836584][ T6450] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 411.836611][ T6450] usb 2-1: config 4 interface 10 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 411.836635][ T6450] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 411.836663][ T6450] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 411.836685][ T6450] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 411.836727][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 411.836749][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xA, skipping [ 411.836773][ T6450] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x6 has invalid maxpacket 520, setting to 64 [ 411.836800][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 411.836823][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 411.836845][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x8, skipping [ 411.836867][ T6450] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 411.836892][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 411.836914][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x9, skipping [ 411.836938][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 411.836961][ T6450] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 411.836983][ T6450] usb 2-1: config 4 interface 39 has no altsetting 0 [ 411.837001][ T6450] usb 2-1: config 4 interface 212 has no altsetting 0 [ 411.837019][ T6450] usb 2-1: config 4 interface 10 has no altsetting 0 [ 411.837035][ T6450] usb 2-1: config 4 interface 3 has no altsetting 0 [ 413.046489][ T6450] usb 2-1: string descriptor 0 read error: -71 [ 413.046669][ T6450] usb 2-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice=49.60 [ 413.046696][ T6450] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 413.068094][ T5985] usb 4-1: new high-speed USB device number 33 using dummy_hcd [ 413.091875][ T6450] usb 2-1: can't set config #4, error -71 [ 413.100408][ T6450] usb 2-1: USB disconnect, device number 31 [ 413.151208][ T5887] usb 3-1: new high-speed USB device number 42 using dummy_hcd [ 413.223033][ T5985] usb 4-1: device descriptor read/64, error -71 [ 413.330220][ T5887] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 413.330291][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 413.331866][ T5887] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 413.331889][ T5887] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 413.331908][ T5887] usb 3-1: Manufacturer: syz [ 413.346106][ T5887] usb 3-1: config 0 descriptor?? [ 413.382986][ T5985] usb usb4-port1: attempt power cycle [ 413.646231][ T8455] FAULT_INJECTION: forcing a failure. [ 413.646231][ T8455] name failslab, interval 1, probability 0, space 0, times 0 [ 413.646271][ T8455] CPU: 0 UID: 0 PID: 8455 Comm: syz.0.717 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 413.646300][ T8455] Tainted: [L]=SOFTLOCKUP [ 413.646307][ T8455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 413.646319][ T8455] Call Trace: [ 413.646327][ T8455] [ 413.646335][ T8455] dump_stack_lvl+0x189/0x250 [ 413.646368][ T8455] ? __pfx____ratelimit+0x10/0x10 [ 413.646402][ T8455] ? __pfx_dump_stack_lvl+0x10/0x10 [ 413.646429][ T8455] ? __pfx__printk+0x10/0x10 [ 413.646457][ T8455] ? __pfx___might_resched+0x10/0x10 [ 413.646479][ T8455] ? fs_reclaim_acquire+0x7d/0x100 [ 413.646504][ T8455] should_fail_ex+0x46c/0x600 [ 413.646537][ T8455] should_failslab+0xa8/0x100 [ 413.646560][ T8455] __kmalloc_cache_noprof+0x84/0x6d0 [ 413.646592][ T8455] ? __genradix_ptr_alloc+0x199/0x4a0 [ 413.646619][ T8455] __genradix_ptr_alloc+0x199/0x4a0 [ 413.646660][ T8455] __genradix_prealloc+0x44/0x90 [ 413.646683][ T8455] sctp_stream_alloc_out+0x7a/0x100 [ 413.646712][ T8455] sctp_send_add_streams+0x1d6/0x400 [ 413.646742][ T8455] sctp_setsockopt+0x7b2/0x12c0 [ 413.646771][ T8455] ? sock_common_setsockopt+0x36/0xc0 [ 413.646792][ T8455] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 413.646816][ T8455] do_sock_setsockopt+0x17c/0x1b0 [ 413.646847][ T8455] __x64_sys_setsockopt+0x145/0x1b0 [ 413.646879][ T8455] do_syscall_64+0xfa/0xf80 [ 413.646900][ T8455] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.646920][ T8455] ? clear_bhb_loop+0x60/0xb0 [ 413.646945][ T8455] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 413.646965][ T8455] RIP: 0033:0x7fdc38fbf749 [ 413.646983][ T8455] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 413.647001][ T8455] RSP: 002b:00007fdc371fd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 413.647023][ T8455] RAX: ffffffffffffffda RBX: 00007fdc39216090 RCX: 00007fdc38fbf749 [ 413.647038][ T8455] RDX: 0000000000000079 RSI: 0000000000000084 RDI: 0000000000000003 [ 413.647050][ T8455] RBP: 00007fdc371fd090 R08: 0000000000000008 R09: 0000000000000000 [ 413.647063][ T8455] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001 [ 413.647076][ T8455] R13: 00007fdc39216128 R14: 00007fdc39216090 R15: 00007fff6153f9f8 [ 413.647111][ T8455] [ 413.682224][ T5887] rc_core: IR keymap rc-hauppauge not found [ 413.682245][ T5887] Registered IR keymap rc-empty [ 413.683807][ T5887] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0 [ 413.686965][ T5887] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input37 [ 413.701472][ T8454] syz.0.717 (8454) used greatest stack depth: 15952 bytes left [ 414.612264][ T5985] usb 4-1: new high-speed USB device number 34 using dummy_hcd [ 414.747014][ C0] igorplugusb 3-1:0.0: Error: urb status = -32 [ 414.751482][ C0] igorplugusb 3-1:0.0: Error: urb status = -32 [ 414.842304][ T5985] usb 4-1: device not accepting address 34, error -71 [ 416.020767][ T5932] usb 3-1: USB disconnect, device number 42 [ 417.448770][ T5945] usb 2-1: new full-speed USB device number 32 using dummy_hcd [ 417.502230][ T5887] usb 1-1: new high-speed USB device number 36 using dummy_hcd [ 417.620780][ T5945] usb 2-1: not running at top speed; connect to a high speed hub [ 417.634642][ T5945] usb 2-1: config 4 has an invalid interface number: 39 but max is 3 [ 417.634675][ T5945] usb 2-1: config 4 has an invalid interface number: 212 but max is 3 [ 417.634698][ T5945] usb 2-1: config 4 has an invalid interface number: 10 but max is 3 [ 417.634720][ T5945] usb 2-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 417.634743][ T5945] usb 2-1: config 4 has no interface number 0 [ 417.634761][ T5945] usb 2-1: config 4 has no interface number 1 [ 417.634778][ T5945] usb 2-1: config 4 has no interface number 2 [ 417.634892][ T5945] usb 2-1: config 4 interface 212 altsetting 90 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 417.634944][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 417.634973][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 417.635002][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 417.635030][ T5945] usb 2-1: config 4 interface 10 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 417.635054][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 417.635084][ T5945] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 417.635109][ T5945] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 417.635152][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 417.635177][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xA, skipping [ 417.635202][ T5945] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x6 has invalid maxpacket 520, setting to 64 [ 417.635229][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 417.635253][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 417.635276][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x8, skipping [ 417.635301][ T5945] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x1 has invalid maxpacket 1023, setting to 64 [ 417.635330][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 417.635353][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 417.635377][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x9, skipping [ 417.635401][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 417.635425][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 417.635448][ T5945] usb 2-1: config 4 interface 39 has no altsetting 0 [ 417.635468][ T5945] usb 2-1: config 4 interface 212 has no altsetting 0 [ 417.635487][ T5945] usb 2-1: config 4 interface 10 has no altsetting 0 [ 417.635505][ T5945] usb 2-1: config 4 interface 3 has no altsetting 0 [ 417.652232][ T5887] usb 1-1: Using ep0 maxpacket: 32 [ 417.659733][ T5887] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88 [ 417.659823][ T5887] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 417.752424][ T5945] usb 2-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice=49.60 [ 417.752458][ T5945] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 417.752479][ T5945] usb 2-1: Product: syz [ 417.752494][ T5945] usb 2-1: Manufacturer: syz [ 417.752510][ T5945] usb 2-1: SerialNumber: syz [ 418.052600][ T5887] usb 1-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 418.052635][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 418.052657][ T5887] usb 1-1: Product: syz [ 418.088761][ T5887] usb 1-1: config 0 descriptor?? [ 418.089676][ T5887] usb 1-1: can't set config #0, error -71 [ 418.107955][ T5887] usb 1-1: USB disconnect, device number 36 [ 419.676045][ T5945] usb 2-1: USB disconnect, device number 32 [ 419.930968][ T8510] netlink: 40 bytes leftover after parsing attributes in process `syz.3.734'. [ 422.075585][ T5811] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 422.622305][ T9] usb 4-1: new high-speed USB device number 36 using dummy_hcd [ 422.781340][ T9] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 422.781409][ T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 422.785602][ T9] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 422.785633][ T9] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 422.785653][ T9] usb 4-1: Manufacturer: syz [ 422.796080][ T9] usb 4-1: config 0 descriptor?? [ 423.032204][ T9] rc_core: IR keymap rc-hauppauge not found [ 423.032230][ T9] Registered IR keymap rc-empty [ 423.034079][ T9] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0 [ 423.039808][ T9] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input38 [ 425.513409][ T8579] fuse: Invalid rootmode [ 425.846429][ T5119] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 426.897947][ T5988] usb 4-1: USB disconnect, device number 36 [ 427.165961][ T8604] FAULT_INJECTION: forcing a failure. [ 427.165961][ T8604] name failslab, interval 1, probability 0, space 0, times 0 [ 427.165984][ T8604] CPU: 0 UID: 0 PID: 8604 Comm: syz.3.772 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 427.165998][ T8604] Tainted: [L]=SOFTLOCKUP [ 427.166002][ T8604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 427.166008][ T8604] Call Trace: [ 427.166012][ T8604] [ 427.166017][ T8604] dump_stack_lvl+0x189/0x250 [ 427.166034][ T8604] ? __pfx____ratelimit+0x10/0x10 [ 427.166050][ T8604] ? __pfx_dump_stack_lvl+0x10/0x10 [ 427.166063][ T8604] ? __pfx__printk+0x10/0x10 [ 427.166076][ T8604] ? __pfx___might_resched+0x10/0x10 [ 427.166089][ T8604] should_fail_ex+0x46c/0x600 [ 427.166105][ T8604] should_failslab+0xa8/0x100 [ 427.166116][ T8604] __kmalloc_noprof+0xe0/0x7e0 [ 427.166130][ T8604] ? kfree+0x4d/0x900 [ 427.166140][ T8604] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 427.166155][ T8604] tomoyo_realpath_from_path+0xe3/0x5d0 [ 427.166165][ T8604] ? tomoyo_domain+0xd9/0x130 [ 427.166180][ T8604] tomoyo_path_perm+0x213/0x4b0 [ 427.166194][ T8604] ? tomoyo_path_perm+0x1e3/0x4b0 [ 427.166206][ T8604] ? __pfx_tomoyo_path_perm+0x10/0x10 [ 427.166222][ T8604] ? rt_spin_lock+0x1c1/0x3e0 [ 427.166249][ T8604] ? __pfx_current_check_access_path+0x10/0x10 [ 427.166261][ T8604] ? __d_lookup+0x66/0x780 [ 427.166276][ T8604] ? __d_lookup+0x66/0x780 [ 427.166286][ T8604] ? __d_lookup+0x6df/0x780 [ 427.166300][ T8604] tomoyo_path_rmdir+0xa2/0xe0 [ 427.166310][ T8604] ? __pfx_tomoyo_path_rmdir+0x10/0x10 [ 427.166324][ T8604] ? d_lookup+0xa0/0xc0 [ 427.166337][ T8604] security_path_rmdir+0x167/0x360 [ 427.166351][ T8604] do_rmdir+0x1fb/0x4a0 [ 427.166367][ T8604] ? __pfx_do_rmdir+0x10/0x10 [ 427.166381][ T8604] ? strncpy_from_user+0x150/0x2c0 [ 427.166395][ T8604] ? getname_flags+0x1e5/0x540 [ 427.166407][ T8604] __x64_sys_rmdir+0x47/0x50 [ 427.166420][ T8604] do_syscall_64+0xfa/0xf80 [ 427.166431][ T8604] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.166441][ T8604] ? clear_bhb_loop+0x60/0xb0 [ 427.166453][ T8604] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 427.166462][ T8604] RIP: 0033:0x7f373936f749 [ 427.166473][ T8604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 427.166486][ T8604] RSP: 002b:00007f37375d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054 [ 427.166501][ T8604] RAX: ffffffffffffffda RBX: 00007f37395c5fa0 RCX: 00007f373936f749 [ 427.166509][ T8604] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040 [ 427.166515][ T8604] RBP: 00007f37375d6090 R08: 0000000000000000 R09: 0000000000000000 [ 427.166521][ T8604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 427.166536][ T8604] R13: 00007f37395c6038 R14: 00007f37395c5fa0 R15: 00007ffdc510d6a8 [ 427.166563][ T8604] [ 427.166570][ T8604] ERROR: Out of memory at tomoyo_realpath_from_path. [ 428.936332][ T5119] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201' [ 428.936372][ T5119] CPU: 1 UID: 0 PID: 5119 Comm: kworker/u9:1 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 428.936407][ T5119] Tainted: [L]=SOFTLOCKUP [ 428.936416][ T5119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 428.936433][ T5119] Workqueue: hci2 hci_rx_work [ 428.936465][ T5119] Call Trace: [ 428.936474][ T5119] [ 428.936485][ T5119] dump_stack_lvl+0x189/0x250 [ 428.936526][ T5119] ? __pfx_dump_stack_lvl+0x10/0x10 [ 428.936559][ T5119] ? __pfx__printk+0x10/0x10 [ 428.936603][ T5119] ? kernfs_path_from_node+0x2c/0x280 [ 428.936640][ T5119] ? kernfs_path_from_node+0x243/0x280 [ 428.936673][ T5119] ? kernfs_path_from_node+0x2c/0x280 [ 428.936712][ T5119] sysfs_create_dir_ns+0x259/0x280 [ 428.936746][ T5119] ? __pfx_rt_mutex_slowunlock+0x10/0x10 [ 428.936781][ T5119] ? __pfx_sysfs_create_dir_ns+0x10/0x10 [ 428.936820][ T5119] ? rt_spin_unlock+0x161/0x200 [ 428.936851][ T5119] kobject_add_internal+0x6b1/0xcd0 [ 428.936889][ T5119] kobject_add+0x155/0x220 [ 428.936920][ T5119] ? __pfx_kobject_add+0x10/0x10 [ 428.936954][ T5119] ? get_device_parent+0x370/0x3a0 [ 428.936983][ T5119] device_add+0x408/0xb80 [ 428.937012][ T5119] hci_conn_add_sysfs+0xd5/0x210 [ 428.937048][ T5119] le_conn_complete_evt+0xf1d/0x1420 [ 428.937076][ T5119] ? lockdep_hardirqs_on+0x98/0x140 [ 428.937109][ T5119] ? __pfx_le_conn_complete_evt+0x10/0x10 [ 428.937146][ T5119] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 428.937169][ T5119] ? lockdep_hardirqs_on+0x98/0x140 [ 428.937196][ T5119] ? skb_pull_data+0xfb/0x200 [ 428.937239][ T5119] hci_le_conn_complete_evt+0x187/0x480 [ 428.937279][ T5119] hci_event_packet+0x78f/0x1260 [ 428.937301][ T5119] ? reacquire_held_locks+0x121/0x1c0 [ 428.937341][ T5119] ? __pfx_hci_le_meta_evt+0x10/0x10 [ 428.937372][ T5119] ? __pfx_hci_event_packet+0x10/0x10 [ 428.937395][ T5119] ? rt_spin_unlock+0x150/0x200 [ 428.937440][ T5119] ? hci_send_to_monitor+0xe2/0x590 [ 428.937476][ T5119] hci_rx_work+0x3ee/0x1060 [ 428.937510][ T5119] ? process_scheduled_works+0x9ef/0x1770 [ 428.937541][ T5119] process_scheduled_works+0xad1/0x1770 [ 428.937611][ T5119] ? __pfx_process_scheduled_works+0x10/0x10 [ 428.937662][ T5119] worker_thread+0x8a0/0xda0 [ 428.937724][ T5119] kthread+0x711/0x8a0 [ 428.937759][ T5119] ? __pfx_worker_thread+0x10/0x10 [ 428.937786][ T5119] ? __pfx_kthread+0x10/0x10 [ 428.937813][ T5119] ? rt_spin_unlock+0x150/0x200 [ 428.937847][ T5119] ? rt_spin_unlock+0x161/0x200 [ 428.937877][ T5119] ? __pfx_kthread+0x10/0x10 [ 428.937911][ T5119] ret_from_fork+0x599/0xb30 [ 428.937941][ T5119] ? __pfx_ret_from_fork+0x10/0x10 [ 428.937981][ T5119] ? __switch_to_asm+0x39/0x70 [ 428.938013][ T5119] ? __switch_to_asm+0x33/0x70 [ 428.938044][ T5119] ? __pfx_kthread+0x10/0x10 [ 428.938078][ T5119] ret_from_fork_asm+0x1a/0x30 [ 428.938135][ T5119] [ 428.938174][ T5119] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory. [ 428.938234][ T5119] Bluetooth: hci2: failed to register connection device [ 430.286304][ T8631] FAULT_INJECTION: forcing a failure. [ 430.286304][ T8631] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 430.286341][ T8631] CPU: 1 UID: 0 PID: 8631 Comm: syz.4.782 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 430.286368][ T8631] Tainted: [L]=SOFTLOCKUP [ 430.286375][ T8631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 430.286386][ T8631] Call Trace: [ 430.286394][ T8631] [ 430.286402][ T8631] dump_stack_lvl+0x189/0x250 [ 430.286433][ T8631] ? __pfx____ratelimit+0x10/0x10 [ 430.286463][ T8631] ? __pfx_dump_stack_lvl+0x10/0x10 [ 430.286488][ T8631] ? __pfx__printk+0x10/0x10 [ 430.286523][ T8631] should_fail_ex+0x46c/0x600 [ 430.286554][ T8631] _copy_from_user+0x2d/0xb0 [ 430.286575][ T8631] memdup_sockptr_noprof+0x95/0x100 [ 430.286599][ T8631] ipv6_set_mcast_msfilter+0xc2/0x220 [ 430.286623][ T8631] do_ipv6_setsockopt+0x126b/0x2eb0 [ 430.286653][ T8631] ? __pfx_do_ipv6_setsockopt+0x10/0x10 [ 430.286692][ T8631] ? __lock_acquire+0x6b6/0x2cf0 [ 430.286725][ T8631] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 430.286754][ T8631] ? lockdep_hardirqs_on+0x98/0x140 [ 430.286775][ T8631] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 430.286794][ T8631] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 430.286838][ T8631] ? __fget_files+0x2a/0x420 [ 430.286864][ T8631] ipv6_setsockopt+0x59/0x170 [ 430.286882][ T8631] ? __pfx_sock_common_setsockopt+0x10/0x10 [ 430.286905][ T8631] do_sock_setsockopt+0x17c/0x1b0 [ 430.286934][ T8631] __x64_sys_setsockopt+0x145/0x1b0 [ 430.286964][ T8631] do_syscall_64+0xfa/0xf80 [ 430.286983][ T8631] ? rcu_is_watching+0x15/0xb0 [ 430.287001][ T8631] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.287020][ T8631] ? clear_bhb_loop+0x60/0xb0 [ 430.287044][ T8631] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 430.287062][ T8631] RIP: 0033:0x7f4082dcf749 [ 430.287080][ T8631] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 430.287096][ T8631] RSP: 002b:00007f4081036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036 [ 430.287118][ T8631] RAX: ffffffffffffffda RBX: 00007f4083025fa0 RCX: 00007f4082dcf749 [ 430.287132][ T8631] RDX: 0000000000000030 RSI: 0000000000000029 RDI: 0000000000000003 [ 430.287144][ T8631] RBP: 00007f4081036090 R08: 0000000000000090 R09: 0000000000000000 [ 430.287156][ T8631] R10: 0000200000000ac0 R11: 0000000000000246 R12: 0000000000000001 [ 430.287168][ T8631] R13: 00007f4083026038 R14: 00007f4083025fa0 R15: 00007ffc98247a98 [ 430.287201][ T8631] [ 430.362371][ T5985] usb 1-1: new high-speed USB device number 37 using dummy_hcd [ 430.396542][ T5119] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection [ 430.526962][ T5985] usb 1-1: Using ep0 maxpacket: 8 [ 430.533627][ T5985] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 430.541003][ T5985] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 430.541031][ T5985] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 430.541051][ T5985] usb 1-1: Product: syz [ 430.541066][ T5985] usb 1-1: Manufacturer: syz [ 430.541080][ T5985] usb 1-1: SerialNumber: syz [ 431.903636][ T5985] usb 1-1: palm_os_3_probe - error -110 getting connection information [ 431.903751][ T5985] visor 1-1:1.0: probe with driver visor failed with error -110 [ 432.536470][ T8651] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.789'. [ 432.647269][ T8654] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 432.671794][ T8654] netlink: 76 bytes leftover after parsing attributes in process `syz.1.786'. [ 432.679934][ T8654] netlink: 4 bytes leftover after parsing attributes in process `syz.1.786'. [ 432.949871][ T5119] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 433.272284][ T805] usb 4-1: new high-speed USB device number 37 using dummy_hcd [ 433.329895][ T5874] usb 1-1: USB disconnect, device number 37 [ 433.425256][ T805] usb 4-1: config index 0 descriptor too short (expected 23569, got 27) [ 433.425294][ T805] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 433.426617][ T805] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 433.426648][ T805] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 433.426670][ T805] usb 4-1: Manufacturer: syz [ 433.442363][ T805] usb 4-1: config 0 descriptor?? [ 433.477212][ T805] igorplugusb 4-1:0.0: incorrect number of endpoints [ 433.856744][ T8690] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.802'. [ 433.986201][ T8694] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check. [ 434.139720][ T8699] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 434.153067][ T8699] netlink: 76 bytes leftover after parsing attributes in process `syz.2.806'. [ 434.208365][ T8704] netlink: 4 bytes leftover after parsing attributes in process `syz.2.806'. [ 434.369040][ T8715] 9pnet_fd: p9_fd_create_tcp (8715): problem connecting socket to 127.0.0.1 [ 434.370952][ T8715] 9pnet_fd: p9_fd_create_tcp (8715): problem connecting socket to 127.0.0.1 [ 434.400100][ T8715] 9pnet_fd: p9_fd_create_tcp (8715): problem connecting socket to 127.0.0.1 [ 434.401859][ T8715] 9pnet_fd: p9_fd_create_tcp (8715): problem connecting socket to 127.0.0.1 [ 434.628353][ T5874] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 434.720047][ T5812] Bluetooth: hci4: command 0x0406 tx timeout [ 434.806954][ T5874] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 434.806990][ T5874] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 434.807048][ T5874] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 435.978893][ T5812] Bluetooth: hci2: command 0x0406 tx timeout [ 436.020892][ T5874] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 436.020927][ T5874] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 436.020949][ T5874] usb 2-1: Manufacturer: syz [ 436.054450][ T5874] usb 2-1: config 0 descriptor?? [ 436.086860][ T5874] igorplugusb 2-1:0.0: incorrect number of endpoints [ 436.512340][ T5988] usb 3-1: new high-speed USB device number 43 using dummy_hcd [ 436.520964][ T8748] fuse: Unknown parameter '°É¹' [ 436.522016][ T8749] netlink: 766 bytes leftover after parsing attributes in process `syz.0.823'. [ 436.662364][ T5988] usb 3-1: Using ep0 maxpacket: 8 [ 436.665921][ T5988] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 436.669344][ T5988] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 436.669378][ T5988] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 436.669410][ T5988] usb 3-1: Product: syz [ 436.669425][ T5988] usb 3-1: Manufacturer: syz [ 436.669441][ T5988] usb 3-1: SerialNumber: syz [ 436.891893][ T5988] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 436.891924][ T5988] usb 3-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 436.891944][ T5988] usb 3-1: Handspring Visor / Palm OS: Number of ports: 2 [ 437.056609][ T6019] usb 1-1: new high-speed USB device number 38 using dummy_hcd [ 437.159267][ T5988] usb 3-1: palm_os_3_probe - error -71 getting bytes available request [ 437.159373][ T5988] visor 3-1:1.0: Handspring Visor / Palm OS converter detected [ 437.225165][ T5988] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 437.239657][ T5988] usb 3-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 437.255811][ T5988] usb 3-1: USB disconnect, device number 43 [ 437.307394][ T5988] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 437.362448][ T5988] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 437.363155][ T5988] visor 3-1:1.0: device disconnected [ 438.502849][ T5887] usb 4-1: USB disconnect, device number 37 [ 438.513874][ T8773] FAULT_INJECTION: forcing a failure. [ 438.513874][ T8773] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 438.513910][ T8773] CPU: 0 UID: 0 PID: 8773 Comm: syz.4.832 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 438.513937][ T8773] Tainted: [L]=SOFTLOCKUP [ 438.513944][ T8773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 438.513956][ T8773] Call Trace: [ 438.513964][ T8773] [ 438.513972][ T8773] dump_stack_lvl+0x189/0x250 [ 438.514002][ T8773] ? __pfx____ratelimit+0x10/0x10 [ 438.514032][ T8773] ? __pfx_dump_stack_lvl+0x10/0x10 [ 438.514058][ T8773] ? __pfx__printk+0x10/0x10 [ 438.514094][ T8773] should_fail_ex+0x46c/0x600 [ 438.514126][ T8773] _copy_to_user+0x31/0xb0 [ 438.514149][ T8773] simple_read_from_buffer+0xe1/0x170 [ 438.514176][ T8773] proc_fail_nth_read+0x1b6/0x220 [ 438.514208][ T8773] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 438.514239][ T8773] ? rw_verify_area+0x2ac/0x4e0 [ 438.514265][ T8773] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 438.514294][ T8773] vfs_read+0x206/0xa30 [ 438.514329][ T8773] ? __pfx_vfs_read+0x10/0x10 [ 438.514353][ T8773] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 438.514421][ T8773] ? mutex_lock_nested+0x154/0x1d0 [ 438.514444][ T8773] ? fdget_pos+0x253/0x320 [ 438.514476][ T8773] ksys_read+0x14b/0x260 [ 438.514501][ T8773] ? __fget_files+0x2a/0x420 [ 438.514522][ T8773] ? __pfx_ksys_read+0x10/0x10 [ 438.514553][ T8773] ? do_syscall_64+0xbe/0xf80 [ 438.514577][ T8773] do_syscall_64+0xfa/0xf80 [ 438.514597][ T8773] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.514616][ T8773] ? clear_bhb_loop+0x60/0xb0 [ 438.514641][ T8773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 438.514659][ T8773] RIP: 0033:0x7f4082dce15c [ 438.514676][ T8773] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 438.514693][ T8773] RSP: 002b:00007f4081036030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 438.514714][ T8773] RAX: ffffffffffffffda RBX: 00007f4083025fa0 RCX: 00007f4082dce15c [ 438.514729][ T8773] RDX: 000000000000000f RSI: 00007f40810360a0 RDI: 0000000000000006 [ 438.514741][ T8773] RBP: 00007f4081036090 R08: 0000000000000000 R09: 0000000000000000 [ 438.514754][ T8773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 438.514765][ T8773] R13: 00007f4083026038 R14: 00007f4083025fa0 R15: 00007ffc98247a98 [ 438.514799][ T8773] [ 438.882199][ T6019] usb 1-1: Using ep0 maxpacket: 8 [ 438.931641][ T6019] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 438.943852][ T6019] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 438.943886][ T6019] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 438.943910][ T6019] usb 1-1: Product: syz [ 438.943925][ T6019] usb 1-1: Manufacturer: syz [ 438.943938][ T6019] usb 1-1: SerialNumber: syz [ 439.227046][ T6019] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 439.227078][ T6019] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 439.227096][ T6019] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2 [ 439.352302][ T5887] usb 4-1: new high-speed USB device number 38 using dummy_hcd [ 439.447373][ T8760] netlink: 28 bytes leftover after parsing attributes in process `syz.0.827'. [ 439.451101][ T6019] usb 1-1: palm_os_3_probe - error -71 getting bytes available request [ 439.451200][ T6019] visor 1-1:1.0: Handspring Visor / Palm OS converter detected [ 439.486234][ T6019] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 439.503399][ T6019] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 439.506688][ T6019] usb 1-1: USB disconnect, device number 38 [ 439.510070][ T5887] usb 4-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64 [ 439.510099][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 439.510121][ T5887] usb 4-1: Product: syz [ 439.510136][ T5887] usb 4-1: Manufacturer: syz [ 439.510151][ T5887] usb 4-1: SerialNumber: syz [ 439.571010][ T5988] usb 2-1: USB disconnect, device number 33 [ 439.579230][ T6019] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 439.604474][ T5887] usb 4-1: config 0 descriptor?? [ 439.611407][ T6019] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 439.640008][ T6019] visor 1-1:1.0: device disconnected [ 439.665279][ T5887] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state. [ 439.681681][ T5887] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer. [ 439.684413][ T5887] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0)) [ 439.684483][ T5887] usb 4-1: media controller created [ 439.719665][ T5887] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 439.858565][ T5887] DVB: Unable to find symbol mt352_attach() [ 439.936700][ T5887] DVB: Unable to find symbol nxt6000_attach() [ 439.936719][ T5887] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)' [ 439.961864][ T5887] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input39 [ 439.977288][ T5887] dvb-usb: schedule remote query interval to 1000 msecs. [ 439.977313][ T5887] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected. [ 439.977332][ T5887] dvb-usb: bulk message failed: -22 (7/0) [ 439.977351][ T5887] dvb-usb: bulk message failed: -22 (7/0) [ 439.998803][ T5887] usb 4-1: USB disconnect, device number 38 [ 440.122284][ T5988] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 440.184236][ T5887] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected. [ 440.272234][ T5988] usb 2-1: Using ep0 maxpacket: 32 [ 440.274755][ T5988] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88 [ 440.274792][ T5988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 440.278053][ T5988] usb 2-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 440.278083][ T5988] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.278103][ T5988] usb 2-1: Product: syz [ 440.278119][ T5988] usb 2-1: Manufacturer: syz [ 440.278134][ T5988] usb 2-1: SerialNumber: syz [ 440.291556][ T5988] usb 2-1: config 0 descriptor?? [ 440.312484][ T5988] usb 2-1: no audio or video endpoints found [ 440.383162][ T8820] netlink: 8 bytes leftover after parsing attributes in process `syz.0.851'. [ 440.522436][ T8823] FAULT_INJECTION: forcing a failure. [ 440.522436][ T8823] name failslab, interval 1, probability 0, space 0, times 0 [ 440.522504][ T8823] CPU: 1 UID: 0 PID: 8823 Comm: syz.2.847 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 440.522535][ T8823] Tainted: [L]=SOFTLOCKUP [ 440.522543][ T8823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 440.522557][ T8823] Call Trace: [ 440.522565][ T8823] [ 440.522575][ T8823] dump_stack_lvl+0x189/0x250 [ 440.522610][ T8823] ? __pfx____ratelimit+0x10/0x10 [ 440.522644][ T8823] ? __pfx_dump_stack_lvl+0x10/0x10 [ 440.522674][ T8823] ? __pfx__printk+0x10/0x10 [ 440.522703][ T8823] ? __pfx___might_resched+0x10/0x10 [ 440.522728][ T8823] ? fs_reclaim_acquire+0x7d/0x100 [ 440.522754][ T8823] should_fail_ex+0x46c/0x600 [ 440.522788][ T8823] ? alloc_empty_file+0x55/0x1d0 [ 440.522812][ T8823] should_failslab+0xa8/0x100 [ 440.522835][ T8823] ? alloc_empty_file+0x55/0x1d0 [ 440.522857][ T8823] kmem_cache_alloc_noprof+0x84/0x6c0 [ 440.522886][ T8823] ? finish_task_switch+0x23d/0x940 [ 440.522917][ T8823] ? lockdep_hardirqs_on+0x98/0x140 [ 440.522944][ T8823] alloc_empty_file+0x55/0x1d0 [ 440.522970][ T8823] path_openat+0x10e/0x3df0 [ 440.522998][ T8823] ? trace_sched_exit_tp+0x36/0xf0 [ 440.523029][ T8823] ? __schedule+0x1496/0x50a0 [ 440.523068][ T8823] ? __lock_acquire+0x6b6/0x2cf0 [ 440.523111][ T8823] ? __pfx_stack_trace_save+0x10/0x10 [ 440.523147][ T8823] ? __lock_acquire+0x6b6/0x2cf0 [ 440.523176][ T8823] ? __pfx_path_openat+0x10/0x10 [ 440.523207][ T8823] ? do_raw_spin_lock+0x121/0x290 [ 440.523245][ T8823] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 440.523268][ T8823] ? lockdep_hardirqs_on+0x98/0x140 [ 440.523291][ T8823] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 440.523323][ T8823] do_filp_open+0x1fa/0x410 [ 440.523355][ T8823] ? __pfx_do_filp_open+0x10/0x10 [ 440.523393][ T8823] ? rt_mutex_slowunlock+0x493/0x8a0 [ 440.523451][ T8823] ? alloc_fd+0x64f/0x6c0 [ 440.523489][ T8823] do_sys_openat2+0x121/0x200 [ 440.523518][ T8823] ? __pfx_do_sys_openat2+0x10/0x10 [ 440.523549][ T8823] ? ksys_write+0x230/0x260 [ 440.523589][ T8823] __x64_sys_openat+0x138/0x170 [ 440.523621][ T8823] do_syscall_64+0xfa/0xf80 [ 440.523642][ T8823] ? rcu_is_watching+0x15/0xb0 [ 440.523661][ T8823] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.523683][ T8823] ? clear_bhb_loop+0x60/0xb0 [ 440.523711][ T8823] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 440.523732][ T8823] RIP: 0033:0x7f5438fadf90 [ 440.523751][ T8823] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44 [ 440.523771][ T8823] RSP: 002b:00007f54371d3f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101 [ 440.523795][ T8823] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f5438fadf90 [ 440.523811][ T8823] RDX: 0000000000000002 RSI: 00007f54371d3fa0 RDI: 00000000ffffff9c [ 440.523826][ T8823] RBP: 00007f54371d3fa0 R08: 0000000000000000 R09: 0000000000000000 [ 440.523839][ T8823] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 440.523852][ T8823] R13: 00007f5439206218 R14: 00007f5439206180 R15: 00007ffcf630dad8 [ 440.523890][ T8823] [ 440.538188][ T8823] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3 [ 441.193461][ T5887] usb 2-1: USB disconnect, device number 34 [ 441.532263][ T805] usb 4-1: new high-speed USB device number 39 using dummy_hcd [ 441.695309][ T805] usb 4-1: config 1 has an invalid interface number: 13 but max is 0 [ 441.695340][ T805] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 441.695361][ T805] usb 4-1: config 1 has no interface number 0 [ 441.695415][ T805] usb 4-1: config 1 interface 13 altsetting 6 endpoint 0xE has invalid wMaxPacketSize 0 [ 441.695439][ T805] usb 4-1: config 1 interface 13 altsetting 6 bulk endpoint 0xE has invalid maxpacket 0 [ 441.695465][ T805] usb 4-1: config 1 interface 13 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 441.695607][ T805] usb 4-1: config 1 interface 13 has no altsetting 0 [ 441.698328][ T805] usb 4-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=4c.2b [ 441.698359][ T805] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 441.698381][ T805] usb 4-1: Product: syz [ 441.698396][ T805] usb 4-1: Manufacturer: syz [ 441.698412][ T805] usb 4-1: SerialNumber: syz [ 442.007334][ T805] s2255 4-1:1.13: Could not find bulk-in endpoint [ 442.008764][ T805] Sensoray 2255 driver load failed: 0xfffffff4 [ 442.008804][ T805] s2255 4-1:1.13: probe with driver s2255 failed with error -12 [ 442.042938][ T805] usb 4-1: USB disconnect, device number 39 [ 442.077559][ T8853] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 442.080866][ T8853] netlink: 76 bytes leftover after parsing attributes in process `syz.1.863'. [ 442.090809][ T8853] netlink: 4 bytes leftover after parsing attributes in process `syz.1.863'. [ 442.398506][ T37] audit: type=1326 audit(1766194502.798:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8862 comm="syz.2.866" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x0 [ 442.398571][ T37] audit: type=1326 audit(1766194502.798:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8862 comm="syz.2.866" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x0 [ 442.659031][ T8872] FAULT_INJECTION: forcing a failure. [ 442.659031][ T8872] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 442.659073][ T8872] CPU: 0 UID: 0 PID: 8872 Comm: syz.4.871 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 442.659104][ T8872] Tainted: [L]=SOFTLOCKUP [ 442.659112][ T8872] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 442.659124][ T8872] Call Trace: [ 442.659133][ T8872] [ 442.659142][ T8872] dump_stack_lvl+0x189/0x250 [ 442.659175][ T8872] ? __pfx____ratelimit+0x10/0x10 [ 442.659225][ T8872] ? __pfx_dump_stack_lvl+0x10/0x10 [ 442.659255][ T8872] ? __pfx__printk+0x10/0x10 [ 442.659293][ T8872] should_fail_ex+0x46c/0x600 [ 442.659326][ T8872] _copy_from_user+0x2d/0xb0 [ 442.659349][ T8872] bpf_test_init+0xd8/0x150 [ 442.659382][ T8872] bpf_prog_test_run_nf+0x2af/0x730 [ 442.659418][ T8872] ? __pfx_bpf_prog_test_run_nf+0x10/0x10 [ 442.659454][ T8872] ? __fget_files+0x2a/0x420 [ 442.659479][ T8872] ? __fget_files+0x2a/0x420 [ 442.659505][ T8872] ? __pfx_bpf_prog_test_run_nf+0x10/0x10 [ 442.659536][ T8872] bpf_prog_test_run+0x2cd/0x340 [ 442.659567][ T8872] __sys_bpf+0x562/0x860 [ 442.659595][ T8872] ? __pfx___sys_bpf+0x10/0x10 [ 442.659613][ T8872] ? rt_mutex_slowunlock+0x1be/0x2e0 [ 442.659661][ T8872] ? ksys_write+0x230/0x260 [ 442.659702][ T8872] ? __pfx_ksys_write+0x10/0x10 [ 442.659738][ T8872] __x64_sys_bpf+0x7c/0x90 [ 442.659761][ T8872] do_syscall_64+0xfa/0xf80 [ 442.659782][ T8872] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.659803][ T8872] ? clear_bhb_loop+0x60/0xb0 [ 442.659829][ T8872] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 442.659849][ T8872] RIP: 0033:0x7f4082dcf749 [ 442.659868][ T8872] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 442.659887][ T8872] RSP: 002b:00007f4081036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 442.659911][ T8872] RAX: ffffffffffffffda RBX: 00007f4083025fa0 RCX: 00007f4082dcf749 [ 442.659927][ T8872] RDX: 0000000000000050 RSI: 0000200000000040 RDI: 000000000000000a [ 442.659941][ T8872] RBP: 00007f4081036090 R08: 0000000000000000 R09: 0000000000000000 [ 442.659954][ T8872] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 442.659966][ T8872] R13: 00007f4083026038 R14: 00007f4083025fa0 R15: 00007ffc98247a98 [ 442.660003][ T8872] [ 442.692346][ T5960] usb 1-1: new high-speed USB device number 39 using dummy_hcd [ 442.731524][ T8873] netlink: 'syz.3.870': attribute type 1 has an invalid length. [ 442.733932][ T8873] dummy0: left promiscuous mode [ 442.733959][ T8873] dummy0: left allmulticast mode [ 442.792849][ T8874] netlink: 'syz.3.870': attribute type 1 has an invalid length. [ 442.877982][ T8874] bond1: entered allmulticast mode [ 442.930349][ T8873] 8021q: adding VLAN 0 to HW filter on device batadv1 [ 442.941480][ T8873] bond1: (slave batadv1): making interface the new active one [ 442.941505][ T8873] batadv1: entered allmulticast mode [ 442.951468][ T8873] bond1: (slave batadv1): Enslaving as an active interface with an up link [ 443.052312][ T5960] usb 1-1: Using ep0 maxpacket: 8 [ 443.054668][ T5960] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7 [ 443.057181][ T5960] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b [ 443.057210][ T5960] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3 [ 443.057232][ T5960] usb 1-1: Product: syz [ 443.057248][ T5960] usb 1-1: Manufacturer: syz [ 443.057264][ T5960] usb 1-1: SerialNumber: syz [ 443.320803][ T5960] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 443.320835][ T5960] usb 1-1: Handspring Visor / Palm OS: port 0, is for Generic use [ 443.320855][ T5960] usb 1-1: Handspring Visor / Palm OS: Number of ports: 2 [ 443.569333][ T5960] usb 1-1: palm_os_3_probe - error -71 getting bytes available request [ 443.569662][ T5960] visor 1-1:1.0: Handspring Visor / Palm OS converter detected [ 443.599084][ T5960] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB0 [ 443.619356][ T5960] usb 1-1: Handspring Visor / Palm OS converter now attached to ttyUSB1 [ 443.763726][ T5960] usb 1-1: USB disconnect, device number 39 [ 443.797583][ T5960] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0 [ 443.829109][ T5960] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1 [ 443.831479][ T5960] visor 1-1:1.0: device disconnected [ 443.976793][ T8896] FAULT_INJECTION: forcing a failure. [ 443.976793][ T8896] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 443.976826][ T8896] CPU: 0 UID: 0 PID: 8896 Comm: syz.4.880 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 443.976857][ T8896] Tainted: [L]=SOFTLOCKUP [ 443.976863][ T8896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 443.976873][ T8896] Call Trace: [ 443.976880][ T8896] [ 443.976887][ T8896] dump_stack_lvl+0x189/0x250 [ 443.976914][ T8896] ? __pfx____ratelimit+0x10/0x10 [ 443.976940][ T8896] ? __pfx_dump_stack_lvl+0x10/0x10 [ 443.976962][ T8896] ? __pfx__printk+0x10/0x10 [ 443.976991][ T8896] ? __might_fault+0xb0/0x130 [ 443.977027][ T8896] should_fail_ex+0x46c/0x600 [ 443.977062][ T8896] _copy_from_user+0x2d/0xb0 [ 443.977094][ T8896] iommufd_vfio_ioctl+0x28e/0x12f0 [ 443.977128][ T8896] ? lockdep_hardirqs_on+0x98/0x140 [ 443.977154][ T8896] ? __pfx_iommufd_vfio_ioctl+0x10/0x10 [ 443.977193][ T8896] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 443.977230][ T8896] ? do_vfs_ioctl+0xbeb/0x1440 [ 443.977263][ T8896] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 443.977299][ T8896] ? lockdep_hardirqs_on+0x98/0x140 [ 443.977336][ T8896] iommufd_fops_ioctl+0x116/0x580 [ 443.977375][ T8896] ? smack_file_ioctl+0x24d/0x340 [ 443.977406][ T8896] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 443.977446][ T8896] ? __fget_files+0x3a6/0x420 [ 443.977469][ T8896] ? __fget_files+0x2a/0x420 [ 443.977497][ T8896] ? bpf_lsm_file_ioctl+0x9/0x20 [ 443.977530][ T8896] ? __pfx_iommufd_fops_ioctl+0x10/0x10 [ 443.977559][ T8896] __se_sys_ioctl+0xff/0x170 [ 443.977591][ T8896] do_syscall_64+0xfa/0xf80 [ 443.977610][ T8896] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.977631][ T8896] ? clear_bhb_loop+0x60/0xb0 [ 443.977659][ T8896] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 443.977680][ T8896] RIP: 0033:0x7f4082dcf749 [ 443.977700][ T8896] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 443.977720][ T8896] RSP: 002b:00007f4081036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 443.977745][ T8896] RAX: ffffffffffffffda RBX: 00007f4083025fa0 RCX: 00007f4082dcf749 [ 443.977762][ T8896] RDX: 0000200000000340 RSI: 0000000000003b71 RDI: 0000000000000003 [ 443.977776][ T8896] RBP: 00007f4081036090 R08: 0000000000000000 R09: 0000000000000000 [ 443.977789][ T8896] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 443.977803][ T8896] R13: 00007f4083026038 R14: 00007f4083025fa0 R15: 00007ffc98247a98 [ 443.977840][ T8896] [ 444.572815][ T8901] netlink: 4 bytes leftover after parsing attributes in process `syz.3.881'. [ 444.682252][ T5960] usb 1-1: new high-speed USB device number 40 using dummy_hcd [ 444.832255][ T6903] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 444.837669][ T5960] usb 1-1: config index 0 descriptor too short (expected 23569, got 27) [ 444.837742][ T5960] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 444.841060][ T5960] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 444.841096][ T5960] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 444.841119][ T5960] usb 1-1: Manufacturer: syz [ 444.907503][ T5960] usb 1-1: config 0 descriptor?? [ 444.921415][ T5960] igorplugusb 1-1:0.0: incorrect number of endpoints [ 444.985291][ T6903] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 444.985368][ T6903] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 444.986440][ T6903] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 444.986461][ T6903] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 444.986471][ T6903] usb 2-1: Manufacturer: syz [ 445.010191][ T6903] usb 2-1: config 0 descriptor?? [ 445.124491][ T6903] rc_core: IR keymap rc-hauppauge not found [ 445.124520][ T6903] Registered IR keymap rc-empty [ 445.126342][ T6903] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 445.129777][ T6903] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input40 [ 445.299052][ T1320] ieee802154 phy0 wpan0: encryption failed: -22 [ 445.299132][ T1320] ieee802154 phy1 wpan1: encryption failed: -22 [ 448.931589][ T5988] usb 2-1: USB disconnect, device number 35 [ 453.240728][ T6450] usb 1-1: USB disconnect, device number 40 [ 453.687392][ T37] audit: type=1326 audit(1766194514.128:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.688175][ T37] audit: type=1326 audit(1766194514.128:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.688844][ T37] audit: type=1326 audit(1766194514.128:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=34 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.689031][ T37] audit: type=1326 audit(1766194514.128:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.694243][ T37] audit: type=1326 audit(1766194514.138:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.698691][ T37] audit: type=1326 audit(1766194514.138:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.739880][ T37] audit: type=1326 audit(1766194514.178:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.741012][ T37] audit: type=1326 audit(1766194514.178:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.741062][ T37] audit: type=1326 audit(1766194514.178:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.791919][ T37] audit: type=1326 audit(1766194514.228:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8972 comm="syz.2.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5438faf749 code=0x7ffc0000 [ 453.804132][ T8979] netlink: 28 bytes leftover after parsing attributes in process `syz.2.908'. [ 453.804159][ T8979] netlink: 28 bytes leftover after parsing attributes in process `syz.2.908'. [ 453.891257][ T8992] kvm: pic: non byte read [ 453.891359][ T8992] kvm: pic: non byte read [ 453.891441][ T8992] kvm: pic: non byte read [ 453.891531][ T8992] kvm: pic: non byte read [ 453.891612][ T8992] kvm: pic: non byte read [ 453.891695][ T8992] kvm: pic: non byte read [ 453.895785][ T8992] kvm: pic: non byte read [ 453.895878][ T8992] kvm: pic: non byte read [ 453.895963][ T8992] kvm: pic: non byte read [ 453.896049][ T8992] kvm: pic: non byte read [ 454.118000][ T8996] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 454.130896][ T8996] netlink: 76 bytes leftover after parsing attributes in process `syz.1.912'. [ 454.138303][ T8996] netlink: 4 bytes leftover after parsing attributes in process `syz.1.912'. [ 458.022278][ T805] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 458.185168][ T805] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 458.185202][ T805] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 458.185258][ T805] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 458.190896][ T805] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 458.190929][ T805] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 458.190951][ T805] usb 2-1: Manufacturer: syz [ 458.272473][ T805] usb 2-1: config 0 descriptor?? [ 458.281670][ T805] igorplugusb 2-1:0.0: incorrect number of endpoints [ 458.316541][ T9039] netlink: 4096 bytes leftover after parsing attributes in process `syz.0.926'. [ 459.775755][ T9050] FAULT_INJECTION: forcing a failure. [ 459.775755][ T9050] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 459.775799][ T9050] CPU: 0 UID: 0 PID: 9050 Comm: syz.0.928 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 459.775831][ T9050] Tainted: [L]=SOFTLOCKUP [ 459.775839][ T9050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 459.775853][ T9050] Call Trace: [ 459.775861][ T9050] [ 459.775871][ T9050] dump_stack_lvl+0x189/0x250 [ 459.775907][ T9050] ? __pfx____ratelimit+0x10/0x10 [ 459.775942][ T9050] ? __pfx_dump_stack_lvl+0x10/0x10 [ 459.775972][ T9050] ? __pfx__printk+0x10/0x10 [ 459.775999][ T9050] ? __might_fault+0xb0/0x130 [ 459.776039][ T9050] should_fail_ex+0x46c/0x600 [ 459.776073][ T9050] _copy_from_user+0x2d/0xb0 [ 459.776096][ T9050] copy_from_sockptr+0x5e/0xa0 [ 459.776130][ T9050] do_tcp_getsockopt+0xc76/0x2680 [ 459.776173][ T9050] ? __pfx_do_tcp_getsockopt+0x10/0x10 [ 459.776204][ T9050] ? sock_recv_errqueue+0x4e0/0x510 [ 459.776230][ T9050] ? __lock_acquire+0x6b6/0x2cf0 [ 459.776264][ T9050] ? _parse_integer_limit+0x1ae/0x1f0 [ 459.776300][ T9050] ? kstrtoull+0x12f/0x1d0 [ 459.776332][ T9050] ? __lock_acquire+0x6b6/0x2cf0 [ 459.776370][ T9050] ? __lock_acquire+0x6b6/0x2cf0 [ 459.776420][ T9050] ? __lock_acquire+0x6b6/0x2cf0 [ 459.776487][ T9050] tcp_getsockopt+0x83/0x130 [ 459.776519][ T9050] ? sock_recv_errqueue+0x4e0/0x510 [ 459.776540][ T9050] ? sock_recv_errqueue+0x4e0/0x510 [ 459.776560][ T9050] ? __pfx_sock_common_getsockopt+0x10/0x10 [ 459.776585][ T9050] do_sock_getsockopt+0x2b4/0x3d0 [ 459.776616][ T9050] ? __pfx_do_sock_getsockopt+0x10/0x10 [ 459.776643][ T9050] ? do_syscall_64+0x80/0xf80 [ 459.776665][ T9050] ? __fget_files+0x2a/0x420 [ 459.776689][ T9050] ? __fget_files+0x3a6/0x420 [ 459.776711][ T9050] ? __fget_files+0x2a/0x420 [ 459.776742][ T9050] __x64_sys_getsockopt+0x1ab/0x250 [ 459.776769][ T9050] ? do_syscall_64+0x80/0xf80 [ 459.776792][ T9050] ? do_syscall_64+0x80/0xf80 [ 459.776818][ T9050] do_syscall_64+0xfa/0xf80 [ 459.776842][ T9050] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.776863][ T9050] ? clear_bhb_loop+0x60/0xb0 [ 459.776892][ T9050] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 459.776913][ T9050] RIP: 0033:0x7fdc38fbf749 [ 459.776933][ T9050] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 459.776952][ T9050] RSP: 002b:00007fdc3721e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 459.776977][ T9050] RAX: ffffffffffffffda RBX: 00007fdc39215fa0 RCX: 00007fdc38fbf749 [ 459.776993][ T9050] RDX: 0000000000000023 RSI: 0000000000000006 RDI: 0000000000000004 [ 459.777006][ T9050] RBP: 00007fdc3721e090 R08: 0000200000000380 R09: 0000000000000000 [ 459.777021][ T9050] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001 [ 459.777035][ T9050] R13: 00007fdc39216038 R14: 00007fdc39215fa0 R15: 00007fff6153f9f8 [ 459.777071][ T9050] [ 462.325859][ T9083] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.938'. [ 462.905725][ T5960] usb 2-1: USB disconnect, device number 36 [ 463.220998][ T9099] 9p: Bad value for 'rfdno' [ 465.215562][ T9114] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 465.218234][ T9114] netlink: 76 bytes leftover after parsing attributes in process `syz.0.951'. [ 465.219824][ T9114] netlink: 4 bytes leftover after parsing attributes in process `syz.0.951'. [ 465.779038][ T9126] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 465.779266][ T9126] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 466.943152][ T5811] Bluetooth: hci1: Ignoring HCI_Connection_Complete for existing connection [ 467.109674][ T9155] FAULT_INJECTION: forcing a failure. [ 467.109674][ T9155] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 467.109716][ T9155] CPU: 1 UID: 0 PID: 9155 Comm: syz.0.966 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 467.109748][ T9155] Tainted: [L]=SOFTLOCKUP [ 467.109756][ T9155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 467.109769][ T9155] Call Trace: [ 467.109778][ T9155] [ 467.109788][ T9155] dump_stack_lvl+0x189/0x250 [ 467.109823][ T9155] ? __pfx____ratelimit+0x10/0x10 [ 467.109858][ T9155] ? __pfx_dump_stack_lvl+0x10/0x10 [ 467.109887][ T9155] ? __pfx__printk+0x10/0x10 [ 467.109929][ T9155] should_fail_ex+0x46c/0x600 [ 467.109967][ T9155] _copy_to_user+0x31/0xb0 [ 467.109992][ T9155] simple_read_from_buffer+0xe1/0x170 [ 467.110022][ T9155] proc_fail_nth_read+0x1b6/0x220 [ 467.110072][ T9155] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 467.110111][ T9155] ? rw_verify_area+0x2ac/0x4e0 [ 467.110141][ T9155] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 467.110176][ T9155] vfs_read+0x206/0xa30 [ 467.110218][ T9155] ? __pfx_vfs_read+0x10/0x10 [ 467.110244][ T9155] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 467.110286][ T9155] ? mutex_lock_nested+0x154/0x1d0 [ 467.110313][ T9155] ? fdget_pos+0x253/0x320 [ 467.110347][ T9155] ksys_read+0x14b/0x260 [ 467.110377][ T9155] ? __fget_files+0x2a/0x420 [ 467.110410][ T9155] ? __pfx_ksys_read+0x10/0x10 [ 467.110447][ T9155] ? do_syscall_64+0xbe/0xf80 [ 467.110484][ T9155] do_syscall_64+0xfa/0xf80 [ 467.110508][ T9155] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.110531][ T9155] ? clear_bhb_loop+0x60/0xb0 [ 467.110560][ T9155] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.110581][ T9155] RIP: 0033:0x7fdc38fbe15c [ 467.110602][ T9155] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 467.110623][ T9155] RSP: 002b:00007fdc3721e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 467.110649][ T9155] RAX: ffffffffffffffda RBX: 00007fdc39215fa0 RCX: 00007fdc38fbe15c [ 467.110665][ T9155] RDX: 000000000000000f RSI: 00007fdc3721e0a0 RDI: 0000000000000004 [ 467.110680][ T9155] RBP: 00007fdc3721e090 R08: 0000000000000000 R09: 0000000000000000 [ 467.110695][ T9155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 467.110709][ T9155] R13: 00007fdc39216038 R14: 00007fdc39215fa0 R15: 00007fff6153f9f8 [ 467.110748][ T9155] [ 467.693309][ T5960] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 467.855474][ T5960] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 467.855518][ T5960] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 467.855577][ T5960] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 467.857156][ T5960] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 467.857184][ T5960] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 467.857206][ T5960] usb 2-1: Manufacturer: syz [ 467.865064][ T5960] usb 2-1: config 0 descriptor?? [ 467.874422][ T5960] igorplugusb 2-1:0.0: incorrect number of endpoints [ 468.069361][ T9176] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 468.092843][ T9176] netlink: 76 bytes leftover after parsing attributes in process `syz.2.976'. [ 468.143015][ T9176] netlink: 4 bytes leftover after parsing attributes in process `syz.2.976'. [ 468.156867][ T9183] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.978'. [ 468.318218][ T9188] vxfs: unable to read disk superblock at 1 [ 468.318546][ T9188] vxfs: unable to read disk superblock at 8 [ 468.318558][ T9188] vxfs: can't find superblock. [ 470.199394][ T5985] usb 1-1: new high-speed USB device number 41 using dummy_hcd [ 471.672246][ T5985] usb 1-1: Using ep0 maxpacket: 8 [ 471.678356][ T5985] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c [ 471.678394][ T5985] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 471.678416][ T5985] usb 1-1: Product: syz [ 471.678431][ T5985] usb 1-1: Manufacturer: syz [ 471.678447][ T5985] usb 1-1: SerialNumber: syz [ 471.689231][ T5985] usb 1-1: config 0 descriptor?? [ 471.714901][ T5985] gspca_main: se401-2.14.0 probing 047d:5003 [ 471.860198][ T5811] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection [ 472.106904][ T5985] gspca_se401: ExtraFeatures: 7 [ 472.106922][ T5985] gspca_se401: Frame size: 0x0 1/16th janggu [ 472.106937][ T5985] gspca_se401: Frame size: 0x0 1/16th janggu [ 472.106950][ T5985] gspca_se401: Frame size: 0x0 1/16th janggu [ 472.106964][ T5985] gspca_se401: Frame size: 0x0 1/16th janggu [ 472.351127][ T5985] input: se401 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input41 [ 472.422946][ T5985] usb 1-1: USB disconnect, device number 41 [ 472.460726][ T5960] usb 2-1: USB disconnect, device number 37 [ 472.756685][ T9230] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 472.771394][ T9230] netlink: 76 bytes leftover after parsing attributes in process `syz.3.996'. [ 472.775963][ T9230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.996'. [ 472.849303][ T9237] FAULT_INJECTION: forcing a failure. [ 472.849303][ T9237] name failslab, interval 1, probability 0, space 0, times 0 [ 472.849345][ T9237] CPU: 0 UID: 0 PID: 9237 Comm: syz.4.997 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 472.849387][ T9237] Tainted: [L]=SOFTLOCKUP [ 472.849395][ T9237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 472.849409][ T9237] Call Trace: [ 472.849418][ T9237] [ 472.849428][ T9237] dump_stack_lvl+0x189/0x250 [ 472.849463][ T9237] ? __pfx____ratelimit+0x10/0x10 [ 472.849499][ T9237] ? __pfx_dump_stack_lvl+0x10/0x10 [ 472.849529][ T9237] ? __pfx__printk+0x10/0x10 [ 472.849559][ T9237] ? __pfx___might_resched+0x10/0x10 [ 472.849582][ T9237] ? fs_reclaim_acquire+0x7d/0x100 [ 472.849608][ T9237] should_fail_ex+0x46c/0x600 [ 472.849644][ T9237] should_failslab+0xa8/0x100 [ 472.849669][ T9237] __kmalloc_noprof+0xe0/0x7e0 [ 472.849701][ T9237] ? tomoyo_encode+0x28b/0x550 [ 472.849729][ T9237] tomoyo_encode+0x28b/0x550 [ 472.849758][ T9237] tomoyo_realpath_from_path+0x58d/0x5d0 [ 472.849795][ T9237] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 472.849826][ T9237] tomoyo_path_number_perm+0x1e8/0x5a0 [ 472.849860][ T9237] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 472.849896][ T9237] ? _raw_spin_unlock_irqrestore+0x85/0x110 [ 472.849919][ T9237] ? lockdep_hardirqs_on+0x98/0x140 [ 472.849978][ T9237] ? __fget_files+0x2a/0x420 [ 472.850008][ T9237] ? __fget_files+0x3a6/0x420 [ 472.850030][ T9237] ? __fget_files+0x2a/0x420 [ 472.850059][ T9237] security_file_ioctl+0xcb/0x2d0 [ 472.850093][ T9237] __se_sys_ioctl+0x47/0x170 [ 472.850127][ T9237] do_syscall_64+0xfa/0xf80 [ 472.850149][ T9237] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.850171][ T9237] ? clear_bhb_loop+0x60/0xb0 [ 472.850199][ T9237] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 472.850220][ T9237] RIP: 0033:0x7f4082dcf749 [ 472.850241][ T9237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.850260][ T9237] RSP: 002b:00007f4081036038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 472.850285][ T9237] RAX: ffffffffffffffda RBX: 00007f4083025fa0 RCX: 00007f4082dcf749 [ 472.850307][ T9237] RDX: 0000200000000180 RSI: 0000000050009405 RDI: 0000000000000003 [ 472.850321][ T9237] RBP: 00007f4081036090 R08: 0000000000000000 R09: 0000000000000000 [ 472.850334][ T9237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 472.850347][ T9237] R13: 00007f4083026038 R14: 00007f4083025fa0 R15: 00007ffc98247a98 [ 472.850392][ T9237] [ 472.850414][ T9237] ERROR: Out of memory at tomoyo_realpath_from_path. [ 472.854835][ T5960] usb 2-1: new full-speed USB device number 38 using dummy_hcd [ 472.922255][ T805] usb 3-1: new high-speed USB device number 44 using dummy_hcd [ 473.074839][ T805] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 473.074871][ T805] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 473.080730][ T805] usb 3-1: config 0 descriptor?? [ 473.130532][ T5960] usb 2-1: not running at top speed; connect to a high speed hub [ 473.184839][ T5960] usb 2-1: config 4 has an invalid interface number: 39 but max is 3 [ 473.184871][ T5960] usb 2-1: config 4 has an invalid interface number: 212 but max is 3 [ 473.184892][ T5960] usb 2-1: config 4 has an invalid interface number: 10 but max is 3 [ 473.184914][ T5960] usb 2-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 473.184936][ T5960] usb 2-1: config 4 has no interface number 0 [ 473.184953][ T5960] usb 2-1: config 4 has no interface number 1 [ 473.184969][ T5960] usb 2-1: config 4 has no interface number 2 [ 473.185066][ T5960] usb 2-1: config 4 interface 212 altsetting 90 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 473.185114][ T5960] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 473.185142][ T5960] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 473.185164][ T5960] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 473.185180][ T5960] usb 2-1: config 4 interface 10 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 473.185196][ T5960] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 473.185234][ T5960] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 473.185259][ T5960] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 473.185304][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 473.185329][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xA, skipping [ 473.185352][ T5960] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x6 has invalid maxpacket 520, setting to 64 [ 473.185377][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 473.185400][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 473.185423][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x8, skipping [ 473.185447][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 473.185469][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 473.185492][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x9, skipping [ 473.185511][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 473.185525][ T5960] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 473.185537][ T5960] usb 2-1: config 4 interface 39 has no altsetting 0 [ 473.185553][ T5960] usb 2-1: config 4 interface 212 has no altsetting 0 [ 473.185570][ T5960] usb 2-1: config 4 interface 10 has no altsetting 0 [ 473.185588][ T5960] usb 2-1: config 4 interface 3 has no altsetting 0 [ 473.188941][ T5960] usb 2-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice=49.60 [ 473.188973][ T5960] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 473.188995][ T5960] usb 2-1: Product: syz [ 473.189010][ T5960] usb 2-1: Manufacturer: syz [ 473.189026][ T5960] usb 2-1: SerialNumber: syz [ 473.825961][ T805] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor [ 474.314458][ T9247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 474.315312][ T9247] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 474.349418][ T805] [drm:udl_init] *ERROR* Selecting channel failed [ 474.416063][ T805] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2 [ 474.416092][ T805] [drm] Initialized udl on minor 2 [ 474.435974][ T805] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 474.459609][ T805] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 474.461029][ T43] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 474.461313][ T43] udl 3-1:0.0: [drm] Cannot find any crtc or sizes [ 474.487387][ T805] usb 3-1: USB disconnect, device number 44 [ 474.595727][ T9249] netlink: 4096 bytes leftover after parsing attributes in process `syz.3.1000'. [ 475.622418][ T5887] usb 3-1: new high-speed USB device number 45 using dummy_hcd [ 475.801465][ T5887] usb 3-1: config index 0 descriptor too short (expected 23569, got 27) [ 475.801501][ T5887] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 475.801962][ T5887] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 475.837107][ T5887] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 475.837141][ T5887] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 475.837163][ T5887] usb 3-1: Manufacturer: syz [ 475.877009][ T5887] usb 3-1: config 0 descriptor?? [ 475.933486][ T5887] igorplugusb 3-1:0.0: incorrect number of endpoints [ 476.084516][ T5960] usb 2-1: USB disconnect, device number 38 [ 476.679536][ T9281] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1011'. [ 476.682938][ T9281] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1011'. [ 478.594869][ T9282] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check. [ 479.783102][ T5945] usb 2-1: new full-speed USB device number 39 using dummy_hcd [ 479.789256][ T5895] usb 3-1: USB disconnect, device number 45 [ 479.953544][ T5945] usb 2-1: not running at top speed; connect to a high speed hub [ 479.961971][ T5945] usb 2-1: config 4 has an invalid interface number: 39 but max is 3 [ 479.962005][ T5945] usb 2-1: config 4 has an invalid interface number: 212 but max is 3 [ 479.962027][ T5945] usb 2-1: config 4 has an invalid interface number: 10 but max is 3 [ 479.962047][ T5945] usb 2-1: config 4 contains an unexpected descriptor of type 0x1, skipping [ 479.963019][ T5945] usb 2-1: config 4 has no interface number 0 [ 479.963038][ T5945] usb 2-1: config 4 has no interface number 1 [ 479.963053][ T5945] usb 2-1: config 4 has no interface number 2 [ 479.963176][ T5945] usb 2-1: config 4 interface 212 altsetting 90 endpoint 0xB has invalid maxpacket 1023, setting to 64 [ 479.963223][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x7 has invalid maxpacket 512, setting to 64 [ 479.963249][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 479.963274][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0xA has invalid maxpacket 1023, setting to 64 [ 479.963298][ T5945] usb 2-1: config 4 interface 10 altsetting 6 has an invalid descriptor for endpoint zero, skipping [ 479.963321][ T5945] usb 2-1: config 4 interface 10 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64 [ 479.963346][ T5945] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0xA, skipping [ 479.963368][ T5945] usb 2-1: config 4 interface 10 altsetting 6 has a duplicate endpoint with address 0x8, skipping [ 479.963421][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 479.963443][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xA, skipping [ 479.963464][ T5945] usb 2-1: config 4 interface 3 altsetting 4 endpoint 0x6 has invalid maxpacket 520, setting to 64 [ 479.963488][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has an invalid descriptor for endpoint zero, skipping [ 479.963510][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 479.963531][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x8, skipping [ 479.963553][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xD, skipping [ 479.963574][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 479.963596][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x9, skipping [ 479.963618][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0xB, skipping [ 479.963640][ T5945] usb 2-1: config 4 interface 3 altsetting 4 has a duplicate endpoint with address 0x1, skipping [ 479.963661][ T5945] usb 2-1: config 4 interface 39 has no altsetting 0 [ 479.963679][ T5945] usb 2-1: config 4 interface 212 has no altsetting 0 [ 479.963696][ T5945] usb 2-1: config 4 interface 10 has no altsetting 0 [ 479.963714][ T5945] usb 2-1: config 4 interface 3 has no altsetting 0 [ 479.984824][ T5945] usb 2-1: New USB device found, idVendor=093a, idProduct=2626, bcdDevice=49.60 [ 479.984854][ T5945] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 479.984874][ T5945] usb 2-1: Product: syz [ 479.984889][ T5945] usb 2-1: Manufacturer: syz [ 479.984903][ T5945] usb 2-1: SerialNumber: syz [ 481.473182][ T5960] usb 3-1: new high-speed USB device number 46 using dummy_hcd [ 481.632247][ T5960] usb 3-1: Using ep0 maxpacket: 32 [ 481.662407][ T5960] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD8, changing to 0x88 [ 481.662518][ T5960] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7 [ 481.665752][ T5960] usb 3-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11 [ 481.665786][ T5960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 481.665809][ T5960] usb 3-1: Product: syz [ 481.665825][ T5960] usb 3-1: Manufacturer: syz [ 481.665841][ T5960] usb 3-1: SerialNumber: syz [ 481.742221][ T5960] usb 3-1: config 0 descriptor?? [ 481.801080][ T5960] usb 3-1: no audio or video endpoints found [ 482.030586][ T5960] usb 3-1: USB disconnect, device number 46 [ 482.067910][ T9360] FAULT_INJECTION: forcing a failure. [ 482.067910][ T9360] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 482.067951][ T9360] CPU: 1 UID: 0 PID: 9360 Comm: syz.4.1039 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 482.067987][ T9360] Tainted: [L]=SOFTLOCKUP [ 482.067996][ T9360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 482.068008][ T9360] Call Trace: [ 482.068017][ T9360] [ 482.068025][ T9360] dump_stack_lvl+0x189/0x250 [ 482.068058][ T9360] ? __pfx____ratelimit+0x10/0x10 [ 482.068091][ T9360] ? __pfx_dump_stack_lvl+0x10/0x10 [ 482.068126][ T9360] ? __pfx__printk+0x10/0x10 [ 482.068149][ T9360] ? __might_fault+0xb0/0x130 [ 482.068191][ T9360] should_fail_ex+0x46c/0x600 [ 482.068226][ T9360] _copy_from_iter+0x1cd/0x1630 [ 482.068262][ T9360] ? __build_skb_around+0x22d/0x3c0 [ 482.068292][ T9360] ? __pfx__copy_from_iter+0x10/0x10 [ 482.068320][ T9360] ? __alloc_skb+0x2f1/0x430 [ 482.068346][ T9360] ? __pfx___alloc_skb+0x10/0x10 [ 482.068372][ T9360] ? netlink_sendmsg+0x642/0xb30 [ 482.068399][ T9360] ? skb_put+0x11b/0x210 [ 482.068429][ T9360] netlink_sendmsg+0x6b2/0xb30 [ 482.068467][ T9360] ? __pfx_netlink_sendmsg+0x10/0x10 [ 482.068505][ T9360] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 482.068532][ T9360] ? __pfx_netlink_sendmsg+0x10/0x10 [ 482.068562][ T9360] __sock_sendmsg+0x21c/0x270 [ 482.068597][ T9360] ____sys_sendmsg+0x508/0x810 [ 482.068628][ T9360] ? __pfx_____sys_sendmsg+0x10/0x10 [ 482.068664][ T9360] ? import_iovec+0x74/0xa0 [ 482.068688][ T9360] ___sys_sendmsg+0x21f/0x2a0 [ 482.068717][ T9360] ? __pfx____sys_sendmsg+0x10/0x10 [ 482.068786][ T9360] ? __fget_files+0x2a/0x420 [ 482.068806][ T9360] ? __fget_files+0x3a6/0x420 [ 482.068840][ T9360] __x64_sys_sendmsg+0x1a1/0x260 [ 482.068871][ T9360] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 482.068910][ T9360] ? __pfx_ksys_write+0x10/0x10 [ 482.068946][ T9360] ? do_syscall_64+0xbe/0xf80 [ 482.068971][ T9360] do_syscall_64+0xfa/0xf80 [ 482.068992][ T9360] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.069014][ T9360] ? clear_bhb_loop+0x60/0xb0 [ 482.069040][ T9360] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.069061][ T9360] RIP: 0033:0x7f4082dcf749 [ 482.069081][ T9360] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.069101][ T9360] RSP: 002b:00007f4081036038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 482.069134][ T9360] RAX: ffffffffffffffda RBX: 00007f4083025fa0 RCX: 00007f4082dcf749 [ 482.069150][ T9360] RDX: 0000000000044080 RSI: 0000200000000240 RDI: 0000000000000003 [ 482.069164][ T9360] RBP: 00007f4081036090 R08: 0000000000000000 R09: 0000000000000000 [ 482.069179][ T9360] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 482.069192][ T9360] R13: 00007f4083026038 R14: 00007f4083025fa0 R15: 00007ffc98247a98 [ 482.069227][ T9360] [ 482.401911][ T9361] FAULT_INJECTION: forcing a failure. [ 482.401911][ T9361] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 482.401961][ T9361] CPU: 0 UID: 0 PID: 9361 Comm: syz.0.1038 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 482.401987][ T9361] Tainted: [L]=SOFTLOCKUP [ 482.401993][ T9361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 482.402001][ T9361] Call Trace: [ 482.402006][ T9361] [ 482.402010][ T9361] dump_stack_lvl+0x189/0x250 [ 482.402028][ T9361] ? __pfx____ratelimit+0x10/0x10 [ 482.402045][ T9361] ? __pfx_dump_stack_lvl+0x10/0x10 [ 482.402058][ T9361] ? __pfx__printk+0x10/0x10 [ 482.402069][ T9361] ? fs_reclaim_acquire+0x7d/0x100 [ 482.402082][ T9361] should_fail_ex+0x46c/0x600 [ 482.402098][ T9361] prepare_alloc_pages+0x22b/0x6c0 [ 482.402112][ T9361] __alloc_frozen_pages_noprof+0x123/0x370 [ 482.402127][ T9361] ? __pfx___alloc_frozen_pages_noprof+0x10/0x10 [ 482.402136][ T9361] ? css_rstat_updated+0x239/0x520 [ 482.402152][ T9361] ? policy_nodemask+0x27c/0x720 [ 482.402164][ T9361] alloc_pages_mpol+0xd1/0x380 [ 482.402176][ T9361] vma_alloc_folio_noprof+0xe4/0x280 [ 482.402187][ T9361] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 482.402199][ T9361] ? ___pte_offset_map+0x29/0x200 [ 482.402213][ T9361] folio_prealloc+0x30/0x180 [ 482.402224][ T9361] do_pte_missing+0x86a/0x27a0 [ 482.402238][ T9361] ? handle_mm_fault+0xd1/0x1330 [ 482.402254][ T9361] ? handle_mm_fault+0xd1/0x1330 [ 482.402266][ T9361] handle_mm_fault+0xcc1/0x1330 [ 482.402283][ T9361] ? handle_mm_fault+0xd1/0x1330 [ 482.402297][ T9361] ? __pfx_handle_mm_fault+0x10/0x10 [ 482.402321][ T9361] ? lock_mm_and_find_vma+0x9c/0x300 [ 482.402332][ T9361] do_user_addr_fault+0x764/0x1380 [ 482.402352][ T9361] exc_page_fault+0x82/0x100 [ 482.402370][ T9361] asm_exc_page_fault+0x26/0x30 [ 482.402380][ T9361] RIP: 0010:rep_movs_alternative+0x33/0x90 [ 482.402393][ T9361] Code: 73 25 85 c9 74 0f 8a 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 <48> 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb [ 482.402402][ T9361] RSP: 0018:ffffc9000c48fd08 EFLAGS: 00050212 [ 482.402416][ T9361] RAX: 0000000000000000 RBX: 0000000000000010 RCX: 0000000000000010 [ 482.402426][ T9361] RDX: 0000000000000000 RSI: ffffc9000c48fd80 RDI: 0000200000009280 [ 482.402437][ T9361] RBP: ffffc9000c48fdf0 R08: ffffc9000c48fd8f R09: 1ffff92001891fb1 [ 482.402449][ T9361] R10: dffffc0000000000 R11: fffff52001891fb2 R12: 0000200000009290 [ 482.402460][ T9361] R13: 00007ffffffff000 R14: ffffc9000c48fd80 R15: 0000200000009280 [ 482.402488][ T9361] _copy_to_user+0x8a/0xb0 [ 482.402507][ T9361] put_itimerspec64+0xd5/0x1d0 [ 482.402532][ T9361] ? __pfx_put_itimerspec64+0x10/0x10 [ 482.402553][ T9361] ? __rcu_read_unlock+0x84/0xe0 [ 482.402567][ T9361] ? rt_spin_unlock+0x161/0x200 [ 482.402582][ T9361] __se_sys_timer_gettime+0x126/0x1b0 [ 482.402603][ T9361] ? __pfx___se_sys_timer_gettime+0x10/0x10 [ 482.402625][ T9361] ? do_syscall_64+0xbe/0xf80 [ 482.402640][ T9361] do_syscall_64+0xfa/0xf80 [ 482.402653][ T9361] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.402665][ T9361] ? clear_bhb_loop+0x60/0xb0 [ 482.402681][ T9361] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.402693][ T9361] RIP: 0033:0x7fdc38fbf749 [ 482.402704][ T9361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.402715][ T9361] RSP: 002b:00007fdc3721e038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e0 [ 482.402728][ T9361] RAX: ffffffffffffffda RBX: 00007fdc39215fa0 RCX: 00007fdc38fbf749 [ 482.402737][ T9361] RDX: 0000000000000000 RSI: 0000200000009280 RDI: 0000000000000000 [ 482.402745][ T9361] RBP: 00007fdc3721e090 R08: 0000000000000000 R09: 0000000000000000 [ 482.402752][ T9361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 482.402760][ T9361] R13: 00007fdc39216038 R14: 00007fdc39215fa0 R15: 00007fff6153f9f8 [ 482.402780][ T9361] [ 482.892360][ T5811] Bluetooth: hci0: command 0x0406 tx timeout [ 482.892551][ T9350] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 483.199435][ T5945] usb 2-1: USB disconnect, device number 39 [ 483.306719][ T9371] input: syz1 as /devices/virtual/input/input42 [ 484.055937][ T9389] FAULT_INJECTION: forcing a failure. [ 484.055937][ T9389] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 484.056012][ T9389] CPU: 1 UID: 0 PID: 9389 Comm: syz.2.1048 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 484.056044][ T9389] Tainted: [L]=SOFTLOCKUP [ 484.056052][ T9389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 484.056066][ T9389] Call Trace: [ 484.056078][ T9389] [ 484.056088][ T9389] dump_stack_lvl+0x189/0x250 [ 484.056126][ T9389] ? __pfx____ratelimit+0x10/0x10 [ 484.056162][ T9389] ? __pfx_dump_stack_lvl+0x10/0x10 [ 484.056190][ T9389] ? __pfx__printk+0x10/0x10 [ 484.056231][ T9389] should_fail_ex+0x46c/0x600 [ 484.056269][ T9389] _copy_to_user+0x31/0xb0 [ 484.056294][ T9389] simple_read_from_buffer+0xe1/0x170 [ 484.056324][ T9389] proc_fail_nth_read+0x1b6/0x220 [ 484.056362][ T9389] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 484.056398][ T9389] ? rw_verify_area+0x2ac/0x4e0 [ 484.056437][ T9389] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 484.056471][ T9389] vfs_read+0x206/0xa30 [ 484.056498][ T9389] ? preempt_schedule_thunk+0x16/0x30 [ 484.056533][ T9389] ? __pfx_vfs_read+0x10/0x10 [ 484.056559][ T9389] ? try_to_take_rt_mutex+0x7fd/0xac0 [ 484.056601][ T9389] ? mutex_lock_nested+0x154/0x1d0 [ 484.056629][ T9389] ? fdget_pos+0x253/0x320 [ 484.056664][ T9389] ksys_read+0x14b/0x260 [ 484.056698][ T9389] ? __pfx_ksys_read+0x10/0x10 [ 484.056742][ T9389] do_syscall_64+0xfa/0xf80 [ 484.056765][ T9389] ? rcu_is_watching+0x15/0xb0 [ 484.056786][ T9389] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.056807][ T9389] ? clear_bhb_loop+0x60/0xb0 [ 484.056835][ T9389] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 484.056858][ T9389] RIP: 0033:0x7f5438fae15c [ 484.056878][ T9389] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 484.056898][ T9389] RSP: 002b:00007f54371d4030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 484.056922][ T9389] RAX: ffffffffffffffda RBX: 00007f5439206180 RCX: 00007f5438fae15c [ 484.056939][ T9389] RDX: 000000000000000f RSI: 00007f54371d40a0 RDI: 000000000000000b [ 484.056952][ T9389] RBP: 00007f54371d4090 R08: 0000000000000000 R09: 0000000000000000 [ 484.056965][ T9389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 484.056978][ T9389] R13: 00007f5439206218 R14: 00007f5439206180 R15: 00007ffcf630dad8 [ 484.057016][ T9389] [ 484.573360][ T5811] Bluetooth: hci4: command 0x0406 tx timeout [ 487.472252][ T6153] usb 1-1: new high-speed USB device number 42 using dummy_hcd [ 487.622264][ T6153] usb 1-1: Using ep0 maxpacket: 32 [ 487.624671][ T6153] usb 1-1: config 0 has an invalid interface number: 1 but max is 0 [ 487.624702][ T6153] usb 1-1: config 0 has no interface number 0 [ 487.624757][ T6153] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 487.624786][ T6153] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 487.624830][ T6153] usb 1-1: New USB device found, idVendor=28bd, idProduct=0094, bcdDevice= 0.00 [ 487.624855][ T6153] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 487.640571][ T6153] usb 1-1: config 0 descriptor?? [ 488.342439][ T6153] uclogic 0003:28BD:0094.0004: pen parameters not found [ 488.342470][ T6153] uclogic 0003:28BD:0094.0004: interface is invalid, ignoring [ 488.372302][ T6903] usb 2-1: new high-speed USB device number 40 using dummy_hcd [ 488.522184][ T6903] usb 2-1: Using ep0 maxpacket: 16 [ 488.526082][ T6903] usb 2-1: unable to get BOS descriptor or descriptor too short [ 488.527550][ T6903] usb 2-1: config 13 has an invalid interface number: 50 but max is 0 [ 488.527578][ T6903] usb 2-1: config 13 has no interface number 0 [ 488.527656][ T6903] usb 2-1: config 13 interface 50 altsetting 167 bulk endpoint 0x8 has invalid maxpacket 16 [ 488.527686][ T6903] usb 2-1: config 13 interface 50 has no altsetting 0 [ 488.530644][ T6903] usb 2-1: New USB device found, idVendor=1aca, idProduct=b28e, bcdDevice=92.32 [ 488.530673][ T6903] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 488.530695][ T6903] usb 2-1: Product: syz [ 488.530710][ T6903] usb 2-1: Manufacturer: syz [ 488.530725][ T6903] usb 2-1: SerialNumber: syz [ 488.605076][ T6153] usb 1-1: USB disconnect, device number 42 [ 488.644142][ T9447] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 488.891224][ T6903] usb 2-1: Quirk or no altset; falling back to MIDI 1.0 [ 488.891306][ T6903] usb 2-1: MIDIStreaming interface descriptor not found [ 489.017892][ T6903] usb 2-1: USB disconnect, device number 40 [ 490.284208][ T9483] vlan2: entered promiscuous mode [ 490.284234][ T9483] bridge0: entered promiscuous mode [ 490.807047][ T9500] program syz.3.1099 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 492.582555][ T9535] wg2 speed is unknown, defaulting to 1000 [ 492.636545][ T9535] wg2 speed is unknown, defaulting to 1000 [ 492.715455][ T9535] wg2 speed is unknown, defaulting to 1000 [ 493.352454][ T5985] usb 3-1: new high-speed USB device number 47 using dummy_hcd [ 493.431624][ T9535] infiniband syz2: set active [ 493.431649][ T9535] infiniband syz2: added wg2 [ 493.456237][ T43] wg2 speed is unknown, defaulting to 1000 [ 493.531014][ T9535] RDS/IB: syz2: added [ 493.531915][ T9535] smc: adding ib device syz2 with port count 1 [ 493.532585][ T9535] smc: ib device syz2 port 1 has no pnetid [ 493.546457][ T9535] wg2 speed is unknown, defaulting to 1000 [ 493.570527][ T9] wg2 speed is unknown, defaulting to 1000 [ 493.648374][ T5985] usb 3-1: Using ep0 maxpacket: 8 [ 493.652440][ T5985] usb 3-1: unable to get BOS descriptor or descriptor too short [ 493.654065][ T5985] usb 3-1: config 0 has an invalid interface number: 88 but max is 0 [ 493.654102][ T5985] usb 3-1: config 0 has no interface number 0 [ 493.654159][ T5985] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7 [ 493.654188][ T5985] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0 [ 493.654215][ T5985] usb 3-1: config 0 interface 88 has no altsetting 0 [ 493.659045][ T5985] usb 3-1: string descriptor 0 read error: -22 [ 493.659235][ T5985] usb 3-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31 [ 493.659261][ T5985] usb 3-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3 [ 493.841855][ T9540] ------------[ cut here ]------------ [ 493.841876][ T9540] WARNING: fs/exec.c:119 at path_noexec+0x1af/0x200, CPU#0: syz.3.1115/9540 [ 493.841927][ T9540] Modules linked in: [ 493.841953][ T9540] CPU: 0 UID: 0 PID: 9540 Comm: syz.3.1115 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 493.841986][ T9540] Tainted: [L]=SOFTLOCKUP [ 493.841994][ T9540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 493.842008][ T9540] RIP: 0010:path_noexec+0x1af/0x200 [ 493.842039][ T9540] Code: 02 31 ff 48 89 de e8 30 43 8f ff d1 eb eb 07 e8 c7 3d 8f ff b3 01 89 d8 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 b2 3d 8f ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 493.842124][ T9540] RSP: 0018:ffffc900059d7bf8 EFLAGS: 00010283 [ 493.842148][ T9540] RAX: ffffffff8231262e RBX: ffff8880279352c0 RCX: 0000000000080000 [ 493.842166][ T9540] RDX: ffffc9000d67c000 RSI: 000000000000005d RDI: 000000000000005e [ 493.842181][ T9540] RBP: 0000000000080000 R08: 0000000000000000 R09: 0000000000000000 [ 493.842197][ T9540] R10: 0000000000000100 R11: 0000000000000003 R12: 0000000000000011 [ 493.842212][ T9540] R13: 1ffff92000b3af90 R14: 0000000000000000 R15: dffffc0000000000 [ 493.842229][ T9540] FS: 00007f37375d66c0(0000) GS:ffff888126d01000(0000) knlGS:0000000000000000 [ 493.842250][ T9540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 493.842267][ T9540] CR2: 000000110c2e6a9c CR3: 000000003cf42000 CR4: 00000000003526f0 [ 493.842288][ T9540] Call Trace: [ 493.842298][ T9540] [ 493.842311][ T9540] do_mmap+0xa20/0x10c0 [ 493.842356][ T9540] ? __pfx_do_mmap+0x10/0x10 [ 493.842386][ T9540] ? rwbase_write_lock+0x56f/0x750 [ 493.842431][ T9540] vm_mmap_pgoff+0x2a9/0x4d0 [ 493.842473][ T9540] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 493.842501][ T9540] ? __fget_files+0x2a/0x420 [ 493.842541][ T9540] ? __fget_files+0x3a6/0x420 [ 493.842565][ T9540] ? __fget_files+0x2a/0x420 [ 493.842595][ T9540] ksys_mmap_pgoff+0x4e9/0x720 [ 493.842629][ T9540] ? __x64_sys_mmap+0x7f/0x140 [ 493.842662][ T9540] do_syscall_64+0xfa/0xf80 [ 493.842687][ T9540] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.842710][ T9540] ? clear_bhb_loop+0x60/0xb0 [ 493.842739][ T9540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.842761][ T9540] RIP: 0033:0x7f373936f749 [ 493.842783][ T9540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.842803][ T9540] RSP: 002b:00007f37375d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 493.842825][ T9540] RAX: ffffffffffffffda RBX: 00007f37395c5fa0 RCX: 00007f373936f749 [ 493.842842][ T9540] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000 [ 493.842858][ T9540] RBP: 00007f37393f3f91 R08: 0000000000000006 R09: 0000000000000000 [ 493.842873][ T9540] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 493.842887][ T9540] R13: 00007f37395c6038 R14: 00007f37395c5fa0 R15: 00007ffdc510d6a8 [ 493.842925][ T9540] [ 493.842937][ T9540] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 493.842957][ T9540] CPU: 0 UID: 0 PID: 9540 Comm: syz.3.1115 Tainted: G L syzkaller #0 PREEMPT_{RT,(full)} [ 493.842988][ T9540] Tainted: [L]=SOFTLOCKUP [ 493.842997][ T9540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025 [ 493.843010][ T9540] Call Trace: [ 493.843020][ T9540] [ 493.843029][ T9540] dump_stack_lvl+0x99/0x250 [ 493.843061][ T9540] ? __asan_memcpy+0x40/0x70 [ 493.843100][ T9540] ? __pfx_dump_stack_lvl+0x10/0x10 [ 493.843131][ T9540] ? __pfx__printk+0x10/0x10 [ 493.843171][ T9540] vpanic+0x237/0x6d0 [ 493.843203][ T9540] ? __pfx_vpanic+0x10/0x10 [ 493.843232][ T9540] ? is_bpf_text_address+0x292/0x2b0 [ 493.843263][ T9540] ? is_bpf_text_address+0x26/0x2b0 [ 493.843303][ T9540] panic+0xb9/0xc0 [ 493.843334][ T9540] ? __pfx_panic+0x10/0x10 [ 493.843385][ T9540] __warn+0x317/0x4b0 [ 493.843415][ T9540] ? path_noexec+0x1af/0x200 [ 493.843447][ T9540] ? path_noexec+0x1af/0x200 [ 493.843474][ T9540] __report_bug+0x288/0x500 [ 493.843511][ T9540] ? path_noexec+0x1af/0x200 [ 493.843546][ T9540] ? __pfx___report_bug+0x10/0x10 [ 493.843582][ T9540] ? __lock_acquire+0x6b6/0x2cf0 [ 493.843623][ T9540] ? arch_get_unmapped_area_topdown+0x251/0xbd0 [ 493.843651][ T9540] ? __lock_acquire+0x6b6/0x2cf0 [ 493.843683][ T9540] ? path_noexec+0x1af/0x200 [ 493.843711][ T9540] report_bug+0x16a/0x220 [ 493.843747][ T9540] ? path_noexec+0x1af/0x200 [ 493.843772][ T9540] ? path_noexec+0x1b1/0x200 [ 493.843800][ T9540] handle_bug+0x98/0x200 [ 493.843829][ T9540] exc_invalid_op+0x1a/0x50 [ 493.843856][ T9540] asm_exc_invalid_op+0x1a/0x20 [ 493.843877][ T9540] RIP: 0010:path_noexec+0x1af/0x200 [ 493.843905][ T9540] Code: 02 31 ff 48 89 de e8 30 43 8f ff d1 eb eb 07 e8 c7 3d 8f ff b3 01 89 d8 5b 41 5e 41 5f 5d c3 cc cc cc cc cc e8 b2 3d 8f ff 90 <0f> 0b 90 e9 48 ff ff ff 44 89 f1 80 e1 07 80 c1 03 38 c1 0f 8c a6 [ 493.843925][ T9540] RSP: 0018:ffffc900059d7bf8 EFLAGS: 00010283 [ 493.843944][ T9540] RAX: ffffffff8231262e RBX: ffff8880279352c0 RCX: 0000000000080000 [ 493.843961][ T9540] RDX: ffffc9000d67c000 RSI: 000000000000005d RDI: 000000000000005e [ 493.843976][ T9540] RBP: 0000000000080000 R08: 0000000000000000 R09: 0000000000000000 [ 493.843991][ T9540] R10: 0000000000000100 R11: 0000000000000003 R12: 0000000000000011 [ 493.844005][ T9540] R13: 1ffff92000b3af90 R14: 0000000000000000 R15: dffffc0000000000 [ 493.844031][ T9540] ? path_noexec+0x1ae/0x200 [ 493.844067][ T9540] ? path_noexec+0x1ae/0x200 [ 493.844104][ T9540] do_mmap+0xa20/0x10c0 [ 493.844146][ T9540] ? __pfx_do_mmap+0x10/0x10 [ 493.844175][ T9540] ? rwbase_write_lock+0x56f/0x750 [ 493.844217][ T9540] vm_mmap_pgoff+0x2a9/0x4d0 [ 493.844256][ T9540] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 493.844285][ T9540] ? __fget_files+0x2a/0x420 [ 493.844314][ T9540] ? __fget_files+0x3a6/0x420 [ 493.844336][ T9540] ? __fget_files+0x2a/0x420 [ 493.844365][ T9540] ksys_mmap_pgoff+0x4e9/0x720 [ 493.844399][ T9540] ? __x64_sys_mmap+0x7f/0x140 [ 493.844429][ T9540] do_syscall_64+0xfa/0xf80 [ 493.844453][ T9540] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.844477][ T9540] ? clear_bhb_loop+0x60/0xb0 [ 493.844505][ T9540] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 493.844528][ T9540] RIP: 0033:0x7f373936f749 [ 493.844546][ T9540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 493.844565][ T9540] RSP: 002b:00007f37375d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 493.844587][ T9540] RAX: ffffffffffffffda RBX: 00007f37395c5fa0 RCX: 00007f373936f749 [ 493.844604][ T9540] RDX: 0000000003000007 RSI: 0000000000003000 RDI: 0000200000000000 [ 493.844618][ T9540] RBP: 00007f37393f3f91 R08: 0000000000000006 R09: 0000000000000000 [ 493.844633][ T9540] R10: 0000000000000011 R11: 0000000000000246 R12: 0000000000000000 [ 493.844647][ T9540] R13: 00007f37395c6038 R14: 00007f37395c5fa0 R15: 00007ffdc510d6a8 [ 493.844685][ T9540] [ 493.844844][ T9540] Kernel Offset: disabled