last executing test programs: 4.143830098s ago: executing program 0 (id=798): sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="5c00000014006b05c84e21000ab16d6e23", 0x11}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) r0 = socket$inet(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00'}) 3.941037448s ago: executing program 0 (id=800): sendmsg$inet(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r3) socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) listen(r3, 0x9) r4 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10) sendmmsg(r4, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000ac0)='<', 0x1}], 0x1}}], 0x1, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac14017b080006000a00"], 0x30}}, 0x10) 2.999211552s ago: executing program 1 (id=808): syz_clone3(&(0x7f0000000080)={0x100801000, &(0x7f0000000180), 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x0, 0x0, 0xd000}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"]) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 2.649767485s ago: executing program 1 (id=810): openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000020c0), 0x2, 0x0) landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0) pipe(&(0x7f0000000600)) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local}) write$tun(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="000086dd0500560008005400f5ff60ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef) 2.521386426s ago: executing program 0 (id=811): socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$sock_ifreq(r0, 0x8993, &(0x7f0000000200)={'bond0\x00', @ifru_data=&(0x7f0000000180)="43aa2c855aa5a07977d262767dd476971b98d3255539a80a79cbfce87eea47e5"}) creat(&(0x7f0000001380)='./file0\x00', 0x4) socket$can_j1939(0x1d, 0x2, 0x7) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f00000005c0)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x25}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0xc8}}, &(0x7f00000001c0)={0x0, 0x48, 0x50}}, 0x1000}], 0x0, 0x0, 0x0}) mount(&(0x7f0000000080)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='afs\x00', 0x400, 0x0) 2.377918624s ago: executing program 1 (id=812): socket$netlink(0x10, 0x3, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x60, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000fedbcb25fc00000000000000000000000000004000000000000000000000ffff7f", @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0) sendmsg$nl_xfrm(r1, 0x0, 0x4000) mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='vxfs\x00', 0x200000, 0x0) 2.377249681s ago: executing program 0 (id=813): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x5, 0x0, {0x14, 0x4, 0x2, 0x1f, 0x0, 0x68, 0x53ca, 0x3, 0x6, 0x2006, @broadcast, @broadcast, {[@cipso={0x86, 0x33, 0x3, [{0x5, 0xc, "fac03c8b8493f23873f7"}, {0x5, 0xb, "67f54951950fc96486"}, {0x2, 0x2}, {0x5, 0x7, "a482ba0678"}, {0x5, 0x9, "1d5bc15d445fd7"}, {0x2, 0x4, 't<'}]}, @ssrr={0x89, 0x7, 0x56, [@initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}, 0x7a) 2.112375198s ago: executing program 1 (id=817): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000001b0001c0"]) syz_open_procfs(0xffffffffffffffff, &(0x7f0000001200)='io\x00') io_setup(0x19, &(0x7f00000009c0)) clock_adjtime(0xa00, &(0x7f0000000780)={0xe627, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffffffffffc, 0xcb, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8000, 0x2, 0x5}) socket$vsock_stream(0x28, 0x1, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r5, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r6, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'}) syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x1c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1100}, 0x0) 2.056395418s ago: executing program 0 (id=818): syz_clone3(&(0x7f0000000080)={0x100801000, &(0x7f0000000180), 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x0, 0x0, 0xd000}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"]) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.996060522s ago: executing program 3 (id=819): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r0) pipe2$9p(&(0x7f00000001c0), 0x0) sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1709000000000000000001000000050007000000000008000900fffffffe060002000000000008000a000100000008001800ac1414aa08001900e000000214001b0017"], 0x58}}, 0x0) 1.836147049s ago: executing program 3 (id=821): r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0xad1d, 0x101301) ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect) 1.69123039s ago: executing program 1 (id=823): mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, 0x0) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x50) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, r2, 0x0, 0x440}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) r3 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0) ioctl$TIOCVHANGUP(r3, 0x5437, 0x0) 1.689749773s ago: executing program 3 (id=824): r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x40) fcntl$notify(r0, 0x402, 0x8000003d) (async) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) (async) syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2) (async) r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000) (async) mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async, rerun: 32) mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) (rerun: 32) mlock2(&(0x7f00002e5000/0xc00000)=nil, 0xc00000, 0x0) 1.662483235s ago: executing program 0 (id=825): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0) r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0) ioctl$HIDIOCSREPORT(r1, 0x81044804, &(0x7f0000000400)={0x1}) 1.284369002s ago: executing program 2 (id=827): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x58, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x5, 0x0, {0xf, 0x4, 0x2, 0x1f, 0x0, 0x68, 0x53ca, 0x3, 0x6, 0x2006, @broadcast, @broadcast, {[@cipso={0x86, 0x28, 0x3, [{0x5, 0xc, "fac03c8b8493f23873f7"}, {0x5, 0xb, "67f54951950fc96486"}, {0x2, 0x2}, {0x6, 0x3, '~'}, {0x5, 0x6, "a482ba06"}]}]}}}}}, 0x66) 1.245210713s ago: executing program 3 (id=828): mkdir(&(0x7f00000003c0)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000004000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000002100)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x200000000, 0x20000000, 0x4, 0x6, 0x4, {0x0, 0x10001, 0x0, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x0, 0x0, 0xfffffffc, r2, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x26, 0x2d, 0xfffffffff323ca46, 0x0, 0xfffc, 0x6, 0x5d3186cf, 0x0, 0x0, 0x1, 0x10001}}, 0x50) creat(&(0x7f0000000180)='./file0/file0\x00', 0x0) syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46380e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec1567e866497bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a9031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f7500", 0x2000, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x80000001, {{0x4040001, 0x0, 0x108000005, 0x0, 0xfff, 0x1, {0x1, 0xfffffffd, 0x1137, 0xffff, 0x14000000, 0x1, 0x1ff, 0x9, 0x0, 0x2000, 0x2, 0xee00, r3, 0xfffffff9, 0x1}}, {0x0, 0xd}}}, 0x0, 0x0}) 1.156450782s ago: executing program 3 (id=829): r0 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) (fail_nth: 2) 1.058568814s ago: executing program 2 (id=830): creat(&(0x7f0000000140)='./file0\x00', 0x71) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x2, 0x0) ioctl$BINDER_CTL_ADD(r1, 0xc1086201, &(0x7f0000000f00)={'binder0\x00'}) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000600)={0x28, r2, 0x1, 0x70bd29, 0x0, {}, [@NL802154_ATTR_SEC_DEVKEY={0xc, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x400}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x50) r5 = socket(0x11, 0x800000002, 0x0) ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000540)={'wlan0\x00', {0x2, 0x0, @private=0xf30a0000}}) mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='bfs\x00', 0x208003, 0x0) 747.142627ms ago: executing program 3 (id=831): r0 = gettid() clock_nanosleep(0x2, 0x225c17d03, &(0x7f0000000140)={0x77359400}, 0x0) rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0xfffffffe, 0x0, 0xffffffff}) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) r2 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0xb8, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x78, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x6}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x7}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xf11}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x543}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x8001}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private1}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0xb8}, 0x1, 0x0, 0x0, 0x24040844}, 0x800) connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x4c, 0xc, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc000}, 0x40) 746.808286ms ago: executing program 1 (id=832): r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x8, 0x0, 0x7fc00000}]}) r1 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$FAT_IOCTL_SET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000040)=0x31) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000300)={0x0, 0x3, r0, 0xc87a, 0x80000}) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES8=0x0], 0x2d) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x0) mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x80010, r2, 0xc1e37000) 636.666913ms ago: executing program 2 (id=833): syz_clone3(&(0x7f0000000080)={0x100801000, &(0x7f0000000180), 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58) openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0) ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x0, 0x0, 0xd000}) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"]) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 483.896968ms ago: executing program 2 (id=834): r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r0, 0x2000) mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0) pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}}) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@x86={0x4, 0x56, 0x7, 0x0, 0x8001, 0x2, 0x6, 0x80, 0x5, 0x80, 0xe, 0x8, 0x0, 0xef6, 0x7fff, 0x21, 0x2, 0xe, 0xe, '\x00', 0x5}) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) 98.447971ms ago: executing program 2 (id=835): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast}) write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x5, 0x0, {0x14, 0x4, 0x2, 0x1f, 0x0, 0x68, 0x53ca, 0x3, 0x6, 0x2006, @broadcast, @broadcast, {[@cipso={0x86, 0x35, 0x3, [{0x5, 0xc, "fac03c8b8493f23873f7"}, {0x5, 0xb, "67f54951950fc96486"}, {0x2, 0x2}, {0x6, 0x2}, {0x5, 0x7, "a482ba0678"}, {0x5, 0x9, "1d5bc15d445fd7"}, {0x2, 0x4, 't<'}]}, @ssrr={0x89, 0x7, 0x56, [@initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}, 0x7a) 0s ago: executing program 2 (id=836): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x4}]}]}, 0x2c}}, 0x0) (fail_nth: 2) kernel console output (not intermixed with test programs): h 255, skipping remainder of the config [ 91.364760][ T5891] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 91.378328][ T5891] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 91.387838][ T5891] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 91.400719][ T5891] usb 1-1: config 0 descriptor?? [ 91.413735][ T5891] hub 1-1:0.0: bad descriptor, ignoring hub [ 91.419924][ T5891] hub 1-1:0.0: probe with driver hub failed with error -5 [ 91.429888][ T5891] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 91.531134][ T5948] vxfs: WRONG superblock magic 00000000 at 1 [ 91.538124][ T5948] vxfs: WRONG superblock magic 00000000 at 8 [ 91.547431][ T5948] vxfs: can't find superblock. [ 91.714547][ T5836] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:7.0/0003:0458:5010.0001/input/input5 [ 91.871173][ T5953] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11'. [ 91.894255][ T5953] Zero length message leads to an empty skb [ 91.935538][ T5836] kye 0003:0458:5010.0001: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0 [ 92.033004][ T9] cfg80211: failed to load regulatory.db [ 92.042969][ T5836] usb 4-1: USB disconnect, device number 2 [ 92.162032][ T5959] netlink: 16 bytes leftover after parsing attributes in process `syz.2.12'. [ 92.306818][ T5957] fido_id[5957]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory [ 92.351850][ T5963] capability: warning: `syz.2.14' uses deprecated v2 capabilities in a way that may be insecure [ 92.553897][ T5868] usb 1-1: USB disconnect, device number 2 [ 92.608410][ T5969] warning: `syz.2.16' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 92.693090][ T5836] usb 2-1: new high-speed USB device number 2 using dummy_hcd [ 92.863927][ T5836] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 92.874999][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.889275][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 92.902174][ T5836] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 92.932821][ T5836] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 92.943408][ T5836] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 92.951832][ T5836] usb 2-1: Manufacturer: syz [ 92.966110][ T5836] usb 2-1: config 0 descriptor?? [ 92.972390][ T5837] Bluetooth: hci0: command tx timeout [ 92.996383][ T5837] Bluetooth: hci1: command tx timeout [ 93.051808][ T5837] Bluetooth: hci3: command tx timeout [ 93.053540][ T5849] Bluetooth: hci2: command tx timeout [ 93.424025][ T5836] appleir 0003:05AC:8243.0002: unknown main item tag 0x0 [ 93.471404][ T5836] appleir 0003:05AC:8243.0002: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 syzkaller syzkaller login: [ 94.445463][ T5922] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 94.643751][ T5922] usb 1-1: Using ep0 maxpacket: 16 [ 94.656270][ T5922] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 94.674006][ T5922] usb 1-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 94.708274][ T5922] usb 1-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 94.732960][ T5922] usb 1-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 94.752786][ T5922] usb 1-1: config 7 interface 0 has no altsetting 0 [ 94.760567][ T5922] usb 1-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 94.784140][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 94.844792][ T6002] vxfs: WRONG superblock magic 00000000 at 1 [ 94.854892][ T6002] vxfs: WRONG superblock magic 00000000 at 8 [ 94.860970][ T6002] vxfs: can't find superblock. [ 95.271627][ T5882] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 95.297783][ T5922] input: HID 0458:5010 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:7.0/0003:0458:5010.0003/input/input6 [ 95.543482][ T5882] usb 3-1: Using ep0 maxpacket: 32 [ 95.549649][ T43] usb 2-1: USB disconnect, device number 2 [ 95.569640][ T5882] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 95.585890][ T5882] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 95.635044][ T5882] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 95.648205][ T5882] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.683883][ T5922] kye 0003:0458:5010.0003: input,hiddev1,hidraw1: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.0-1/input0 [ 95.774283][ T5882] usb 3-1: config 0 descriptor?? [ 95.796379][ T5882] hub 3-1:0.0: bad descriptor, ignoring hub [ 95.826426][ T5922] usb 1-1: USB disconnect, device number 3 [ 95.832431][ T5882] hub 3-1:0.0: probe with driver hub failed with error -5 [ 95.864804][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 95.884201][ T5882] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 96.096472][ T6008] fido_id[6008]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory [ 97.161878][ T9] usb 3-1: USB disconnect, device number 2 [ 97.447511][ T6026] vxfs: WRONG superblock magic 00000000 at 1 [ 97.461973][ T6026] vxfs: WRONG superblock magic 00000000 at 8 [ 97.486055][ T6026] vxfs: can't find superblock. [ 98.162825][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.171559][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 98.179775][ T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!! [ 98.265184][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 98.722492][ T5935] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 98.906431][ T5935] usb 3-1: Using ep0 maxpacket: 16 [ 98.950620][ T5935] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config [ 98.971291][ T5935] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 99.001424][ T5935] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0 [ 99.018753][ T5935] usb 3-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 99.034969][ T5935] usb 3-1: config 7 interface 0 has no altsetting 0 [ 99.042208][ T5935] usb 3-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00 [ 99.055844][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 99.142250][ T5978] Set syz1 is full, maxelem 65536 reached [ 99.341246][ T6050] vxfs: WRONG superblock magic 00000000 at 1 [ 99.349764][ T6050] vxfs: WRONG superblock magic 00000000 at 8 [ 99.357819][ T6050] vxfs: can't find superblock. [ 99.541753][ T5922] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 99.549774][ T5935] input: HID 0458:5010 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:7.0/0003:0458:5010.0004/input/input7 [ 99.681681][ T5922] usb 4-1: device descriptor read/64, error -71 [ 99.715337][ T5935] kye 0003:0458:5010.0004: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.2-1/input0 [ 99.804043][ T5935] usb 3-1: USB disconnect, device number 3 [ 99.842775][ T6060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.54'. [ 99.894300][ T6060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.54'. [ 99.954760][ T5922] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 99.957178][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 99.971138][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 100.003315][ T6059] fido_id[6059]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory [ 100.131727][ T5922] usb 4-1: device descriptor read/64, error -71 [ 100.271703][ T5922] usb usb4-port1: attempt power cycle [ 100.543717][ T6073] 9pnet_fd: Insufficient options for proto=fd [ 100.722756][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 100.731065][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 100.740431][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 100.851649][ T5922] usb 4-1: new high-speed USB device number 5 using dummy_hcd [ 100.873124][ T5922] usb 4-1: device descriptor read/8, error -71 [ 101.121793][ T5922] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 101.177465][ T5922] usb 4-1: device descriptor read/8, error -71 [ 101.265651][ T6085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.64'. [ 101.333380][ T5922] usb usb4-port1: unable to enumerate USB device [ 101.385812][ T6089] netlink: 36 bytes leftover after parsing attributes in process `syz.1.64'. [ 102.624859][ T6099] 9pnet_fd: Insufficient options for proto=fd [ 103.168257][ T6116] fuse: Bad value for 'rootmode' [ 103.901740][ T43] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 103.913173][ T6121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.77'. [ 104.041636][ T43] usb 1-1: device descriptor read/64, error -71 [ 104.052609][ T6123] netlink: 16 bytes leftover after parsing attributes in process `syz.3.77'. [ 104.665318][ T43] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 104.881603][ T43] usb 1-1: device descriptor read/64, error -71 [ 104.992219][ T43] usb usb1-port1: attempt power cycle [ 105.471690][ T43] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 105.492215][ T43] usb 1-1: device descriptor read/8, error -71 [ 105.731652][ T43] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 105.762820][ T43] usb 1-1: device descriptor read/8, error -71 [ 105.882682][ T43] usb usb1-port1: unable to enumerate USB device [ 106.321321][ T6071] Set syz1 is full, maxelem 65536 reached [ 106.344993][ T6122] Set syz1 is full, maxelem 65536 reached [ 106.769610][ T5922] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 106.933931][ T5922] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 106.955124][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 106.969611][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 106.981604][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 107.006045][ T5922] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 107.016810][ T5922] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 107.175261][ T5922] usb 3-1: Manufacturer: syz [ 107.315655][ T5922] usb 3-1: config 0 descriptor?? [ 107.740921][ T5922] appleir 0003:05AC:8243.0005: unknown main item tag 0x0 [ 107.784240][ T5922] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 107.878299][ T6150] fuse: Bad value for 'rootmode' [ 108.743364][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.3.90'. [ 108.762973][ T6160] Set syz1 is full, maxelem 65536 reached [ 108.782374][ T6160] netlink: 16 bytes leftover after parsing attributes in process `syz.3.90'. [ 109.929863][ T5836] usb 3-1: USB disconnect, device number 4 [ 110.101583][ T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 110.311628][ T9] usb 4-1: device descriptor read/64, error -71 [ 110.561661][ T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 110.720980][ T9] usb 4-1: device descriptor read/64, error -71 [ 110.842022][ T9] usb usb4-port1: attempt power cycle [ 110.907785][ T6175] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 111.256983][ T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 111.304670][ T9] usb 4-1: device descriptor read/8, error -71 [ 111.544879][ T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 111.581588][ T9] usb 4-1: device descriptor read/8, error -71 [ 111.822962][ T9] usb usb4-port1: unable to enumerate USB device [ 112.634647][ T6191] fuse: Bad value for 'rootmode' [ 114.951714][ T5882] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 115.111844][ T5882] usb 3-1: device descriptor read/64, error -71 [ 115.441723][ T5882] usb 3-1: new high-speed USB device number 6 using dummy_hcd [ 115.641624][ T5882] usb 3-1: device descriptor read/64, error -71 [ 115.789701][ T5882] usb usb3-port1: attempt power cycle [ 116.138565][ T6162] Set syz1 is full, maxelem 65536 reached [ 116.165160][ T5882] usb 3-1: new high-speed USB device number 7 using dummy_hcd [ 116.222096][ T5882] usb 3-1: device descriptor read/8, error -71 [ 116.320613][ T6224] fuse: Unknown parameter 'use00000000000000000000' [ 116.533954][ T5882] usb 3-1: new high-speed USB device number 8 using dummy_hcd [ 116.592350][ T5882] usb 3-1: device descriptor read/8, error -71 [ 116.745593][ T5882] usb usb3-port1: unable to enumerate USB device [ 117.485560][ T6240] vxfs: WRONG superblock magic 00000000 at 1 [ 117.504409][ T6240] vxfs: WRONG superblock magic 00000000 at 8 [ 117.517486][ T6240] vxfs: can't find superblock. syzkaller syzkaller login: [ 118.257935][ T6255] netlink: 16 bytes leftover after parsing attributes in process `syz.0.123'. [ 118.293588][ T6255] Set syz1 is full, maxelem 65536 reached [ 118.438539][ T6257] fuse: Unknown parameter 'use00000000000000000000' [ 118.949396][ T6266] No control pipe specified [ 119.241883][ T43] usb 2-1: new high-speed USB device number 3 using dummy_hcd [ 119.381973][ T43] usb 2-1: device descriptor read/64, error -71 [ 119.398782][ T5935] usb 3-1: new high-speed USB device number 9 using dummy_hcd [ 119.596685][ T5935] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 119.651766][ T5935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 119.664492][ T43] usb 2-1: new high-speed USB device number 4 using dummy_hcd [ 119.702453][ T5935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 119.741912][ T5935] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 119.821977][ T5935] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 119.831068][ T5935] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 119.852010][ T43] usb 2-1: device descriptor read/64, error -71 [ 119.871942][ T5935] usb 3-1: Manufacturer: syz [ 119.898381][ T5935] usb 3-1: config 0 descriptor?? [ 119.982147][ T43] usb usb2-port1: attempt power cycle [ 120.130462][ T6283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'. [ 120.141242][ T6283] Set syz1 is full, maxelem 65536 reached [ 120.151251][ T6283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'. [ 120.321715][ T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd [ 120.330898][ T5935] appleir 0003:05AC:8243.0006: unknown main item tag 0x0 [ 120.343120][ T5935] appleir 0003:05AC:8243.0006: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0 [ 120.354988][ T43] usb 2-1: device descriptor read/8, error -71 [ 120.524260][ T5934] usb 3-1: USB disconnect, device number 9 [ 120.592444][ T43] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 120.622465][ T43] usb 2-1: device descriptor read/8, error -71 [ 120.742071][ T43] usb usb2-port1: unable to enumerate USB device [ 121.190704][ T6297] fuse: Unknown parameter 'use00000000000000000000' [ 122.235179][ T6305] No control pipe specified [ 122.423161][ T6312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'. [ 122.456579][ T6312] Set syz1 is full, maxelem 65536 reached [ 122.477900][ T6312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'. [ 123.581997][ T5934] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 123.633943][ T6333] vxfs: WRONG superblock magic 00000000 at 1 [ 123.653842][ T6333] vxfs: WRONG superblock magic 00000000 at 8 [ 123.660474][ T6333] vxfs: can't find superblock. [ 123.753435][ T5934] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 123.783679][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 123.802071][ T5882] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 123.821800][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 123.833970][ T5934] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 123.882426][ T5934] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 123.892009][ T5934] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 124.672500][ T5934] usb 2-1: Manufacturer: syz [ 124.701732][ T5882] usb 4-1: device descriptor read/64, error -71 [ 124.722021][ T5934] usb 2-1: config 0 descriptor?? [ 124.941672][ T5882] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 125.093926][ T5882] usb 4-1: device descriptor read/64, error -71 [ 125.165020][ T5934] appleir 0003:05AC:8243.0007: unknown main item tag 0x0 [ 125.202463][ T5934] appleir 0003:05AC:8243.0007: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 125.236027][ T5882] usb usb4-port1: attempt power cycle [ 125.378926][ T5836] usb 2-1: USB disconnect, device number 7 [ 125.591620][ T5882] usb 4-1: new high-speed USB device number 13 using dummy_hcd [ 125.652564][ T5882] usb 4-1: device descriptor read/8, error -71 [ 125.892438][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.153'. [ 125.901711][ T5882] usb 4-1: new high-speed USB device number 14 using dummy_hcd [ 125.915997][ T6348] Set syz1 is full, maxelem 65536 reached [ 125.941791][ T5882] usb 4-1: device descriptor read/8, error -71 [ 125.948804][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.153'. [ 126.052104][ T5882] usb usb4-port1: unable to enumerate USB device [ 127.111603][ T5882] usb 2-1: new high-speed USB device number 8 using dummy_hcd [ 127.284073][ T5882] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 127.297294][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 127.309349][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 127.319542][ T5882] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 127.350616][ T5882] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 127.368790][ T5882] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 127.393254][ T5882] usb 2-1: Manufacturer: syz [ 127.418168][ T5882] usb 2-1: config 0 descriptor?? [ 127.854857][ T5882] appleir 0003:05AC:8243.0008: unknown main item tag 0x0 [ 127.885459][ T5882] appleir 0003:05AC:8243.0008: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 128.012242][ T5934] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 128.056235][ T5882] usb 2-1: USB disconnect, device number 8 [ 128.189362][ T5934] usb 1-1: no configurations [ 128.195758][ T5934] usb 1-1: can't read configurations, error -22 [ 128.342513][ T5934] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 128.503199][ T5934] usb 1-1: no configurations [ 128.507851][ T5934] usb 1-1: can't read configurations, error -22 [ 128.531868][ T5934] usb usb1-port1: attempt power cycle [ 128.876537][ T5934] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 128.917996][ T5934] usb 1-1: no configurations [ 128.922929][ T5934] usb 1-1: can't read configurations, error -22 [ 128.954252][ T6407] fuse: Unknown parameter 'user_i00000000000000000000' [ 129.052706][ T5934] usb 1-1: new high-speed USB device number 11 using dummy_hcd [ 129.093012][ T5934] usb 1-1: no configurations [ 129.098893][ T5934] usb 1-1: can't read configurations, error -22 [ 129.109255][ T5934] usb usb1-port1: unable to enumerate USB device [ 129.811630][ T5836] usb 3-1: new high-speed USB device number 10 using dummy_hcd [ 129.993284][ T5836] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 130.019623][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 130.051367][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 130.075130][ T5836] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 130.112233][ T5836] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 130.122899][ T5836] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 130.131128][ T5836] usb 3-1: Manufacturer: syz [ 130.140602][ T5836] usb 3-1: config 0 descriptor?? [ 130.558210][ T5836] usbhid 3-1:0.0: can't add hid device: -71 [ 130.582400][ T5836] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 130.610709][ T5836] usb 3-1: USB disconnect, device number 10 [ 131.905193][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.187'. [ 132.014448][ T6444] netlink: 12 bytes leftover after parsing attributes in process `syz.1.187'. [ 132.811581][ T5836] usb 1-1: new high-speed USB device number 12 using dummy_hcd [ 132.986742][ T5836] usb 1-1: Using ep0 maxpacket: 32 [ 133.011910][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.018545][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.027005][ T5836] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 133.047656][ T5836] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 133.075632][ T5836] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 133.098472][ T5836] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.130721][ T5836] usb 1-1: config 0 descriptor?? [ 133.161101][ T5836] hub 1-1:0.0: bad descriptor, ignoring hub [ 133.251601][ T5836] hub 1-1:0.0: probe with driver hub failed with error -5 [ 133.260687][ T5836] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 133.742120][ T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd [ 133.904144][ T9] usb 4-1: no configurations [ 133.909053][ T9] usb 4-1: can't read configurations, error -22 [ 134.001634][ T5882] usb 3-1: new high-speed USB device number 11 using dummy_hcd [ 134.071688][ T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd [ 134.165708][ T5882] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 134.171950][ T43] usb 1-1: USB disconnect, device number 12 [ 134.177625][ T5882] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 134.221693][ T5882] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 134.233242][ T9] usb 4-1: no configurations [ 134.237868][ T9] usb 4-1: can't read configurations, error -22 [ 134.251770][ T5882] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253 [ 134.266288][ T9] usb usb4-port1: attempt power cycle [ 134.284137][ T5882] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 134.293713][ T5882] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 134.311541][ T5882] usb 3-1: Manufacturer: syz [ 134.322903][ T5882] usb 3-1: config 0 descriptor?? [ 134.621914][ T9] usb 4-1: new high-speed USB device number 17 using dummy_hcd [ 134.663145][ T9] usb 4-1: no configurations [ 134.670060][ T9] usb 4-1: can't read configurations, error -22 [ 134.785987][ T5882] usbhid 3-1:0.0: can't add hid device: -71 [ 134.799340][ T5882] usbhid 3-1:0.0: probe with driver usbhid failed with error -71 [ 134.827545][ T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd [ 134.842875][ T5882] usb 3-1: USB disconnect, device number 11 [ 134.862752][ T9] usb 4-1: no configurations [ 134.867395][ T9] usb 4-1: can't read configurations, error -22 [ 134.885681][ T9] usb usb4-port1: unable to enumerate USB device [ 135.131931][ T43] usb 1-1: new high-speed USB device number 13 using dummy_hcd [ 135.303266][ T43] usb 1-1: config 0 has an invalid interface number: 106 but max is 0 [ 135.318246][ T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 135.331556][ T43] usb 1-1: config 0 has no interface number 0 [ 135.339399][ T43] usb 1-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 43 [ 135.372985][ T43] usb 1-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6 [ 135.421609][ T43] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb [ 135.430769][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 135.452531][ T43] usb 1-1: config 0 descriptor?? [ 135.462509][ T6469] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 135.502520][ T43] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work! [ 135.790457][ T43] usb 1-1: USB disconnect, device number 13 [ 135.833315][ T2971] usb 1-1: Failed to submit usb control message: -71 [ 135.840424][ T2971] usb 1-1: unable to send the bmi data to the device: -71 [ 135.848305][ T2971] usb 1-1: unable to get target info from device [ 135.856290][ T2971] usb 1-1: could not get target info (-71) [ 135.862710][ T2971] usb 1-1: could not probe fw (-71) [ 136.083573][ T6486] fuse: Unknown parameter 'user_id00000000000000000000' [ 137.301689][ T5868] usb 3-1: new high-speed USB device number 12 using dummy_hcd [ 137.387911][ T6441] Set syz1 is full, maxelem 65536 reached [ 137.461792][ T5868] usb 3-1: Using ep0 maxpacket: 32 [ 137.475292][ T5868] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 137.506694][ T5868] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 137.539166][ T5868] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 137.571648][ T5868] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 137.612073][ T5868] usb 3-1: config 0 descriptor?? [ 137.638230][ T5868] hub 3-1:0.0: bad descriptor, ignoring hub [ 137.645948][ T5868] hub 3-1:0.0: probe with driver hub failed with error -5 [ 137.664407][ T5868] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 138.064911][ T6516] fuse: Unknown parameter 'user_id00000000000000000000' [ 138.399804][ T6523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.215'. [ 138.410802][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.215'. [ 138.451710][ T5868] usb 4-1: new high-speed USB device number 19 using dummy_hcd [ 138.585214][ T9] usb 3-1: USB disconnect, device number 12 [ 138.622567][ T5868] usb 4-1: no configurations [ 138.627221][ T5868] usb 4-1: can't read configurations, error -22 [ 138.663210][ T6528] overlayfs: failed to resolve './file1': -2 [ 138.771619][ T5868] usb 4-1: new high-speed USB device number 20 using dummy_hcd [ 138.932523][ T5868] usb 4-1: no configurations [ 138.937391][ T5868] usb 4-1: can't read configurations, error -22 [ 138.955076][ T5868] usb usb4-port1: attempt power cycle [ 139.099442][ T6544] fuse: Bad value for 'fd' [ 139.204170][ T6546] fuse: Bad value for 'fd' [ 139.266171][ T6549] netlink: 8 bytes leftover after parsing attributes in process `syz.1.226'. [ 139.322494][ T5868] usb 4-1: new high-speed USB device number 21 using dummy_hcd [ 139.363136][ T5868] usb 4-1: no configurations [ 139.367966][ T5868] usb 4-1: can't read configurations, error -22 [ 139.511638][ T5868] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 139.533425][ T5868] usb 4-1: no configurations [ 139.538286][ T5868] usb 4-1: can't read configurations, error -22 [ 139.552018][ T5868] usb usb4-port1: unable to enumerate USB device [ 139.611318][ T6558] overlayfs: failed to resolve './file1': -2 [ 140.060021][ T6573] fuse: Bad value for 'fd' [ 140.112230][ T5882] usb 1-1: new high-speed USB device number 14 using dummy_hcd [ 140.136611][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.1.235'. [ 140.251452][ T6580] overlayfs: failed to resolve './file0': -2 [ 140.271665][ T5882] usb 1-1: Using ep0 maxpacket: 32 [ 140.285852][ T5882] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 140.301759][ T5882] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 140.319397][ T5882] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 140.329497][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.349672][ T5882] usb 1-1: config 0 descriptor?? [ 140.359725][ T5882] hub 1-1:0.0: bad descriptor, ignoring hub [ 140.376242][ T5882] hub 1-1:0.0: probe with driver hub failed with error -5 [ 140.407518][ T5882] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 140.516995][ T6588] overlayfs: failed to resolve './file0': -2 [ 140.596816][ T6590] fuse: Bad value for 'fd' [ 141.038281][ T5935] usb 1-1: USB disconnect, device number 14 [ 141.116013][ T6600] fuse: Bad value for 'fd' [ 141.427610][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.245'. [ 141.519629][ T6614] netlink: 104 bytes leftover after parsing attributes in process `syz.2.249'. [ 141.555774][ T6617] overlayfs: failed to resolve './file0': -2 [ 141.844017][ T6628] hpfs: Bad magic ... probably not HPFS [ 141.951572][ T43] usb 2-1: new high-speed USB device number 9 using dummy_hcd [ 142.133738][ T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 142.144183][ T43] usb 2-1: config 0 has no interfaces? [ 142.149692][ T43] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 142.159496][ T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.171100][ T43] usb 2-1: config 0 descriptor?? [ 142.351607][ T5882] usb 1-1: new high-speed USB device number 15 using dummy_hcd [ 142.501725][ T5882] usb 1-1: Using ep0 maxpacket: 32 [ 142.509540][ T5882] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 142.521206][ T5882] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 142.534361][ T5882] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 142.543650][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 142.555528][ T5882] usb 1-1: config 0 descriptor?? [ 142.570793][ T5882] hub 1-1:0.0: bad descriptor, ignoring hub [ 142.584574][ T5882] hub 1-1:0.0: probe with driver hub failed with error -5 [ 142.602152][ T5882] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 142.660302][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.260'. [ 142.674017][ T6643] Set syz1 is full, maxelem 65536 reached [ 142.699501][ T6643] Set syz1 is full, maxelem 65536 reached [ 144.104232][ T5922] usb 1-1: USB disconnect, device number 15 [ 144.706771][ T6676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.271'. [ 144.740171][ T6676] Set syz1 is full, maxelem 65536 reached [ 144.753066][ T5935] usb 2-1: USB disconnect, device number 9 [ 144.782429][ T6676] Set syz1 is full, maxelem 65536 reached [ 145.562021][ T5935] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 145.632587][ T6704] netlink: 8 bytes leftover after parsing attributes in process `syz.1.282'. [ 145.746647][ T5935] usb 4-1: Using ep0 maxpacket: 32 [ 145.766488][ T5935] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 145.801682][ T5935] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 145.821961][ T43] usb 3-1: new high-speed USB device number 13 using dummy_hcd [ 145.841553][ T5935] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 145.851180][ T5935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 syzkaller syzkaller login: [ 145.876169][ T5935] usb 4-1: config 0 descriptor?? [ 145.905360][ T5935] hub 4-1:0.0: bad descriptor, ignoring hub [ 145.907047][ T6707] vxfs: WRONG superblock magic 00000000 at 1 [ 145.911417][ T5935] hub 4-1:0.0: probe with driver hub failed with error -5 [ 145.937121][ T5935] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 145.941972][ T6707] vxfs: WRONG superblock magic 00000000 at 8 [ 145.953574][ T6707] vxfs: can't find superblock. [ 146.027876][ T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 146.038120][ T43] usb 3-1: config 0 has no interfaces? [ 146.068125][ T43] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 146.090651][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 146.132803][ T43] usb 3-1: config 0 descriptor?? [ 146.801866][ T43] usb 4-1: USB disconnect, device number 23 [ 147.149554][ T6731] FAULT_INJECTION: forcing a failure. [ 147.149554][ T6731] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 147.181627][ T6731] CPU: 0 UID: 0 PID: 6731 Comm: syz.0.291 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 147.181653][ T6731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 147.181672][ T6731] Call Trace: [ 147.181680][ T6731] [ 147.181688][ T6731] dump_stack_lvl+0x189/0x250 [ 147.181722][ T6731] ? __pfx____ratelimit+0x10/0x10 [ 147.181748][ T6731] ? __pfx_dump_stack_lvl+0x10/0x10 [ 147.181768][ T6731] ? __pfx__printk+0x10/0x10 [ 147.181789][ T6731] ? __might_fault+0xb0/0x130 [ 147.181821][ T6731] should_fail_ex+0x414/0x560 [ 147.181858][ T6731] _copy_from_iter+0x1db/0x16f0 [ 147.181898][ T6731] ? validate_chain+0x897/0x2140 [ 147.181918][ T6731] ? __pfx__copy_from_iter+0x10/0x10 [ 147.181952][ T6731] ? __lock_acquire+0xab9/0xd20 [ 147.181989][ T6731] tun_get_user+0x20f/0x3ce0 [ 147.182021][ T6731] ? aa_file_perm+0x13e/0x11b0 [ 147.182046][ T6731] ? aa_file_perm+0x13e/0x11b0 [ 147.182069][ T6731] ? aa_file_perm+0x3ed/0x11b0 [ 147.182094][ T6731] ? __pfx_tun_get_user+0x10/0x10 [ 147.182123][ T6731] ? __lock_acquire+0xab9/0xd20 [ 147.182157][ T6731] ? ref_tracker_alloc+0x318/0x460 [ 147.182176][ T6731] ? __lock_acquire+0xab9/0xd20 [ 147.182205][ T6731] ? __pfx_ref_tracker_alloc+0x10/0x10 [ 147.182232][ T6731] ? tun_get+0x1c/0x2f0 [ 147.182258][ T6731] ? tun_get+0x1c/0x2f0 [ 147.182277][ T6731] ? tun_get+0x1c/0x2f0 [ 147.182301][ T6731] tun_chr_write_iter+0x113/0x200 [ 147.182338][ T6731] vfs_write+0x54b/0xa90 [ 147.182372][ T6731] ? __pfx_tun_chr_write_iter+0x10/0x10 [ 147.182393][ T6731] ? __pfx_vfs_write+0x10/0x10 [ 147.182426][ T6731] ? __fget_files+0x2a/0x420 [ 147.182461][ T6731] ksys_write+0x145/0x250 [ 147.182487][ T6731] ? __pfx_ksys_write+0x10/0x10 [ 147.182507][ T6731] ? rcu_is_watching+0x15/0xb0 [ 147.182532][ T6731] ? do_syscall_64+0xbe/0x3b0 [ 147.182561][ T6731] do_syscall_64+0xfa/0x3b0 [ 147.182586][ T6731] ? lockdep_hardirqs_on+0x9c/0x150 [ 147.182610][ T6731] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.182628][ T6731] ? clear_bhb_loop+0x60/0xb0 [ 147.182652][ T6731] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.182671][ T6731] RIP: 0033:0x7f4a9f98e929 [ 147.182694][ T6731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.182710][ T6731] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 147.182737][ T6731] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929 [ 147.182751][ T6731] RDX: 000000000000007a RSI: 00002000000006c0 RDI: 0000000000000003 [ 147.182763][ T6731] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000 [ 147.182775][ T6731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 147.182786][ T6731] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868 [ 147.182816][ T6731] [ 147.595881][ T6734] netlink: 8 bytes leftover after parsing attributes in process `syz.1.292'. syzkaller syzkaller login: [ 148.622666][ T43] usb 3-1: USB disconnect, device number 13 [ 149.431595][ T43] usb 3-1: new high-speed USB device number 14 using dummy_hcd [ 149.515921][ T6769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.304'. [ 149.581757][ T43] usb 3-1: Using ep0 maxpacket: 32 [ 149.599229][ T43] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 149.614697][ T43] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 149.648698][ T43] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 149.689092][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 149.720972][ T43] usb 3-1: config 0 descriptor?? [ 149.744329][ T43] hub 3-1:0.0: bad descriptor, ignoring hub [ 149.750420][ T43] hub 3-1:0.0: probe with driver hub failed with error -5 [ 149.781659][ T43] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 150.151578][ T5882] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 150.161053][ T6787] fuse: Unknown parameter '0x0000000000000004' [ 150.533711][ T5882] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 150.547525][ T5882] usb 4-1: config 0 has no interfaces? [ 150.559221][ T5882] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 150.578594][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 150.747432][ T5882] usb 4-1: config 0 descriptor?? [ 150.783015][ T9] usb 3-1: USB disconnect, device number 14 [ 151.082257][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.1.314'. [ 151.831832][ T6810] syz.1.319: attempt to access beyond end of device [ 151.831832][ T6810] nbd1: rw=0, sector=2, nr_sectors = 1 limit=0 [ 151.865280][ T6810] hfs: can't find a HFS filesystem on dev nbd1 [ 152.059667][ T6812] fuse: Unknown parameter '0x0000000000000004' [ 152.673994][ T6825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.323'. [ 152.707105][ T6825] Set syz1 is full, maxelem 65536 reached [ 152.725301][ T6825] Set syz1 is full, maxelem 65536 reached [ 152.861932][ T43] usb 1-1: new high-speed USB device number 16 using dummy_hcd [ 152.947715][ T5935] usb 4-1: USB disconnect, device number 24 [ 153.021686][ T43] usb 1-1: Using ep0 maxpacket: 32 [ 153.034982][ T43] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 153.058741][ T43] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 153.099731][ T43] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 153.128592][ T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 153.150688][ T43] usb 1-1: config 0 descriptor?? [ 153.164362][ T43] hub 1-1:0.0: bad descriptor, ignoring hub [ 153.192129][ T43] hub 1-1:0.0: probe with driver hub failed with error -5 [ 153.201223][ T43] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 153.966258][ T6839] overlayfs: failed to resolve './file1': -2 [ 154.585868][ T6852] netlink: 8 bytes leftover after parsing attributes in process `syz.2.334'. [ 154.602353][ T6852] Set syz1 is full, maxelem 65536 reached [ 154.609471][ T6852] Set syz1 is full, maxelem 65536 reached [ 154.631952][ T5882] usb 1-1: USB disconnect, device number 16 [ 154.651016][ T6853] syzkaller1: entered promiscuous mode [ 154.665513][ T6853] syzkaller1: entered allmulticast mode [ 154.991576][ T43] usb 3-1: new high-speed USB device number 15 using dummy_hcd [ 155.101765][ T6862] input: syz0 as /devices/virtual/input/input8 [ 155.218706][ T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 155.231536][ T43] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 155.240567][ T43] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 155.987974][ T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 156.016518][ T43] usb 3-1: config 0 descriptor?? [ 156.062522][ T6868] overlayfs: failed to resolve './file1': -2 [ 156.470431][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.344'. [ 156.517919][ T6875] Set syz1 is full, maxelem 65536 reached [ 156.593378][ T6875] Set syz1 is full, maxelem 65536 reached [ 156.803860][ T6880] syzkaller1: entered promiscuous mode [ 156.821667][ T6880] syzkaller1: entered allmulticast mode [ 157.251562][ T43] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 157.411564][ T43] usb 4-1: Using ep0 maxpacket: 32 [ 157.423279][ T43] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config [ 157.454417][ T43] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 157.472351][ T43] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40 [ 157.492460][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 157.503514][ T43] usb 4-1: config 0 descriptor?? [ 157.513261][ T43] hub 4-1:0.0: bad descriptor, ignoring hub [ 157.519252][ T43] hub 4-1:0.0: probe with driver hub failed with error -5 [ 157.541351][ T43] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 157.825600][ T43] usb 3-1: USB disconnect, device number 15 [ 157.966197][ T6905] fuse: Bad value for 'fd' [ 158.375573][ T6913] syzkaller1: entered promiscuous mode [ 158.397104][ T6913] syzkaller1: entered allmulticast mode [ 158.682350][ T5935] usb 4-1: USB disconnect, device number 25 [ 158.810136][ T6925] fuse: Unknown parameter '0x0000000000000004' [ 158.981723][ T5868] usb 1-1: new high-speed USB device number 17 using dummy_hcd [ 159.159010][ T5868] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08 [ 159.181284][ T5868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 159.203173][ T5868] usb 1-1: Product: syz [ 159.207391][ T5868] usb 1-1: Manufacturer: syz [ 159.223167][ T5868] usb 1-1: SerialNumber: syz [ 159.242577][ T5868] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested [ 159.297349][ T5935] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008 [ 159.392555][ T5882] usb 2-1: new high-speed USB device number 10 using dummy_hcd [ 159.567415][ T5882] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 159.577841][ T5882] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 159.598219][ T5882] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 159.637314][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 159.675364][ T5882] usb 2-1: config 0 descriptor?? [ 159.757721][ T5882] usb 1-1: USB disconnect, device number 17 [ 160.425160][ T5935] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive [ 160.425747][ T6949] syzkaller1: entered promiscuous mode [ 160.438594][ T5935] ath9k_htc: Failed to initialize the device [ 160.450272][ T5882] usb 1-1: ath9k_htc: USB layer deinitialized [ 160.452965][ T6949] syzkaller1: entered allmulticast mode [ 160.477513][ T6951] nftables ruleset with unbound set [ 160.716712][ T6955] fuse: Unknown parameter 'fd0x0000000000000004' [ 160.733174][ T6956] syzkaller1: entered promiscuous mode [ 160.738698][ T6956] syzkaller1: entered allmulticast mode [ 162.445343][ T5882] usb 2-1: USB disconnect, device number 10 [ 162.518830][ T6978] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 162.820416][ T6984] vxfs: WRONG superblock magic 00000000 at 1 [ 162.845056][ T6984] vxfs: WRONG superblock magic 00000000 at 8 [ 162.851107][ T6984] vxfs: can't find superblock. [ 162.863683][ T6986] fuse: Unknown parameter 'fd0x0000000000000004' [ 165.285897][ T7008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 165.314190][ T7008] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 165.521902][ T5935] usb 3-1: new low-speed USB device number 16 using dummy_hcd [ 165.677109][ T5935] usb 3-1: config 0 has an invalid interface number: 55 but max is 0 [ 165.685361][ T5935] usb 3-1: config 0 has no interface number 0 [ 165.699738][ T5935] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 165.714995][ T5935] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8 [ 165.729860][ T5935] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 165.742175][ T5935] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10 [ 165.756974][ T5935] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0 [ 165.767484][ T5935] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 165.781136][ T5935] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 165.790542][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 165.816364][ T5935] usb 3-1: config 0 descriptor?? [ 165.833004][ T7009] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 165.847950][ T5935] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 166.041337][ T7008] ldusb 3-1:0.55: Couldn't submit interrupt_in_urb -90 [ 166.057268][ T5935] usb 3-1: USB disconnect, device number 16 [ 166.067791][ T5935] ldusb 3-1:0.55: LD USB Device #0 now disconnected [ 167.517779][ T7034] fuse: Unknown parameter 'fd0x0000000000000004' [ 167.862591][ T30] audit: type=1326 audit(1751553044.124:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7041 comm="syz.1.403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94e938e929 code=0x0 [ 167.987206][ T7045] netlink: 'syz.1.403': attribute type 11 has an invalid length. [ 170.199691][ T7068] vxfs: WRONG superblock magic 00000000 at 1 [ 170.212993][ T7068] vxfs: WRONG superblock magic 00000000 at 8 [ 170.230524][ T7068] vxfs: can't find superblock. [ 171.895381][ T7093] binder: 7092:7093 ioctl 4018620d 0 returned -22 [ 173.713090][ T7137] binder: 7136:7137 ioctl 4018620d 0 returned -22 [ 173.763221][ T7133] syzkaller1: entered promiscuous mode [ 173.773268][ T7133] syzkaller1: entered allmulticast mode [ 174.077636][ T7141] gfs2: not a GFS2 filesystem [ 174.277559][ T7145] vxfs: WRONG superblock magic 00000000 at 1 [ 174.304032][ T7145] vxfs: WRONG superblock magic 00000000 at 8 [ 174.334882][ T7145] vxfs: can't find superblock. [ 174.844411][ T7159] syzkaller1: entered promiscuous mode [ 174.871593][ T7159] syzkaller1: entered allmulticast mode [ 175.251320][ T5935] usb 3-1: new high-speed USB device number 17 using dummy_hcd [ 175.374010][ T7168] vxfs: WRONG superblock magic 00000000 at 1 [ 175.393525][ T7168] vxfs: WRONG superblock magic 00000000 at 8 [ 175.399563][ T7168] vxfs: can't find superblock. [ 175.452061][ T5935] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 175.468835][ T5935] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 175.494360][ T5935] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 175.526061][ T5935] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 175.612428][ T5935] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 175.635551][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 175.644229][ T7174] binder: 7173:7174 ioctl 4018620d 0 returned -22 [ 175.651602][ T5935] usb 3-1: Product: syz [ 175.655817][ T5935] usb 3-1: Manufacturer: syz [ 175.743017][ T5935] cdc_wdm 3-1:1.0: skipping garbage [ 175.766382][ T5935] cdc_wdm 3-1:1.0: skipping garbage [ 175.802112][ T5935] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device [ 175.808078][ T5935] cdc_wdm 3-1:1.0: Unknown control protocol [ 176.077550][ T5935] usb 3-1: USB disconnect, device number 17 [ 176.721298][ T7192] syzkaller1: entered promiscuous mode [ 176.726824][ T7192] syzkaller1: entered allmulticast mode [ 177.558028][ T7212] binder: BINDER_SET_CONTEXT_MGR already set [ 177.574378][ T7212] binder: 7211:7212 ioctl 4018620d 2000000001c0 returned -16 [ 178.824621][ T7232] syzkaller1: entered promiscuous mode [ 178.830304][ T7232] syzkaller1: entered allmulticast mode [ 179.070175][ T7238] fuse: Unknown parameter './file0' [ 179.249337][ T5868] usb 3-1: new high-speed USB device number 18 using dummy_hcd [ 179.486708][ T5868] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 179.506249][ T5868] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 179.538088][ T7245] binder: BINDER_SET_CONTEXT_MGR already set [ 179.550497][ T5868] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 179.561950][ T7245] binder: 7244:7245 ioctl 4018620d 2000000001c0 returned -16 [ 179.582780][ T5868] usb 3-1: config 0 descriptor?? [ 181.012676][ T7264] fuse: Unknown parameter './file0' [ 181.374955][ T7270] syzkaller1: entered promiscuous mode [ 181.425315][ T7270] syzkaller1: entered allmulticast mode [ 181.857235][ T7278] fuse: Bad value for 'fd' [ 182.071302][ T5868] usb 3-1: USB disconnect, device number 18 [ 182.381521][ T7285] binder: BINDER_SET_CONTEXT_MGR already set [ 182.395756][ T7285] binder: 7284:7285 ioctl 4018620d 2000000001c0 returned -16 [ 182.851993][ T7295] fuse: Unknown parameter './file0' [ 183.085505][ T7297] syzkaller1: entered promiscuous mode [ 183.101877][ T7297] syzkaller1: entered allmulticast mode [ 183.291535][ T7301] fuse: Bad value for 'fd' [ 183.380697][ T7303] netlink: 20 bytes leftover after parsing attributes in process `syz.2.498'. [ 184.460245][ T7326] fuse: Bad value for 'group_id' [ 184.495138][ T7325] binder: 7324:7325 ioctl c0306201 0 returned -14 [ 184.504818][ T7326] fuse: Bad value for 'group_id' [ 184.873043][ T7331] syzkaller1: entered promiscuous mode [ 184.912223][ T7331] syzkaller1: entered allmulticast mode [ 185.193820][ T7337] netlink: 156 bytes leftover after parsing attributes in process `syz.3.510'. [ 185.331199][ T7340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.511'. [ 186.213121][ T7356] fuse: Bad value for 'group_id' [ 186.218248][ T7356] fuse: Bad value for 'group_id' [ 186.471863][ T7364] binder: 7361:7364 ioctl c0306201 0 returned -14 [ 186.489129][ T7363] syzkaller1: entered promiscuous mode [ 186.494642][ T7363] syzkaller1: entered allmulticast mode [ 186.902572][ T7372] netlink: 8 bytes leftover after parsing attributes in process `syz.2.521'. [ 188.114600][ T7386] FAULT_INJECTION: forcing a failure. [ 188.114600][ T7386] name failslab, interval 1, probability 0, space 0, times 1 [ 188.137501][ T7386] CPU: 1 UID: 0 PID: 7386 Comm: syz.0.524 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 188.137528][ T7386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 188.137540][ T7386] Call Trace: [ 188.137548][ T7386] [ 188.137556][ T7386] dump_stack_lvl+0x189/0x250 [ 188.137584][ T7386] ? __pfx____ratelimit+0x10/0x10 [ 188.137612][ T7386] ? __pfx_dump_stack_lvl+0x10/0x10 [ 188.137635][ T7386] ? __pfx__printk+0x10/0x10 [ 188.137664][ T7386] ? __pfx___might_resched+0x10/0x10 [ 188.137683][ T7386] ? fs_reclaim_acquire+0x7d/0x100 [ 188.137714][ T7386] should_fail_ex+0x414/0x560 [ 188.137751][ T7386] should_failslab+0xa8/0x100 [ 188.137778][ T7386] __kmalloc_noprof+0xcb/0x4f0 [ 188.137798][ T7386] ? kfree+0x4d/0x440 [ 188.137815][ T7386] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 188.137845][ T7386] tomoyo_realpath_from_path+0xe3/0x5d0 [ 188.137871][ T7386] ? tomoyo_domain+0xd9/0x130 [ 188.137901][ T7386] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 188.137932][ T7386] tomoyo_path_number_perm+0x1e8/0x5a0 [ 188.137966][ T7386] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 188.138015][ T7386] ? __lock_acquire+0xab9/0xd20 [ 188.138066][ T7386] ? __fget_files+0x2a/0x420 [ 188.138097][ T7386] ? __fget_files+0x2a/0x420 [ 188.138122][ T7386] ? __fget_files+0x3a0/0x420 [ 188.138148][ T7386] ? __fget_files+0x2a/0x420 [ 188.138180][ T7386] security_file_ioctl+0xcb/0x2d0 [ 188.138211][ T7386] __se_sys_ioctl+0x47/0x170 [ 188.138241][ T7386] do_syscall_64+0xfa/0x3b0 [ 188.138266][ T7386] ? lockdep_hardirqs_on+0x9c/0x150 [ 188.138291][ T7386] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.138311][ T7386] ? clear_bhb_loop+0x60/0xb0 [ 188.138336][ T7386] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 188.138371][ T7386] RIP: 0033:0x7f4a9f98e929 [ 188.138405][ T7386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 188.138422][ T7386] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 188.138443][ T7386] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929 [ 188.138457][ T7386] RDX: 0000200000000040 RSI: 0000000080045505 RDI: 0000000000000003 [ 188.138470][ T7386] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000 [ 188.138482][ T7386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 188.138493][ T7386] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868 [ 188.138525][ T7386] [ 188.138563][ T7386] ERROR: Out of memory at tomoyo_realpath_from_path. [ 188.604097][ T7386] usb usb7: usbfs: interface 0 claimed by hub while 'syz.0.524' sets config #0 [ 188.965576][ T7392] fuse: Bad value for 'group_id' [ 188.970596][ T7392] fuse: Bad value for 'group_id' [ 189.187615][ T7400] FAULT_INJECTION: forcing a failure. [ 189.187615][ T7400] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 189.209669][ T7398] vxfs: WRONG superblock magic 00000000 at 1 [ 189.216138][ T7400] CPU: 0 UID: 0 PID: 7400 Comm: syz.0.529 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 189.216165][ T7400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 189.216177][ T7400] Call Trace: [ 189.216185][ T7400] [ 189.216193][ T7400] dump_stack_lvl+0x189/0x250 [ 189.216221][ T7400] ? __pfx____ratelimit+0x10/0x10 [ 189.216247][ T7400] ? __pfx_dump_stack_lvl+0x10/0x10 [ 189.216270][ T7400] ? __pfx__printk+0x10/0x10 [ 189.216292][ T7400] ? __might_fault+0xb0/0x130 [ 189.216336][ T7400] should_fail_ex+0x414/0x560 [ 189.216373][ T7400] _copy_from_user+0x2d/0xb0 [ 189.216395][ T7400] __sys_connect+0x123/0x440 [ 189.216424][ T7400] ? __fget_files+0x3a0/0x420 [ 189.216452][ T7400] ? __pfx___sys_connect+0x10/0x10 [ 189.216494][ T7400] ? __pfx_ksys_write+0x10/0x10 [ 189.216516][ T7400] ? rcu_is_watching+0x15/0xb0 [ 189.216544][ T7400] __x64_sys_connect+0x7a/0x90 [ 189.216574][ T7400] do_syscall_64+0xfa/0x3b0 [ 189.216599][ T7400] ? lockdep_hardirqs_on+0x9c/0x150 [ 189.216624][ T7400] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.216644][ T7400] ? clear_bhb_loop+0x60/0xb0 [ 189.216668][ T7400] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 189.216687][ T7400] RIP: 0033:0x7f4a9f98e929 [ 189.216704][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 189.216720][ T7400] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 189.216741][ T7400] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929 [ 189.216756][ T7400] RDX: 0000000000000010 RSI: 00002000000009c0 RDI: 0000000000000003 [ 189.216768][ T7400] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000 [ 189.216780][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 189.216792][ T7400] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868 [ 189.216823][ T7400] [ 189.224589][ T7398] vxfs: WRONG superblock magic 00000000 at 8 [ 189.512540][ T7404] binder: 7401:7404 ioctl c0306201 0 returned -14 [ 189.567755][ T7398] vxfs: can't find superblock. [ 190.710760][ T7372] Set syz1 is full, maxelem 65536 reached [ 191.156920][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.534'. [ 191.480708][ T7429] FAULT_INJECTION: forcing a failure. [ 191.480708][ T7429] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 191.571363][ T7429] CPU: 1 UID: 0 PID: 7429 Comm: syz.2.539 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 191.571393][ T7429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 191.571405][ T7429] Call Trace: [ 191.571413][ T7429] [ 191.571421][ T7429] dump_stack_lvl+0x189/0x250 [ 191.571449][ T7429] ? __pfx____ratelimit+0x10/0x10 [ 191.571476][ T7429] ? __pfx_dump_stack_lvl+0x10/0x10 [ 191.571499][ T7429] ? __pfx__printk+0x10/0x10 [ 191.571522][ T7429] ? __might_fault+0xb0/0x130 [ 191.571556][ T7429] should_fail_ex+0x414/0x560 [ 191.571593][ T7429] _copy_from_user+0x2d/0xb0 [ 191.571614][ T7429] ___sys_sendmsg+0x158/0x2a0 [ 191.571638][ T7429] ? __pfx____sys_sendmsg+0x10/0x10 [ 191.571696][ T7429] ? __fget_files+0x2a/0x420 [ 191.571723][ T7429] ? __fget_files+0x3a0/0x420 [ 191.571762][ T7429] __x64_sys_sendmsg+0x19b/0x260 [ 191.571785][ T7429] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 191.571815][ T7429] ? __pfx_ksys_write+0x10/0x10 [ 191.571837][ T7429] ? rcu_is_watching+0x15/0xb0 [ 191.571863][ T7429] ? do_syscall_64+0xbe/0x3b0 [ 191.571894][ T7429] do_syscall_64+0xfa/0x3b0 [ 191.571919][ T7429] ? lockdep_hardirqs_on+0x9c/0x150 [ 191.571944][ T7429] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.571963][ T7429] ? clear_bhb_loop+0x60/0xb0 [ 191.571988][ T7429] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.572007][ T7429] RIP: 0033:0x7fd822b8e929 [ 191.572025][ T7429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.572042][ T7429] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 191.572063][ T7429] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 191.572078][ T7429] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 191.572090][ T7429] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 191.572102][ T7429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 191.572113][ T7429] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 191.572143][ T7429] [ 192.596488][ T7442] netlink: 8 bytes leftover after parsing attributes in process `syz.0.544'. [ 193.036881][ T7435] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0 syzkaller syzkaller login: [ 194.412703][ T1302] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.419068][ T1302] ieee802154 phy1 wpan1: encryption failed: -22 [ 194.899319][ T7469] FAULT_INJECTION: forcing a failure. [ 194.899319][ T7469] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 194.950057][ T7469] CPU: 0 UID: 0 PID: 7469 Comm: syz.2.552 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 194.950087][ T7469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 194.950117][ T7469] Call Trace: [ 194.950124][ T7469] [ 194.950133][ T7469] dump_stack_lvl+0x189/0x250 [ 194.950161][ T7469] ? __pfx____ratelimit+0x10/0x10 [ 194.950189][ T7469] ? __pfx_dump_stack_lvl+0x10/0x10 [ 194.950212][ T7469] ? __pfx__printk+0x10/0x10 [ 194.950234][ T7469] ? __might_fault+0xb0/0x130 [ 194.950269][ T7469] should_fail_ex+0x414/0x560 [ 194.950307][ T7469] _copy_from_user+0x2d/0xb0 [ 194.950328][ T7469] ___sys_sendmsg+0x158/0x2a0 [ 194.950351][ T7469] ? __pfx____sys_sendmsg+0x10/0x10 [ 194.950409][ T7469] ? __fget_files+0x2a/0x420 [ 194.950436][ T7469] ? __fget_files+0x3a0/0x420 [ 194.950474][ T7469] __x64_sys_sendmsg+0x19b/0x260 [ 194.950497][ T7469] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 194.950528][ T7469] ? __pfx_ksys_write+0x10/0x10 [ 194.950550][ T7469] ? rcu_is_watching+0x15/0xb0 [ 194.950575][ T7469] ? do_syscall_64+0xbe/0x3b0 [ 194.950606][ T7469] do_syscall_64+0xfa/0x3b0 [ 194.950631][ T7469] ? lockdep_hardirqs_on+0x9c/0x150 [ 194.950656][ T7469] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.950675][ T7469] ? clear_bhb_loop+0x60/0xb0 [ 194.950700][ T7469] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 194.950719][ T7469] RIP: 0033:0x7fd822b8e929 [ 194.950737][ T7469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 194.950753][ T7469] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 194.950774][ T7469] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 194.950788][ T7469] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 194.950801][ T7469] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 194.950813][ T7469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 194.950824][ T7469] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 194.950855][ T7469] [ 195.745264][ T7417] Set syz1 is full, maxelem 65536 reached [ 196.012653][ T30] audit: type=1326 audit(1768330288.297:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.556" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb7ab8e929 code=0x0 [ 196.058737][ T7479] FAULT_INJECTION: forcing a failure. [ 196.058737][ T7479] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 196.089387][ T7479] CPU: 1 UID: 0 PID: 7479 Comm: syz.2.557 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 196.089415][ T7479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 196.089426][ T7479] Call Trace: [ 196.089434][ T7479] [ 196.089442][ T7479] dump_stack_lvl+0x189/0x250 [ 196.089470][ T7479] ? __pfx____ratelimit+0x10/0x10 [ 196.089495][ T7479] ? __pfx_dump_stack_lvl+0x10/0x10 [ 196.089517][ T7479] ? __pfx__printk+0x10/0x10 [ 196.089539][ T7479] ? __might_fault+0xb0/0x130 [ 196.089572][ T7479] should_fail_ex+0x414/0x560 [ 196.089607][ T7479] _copy_from_user+0x2d/0xb0 [ 196.089628][ T7479] ___sys_sendmsg+0x158/0x2a0 [ 196.089651][ T7479] ? __pfx____sys_sendmsg+0x10/0x10 [ 196.089706][ T7479] ? __fget_files+0x2a/0x420 [ 196.089732][ T7479] ? __fget_files+0x3a0/0x420 [ 196.089769][ T7479] __x64_sys_sendmsg+0x19b/0x260 [ 196.089791][ T7479] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 196.089820][ T7479] ? __pfx_ksys_write+0x10/0x10 [ 196.089850][ T7479] ? rcu_is_watching+0x15/0xb0 [ 196.089894][ T7479] ? do_syscall_64+0xbe/0x3b0 [ 196.089925][ T7479] do_syscall_64+0xfa/0x3b0 [ 196.089950][ T7479] ? lockdep_hardirqs_on+0x9c/0x150 [ 196.089975][ T7479] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.089994][ T7479] ? clear_bhb_loop+0x60/0xb0 [ 196.090019][ T7479] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.090038][ T7479] RIP: 0033:0x7fd822b8e929 [ 196.090055][ T7479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.090071][ T7479] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 196.090110][ T7479] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 196.090123][ T7479] RDX: 0000000004040080 RSI: 0000200000000280 RDI: 0000000000000003 [ 196.090136][ T7479] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 196.090147][ T7479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 196.090159][ T7479] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 196.090188][ T7479] [ 196.953379][ T7443] Set syz1 is full, maxelem 65536 reached [ 198.417807][ T7506] input: syz1 as /devices/virtual/input/input9 [ 198.562916][ T7511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.568'. [ 198.578322][ T7511] Set syz1 is full, maxelem 65536 reached [ 198.611818][ T5935] usb 2-1: new high-speed USB device number 11 using dummy_hcd [ 198.782128][ T5935] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 198.794236][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 198.808611][ T5935] usb 2-1: config 0 descriptor?? [ 199.003380][ T7525] FAULT_INJECTION: forcing a failure. [ 199.003380][ T7525] name failslab, interval 1, probability 0, space 0, times 0 [ 199.031811][ T7525] CPU: 0 UID: 0 PID: 7525 Comm: syz.0.572 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 199.031840][ T7525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 199.031851][ T7525] Call Trace: [ 199.031859][ T7525] [ 199.031867][ T7525] dump_stack_lvl+0x189/0x250 [ 199.031895][ T7525] ? __pfx____ratelimit+0x10/0x10 [ 199.031921][ T7525] ? __pfx_dump_stack_lvl+0x10/0x10 [ 199.031942][ T7525] ? __pfx__printk+0x10/0x10 [ 199.031970][ T7525] ? __pfx___might_resched+0x10/0x10 [ 199.031989][ T7525] ? fs_reclaim_acquire+0x7d/0x100 [ 199.032019][ T7525] should_fail_ex+0x414/0x560 [ 199.032055][ T7525] should_failslab+0xa8/0x100 [ 199.032080][ T7525] __kmalloc_noprof+0xcb/0x4f0 [ 199.032118][ T7525] ? kfree+0x4d/0x440 [ 199.032135][ T7525] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 199.032164][ T7525] tomoyo_realpath_from_path+0xe3/0x5d0 [ 199.032190][ T7525] ? tomoyo_domain+0xd9/0x130 [ 199.032220][ T7525] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 199.032252][ T7525] tomoyo_path_number_perm+0x1e8/0x5a0 [ 199.032286][ T7525] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 199.032335][ T7525] ? __lock_acquire+0xab9/0xd20 [ 199.032387][ T7525] ? __fget_files+0x2a/0x420 [ 199.032417][ T7525] ? __fget_files+0x2a/0x420 [ 199.032443][ T7525] ? __fget_files+0x3a0/0x420 [ 199.032469][ T7525] ? __fget_files+0x2a/0x420 [ 199.032501][ T7525] security_file_ioctl+0xcb/0x2d0 [ 199.032534][ T7525] __se_sys_ioctl+0x47/0x170 [ 199.032558][ T7525] do_syscall_64+0xfa/0x3b0 [ 199.032584][ T7525] ? lockdep_hardirqs_on+0x9c/0x150 [ 199.032609][ T7525] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.032629][ T7525] ? clear_bhb_loop+0x60/0xb0 [ 199.032653][ T7525] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.032680][ T7525] RIP: 0033:0x7f4a9f98e929 [ 199.032698][ T7525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.032715][ T7525] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 199.032736][ T7525] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929 [ 199.032751][ T7525] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003 [ 199.032763][ T7525] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000 [ 199.032775][ T7525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.032791][ T7525] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868 [ 199.032822][ T7525] [ 199.033919][ T7525] ERROR: Out of memory at tomoyo_realpath_from_path. [ 199.700111][ T5935] gspca_main: spca508-2.14.0 probing 8086:0110 [ 199.929773][ T5935] gspca_spca508: reg_read err -32 [ 199.944778][ T5935] gspca_spca508: reg_read err -32 [ 199.988994][ T5935] gspca_spca508: reg_read err -32 [ 200.021508][ T5935] gspca_spca508: reg_read err -32 [ 200.040136][ T5935] gspca_spca508: reg_read err -32 [ 200.045897][ T5935] gspca_spca508: reg write: error -71 [ 200.053068][ T5935] spca508 2-1:0.0: probe with driver spca508 failed with error -71 [ 200.091886][ T5935] usb 2-1: USB disconnect, device number 11 [ 200.304712][ T7534] netlink: 8 bytes leftover after parsing attributes in process `syz.0.577'. [ 200.332743][ T7534] Set syz1 is full, maxelem 65536 reached [ 200.983746][ T7543] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 201.036323][ T7543] vxfs: WRONG superblock magic 00000000 at 1 [ 201.058649][ T7543] vxfs: WRONG superblock magic 00000000 at 8 [ 201.087033][ T7543] vxfs: can't find superblock. [ 201.196247][ T7555] hfs: can't find a HFS filesystem on dev rnullb0 [ 201.516812][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.1.586'. [ 202.428308][ T5882] usb 1-1: new high-speed USB device number 18 using dummy_hcd [ 202.600325][ T5882] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 202.609739][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 202.622654][ T5882] usb 1-1: config 0 descriptor?? [ 202.638091][ T5882] gspca_main: spca508-2.14.0 probing 8086:0110 [ 202.656703][ T7564] Set syz1 is full, maxelem 65536 reached [ 202.839852][ T5882] gspca_spca508: reg_read err -32 [ 202.856696][ T5882] gspca_spca508: reg_read err -32 [ 202.863643][ T5882] gspca_spca508: reg_read err -32 [ 202.870101][ T5882] gspca_spca508: reg_read err -32 [ 202.881004][ T5882] gspca_spca508: reg_read err -32 [ 202.889075][ T5882] gspca_spca508: reg write: error -71 [ 202.907749][ T5882] spca508 1-1:0.0: probe with driver spca508 failed with error -71 [ 202.950632][ T5882] usb 1-1: USB disconnect, device number 18 [ 203.106909][ T7584] fuse: Unknown parameter 'grou00000000000000000000' [ 203.328926][ T7591] FAULT_INJECTION: forcing a failure. [ 203.328926][ T7591] name failslab, interval 1, probability 0, space 0, times 0 [ 203.345562][ T7591] CPU: 0 UID: 0 PID: 7591 Comm: syz.3.596 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 203.345591][ T7591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 203.345602][ T7591] Call Trace: [ 203.345610][ T7591] [ 203.345618][ T7591] dump_stack_lvl+0x189/0x250 [ 203.345655][ T7591] ? __pfx____ratelimit+0x10/0x10 [ 203.345682][ T7591] ? __pfx_dump_stack_lvl+0x10/0x10 [ 203.345705][ T7591] ? __pfx__printk+0x10/0x10 [ 203.345734][ T7591] ? __pfx___might_resched+0x10/0x10 [ 203.345753][ T7591] ? fs_reclaim_acquire+0x7d/0x100 [ 203.345784][ T7591] should_fail_ex+0x414/0x560 [ 203.345822][ T7591] should_failslab+0xa8/0x100 [ 203.345848][ T7591] __kmalloc_noprof+0xcb/0x4f0 [ 203.345869][ T7591] ? kfree+0x4d/0x440 [ 203.345886][ T7591] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 203.345914][ T7591] tomoyo_realpath_from_path+0xe3/0x5d0 [ 203.345951][ T7591] ? tomoyo_domain+0xd9/0x130 [ 203.345979][ T7591] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 203.346020][ T7591] tomoyo_path_number_perm+0x1e8/0x5a0 [ 203.346050][ T7591] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 203.346094][ T7591] ? __lock_acquire+0xab9/0xd20 [ 203.346157][ T7591] ? __fget_files+0x2a/0x420 [ 203.346187][ T7591] ? __fget_files+0x2a/0x420 [ 203.346211][ T7591] ? __fget_files+0x3a0/0x420 [ 203.346235][ T7591] ? __fget_files+0x2a/0x420 [ 203.346265][ T7591] security_file_ioctl+0xcb/0x2d0 [ 203.346296][ T7591] __se_sys_ioctl+0x47/0x170 [ 203.346319][ T7591] do_syscall_64+0xfa/0x3b0 [ 203.346344][ T7591] ? lockdep_hardirqs_on+0x9c/0x150 [ 203.346368][ T7591] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.346387][ T7591] ? clear_bhb_loop+0x60/0xb0 [ 203.346411][ T7591] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 203.346428][ T7591] RIP: 0033:0x7fcb7ab8e929 [ 203.346444][ T7591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 203.346460][ T7591] RSP: 002b:00007fcb7b970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 203.346481][ T7591] RAX: ffffffffffffffda RBX: 00007fcb7adb5fa0 RCX: 00007fcb7ab8e929 [ 203.346495][ T7591] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 203.346506][ T7591] RBP: 00007fcb7b970090 R08: 0000000000000000 R09: 0000000000000000 [ 203.346518][ T7591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 203.346528][ T7591] R13: 0000000000000000 R14: 00007fcb7adb5fa0 R15: 00007ffd168a2248 [ 203.346559][ T7591] [ 203.346930][ T7591] ERROR: Out of memory at tomoyo_realpath_from_path. [ 203.625073][ T7597] netlink: 8 bytes leftover after parsing attributes in process `syz.0.598'. [ 203.635243][ T7597] Set syz1 is full, maxelem 65536 reached [ 203.932530][ T7609] fuse: Unknown parameter 'grou00000000000000000000' [ 204.361814][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'. [ 204.372392][ T7619] Set syz1 is full, maxelem 65536 reached [ 204.396847][ T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd [ 204.434200][ T7621] FAULT_INJECTION: forcing a failure. [ 204.434200][ T7621] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 204.448863][ T7621] CPU: 1 UID: 0 PID: 7621 Comm: syz.3.608 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 204.448891][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 204.448902][ T7621] Call Trace: [ 204.448910][ T7621] [ 204.448918][ T7621] dump_stack_lvl+0x189/0x250 [ 204.448945][ T7621] ? __pfx____ratelimit+0x10/0x10 [ 204.448972][ T7621] ? __pfx_dump_stack_lvl+0x10/0x10 [ 204.448994][ T7621] ? __pfx__printk+0x10/0x10 [ 204.449016][ T7621] ? __might_fault+0xb0/0x130 [ 204.449050][ T7621] should_fail_ex+0x414/0x560 [ 204.449088][ T7621] _copy_from_user+0x2d/0xb0 [ 204.449109][ T7621] ___sys_sendmsg+0x158/0x2a0 [ 204.449132][ T7621] ? __pfx____sys_sendmsg+0x10/0x10 [ 204.449189][ T7621] ? __fget_files+0x2a/0x420 [ 204.449215][ T7621] ? __fget_files+0x3a0/0x420 [ 204.449253][ T7621] __x64_sys_sendmsg+0x19b/0x260 [ 204.449276][ T7621] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 204.449306][ T7621] ? __pfx_ksys_write+0x10/0x10 [ 204.449336][ T7621] ? do_syscall_64+0xbe/0x3b0 [ 204.449367][ T7621] do_syscall_64+0xfa/0x3b0 [ 204.449392][ T7621] ? lockdep_hardirqs_on+0x9c/0x150 [ 204.449416][ T7621] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.449441][ T7621] ? clear_bhb_loop+0x60/0xb0 [ 204.449465][ T7621] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.449484][ T7621] RIP: 0033:0x7fcb7ab8e929 [ 204.449501][ T7621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.449517][ T7621] RSP: 002b:00007fcb7b970038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 204.449547][ T7621] RAX: ffffffffffffffda RBX: 00007fcb7adb5fa0 RCX: 00007fcb7ab8e929 [ 204.449561][ T7621] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003 [ 204.449573][ T7621] RBP: 00007fcb7b970090 R08: 0000000000000000 R09: 0000000000000000 [ 204.449586][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.449597][ T7621] R13: 0000000000000000 R14: 00007fcb7adb5fa0 R15: 00007ffd168a2248 [ 204.449628][ T7621] [ 204.556904][ T5882] usb 2-1: new high-speed USB device number 12 using dummy_hcd [ 204.703094][ T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 204.716783][ T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 204.728047][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 204.737356][ T9] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 204.745965][ T9] usb 1-1: Manufacturer: syz [ 204.752853][ T9] usb 1-1: config 0 descriptor?? [ 204.898500][ T5882] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 204.907848][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 204.925590][ T5882] usb 2-1: config 0 descriptor?? [ 204.938502][ T5882] gspca_main: spca508-2.14.0 probing 8086:0110 [ 205.068860][ T7631] fuse: Unknown parameter 'grou00000000000000000000' [ 205.106683][ T7633] syzkaller1: entered promiscuous mode [ 205.114056][ T7633] syzkaller1: entered allmulticast mode [ 205.144649][ T5882] gspca_spca508: reg_read err -32 [ 205.154031][ T5882] gspca_spca508: reg_read err -32 [ 205.161663][ T5882] gspca_spca508: reg_read err -32 [ 205.169250][ T5882] gspca_spca508: reg_read err -32 [ 205.175038][ T5882] gspca_spca508: reg_read err -32 [ 205.180502][ C0] raw-gadget.1 gadget.1: ignoring, device is not running [ 205.187877][ T5882] gspca_spca508: reg write: error -32 [ 205.193345][ T5882] spca508 2-1:0.0: probe with driver spca508 failed with error -32 [ 205.214039][ T5882] usb 2-1: USB disconnect, device number 12 [ 205.364610][ T7642] netlink: 8 bytes leftover after parsing attributes in process `syz.2.616'. [ 205.375292][ T7642] Set syz1 is full, maxelem 65536 reached [ 205.552999][ T7650] MTD: Attempt to mount non-MTD device "/dev/rnullb0" [ 205.566302][ T7650] VFS: Can't find a romfs filesystem on dev rnullb0. [ 205.566302][ T7650] [ 205.724730][ T7657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.622'. [ 205.737182][ T7657] Set syz1 is full, maxelem 65536 reached [ 205.834624][ T7659] fuse: Unknown parameter 'group_i00000000000000000000' [ 205.900639][ T7661] syzkaller1: entered promiscuous mode [ 205.906612][ T7661] syzkaller1: entered allmulticast mode [ 206.092186][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.625'. [ 207.183441][ T9] usb 1-1: USB disconnect, device number 19 [ 207.575883][ T7687] fuse: Unknown parameter 'group_i00000000000000000000' [ 207.698133][ T7689] syzkaller1: entered promiscuous mode [ 207.703812][ T7689] syzkaller1: entered allmulticast mode [ 207.729151][ T43] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 207.848274][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.635'. [ 207.859352][ T7691] Set syz1 is full, maxelem 65536 reached [ 207.890240][ T43] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 207.911436][ T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 207.943804][ T43] usb 4-1: config 0 descriptor?? [ 207.964425][ T43] gspca_main: spca508-2.14.0 probing 8086:0110 [ 208.121865][ T5935] usb 2-1: new low-speed USB device number 13 using dummy_hcd [ 208.193788][ T43] gspca_spca508: reg_read err -32 [ 208.202126][ T43] gspca_spca508: reg_read err -32 [ 208.210315][ T43] gspca_spca508: reg_read err -32 [ 208.218310][ T43] gspca_spca508: reg_read err -32 [ 208.225021][ T43] gspca_spca508: reg_read err -32 [ 208.243211][ T43] gspca_spca508: reg write: error -71 [ 208.254846][ T43] spca508 4-1:0.0: probe with driver spca508 failed with error -71 [ 208.272961][ T43] usb 4-1: USB disconnect, device number 26 [ 208.289731][ T5935] usb 2-1: Invalid ep0 maxpacket: 16 [ 208.453764][ T5935] usb 2-1: new low-speed USB device number 14 using dummy_hcd [ 208.614607][ T5935] usb 2-1: Invalid ep0 maxpacket: 16 [ 208.620442][ T5935] usb usb2-port1: attempt power cycle [ 208.704561][ T5868] usb 3-1: new high-speed USB device number 19 using dummy_hcd [ 208.871863][ T5868] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 208.887753][ T5868] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 208.902615][ T5868] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 208.922002][ T5868] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 208.931860][ T5868] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 208.952303][ T5868] usb 3-1: Manufacturer: syz [ 208.968600][ T5868] usb 3-1: config 0 descriptor?? [ 208.975660][ T5935] usb 2-1: new low-speed USB device number 15 using dummy_hcd [ 209.011755][ T5868] usbhid 3-1:0.0: couldn't find an input interrupt endpoint [ 209.044718][ T5935] usb 2-1: Invalid ep0 maxpacket: 16 [ 209.204582][ T5935] usb 2-1: new low-speed USB device number 16 using dummy_hcd [ 209.425194][ T5935] usb 2-1: Invalid ep0 maxpacket: 16 [ 209.431098][ T5935] usb usb2-port1: unable to enumerate USB device [ 210.270110][ T7716] fuse: Unknown parameter 'group_i00000000000000000000' [ 210.415784][ T7718] syzkaller1: entered promiscuous mode [ 210.421340][ T7718] syzkaller1: entered allmulticast mode [ 211.567454][ T9] usb 3-1: USB disconnect, device number 19 [ 211.846075][ T5156] Bluetooth: hci1: command 0x0406 tx timeout [ 211.852221][ T5156] Bluetooth: hci0: command 0x0406 tx timeout [ 211.858335][ T5156] Bluetooth: hci3: command 0x0406 tx timeout [ 211.864481][ T5156] Bluetooth: hci2: command 0x0406 tx timeout [ 212.477797][ T7749] FAULT_INJECTION: forcing a failure. [ 212.477797][ T7749] name failslab, interval 1, probability 0, space 0, times 0 [ 212.490688][ T7749] CPU: 0 UID: 0 PID: 7749 Comm: syz.2.654 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 212.490716][ T7749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 212.490734][ T7749] Call Trace: [ 212.490742][ T7749] [ 212.490750][ T7749] dump_stack_lvl+0x189/0x250 [ 212.490779][ T7749] ? __pfx____ratelimit+0x10/0x10 [ 212.490806][ T7749] ? __pfx_dump_stack_lvl+0x10/0x10 [ 212.490829][ T7749] ? __pfx__printk+0x10/0x10 [ 212.490859][ T7749] ? __pfx___might_resched+0x10/0x10 [ 212.490879][ T7749] ? fs_reclaim_acquire+0x7d/0x100 [ 212.490910][ T7749] should_fail_ex+0x414/0x560 [ 212.490953][ T7749] should_failslab+0xa8/0x100 [ 212.490980][ T7749] __kmalloc_noprof+0xcb/0x4f0 [ 212.491007][ T7749] ? kfree+0x4d/0x440 [ 212.491024][ T7749] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 212.491054][ T7749] tomoyo_realpath_from_path+0xe3/0x5d0 [ 212.491080][ T7749] ? tomoyo_domain+0xd9/0x130 [ 212.491115][ T7749] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 212.491147][ T7749] tomoyo_path_number_perm+0x1e8/0x5a0 [ 212.491181][ T7749] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 212.491242][ T7749] ? __lock_acquire+0xab9/0xd20 [ 212.491291][ T7749] ? __fget_files+0x2a/0x420 [ 212.491321][ T7749] ? __fget_files+0x2a/0x420 [ 212.491345][ T7749] ? __fget_files+0x3a0/0x420 [ 212.491370][ T7749] ? __fget_files+0x2a/0x420 [ 212.491400][ T7749] security_file_ioctl+0xcb/0x2d0 [ 212.491432][ T7749] __se_sys_ioctl+0x47/0x170 [ 212.491456][ T7749] do_syscall_64+0xfa/0x3b0 [ 212.491481][ T7749] ? lockdep_hardirqs_on+0x9c/0x150 [ 212.491506][ T7749] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.491524][ T7749] ? clear_bhb_loop+0x60/0xb0 [ 212.491548][ T7749] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 212.491567][ T7749] RIP: 0033:0x7fd822b8e929 [ 212.491584][ T7749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 212.491600][ T7749] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 212.491621][ T7749] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 212.491636][ T7749] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 212.491647][ T7749] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 212.491659][ T7749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 212.491670][ T7749] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 212.491700][ T7749] [ 212.491709][ T7749] ERROR: Out of memory at tomoyo_realpath_from_path. [ 212.513718][ T5935] usb 2-1: new high-speed USB device number 17 using dummy_hcd [ 212.833245][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8 [ 212.843265][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 212.858140][ T5935] usb 2-1: can't read configurations, error -61 [ 213.012475][ T5935] usb 2-1: new high-speed USB device number 18 using dummy_hcd [ 213.179361][ T7755] fuse: Unknown parameter 'group_id00000000000000000000' [ 213.192405][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8 [ 213.204360][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 213.211964][ T5935] usb 2-1: can't read configurations, error -61 [ 213.229331][ T5935] usb usb2-port1: attempt power cycle [ 213.582179][ T5868] usb 1-1: new high-speed USB device number 20 using dummy_hcd [ 213.592486][ T5935] usb 2-1: new high-speed USB device number 19 using dummy_hcd [ 213.634740][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8 [ 213.645154][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 213.752229][ T5836] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 213.915793][ T5836] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 213.927955][ T5836] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 213.941070][ T5836] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 213.959549][ T5836] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 213.969145][ T5836] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 213.980870][ T5836] usb 4-1: Manufacturer: syz [ 214.005309][ T5836] usb 4-1: config 0 descriptor?? [ 214.026388][ T5836] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 214.604284][ T5935] usb 2-1: can't read configurations, error -61 [ 214.685272][ T5868] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad [ 214.694564][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 214.716213][ T5868] usb 1-1: config 0 descriptor?? [ 214.725900][ T5868] gspca_main: spca508-2.14.0 probing 8086:0110 [ 214.741767][ T5935] usb 2-1: new high-speed USB device number 20 using dummy_hcd [ 214.775740][ T7780] FAULT_INJECTION: forcing a failure. [ 214.775740][ T7780] name failslab, interval 1, probability 0, space 0, times 0 [ 214.792779][ T7780] CPU: 0 UID: 0 PID: 7780 Comm: syz.2.663 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 214.792806][ T7780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 214.792817][ T7780] Call Trace: [ 214.792825][ T7780] [ 214.792833][ T7780] dump_stack_lvl+0x189/0x250 [ 214.792865][ T7780] ? __pfx____ratelimit+0x10/0x10 [ 214.792892][ T7780] ? __pfx_dump_stack_lvl+0x10/0x10 [ 214.792914][ T7780] ? __pfx__printk+0x10/0x10 [ 214.792942][ T7780] ? __pfx___might_resched+0x10/0x10 [ 214.792961][ T7780] ? fs_reclaim_acquire+0x7d/0x100 [ 214.792992][ T7780] should_fail_ex+0x414/0x560 [ 214.793028][ T7780] should_failslab+0xa8/0x100 [ 214.793053][ T7780] __kmalloc_noprof+0xcb/0x4f0 [ 214.793073][ T7780] ? kfree+0x4d/0x440 [ 214.793089][ T7780] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 214.793118][ T7780] tomoyo_realpath_from_path+0xe3/0x5d0 [ 214.793143][ T7780] ? tomoyo_domain+0xd9/0x130 [ 214.793172][ T7780] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 214.793204][ T7780] tomoyo_path_number_perm+0x1e8/0x5a0 [ 214.793238][ T7780] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 214.793287][ T7780] ? __lock_acquire+0xab9/0xd20 [ 214.793338][ T7780] ? __fget_files+0x2a/0x420 [ 214.793387][ T7780] ? __fget_files+0x2a/0x420 [ 214.793413][ T7780] ? __fget_files+0x3a0/0x420 [ 214.793438][ T7780] ? __fget_files+0x2a/0x420 [ 214.793471][ T7780] security_file_ioctl+0xcb/0x2d0 [ 214.793504][ T7780] __se_sys_ioctl+0x47/0x170 [ 214.793529][ T7780] do_syscall_64+0xfa/0x3b0 [ 214.793555][ T7780] ? lockdep_hardirqs_on+0x9c/0x150 [ 214.793580][ T7780] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.793600][ T7780] ? clear_bhb_loop+0x60/0xb0 [ 214.793625][ T7780] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 214.793645][ T7780] RIP: 0033:0x7fd822b8e929 [ 214.793663][ T7780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 214.793679][ T7780] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 214.793701][ T7780] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 214.793716][ T7780] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003 [ 214.793729][ T7780] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 214.793741][ T7780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 214.793753][ T7780] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 214.793785][ T7780] [ 214.793793][ T7780] ERROR: Out of memory at tomoyo_realpath_from_path. [ 215.043945][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8 [ 215.060947][ T5868] gspca_spca508: reg_read err -32 [ 215.070368][ T5868] gspca_spca508: reg_read err -32 [ 215.076294][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 215.084530][ T5868] gspca_spca508: reg_read err -32 [ 215.089742][ T5935] usb 2-1: can't read configurations, error -61 [ 215.096731][ T5868] gspca_spca508: reg_read err -32 [ 215.102070][ T5935] usb usb2-port1: unable to enumerate USB device [ 215.109323][ T5868] gspca_spca508: reg_read err -32 [ 215.115962][ T5868] gspca_spca508: reg write: error -71 [ 215.121815][ T5868] spca508 1-1:0.0: probe with driver spca508 failed with error -71 [ 215.145555][ T5868] usb 1-1: USB disconnect, device number 20 [ 215.376248][ T7785] fuse: Unknown parameter 'group_id00000000000000000000' [ 215.879851][ T7803] syzkaller1: entered promiscuous mode [ 215.885570][ T7803] syzkaller1: entered allmulticast mode [ 216.212225][ T7809] fuse: Unknown parameter 'group_id00000000000000000000' [ 216.383153][ T5935] usb 1-1: new high-speed USB device number 21 using dummy_hcd [ 216.533606][ T5935] usb 1-1: device descriptor read/64, error -71 [ 216.534748][ T5882] usb 4-1: USB disconnect, device number 27 [ 216.783446][ T5935] usb 1-1: new high-speed USB device number 22 using dummy_hcd [ 216.931361][ T5935] usb 1-1: device descriptor read/64, error -71 [ 216.984318][ T7828] syzkaller1: entered promiscuous mode [ 216.990025][ T7828] syzkaller1: entered allmulticast mode [ 217.046869][ T5935] usb usb1-port1: attempt power cycle [ 217.391893][ T5935] usb 1-1: new high-speed USB device number 23 using dummy_hcd [ 217.443543][ T5935] usb 1-1: device descriptor read/8, error -71 [ 217.500350][ T5868] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 217.662291][ T5868] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 217.680154][ T5868] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 217.723510][ T5935] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 217.733202][ T5868] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 217.761763][ T5868] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 217.780090][ T5868] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 217.788497][ T5868] usb 4-1: Manufacturer: syz [ 217.793340][ T5935] usb 1-1: device descriptor read/8, error -71 [ 217.812891][ T5868] usb 4-1: config 0 descriptor?? [ 217.821623][ T5868] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 217.838074][ T7845] FAULT_INJECTION: forcing a failure. [ 217.838074][ T7845] name failslab, interval 1, probability 0, space 0, times 0 [ 217.851762][ T7845] CPU: 1 UID: 0 PID: 7845 Comm: syz.1.686 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 217.851788][ T7845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 217.851799][ T7845] Call Trace: [ 217.851807][ T7845] [ 217.851815][ T7845] dump_stack_lvl+0x189/0x250 [ 217.851842][ T7845] ? __pfx____ratelimit+0x10/0x10 [ 217.851868][ T7845] ? __pfx_dump_stack_lvl+0x10/0x10 [ 217.851890][ T7845] ? __pfx__printk+0x10/0x10 [ 217.851923][ T7845] ? __pfx___might_resched+0x10/0x10 [ 217.851942][ T7845] ? fs_reclaim_acquire+0x7d/0x100 [ 217.851971][ T7845] should_fail_ex+0x414/0x560 [ 217.852026][ T7845] should_failslab+0xa8/0x100 [ 217.852051][ T7845] __kmalloc_noprof+0xcb/0x4f0 [ 217.852072][ T7845] ? kfree+0x4d/0x440 [ 217.852089][ T7845] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 217.852119][ T7845] tomoyo_realpath_from_path+0xe3/0x5d0 [ 217.852145][ T7845] ? tomoyo_domain+0xd9/0x130 [ 217.852176][ T7845] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 217.852206][ T7845] tomoyo_path_number_perm+0x1e8/0x5a0 [ 217.852239][ T7845] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 217.852289][ T7845] ? __lock_acquire+0xab9/0xd20 [ 217.852340][ T7845] ? __fget_files+0x2a/0x420 [ 217.852372][ T7845] ? __fget_files+0x2a/0x420 [ 217.852408][ T7845] ? __fget_files+0x3a0/0x420 [ 217.852433][ T7845] ? __fget_files+0x2a/0x420 [ 217.852465][ T7845] security_file_ioctl+0xcb/0x2d0 [ 217.852496][ T7845] __se_sys_ioctl+0x47/0x170 [ 217.852521][ T7845] do_syscall_64+0xfa/0x3b0 [ 217.852547][ T7845] ? lockdep_hardirqs_on+0x9c/0x150 [ 217.852572][ T7845] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.852592][ T7845] ? clear_bhb_loop+0x60/0xb0 [ 217.852616][ T7845] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 217.852636][ T7845] RIP: 0033:0x7f94e938e929 [ 217.852653][ T7845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 217.852670][ T7845] RSP: 002b:00007f94ea277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 217.852690][ T7845] RAX: ffffffffffffffda RBX: 00007f94e95b5fa0 RCX: 00007f94e938e929 [ 217.852705][ T7845] RDX: 0000200000000080 RSI: 0000000040187542 RDI: 0000000000000003 [ 217.852718][ T7845] RBP: 00007f94ea277090 R08: 0000000000000000 R09: 0000000000000000 [ 217.852730][ T7845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 217.852741][ T7845] R13: 0000000000000000 R14: 00007f94e95b5fa0 R15: 00007ffc26fec448 [ 217.852773][ T7845] [ 217.852781][ T7845] ERROR: Out of memory at tomoyo_realpath_from_path. [ 218.107124][ T5935] usb usb1-port1: unable to enumerate USB device [ 218.592888][ T7859] syzkaller1: entered promiscuous mode [ 218.601536][ T7859] syzkaller1: entered allmulticast mode [ 218.634551][ T7857] netlink: 104 bytes leftover after parsing attributes in process `syz.2.690'. [ 218.766636][ T7864] /dev/rnullb0: Can't open blockdev                                 syzkaller syzkaller login: [ 220.646972][ T7894] FAULT_INJECTION: forcing a failure. [ 220.646972][ T7894] name failslab, interval 1, probability 0, space 0, times 0 [ 220.691068][ T7899] syzkaller1: entered promiscuous mode [ 220.700454][ T7894] CPU: 1 UID: 0 PID: 7894 Comm: syz.0.703 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 220.700482][ T7894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 220.700494][ T7894] Call Trace: [ 220.700502][ T7894] [ 220.700511][ T7894] dump_stack_lvl+0x189/0x250 [ 220.700538][ T7894] ? __pfx____ratelimit+0x10/0x10 [ 220.700565][ T7894] ? __pfx_dump_stack_lvl+0x10/0x10 [ 220.700588][ T7894] ? __pfx__printk+0x10/0x10 [ 220.700616][ T7894] ? __pfx___might_resched+0x10/0x10 [ 220.700635][ T7894] ? fs_reclaim_acquire+0x7d/0x100 [ 220.700667][ T7894] should_fail_ex+0x414/0x560 [ 220.700708][ T7894] should_failslab+0xa8/0x100 [ 220.700734][ T7894] kmem_cache_alloc_noprof+0x73/0x3c0 [ 220.700756][ T7894] ? getname_flags+0xb8/0x540 [ 220.700789][ T7894] getname_flags+0xb8/0x540 [ 220.700822][ T7894] do_sys_openat2+0xbc/0x1c0 [ 220.700844][ T7894] ? __pfx_do_sys_openat2+0x10/0x10 [ 220.700864][ T7894] ? ksys_write+0x22a/0x250 [ 220.700890][ T7894] ? __pfx_ksys_write+0x10/0x10 [ 220.700910][ T7894] ? rcu_is_watching+0x15/0xb0 [ 220.700934][ T7894] __x64_sys_openat+0x138/0x170 [ 220.700959][ T7894] do_syscall_64+0xfa/0x3b0 [ 220.700984][ T7894] ? lockdep_hardirqs_on+0x9c/0x150 [ 220.701008][ T7894] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.701027][ T7894] ? clear_bhb_loop+0x60/0xb0 [ 220.701051][ T7894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.701070][ T7894] RIP: 0033:0x7f4a9f98e929 [ 220.701088][ T7894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.701104][ T7894] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 220.701125][ T7894] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929 [ 220.701140][ T7894] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c [ 220.701153][ T7894] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000 [ 220.701165][ T7894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 220.701176][ T7894] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868 [ 220.701213][ T7894] [ 220.930843][ T7899] syzkaller1: entered allmulticast mode [ 221.297935][ T7911] fuse: Bad value for 'fd' [ 221.409376][ T7916] input: syz0 as /devices/virtual/input/input10 [ 221.579655][ T5935] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 221.739946][ T5935] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 221.750588][ T5935] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 221.767281][ T5935] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 221.939714][ T5935] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 221.949757][ T5935] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 221.958176][ T5935] usb 4-1: Manufacturer: syz [ 221.974944][ T5935] usb 4-1: config 0 descriptor?? [ 221.989786][ T5935] usbhid 4-1:0.0: couldn't find an input interrupt endpoint [ 222.061131][ T7923] /dev/rnullb0: Can't open blockdev [ 222.575564][ T7930] syzkaller1: entered promiscuous mode [ 222.600226][ T7930] syzkaller1: entered allmulticast mode [ 223.017175][ T7944] fuse: Bad value for 'fd' [ 223.299481][ T7954] vxfs: WRONG superblock magic 00000000 at 1 [ 223.316740][ T7954] vxfs: WRONG superblock magic 00000000 at 8 [ 223.324035][ T7954] vxfs: can't find superblock. [ 223.403751][ T7959] netlink: 'syz.1.724': attribute type 39 has an invalid length. [ 223.494763][ T7961] syzkaller1: entered promiscuous mode [ 223.500449][ T7961] syzkaller1: entered allmulticast mode [ 223.782274][ T7969] netlink: 60 bytes leftover after parsing attributes in process `syz.0.728'. [ 223.787401][ T7968] fuse: Bad value for 'fd' [ 223.793423][ T7969] netlink: 60 bytes leftover after parsing attributes in process `syz.0.728'. [ 223.806411][ T7969] netlink: 60 bytes leftover after parsing attributes in process `syz.0.728'. [ 223.820091][ T7969] binder: 7967:7969 ioctl c0306201 200000000380 returned -14 [ 224.050760][ T7975] vxfs: WRONG superblock magic 00000000 at 1 [ 224.063591][ T7975] vxfs: WRONG superblock magic 00000000 at 8 [ 224.071246][ T7975] vxfs: can't find superblock. [ 224.178785][ T7980] syzkaller1: entered promiscuous mode [ 224.187645][ T7980] syzkaller1: entered allmulticast mode [ 224.308506][ T7984] loop8: detected capacity change from 0 to 7 [ 224.332182][ T7984] Dev loop8: unable to read RDB block 7 [ 224.350088][ T7984] loop8: unable to read partition table [ 224.356063][ T7984] loop8: partition table beyond EOD, truncated [ 224.373396][ T7984] loop_reread_partitions: partition scan of loop8 (被x^> ) failed (rc=-5) [ 224.379585][ T9] usb 4-1: USB disconnect, device number 29 [ 224.516841][ T7988] openvswitch: netlink: Key 0 has unexpected len 20 expected 0 [ 224.733355][ T8001] syzkaller1: entered promiscuous mode [ 224.747614][ T8001] syzkaller1: entered allmulticast mode [ 224.803486][ T8004] /dev/rnullb0: Can't open blockdev [ 224.923405][ T8008] syzkaller1: entered promiscuous mode [ 224.932582][ T8008] syzkaller1: entered allmulticast mode [ 225.065179][ T30] audit: type=1326 audit(1768330317.351:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4a9f98e929 code=0x0 [ 225.086742][ C0] vkms_vblank_simulate: vblank timer overrun [ 225.177217][ T8012] netlink: 'syz.0.746': attribute type 11 has an invalid length. [ 225.223942][ T8014] netlink: 'syz.3.747': attribute type 27 has an invalid length. [ 225.271183][ T8014] bridge0: port 2(bridge_slave_1) entered disabled state [ 225.279978][ T8014] bridge0: port 1(bridge_slave_0) entered disabled state [ 225.366947][ T8014] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 225.381554][ T8014] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 225.572804][ T61] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.592385][ T61] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.625784][ T61] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.639807][ T61] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 225.740809][ T8022] fuse: Bad value for 'fd' [ 225.803503][ T8024] vxfs: WRONG superblock magic 00000000 at 1 [ 225.824736][ T8024] vxfs: WRONG superblock magic 00000000 at 8 [ 225.847939][ T8024] vxfs: can't find superblock. [ 225.861594][ T8027] tipc: Started in network mode [ 225.870700][ T8027] tipc: Node identity ac14140c, cluster identity 4711 [ 225.881951][ T8027] tipc: New replicast peer: 255.255.255.255 [ 225.891208][ T8027] tipc: Enabled bearer , priority 10 [ 225.939709][ T8028] syzkaller1: entered promiscuous mode [ 225.945261][ T8028] syzkaller1: entered allmulticast mode [ 226.043184][ T8031] syzkaller1: entered promiscuous mode [ 226.051837][ T8031] syzkaller1: entered allmulticast mode [ 226.122983][ T8037] netlink: 'syz.2.758': attribute type 3 has an invalid length. [ 226.134831][ T8037] netlink: 132 bytes leftover after parsing attributes in process `syz.2.758'. [ 226.167544][ T8037] /dev/rnullb0: Can't open blockdev [ 226.818268][ T8048] fuse: Bad value for 'fd' [ 226.918070][ T8050] /dev/rnullb0: Can't open blockdev [ 227.016829][ T5934] tipc: Node number set to 2886997004 [ 227.136353][ T8051] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 227.278569][ T8059] syzkaller1: entered promiscuous mode [ 227.284209][ T8059] syzkaller1: entered allmulticast mode [ 227.516592][ T8066] syzkaller1: entered promiscuous mode [ 227.522243][ T8066] syzkaller1: entered allmulticast mode [ 227.759539][ T8074] /dev/rnullb0: Can't open blockdev [ 227.923920][ T30] audit: type=1800 audit(1768330320.203:5): pid=8079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.775" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 228.275799][ T8088] tipc: Enabled bearer , priority 10 [ 228.310100][ T8092] syzkaller1: entered promiscuous mode [ 228.328177][ T8092] syzkaller1: entered allmulticast mode [ 228.377894][ T5868] usb 2-1: new full-speed USB device number 21 using dummy_hcd [ 228.554933][ T5868] usb 2-1: not running at top speed; connect to a high speed hub [ 228.555783][ T8097] tipc: Started in network mode [ 228.568370][ T8097] tipc: Node identity ac14140c, cluster identity 4711 [ 228.576074][ T8097] tipc: New replicast peer: 255.255.255.255 [ 228.576087][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8 [ 228.583608][ T8097] tipc: Enabled bearer , priority 10 [ 228.599558][ T8095] syzkaller1: entered promiscuous mode [ 228.606571][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 228.609359][ T8095] syzkaller1: entered allmulticast mode [ 228.621355][ T5868] usb 2-1: can't read configurations, error -61 [ 228.764546][ T5868] usb 2-1: new full-speed USB device number 22 using dummy_hcd [ 228.849674][ T8103] FAULT_INJECTION: forcing a failure. [ 228.849674][ T8103] name failslab, interval 1, probability 0, space 0, times 0 [ 228.889751][ T8106] vxfs: WRONG superblock magic 00000000 at 1 [ 228.898339][ T8103] CPU: 1 UID: 0 PID: 8103 Comm: syz.2.783 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 228.898366][ T8103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 228.898378][ T8103] Call Trace: [ 228.898386][ T8103] [ 228.898394][ T8103] dump_stack_lvl+0x189/0x250 [ 228.898422][ T8103] ? __pfx____ratelimit+0x10/0x10 [ 228.898449][ T8103] ? __pfx_dump_stack_lvl+0x10/0x10 [ 228.898471][ T8103] ? __pfx__printk+0x10/0x10 [ 228.898499][ T8103] ? __pfx___might_resched+0x10/0x10 [ 228.898519][ T8103] ? fs_reclaim_acquire+0x7d/0x100 [ 228.898550][ T8103] should_fail_ex+0x414/0x560 [ 228.898587][ T8103] should_failslab+0xa8/0x100 [ 228.898612][ T8103] __kmalloc_noprof+0xcb/0x4f0 [ 228.898632][ T8103] ? kfree+0x4d/0x440 [ 228.898649][ T8103] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 228.898694][ T8103] tomoyo_realpath_from_path+0xe3/0x5d0 [ 228.898716][ T8103] ? tomoyo_domain+0xd9/0x130 [ 228.898745][ T8103] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 228.898777][ T8103] tomoyo_path_number_perm+0x1e8/0x5a0 [ 228.898811][ T8103] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 228.898861][ T8103] ? __lock_acquire+0xab9/0xd20 [ 228.898913][ T8103] ? __fget_files+0x2a/0x420 [ 228.898951][ T8103] ? __fget_files+0x2a/0x420 [ 228.898977][ T8103] ? __fget_files+0x3a0/0x420 [ 228.899003][ T8103] ? __fget_files+0x2a/0x420 [ 228.899035][ T8103] security_file_ioctl+0xcb/0x2d0 [ 228.899067][ T8103] __se_sys_ioctl+0x47/0x170 [ 228.899093][ T8103] do_syscall_64+0xfa/0x3b0 [ 228.899118][ T8103] ? lockdep_hardirqs_on+0x9c/0x150 [ 228.899143][ T8103] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.899163][ T8103] ? clear_bhb_loop+0x60/0xb0 [ 228.899187][ T8103] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 228.899206][ T8103] RIP: 0033:0x7fd822b8e929 [ 228.899224][ T8103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 228.899239][ T8103] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 228.899261][ T8103] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 228.899275][ T8103] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003 [ 228.899288][ T8103] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 228.899301][ T8103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 228.899312][ T8103] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 228.899345][ T8103] [ 228.899354][ T8103] ERROR: Out of memory at tomoyo_realpath_from_path. [ 228.925486][ T8106] vxfs: WRONG superblock magic 00000000 at 8 [ 228.925514][ T8106] vxfs: can't find superblock. [ 229.186203][ T5868] usb 2-1: not running at top speed; connect to a high speed hub [ 229.205163][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8 [ 229.238513][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 229.266133][ T5868] usb 2-1: can't read configurations, error -61 [ 229.283837][ T5868] usb usb2-port1: attempt power cycle [ 229.387310][ T8112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.786'. [ 229.476208][ T8115] hfs: can't find a HFS filesystem on dev rnullb0 [ 229.584323][ T5935] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 229.654484][ T5868] usb 2-1: new full-speed USB device number 23 using dummy_hcd [ 229.694388][ T5882] tipc: Node number set to 2886997004 [ 229.704236][ T5868] usb 2-1: not running at top speed; connect to a high speed hub [ 229.712066][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8 [ 229.722561][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 229.730904][ T5868] usb 2-1: can't read configurations, error -61 [ 229.764174][ T9] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 229.800710][ T5935] usb 1-1: config 4 has an invalid interface number: 85 but max is 1 [ 229.814451][ T5935] usb 1-1: config 4 has an invalid interface number: 95 but max is 1 [ 229.824797][ T5935] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping [ 229.836906][ T5935] usb 1-1: config 4 has no interface number 0 [ 229.843011][ T5935] usb 1-1: config 4 has no interface number 1 [ 229.849841][ T5935] usb 1-1: config 4 interface 85 altsetting 2 endpoint 0xB has invalid maxpacket 576, setting to 64 [ 229.862915][ T5935] usb 1-1: config 4 interface 85 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 8 [ 229.876076][ T5868] usb 2-1: new full-speed USB device number 24 using dummy_hcd [ 229.884306][ T5935] usb 1-1: config 4 interface 95 altsetting 1 endpoint 0x9 has invalid maxpacket 512, setting to 64 [ 229.895666][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 229.910198][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 229.922099][ T5935] usb 1-1: config 4 interface 95 altsetting 1 endpoint 0xC has invalid maxpacket 1024, setting to 64 [ 229.934459][ T5868] usb 2-1: not running at top speed; connect to a high speed hub [ 229.942241][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8 [ 229.950801][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has a duplicate endpoint with address 0x9, skipping [ 229.961706][ T9] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 229.963254][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has an invalid descriptor for endpoint zero, skipping [ 229.982555][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has a duplicate endpoint with address 0xD, skipping [ 229.987690][ T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 229.993437][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61 [ 230.014274][ T5868] usb 2-1: can't read configurations, error -61 [ 230.017085][ T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 230.020625][ T5935] usb 1-1: config 4 interface 85 has no altsetting 0 [ 230.030547][ T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.052297][ T9] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 230.054205][ T5868] usb usb2-port1: unable to enumerate USB device [ 230.062065][ T9] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 230.078731][ T5935] usb 1-1: config 4 interface 95 has no altsetting 0 [ 230.079209][ T9] usb 4-1: Product: syz [ 230.089976][ T9] usb 4-1: Manufacturer: syz [ 230.095287][ T5935] usb 1-1: New USB device found, idVendor=0403, idProduct=e0eb, bcdDevice=fc.5e [ 230.104962][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 230.111658][ T9] cdc_wdm 4-1:1.0: skipping garbage [ 230.112986][ T5935] usb 1-1: Product: syz [ 230.139118][ T9] cdc_wdm 4-1:1.0: skipping garbage [ 230.148487][ T5935] usb 1-1: Manufacturer: 큥籣៙푃ꇬよ⿋ጋ䥟疔蜾᧨긷癋怹빉•헍蕈奄㒗ꤢ뿦⟉懴槝噽ꗏኣᕬ棪뚞ು⯓검ᢥ諴ᩨ [ 230.164905][ T5935] usb 1-1: SerialNumber: syz [ 230.182459][ T9] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device [ 230.193004][ T9] cdc_wdm 4-1:1.0: Unknown control protocol [ 230.208140][ T8123] syzkaller1: entered promiscuous mode [ 230.214616][ T8123] syzkaller1: entered allmulticast mode [ 230.394197][ T9] usb 4-1: USB disconnect, device number 30 [ 230.640344][ T5935] ftdi_sio 1-1:4.85: FTDI USB Serial Device converter detected [ 230.653053][ T5935] ftdi_sio ttyUSB0: unknown device type: 0xfc5e [ 230.667441][ T5935] ftdi_sio 1-1:4.95: FTDI USB Serial Device converter detected [ 230.677390][ T5935] ftdi_sio ttyUSB1: unknown device type: 0xfc5e [ 230.695247][ T5935] usb 1-1: USB disconnect, device number 25 [ 230.703579][ T5935] ftdi_sio 1-1:4.85: device disconnected [ 230.716281][ T5935] ftdi_sio 1-1:4.95: device disconnected [ 230.962687][ T8128] vxfs: WRONG superblock magic 00000000 at 1 [ 230.969089][ T8128] vxfs: WRONG superblock magic 00000000 at 8 [ 230.975526][ T8128] vxfs: can't find superblock. [ 231.060452][ T8130] exFAT-fs (rnullb0): invalid boot record signature [ 231.068009][ T8130] exFAT-fs (rnullb0): failed to read boot sector [ 231.074598][ T8130] exFAT-fs (rnullb0): failed to recognize exfat type [ 231.381794][ T8136] FAULT_INJECTION: forcing a failure. [ 231.381794][ T8136] name failslab, interval 1, probability 0, space 0, times 0 [ 231.419746][ T8136] CPU: 0 UID: 0 PID: 8136 Comm: syz.2.797 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 231.419775][ T8136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 231.419787][ T8136] Call Trace: [ 231.419795][ T8136] [ 231.419804][ T8136] dump_stack_lvl+0x189/0x250 [ 231.419831][ T8136] ? __pfx____ratelimit+0x10/0x10 [ 231.419857][ T8136] ? __pfx_dump_stack_lvl+0x10/0x10 [ 231.419878][ T8136] ? __pfx__printk+0x10/0x10 [ 231.419923][ T8136] ? __pfx___might_resched+0x10/0x10 [ 231.419942][ T8136] ? fs_reclaim_acquire+0x7d/0x100 [ 231.419974][ T8136] should_fail_ex+0x414/0x560 [ 231.420011][ T8136] should_failslab+0xa8/0x100 [ 231.420038][ T8136] __kmalloc_noprof+0xcb/0x4f0 [ 231.420059][ T8136] ? kfree+0x4d/0x440 [ 231.420087][ T8136] ? tomoyo_realpath_from_path+0xe3/0x5d0 [ 231.420115][ T8136] tomoyo_realpath_from_path+0xe3/0x5d0 [ 231.420156][ T8136] ? tomoyo_domain+0xd9/0x130 [ 231.420186][ T8136] ? tomoyo_path_number_perm+0x1bc/0x5a0 [ 231.420217][ T8136] tomoyo_path_number_perm+0x1e8/0x5a0 [ 231.420251][ T8136] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 231.420300][ T8136] ? __lock_acquire+0xab9/0xd20 [ 231.420350][ T8136] ? __fget_files+0x2a/0x420 [ 231.420381][ T8136] ? __fget_files+0x2a/0x420 [ 231.420407][ T8136] ? __fget_files+0x3a0/0x420 [ 231.420433][ T8136] ? __fget_files+0x2a/0x420 [ 231.420464][ T8136] security_file_ioctl+0xcb/0x2d0 [ 231.420495][ T8136] __se_sys_ioctl+0x47/0x170 [ 231.420520][ T8136] do_syscall_64+0xfa/0x3b0 [ 231.420546][ T8136] ? lockdep_hardirqs_on+0x9c/0x150 [ 231.420572][ T8136] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.420591][ T8136] ? clear_bhb_loop+0x60/0xb0 [ 231.420615][ T8136] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 231.420634][ T8136] RIP: 0033:0x7fd822b8e929 [ 231.420652][ T8136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 231.420669][ T8136] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 231.420691][ T8136] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 231.420705][ T8136] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003 [ 231.420718][ T8136] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 231.420747][ T8136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 231.420759][ T8136] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 231.420791][ T8136] [ 231.420884][ T8136] ERROR: Out of memory at tomoyo_realpath_from_path. [ 231.923590][ T8144] syzkaller1: entered promiscuous mode [ 231.951047][ T8144] syzkaller1: entered allmulticast mode [ 232.096384][ T8151] vxfs: WRONG superblock magic 00000000 at 1 [ 232.102641][ T8151] vxfs: WRONG superblock magic 00000000 at 8 [ 232.115667][ T8151] vxfs: can't find superblock. [ 233.176057][ T8179] kAFS: unparsable volume name [ 233.201026][ T8173] sctp: failed to load transform for md5: -2 [ 233.349329][ T8184] syzkaller1: entered promiscuous mode [ 233.357420][ T8184] syzkaller1: entered allmulticast mode [ 233.361996][ T8186] vxfs: WRONG superblock magic 00000000 at 1 [ 233.390610][ T8186] vxfs: WRONG superblock magic 00000000 at 8 [ 233.399337][ T8186] vxfs: can't find superblock. [ 233.506898][ T30] audit: type=1326 audit(1768330325.796:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8187 comm="syz.3.814" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb7ab8e929 code=0x0 [ 233.561748][ T8193] netlink: 92 bytes leftover after parsing attributes in process `syz.3.814'. [ 233.572231][ T8193] netlink: 24 bytes leftover after parsing attributes in process `syz.3.814'. [ 233.592876][ T8198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.816'. [ 233.703262][ T8195] netlink: 156 bytes leftover after parsing attributes in process `syz.1.817'. [ 233.729501][ T8203] netlink: 'syz.3.819': attribute type 27 has an invalid length. [ 233.817027][ T8208] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 233.860624][ T8210] usb usb7: usbfs: interface 0 claimed by hub while 'syz.3.821' sets config #0 [ 234.248962][ T8223] syzkaller1: entered promiscuous mode [ 234.254786][ T8223] syzkaller1: entered allmulticast mode [ 234.321825][ T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 234.439570][ T8225] syzkaller1: entered promiscuous mode [ 234.445488][ T8225] syzkaller1: entered allmulticast mode [ 234.459084][ T8227] fuse: Bad value for 'rootmode' [ 234.503860][ T9] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30 [ 234.523904][ T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253 [ 234.542461][ T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 234.556709][ T9] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 234.559466][ T8229] FAULT_INJECTION: forcing a failure. [ 234.559466][ T8229] name failslab, interval 1, probability 0, space 0, times 0 [ 234.565166][ T9] usb 1-1: Manufacturer: syz [ 234.594421][ T9] usb 1-1: config 0 descriptor?? [ 234.601586][ T8229] CPU: 1 UID: 0 PID: 8229 Comm: syz.3.829 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 234.601614][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 234.601626][ T8229] Call Trace: [ 234.601634][ T8229] [ 234.601642][ T8229] dump_stack_lvl+0x189/0x250 [ 234.601670][ T8229] ? __pfx____ratelimit+0x10/0x10 [ 234.601695][ T8229] ? __pfx_dump_stack_lvl+0x10/0x10 [ 234.601716][ T8229] ? __pfx__printk+0x10/0x10 [ 234.601744][ T8229] ? __pfx___might_resched+0x10/0x10 [ 234.601763][ T8229] ? fs_reclaim_acquire+0x7d/0x100 [ 234.601794][ T8229] should_fail_ex+0x414/0x560 [ 234.601829][ T8229] ? __pfx_sock_alloc_inode+0x10/0x10 [ 234.601853][ T8229] should_failslab+0xa8/0x100 [ 234.601879][ T8229] ? __pfx_sock_alloc_inode+0x10/0x10 [ 234.601900][ T8229] kmem_cache_alloc_lru_noprof+0x78/0x3d0 [ 234.601920][ T8229] ? sock_alloc_inode+0x28/0xc0 [ 234.601940][ T8229] ? tomoyo_supervisor+0x4b2/0x1480 [ 234.601964][ T8229] ? __pfx_sock_alloc_inode+0x10/0x10 [ 234.601986][ T8229] sock_alloc_inode+0x28/0xc0 [ 234.602009][ T8229] alloc_inode+0x67/0x1b0 [ 234.602037][ T8229] __sock_create+0x12d/0x9f0 [ 234.602064][ T8229] ? __pfx_tomoyo_supervisor+0x10/0x10 [ 234.602113][ T8229] mptcp_subflow_create_socket+0xfd/0xb40 [ 234.602147][ T8229] ? snprintf+0xda/0x120 [ 234.602173][ T8229] ? __pfx_mptcp_subflow_create_socket+0x10/0x10 [ 234.602203][ T8229] ? aa_label_sk_perm+0x4d3/0x630 [ 234.602235][ T8229] __mptcp_nmpc_sk+0x150/0x720 [ 234.602258][ T8229] ? __pfx___mptcp_nmpc_sk+0x10/0x10 [ 234.602282][ T8229] ? look_up_lock_class+0x74/0x170 [ 234.602323][ T8229] mptcp_connect+0x70/0xc10 [ 234.602357][ T8229] __inet_stream_connect+0x295/0xf10 [ 234.602394][ T8229] ? __local_bh_enable_ip+0x12d/0x1c0 [ 234.602413][ T8229] ? __pfx___inet_stream_connect+0x10/0x10 [ 234.602438][ T8229] ? __local_bh_enable_ip+0x12d/0x1c0 [ 234.602457][ T8229] ? __pfx___local_bh_enable_ip+0x10/0x10 [ 234.602488][ T8229] inet_stream_connect+0x66/0xa0 [ 234.602516][ T8229] __sys_connect+0x313/0x440 [ 234.602545][ T8229] ? __fget_files+0x3a0/0x420 [ 234.602573][ T8229] ? __pfx___sys_connect+0x10/0x10 [ 234.602615][ T8229] ? __pfx_ksys_write+0x10/0x10 [ 234.602636][ T8229] ? rcu_is_watching+0x15/0xb0 [ 234.602664][ T8229] __x64_sys_connect+0x7a/0x90 [ 234.602694][ T8229] do_syscall_64+0xfa/0x3b0 [ 234.602720][ T8229] ? lockdep_hardirqs_on+0x9c/0x150 [ 234.602745][ T8229] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.602765][ T8229] ? clear_bhb_loop+0x60/0xb0 [ 234.602789][ T8229] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 234.602809][ T8229] RIP: 0033:0x7fcb7ab8e929 [ 234.602827][ T8229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 234.602845][ T8229] RSP: 002b:00007fcb7b970038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a [ 234.602866][ T8229] RAX: ffffffffffffffda RBX: 00007fcb7adb5fa0 RCX: 00007fcb7ab8e929 [ 234.602881][ T8229] RDX: 0000000000000010 RSI: 00002000000009c0 RDI: 0000000000000003 [ 234.602894][ T8229] RBP: 00007fcb7b970090 R08: 0000000000000000 R09: 0000000000000000 [ 234.602907][ T8229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 234.602919][ T8229] R13: 0000000000000000 R14: 00007fcb7adb5fa0 R15: 00007ffd168a2248 [ 234.602951][ T8229] [ 234.603432][ T8229] socket: no more sockets [ 234.616839][ T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 235.549491][ T8248] syzkaller1: entered promiscuous mode [ 235.556064][ T8248] syzkaller1: entered allmulticast mode [ 235.679038][ T8251] FAULT_INJECTION: forcing a failure. [ 235.679038][ T8251] name failslab, interval 1, probability 0, space 0, times 0 [ 235.695420][ T8251] CPU: 1 UID: 0 PID: 8251 Comm: syz.2.836 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 235.695441][ T8251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 235.695450][ T8251] Call Trace: [ 235.695461][ T8251] [ 235.695467][ T8251] dump_stack_lvl+0x189/0x250 [ 235.695489][ T8251] ? __pfx____ratelimit+0x10/0x10 [ 235.695508][ T8251] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.695525][ T8251] ? __pfx__printk+0x10/0x10 [ 235.695547][ T8251] ? __pfx___might_resched+0x10/0x10 [ 235.695565][ T8251] should_fail_ex+0x414/0x560 [ 235.695592][ T8251] should_failslab+0xa8/0x100 [ 235.695611][ T8251] kmem_cache_alloc_node_noprof+0x76/0x3c0 [ 235.695628][ T8251] ? __alloc_skb+0x112/0x2d0 [ 235.695652][ T8251] __alloc_skb+0x112/0x2d0 [ 235.695675][ T8251] netlink_sendmsg+0x5c6/0xb30 [ 235.695703][ T8251] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.695726][ T8251] ? aa_sock_msg_perm+0xf1/0x1d0 [ 235.695744][ T8251] ? bpf_lsm_socket_sendmsg+0x9/0x20 [ 235.695765][ T8251] ? __pfx_netlink_sendmsg+0x10/0x10 [ 235.695786][ T8251] __sock_sendmsg+0x219/0x270 [ 235.695806][ T8251] ____sys_sendmsg+0x505/0x830 [ 235.695824][ T8251] ? __pfx_____sys_sendmsg+0x10/0x10 [ 235.695845][ T8251] ? import_iovec+0x74/0xa0 [ 235.695867][ T8251] ___sys_sendmsg+0x21f/0x2a0 [ 235.695888][ T8251] ? __pfx____sys_sendmsg+0x10/0x10 [ 235.695945][ T8251] ? __fget_files+0x2a/0x420 [ 235.695972][ T8251] ? __fget_files+0x3a0/0x420 [ 235.696010][ T8251] __x64_sys_sendmsg+0x19b/0x260 [ 235.696033][ T8251] ? __pfx___x64_sys_sendmsg+0x10/0x10 [ 235.696059][ T8251] ? __pfx_ksys_write+0x10/0x10 [ 235.696080][ T8251] ? do_syscall_64+0xbe/0x3b0 [ 235.696103][ T8251] do_syscall_64+0xfa/0x3b0 [ 235.696121][ T8251] ? lockdep_hardirqs_on+0x9c/0x150 [ 235.696139][ T8251] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.696153][ T8251] ? clear_bhb_loop+0x60/0xb0 [ 235.696170][ T8251] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.696184][ T8251] RIP: 0033:0x7fd822b8e929 [ 235.696197][ T8251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.696211][ T8251] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 235.696226][ T8251] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929 [ 235.696237][ T8251] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003 [ 235.696246][ T8251] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000 [ 235.696255][ T8251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 235.696263][ T8251] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598 [ 235.696285][ T8251] [ 235.962594][ C1] ================================================================== [ 235.970683][ C1] BUG: KASAN: slab-use-after-free in flush_tlb_func+0x23d/0x6c0 [ 235.972311][ T30] audit: type=1326 audit(1768330328.267:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8236 comm="syz.1.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e938e929 code=0x7fc00000 [ 235.978334][ C1] Write of size 8 at addr ffff88807de96ac0 by task swapper/1/0 [ 235.978351][ C1] [ 235.978362][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 235.978384][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 235.978396][ C1] Call Trace: [ 235.978402][ C1] [ 235.978410][ C1] dump_stack_lvl+0x189/0x250 [ 235.978443][ C1] ? __virt_addr_valid+0x1c8/0x5c0 [ 235.978467][ C1] ? rcu_is_watching+0x15/0xb0 [ 235.978488][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.978510][ C1] ? rcu_is_watching+0x15/0xb0 [ 235.978528][ C1] ? lock_release+0x4b/0x3e0 [ 235.978560][ C1] ? __virt_addr_valid+0x1c8/0x5c0 [ 235.978601][ C1] ? __virt_addr_valid+0x4a5/0x5c0 [ 235.978626][ C1] print_report+0xd2/0x2b0 [ 235.978654][ C1] ? flush_tlb_func+0x23d/0x6c0 [ 235.978676][ C1] kasan_report+0x118/0x150 [ 235.978704][ C1] ? flush_tlb_func+0x23d/0x6c0 [ 235.978734][ C1] kasan_check_range+0x2b0/0x2c0 [ 235.978760][ C1] flush_tlb_func+0x23d/0x6c0 [ 235.978787][ C1] ? sched_clock+0x3f/0x60 [ 235.978815][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 235.978843][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 235.978869][ C1] __flush_smp_call_function_queue+0x370/0xaa0 [ 235.978891][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 235.978919][ C1] __sysvec_call_function_single+0xa8/0x3d0 [ 235.978948][ C1] sysvec_call_function_single+0x4f/0xc0 [ 235.978974][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 235.978997][ C1] RIP: 0010:handle_softirqs+0x1b0/0x870 [ 235.979020][ C1] Code: 89 64 24 30 0f b7 db 48 c7 c7 a0 99 89 8b e8 87 55 f1 09 65 66 c7 05 c5 4e 3e 11 00 00 e8 f8 55 42 00 fb 49 c7 c7 c0 c0 00 8e ff ff ff ff 0f bc c3 41 89 c5 41 ff c5 0f 84 c2 03 00 00 89 5c [ 235.979039][ C1] RSP: 0018:ffffc90000a08e40 EFLAGS: 00000286 [ 235.979058][ C1] RAX: 574809cd86862400 RBX: 0000000000000382 RCX: 574809cd86862400 [ 235.979074][ C1] RDX: 0000000000000000 RSI: ffffffff8da6993f RDI: ffffffff8be4b100 [ 235.979088][ C1] RBP: ffffc90000a08f50 R08: ffffffff8fc29e37 R09: 1ffffffff1f853c6 [ 235.979104][ C1] R10: dffffc0000000000 R11: fffffbfff1f853c7 R12: 000000000000000a [ 235.979120][ C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8e00c0c0 [ 235.979145][ C1] ? lapic_next_event+0x11/0x20 [ 235.979165][ C1] ? clockevents_program_event+0x24d/0x360 [ 235.979193][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 235.979215][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 235.979237][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 235.979266][ C1] __irq_exit_rcu+0xca/0x1f0 [ 235.979285][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 235.979309][ C1] irq_exit_rcu+0x9/0x30 [ 235.979327][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 235.979353][ C1] [ 235.979360][ C1] [ 235.979369][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 235.979390][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 235.979416][ C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 83 86 11 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 235.979434][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6 [ 235.979477][ C1] RAX: 574809cd86862400 RBX: ffffffff81971188 RCX: 574809cd86862400 [ 235.979494][ C1] RDX: 0000000000000001 RSI: ffffffff8da6993f RDI: ffffffff8be4b100 [ 235.979523][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f1b R09: 1ffff110170e65e3 [ 235.979538][ C1] R10: dffffc0000000000 R11: ffffed10170e65e4 R12: ffffffff8fc29e30 [ 235.979554][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a57b40 [ 235.979571][ C1] ? do_idle+0x1e8/0x510 [ 235.979597][ C1] default_idle+0x13/0x20 [ 235.979624][ C1] default_idle_call+0x74/0xb0 [ 235.979655][ C1] do_idle+0x1e8/0x510 [ 235.979677][ C1] ? __pfx_do_idle+0x10/0x10 [ 235.979708][ C1] cpu_startup_entry+0x44/0x60 [ 235.979728][ C1] start_secondary+0x101/0x110 [ 235.979756][ C1] common_startup_64+0x13e/0x147 [ 235.979791][ C1] [ 235.979798][ C1] [ 236.389231][ C1] Allocated by task 5833: [ 236.393582][ C1] kasan_save_track+0x3e/0x80 [ 236.398270][ C1] __kasan_slab_alloc+0x6c/0x80 [ 236.403128][ C1] kmem_cache_alloc_noprof+0x1c1/0x3c0 [ 236.408588][ C1] copy_mm+0xdb/0x4b0 [ 236.412576][ C1] copy_process+0x1706/0x3c00 [ 236.417253][ C1] kernel_clone+0x21e/0x870 [ 236.421757][ C1] __x64_sys_clone+0x18b/0x1e0 [ 236.426521][ C1] do_syscall_64+0xfa/0x3b0 [ 236.431028][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.436922][ C1] [ 236.439245][ C1] Freed by task 8250: [ 236.443224][ C1] kasan_save_track+0x3e/0x80 [ 236.447902][ C1] kasan_save_free_info+0x46/0x50 [ 236.452933][ C1] __kasan_slab_free+0x62/0x70 [ 236.457701][ C1] kmem_cache_free+0x18f/0x400 [ 236.462467][ C1] exit_mm+0x1da/0x2c0 [ 236.466547][ C1] do_exit+0x648/0x2300 [ 236.470710][ C1] do_group_exit+0x21c/0x2d0 [ 236.475307][ C1] __x64_sys_exit_group+0x3f/0x40 [ 236.480355][ C1] x64_sys_call+0x21f7/0x2200 [ 236.485059][ C1] do_syscall_64+0xfa/0x3b0 [ 236.489575][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.495485][ C1] [ 236.497815][ C1] The buggy address belongs to the object at ffff88807de960c0 [ 236.497815][ C1] which belongs to the cache mm_struct of size 2584 [ 236.511781][ C1] The buggy address is located 2560 bytes inside of [ 236.511781][ C1] freed 2584-byte region [ffff88807de960c0, ffff88807de96ad8) [ 236.525778][ C1] [ 236.528108][ C1] The buggy address belongs to the physical page: [ 236.534602][ C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7de90 [ 236.543370][ C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 236.551967][ C1] memcg:ffff88803374c401 [ 236.556210][ C1] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff) [ 236.564119][ C1] page_type: f5(slab) [ 236.568103][ C1] raw: 00fff00000000040 ffff88801a84bb40 ffffea0000cfc400 dead000000000003 [ 236.576691][ C1] raw: 0000000000000000 00000000800b000b 00000000f5000000 ffff88803374c401 [ 236.585279][ C1] head: 00fff00000000040 ffff88801a84bb40 ffffea0000cfc400 dead000000000003 [ 236.594036][ C1] head: 0000000000000000 00000000800b000b 00000000f5000000 ffff88803374c401 [ 236.602739][ C1] head: 00fff00000000003 ffffea0001f7a401 00000000ffffffff 00000000ffffffff [ 236.611417][ C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 236.620094][ C1] page dumped because: kasan: bad access detected [ 236.626513][ C1] page_owner tracks the page as allocated [ 236.632234][ C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5203, tgid 5203 (S02sysctl), ts 33653808155, free_ts 30898579963 [ 236.653334][ C1] post_alloc_hook+0x240/0x2a0 [ 236.658118][ C1] get_page_from_freelist+0x21e4/0x22c0 [ 236.663671][ C1] __alloc_frozen_pages_noprof+0x181/0x370 [ 236.669504][ C1] alloc_pages_mpol+0x232/0x4a0 [ 236.674358][ C1] allocate_slab+0x8a/0x370 [ 236.678877][ C1] ___slab_alloc+0xbeb/0x1410 [ 236.683563][ C1] kmem_cache_alloc_noprof+0x283/0x3c0 [ 236.689024][ C1] mm_alloc+0x23/0xd0 [ 236.693005][ C1] alloc_bprm+0x378/0x5b0 [ 236.697338][ C1] do_execveat_common+0x1b3/0x6a0 [ 236.702370][ C1] __x64_sys_execve+0x94/0xb0 [ 236.707054][ C1] do_syscall_64+0xfa/0x3b0 [ 236.711565][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 236.717459][ C1] page last free pid 1 tgid 1 stack trace: [ 236.723267][ C1] __free_frozen_pages+0xb80/0xd80 [ 236.728400][ C1] free_contig_range+0x1bd/0x4a0 [ 236.733342][ C1] destroy_args+0x7e/0x5d0 [ 236.737778][ C1] debug_vm_pgtable+0x3fa/0x430 [ 236.742629][ C1] do_one_initcall+0x233/0x820 [ 236.747393][ C1] do_initcall_level+0x137/0x1f0 [ 236.752331][ C1] do_initcalls+0x69/0xd0 [ 236.756665][ C1] kernel_init_freeable+0x3d9/0x570 [ 236.761869][ C1] kernel_init+0x1d/0x1d0 [ 236.766193][ C1] ret_from_fork+0x3fc/0x770 [ 236.770782][ C1] ret_from_fork_asm+0x1a/0x30 [ 236.775549][ C1] [ 236.777872][ C1] Memory state around the buggy address: [ 236.783496][ C1] ffff88807de96980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 236.791560][ C1] ffff88807de96a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 236.799619][ C1] >ffff88807de96a80: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc [ 236.807675][ C1] ^ [ 236.813834][ C1] ffff88807de96b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 236.821892][ C1] ffff88807de96b80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 236.829949][ C1] ================================================================== [ 236.838013][ C1] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 236.845211][ C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) [ 236.856325][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025 [ 236.866394][ C1] Call Trace: [ 236.869675][ C1] [ 236.872522][ C1] dump_stack_lvl+0x99/0x250 [ 236.877124][ C1] ? __asan_memcpy+0x40/0x70 [ 236.881740][ C1] ? __pfx_dump_stack_lvl+0x10/0x10 [ 236.887115][ C1] ? __pfx__printk+0x10/0x10 [ 236.891808][ C1] panic+0x2db/0x790 [ 236.895710][ C1] ? __pfx_panic+0x10/0x10 [ 236.900144][ C1] ? _raw_spin_unlock_irqrestore+0xad/0x110 [ 236.906040][ C1] ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10 [ 236.912378][ C1] ? print_memory_metadata+0x314/0x400 [ 236.917847][ C1] ? flush_tlb_func+0x23d/0x6c0 [ 236.922704][ C1] check_panic_on_warn+0x89/0xb0 [ 236.927650][ C1] ? flush_tlb_func+0x23d/0x6c0 [ 236.932506][ C1] end_report+0x78/0x160 [ 236.936755][ C1] kasan_report+0x129/0x150 [ 236.941261][ C1] ? flush_tlb_func+0x23d/0x6c0 [ 236.946119][ C1] kasan_check_range+0x2b0/0x2c0 [ 236.951086][ C1] flush_tlb_func+0x23d/0x6c0 [ 236.955772][ C1] ? sched_clock+0x3f/0x60 [ 236.960195][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 236.965399][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 236.970605][ C1] __flush_smp_call_function_queue+0x370/0xaa0 [ 236.976775][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 236.982009][ C1] __sysvec_call_function_single+0xa8/0x3d0 [ 236.987914][ C1] sysvec_call_function_single+0x4f/0xc0 [ 236.993558][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 236.999539][ C1] RIP: 0010:handle_softirqs+0x1b0/0x870 [ 237.005098][ C1] Code: 89 64 24 30 0f b7 db 48 c7 c7 a0 99 89 8b e8 87 55 f1 09 65 66 c7 05 c5 4e 3e 11 00 00 e8 f8 55 42 00 fb 49 c7 c7 c0 c0 00 8e ff ff ff ff 0f bc c3 41 89 c5 41 ff c5 0f 84 c2 03 00 00 89 5c [ 237.024709][ C1] RSP: 0018:ffffc90000a08e40 EFLAGS: 00000286 [ 237.030785][ C1] RAX: 574809cd86862400 RBX: 0000000000000382 RCX: 574809cd86862400 [ 237.038762][ C1] RDX: 0000000000000000 RSI: ffffffff8da6993f RDI: ffffffff8be4b100 [ 237.046820][ C1] RBP: ffffc90000a08f50 R08: ffffffff8fc29e37 R09: 1ffffffff1f853c6 [ 237.054812][ C1] R10: dffffc0000000000 R11: fffffbfff1f853c7 R12: 000000000000000a [ 237.062788][ C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8e00c0c0 [ 237.070789][ C1] ? lapic_next_event+0x11/0x20 [ 237.075662][ C1] ? clockevents_program_event+0x24d/0x360 [ 237.081475][ C1] ? __irq_exit_rcu+0xca/0x1f0 [ 237.086257][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 237.091556][ C1] ? irqtime_account_irq+0xb6/0x1c0 [ 237.096763][ C1] __irq_exit_rcu+0xca/0x1f0 [ 237.101382][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 237.106587][ C1] irq_exit_rcu+0x9/0x30 [ 237.110840][ C1] sysvec_apic_timer_interrupt+0xa6/0xc0 [ 237.116483][ C1] [ 237.119427][ C1] [ 237.122378][ C1] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 237.128376][ C1] RIP: 0010:pv_native_safe_halt+0x13/0x20 [ 237.134115][ C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 83 86 11 00 f3 0f 1e fa fb f4 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 [ 237.153728][ C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6 [ 237.159829][ C1] RAX: 574809cd86862400 RBX: ffffffff81971188 RCX: 574809cd86862400 [ 237.167803][ C1] RDX: 0000000000000001 RSI: ffffffff8da6993f RDI: ffffffff8be4b100 [ 237.175788][ C1] RBP: ffffc90000197f20 R08: ffff8880b8732f1b R09: 1ffff110170e65e3 [ 237.183771][ C1] R10: dffffc0000000000 R11: ffffed10170e65e4 R12: ffffffff8fc29e30 [ 237.191751][ C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a57b40 [ 237.199730][ C1] ? do_idle+0x1e8/0x510 [ 237.203987][ C1] default_idle+0x13/0x20 [ 237.208333][ C1] default_idle_call+0x74/0xb0 [ 237.213106][ C1] do_idle+0x1e8/0x510 [ 237.217179][ C1] ? __pfx_do_idle+0x10/0x10 [ 237.221865][ C1] cpu_startup_entry+0x44/0x60 [ 237.226630][ C1] start_secondary+0x101/0x110 [ 237.231404][ C1] common_startup_64+0x13e/0x147 [ 237.236353][ C1] [ 237.239714][ C1] Kernel Offset: disabled [ 237.244037][ C1] Rebooting in 86400 seconds..