last executing test programs:

4.143830098s ago: executing program 0 (id=798):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000000)="5c00000014006b05c84e21000ab16d6e23", 0x11}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
r0 = socket$inet(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})

3.941037448s ago: executing program 0 (id=800):
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r3)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x9)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r4, &(0x7f0000000000)={0x2, 0x4e22, @empty}, 0x10)
sendmmsg(r4, &(0x7f0000000900)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000ac0)='<', 0x1}], 0x1}}], 0x1, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac14017b080006000a00"], 0x30}}, 0x10)

2.999211552s ago: executing program 1 (id=808):
syz_clone3(&(0x7f0000000080)={0x100801000, &(0x7f0000000180), 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x0, 0x0, 0xd000})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.649767485s ago: executing program 1 (id=810):
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000020c0), 0x2, 0x0)
landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
pipe(&(0x7f0000000600))
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="000086dd0500560008005400f5ff60ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)

2.521386426s ago: executing program 0 (id=811):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0x0, 0x0})
ioctl$sock_ifreq(r0, 0x8993, &(0x7f0000000200)={'bond0\x00', @ifru_data=&(0x7f0000000180)="43aa2c855aa5a07977d262767dd476971b98d3255539a80a79cbfce87eea47e5"})
creat(&(0x7f0000001380)='./file0\x00', 0x4)
socket$can_j1939(0x1d, 0x2, 0x7)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f00000005c0)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x1, 0x25}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/220, 0xdc, 0x1, 0x29}, @fda={0x66646185, 0x5, 0x1, 0xc8}}, &(0x7f00000001c0)={0x0, 0x48, 0x50}}, 0x1000}], 0x0, 0x0, 0x0})
mount(&(0x7f0000000080)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000040)='afs\x00', 0x400, 0x0)

2.377918624s ago: executing program 1 (id=812):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0x2, 0x0, 0x25dfdbfe, {{@in6=@private0, @in=@remote, 0x0, 0x4, 0x0, 0x0, 0xa, 0x60, 0x60, 0x3b, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, 0x9, 0x0, 0x0, 0x0, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x50)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9"], 0xb8}}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000fedbcb25fc00000000000000000000000000004000000000000000000000ffff7f", @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r1, 0x0, 0x4000)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='vxfs\x00', 0x200000, 0x0)

2.377249681s ago: executing program 0 (id=813):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x5, 0x0, {0x14, 0x4, 0x2, 0x1f, 0x0, 0x68, 0x53ca, 0x3, 0x6, 0x2006, @broadcast, @broadcast, {[@cipso={0x86, 0x33, 0x3, [{0x5, 0xc, "fac03c8b8493f23873f7"}, {0x5, 0xb, "67f54951950fc96486"}, {0x2, 0x2}, {0x5, 0x7, "a482ba0678"}, {0x5, 0x9, "1d5bc15d445fd7"}, {0x2, 0x4, 't<'}]}, @ssrr={0x89, 0x7, 0x56, [@initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}, 0x7a)

2.112375198s ago: executing program 1 (id=817):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000180)=ANY=[@ANYBLOB="01000000000000001b0001c0"])
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001200)='io\x00')
io_setup(0x19, &(0x7f00000009c0))
clock_adjtime(0xa00, &(0x7f0000000780)={0xe627, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffffffffffc, 0xcb, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8000, 0x2, 0x5})
socket$vsock_stream(0x28, 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="e4000000", @ANYRES16=r5, @ANYBLOB="07002abd5248ffdbdf2507ff000008000300", @ANYRES32=r6, @ANYBLOB="0c00990001000c0069000000140004002f6163766c616e3100000000000000000400cc00080005000a"], 0xe4}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)={0x1c, r8, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x1100}, 0x0)

2.056395418s ago: executing program 0 (id=818):
syz_clone3(&(0x7f0000000080)={0x100801000, &(0x7f0000000180), 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x0, 0x0, 0xd000})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.996060522s ago: executing program 3 (id=819):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), r0)
pipe2$9p(&(0x7f00000001c0), 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1709000000000000000001000000050007000000000008000900fffffffe060002000000000008000a000100000008001800ac1414aa08001900e000000214001b0017"], 0x58}}, 0x0)

1.836147049s ago: executing program 3 (id=821):
r0 = syz_open_dev$usbfs(&(0x7f00000001c0), 0xad1d, 0x101301)
ioctl$USBDEVFS_IOCTL(r0, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)

1.69123039s ago: executing program 1 (id=823):
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="9ab1446569aa24b774753c9e994c09c24df9d42fa5a228e469b44cecf6f9f5ce5f77c93b1895aaac9cf34b37415f11fe22d6fa0162aa743b242e8fe0a8659e32fb543d7969d6513136a9f332a8074f8ee1e445277ddd5859eb5ac3321eb710be880a441031da9b31f791d54fb3c97cd8ee92b00cbf962be8eb5fd0b7cab207645f59cf87a8c41e2739dd8386b6bb84b627cbf5e09bac876ad4b215f0e510a853c5e8b9f7822b26771d72972290a1f9a6f0a46942be0d0eb7aa5145ff368863b14e9845926088f9f92d554e572926290dc6e6b574aea8c500fbe5697f881c0cec48282c6d07619248da0c3b9aa6f7c778525d1760051e4ba8ef31d3c8d3e1d4214ffa5261ce1fdbc12eba889968137f5c06fea233000296cf18df494b4e7b1bee7dc2f3751c37415d46f6d7ffb3d0f788f2100ee41266e6fba75b61af22e1d7b286507ff100cc34ed28d5a2c8be3231446874bbbde6f3c367ca802d64192ffcce1ea41b2cbc57f7500fc4f8f12fe02690c1c9785bbc35542b59d05600783cf4f4633b374101d8ed395303392b238d198f9f68c8ae928cbf3b558deec6d38ebaa526e749ac4e47dd5b838ec34f2820a1134252ae60159d4e030cf5e5d6f8de799a31e12ae57cfe5a1a3ded525c6e71271271d35a0056265362387a361f21ea0f4b6d46f6a83a8512687e43b31e11b1396d6e9e49cf42b693732e226b55d21a1203022f6be9f8ecccb68de3bf4ce99689514bd752f4e60bd2f8e376d7fae5b5fc8db0f53db8c52746671e361b9319419c1b3f3168b4797ebd2d118ee42dda4bc59dd0251236195c8cdafc0546354eeb28f4c7e71e8245a6ccaddfb858f61039c0ccf5acd924680aab38dd061fc7b123f24ac7f3d3c0cee43b61045bb1efea25af86088a0591f166e2f11ea4089860893b17ca5e3d99ec75131268e2e4e290c2bf15e4dde23284e4bdf6e549c096ce221d9c8a6c0fc78aa6a1c8b547c0e10738de2a1e8663e03ab0ce4594e244989f75b6672de1eee97ba7e6467a0da51c0e75d5866c405b03c4744d8d3fbb01eddba5a0361662269154c2f0e61a9433982eb904ff562896cbfa692eb1e6c644fcf6cbc103a76b712af706a47608d3e2f5d54d47d8e9906ab37ddf04004d32ce00200fc3c274666aeb618b27424d87b6a4b0262de4436b9e6f150bc798394c298b25a2c318fbe786185464057c0bcfcd1917230d78ee1a49eca12068fa676852c1099096c6cb98dfda27fedac41826516e42cc116f0cbb68f0f810418258dc5a65c0e1ada296176e17f8d762894c80542a79383cc1674a4f3d6520633ce80baba214c20628899f9ac826484c887713aed9c5caf13b40a598cb1e81f7b18dae39efc22dc99ff497e11f158edc2716ebe3bcd593691aa26523efc168e1394ab439c9a9270575ef34eeee9084b0a31b2d81d47c964ac61e600f75d9321d7474dde45bb8d0cc46510488ab68486d3ba6cc9c3ddb6f66f2e5d251ee285121e1645a2f5167fc5fb8ac4491c0d9d0423c7a8452efea2f5a30096a0fa47173f3a68500a5c755ea939c838d3be126a87ff6baa5a1fba638a5c64767d17f04201b935fcb1cb6afa175594f410f2ff773194c703e623876051e46bb0850a5016e65f8fa34b96bafdfe851a0756fe26fb63d52113c0935b0867f7dc8a94d887484b15e8f92b6a316a22c04a985cc94e432cd43f44001bcdbd48efcd463c402d3d181298e96db60fdb714b82e146567af5ae3fc0c3f9d241471b4d129f928d286f780facb1e84434610ab3379dfff0f64d57b4a1c2e96c98b693de952d26773d24e7a95eddbc450f79932d5332d27991c7bfbd3bc35bfeb9496fbebccb5e4c35c368e021dea643cb292d794d3d3bbcc960f989bef09763dc73d83cbf907485635265e81f87b712d958a66719230fc6466615a0e3bb998d48159e9e9c51959354a545966bcffa298c7673b4d32b991c886a997236642c0f104f6795feab9f48d0ffc74667f3f3e82473ac892ad25f4b13029b0b27fb1d86991ddc42bbc3fe584ed364e769f3bc72ed8749e7a654ec1a2ec7a01bd2d5caccdc6241a1b1ef2726db54d2c34ab47020b4c729b5994b43deb00ad959950e0051d2c0f27217397055e78f1dd3bd867a45e06c2134ae8981021aae881cc7b2049fe7c82d2127ec81d6430c8116355c8d0ab8b9291c688ed9b8dbb1ed6f1a99bb58a1be8d5737acbf9461b142c8982f52481195d35ef82aed4fa52385ea4ed00a739d01cad7af9f7c27d357748e24f28d22065ccb37300e8f5d8dae5ca79af7a50edc3e05184d1a2a6d59784d5ceeb1f1550a44ea03bee4dc5c27eb78f0032593c7d082e59211f83a8b91aa78bfb7e959328ee63af26a37b79ce5e5139eeebd12e28b2a26ad2fcbdca652524d036b324782d54247a48b9f8200b2d6d2c091c41366d677e3be6e136cec6c3080d608849135c6e3c7d695d2e226ae1ce999d730d7f79116ab85762e55a3e5a66a690ce0a4bb4fd1560c796e2797414b544ef78e29d55e4853fdbf3362085a65c46105f32c360a0a9867b984a5d0297fe0b06a45684ac801a8e66294cef6e5f3c48648884fbb2422fa00488df33a9a0ff1039c81f1939f2cd2f5fe8aa805af2d2332ac37244ed4a7b50265af8062752b0c16511e5f25e8aa2b60645675bc826557bb75474ca4787f6b584b2f83bc25192579104aa0baae79f396df0d31121f90db9acea9695ee0fe0c22df4db503ec8b2437b05f5d35a65722fa82eebd2aff4bcd3316a5cffc4b31913fd02f82130c77f320bf04bf8fa873d0e3f62122d6a5f87d3e908bedafed4a3cb6d9f73ff546f5a2b74a2493b1753e89b682352bb3166563518dcb190c7b3d9fd667c57978a670b192641a674dc92c2401d067b6767aa632ce32a401175c98200a52ab5d80dffa719746d0bff8a84bac4a56e0ab8124fc332b64ea662d01e1b73231a6638f01cf4d699448da228c16951149c8d3dab9a7e3be9a16c7d1ffb061818f8f9cb2b42739fae4a0d70c0701c8dceee785d36ef6413162de1917df01c693ef3e1f517e7fc46245209fee52f5c6a2f50ab3f56d67d1cd987282b24071d8ebb1bc5cd635957b2a7ad92d0650abd5bbc24b75885b6119592a3d715392718e52f9124c4ac95be3582abba4ac3a4049ee49fa8ceb9b59d4e1e2a069c9d482879fd8d27d5ac22ef870542453be22c2ec4ebf1472c19fbfb56aa0a3671297b020e3fe49d201a82a04420e90bda43691dacf92347bcbcae3742cc4abad4c8010c0afa15278795d4d76c482461ae78f30569e1dcf87b9b150d07a2bd81676ec6022422d490759ae1e861a6c4cd1f733bd772d60975a59356c385a4a390429f3d2131e7f616015261df6db3cc3ec261a53be10c4f197e71878984fee00e6d1069f79825194b7af434fb6bb86db18e11977f82928be35054543060cea94ebb4015d061f20f8454e056e7b6e4f9a1621ef2377d77659c20bf358c817519f1801be15ae3b5b42adfab367777a6789635a0dcdd1f2b97edecea0210768af67601d1b95a8850dddb6b1f4b0c2f52c835b0833d81966ad19e49ceb9dc9c729cd8334bc3ee5bb8c74186f5cc3e765b9fdd91d79baaab3d2ab64c15d655d1af7de9cf8d5d7c1baef24577843ce142331743b45b06104b6d0d4392e61ca8c07507ff5f831bbf720854db4debf64182aaebf899ba57626a48748fc2dcf016013d575595d24d383eef2da0ff0c9f6fe9c64b186cd4617e3f37635d7dacb58ec297f3ddb48ce4a5e00cc127267e18a1fdf209e098f2cb2e9c0630d15ec9b867b2b95ecf82ad2c0ba39df9c4d36d492bc9a55c4b767da966e4fd7f4d2fef5e91d0575177c05d240b50757031c76333d43bcc828ab2f0376e29d12d1261ce104a8ea488091326bc451c120c8c04d3e64835c893f55b312e248ad8fc1c32429d68e6b67bf45ab8a1cc3db22f9f01a2266b8349046d3d3e081eaa7f7020c73c0762d11a33b517b8f081da3c61ef63e1d40cd87d69c7ac7491fb61bb57c1fe2d218aff6d39b3e1fc847f0ed894e2f0b4d6a4ad03ba42e28bb1dfab645081f548e64ceb8ce15d2214bd66a14fe594aa447c3537eb493299fef0f9326236ea5dae44e23b34801fe06ee16c79545feaf2528421d6e7f9a256a7914d86bd053dc33c8c2043ba73714f5ff5f0507097a56c40b2190e77877d43be849ee2ac129e582930ced06d359eebb49eda4edb13819f91cecc449c9613d9659906179f8fefa34fecb7d21cdaf09a1ce8d094421da80796c97c02fc56171aaba53fd8a7f55de059044717df164f3571028f16995d51fc8829534cdf58dd134def1e43a34e4f5f372fa8e19d3b85881e99ecd45faa4fccfdb47e094ab06955f3960fac71294dd965f24a97cff36b9966cf1a4c3e96c3e14a3951dcc8a3e9371f7e1ae9df77ddb1a99172174adbee8ea57a0c9872a6d677c2875da88a6a7234bebf68a3cc0532a9809a4de4b4d419bff67b0ba825a7ae6e999087155378357ae67e2dd98697f1d10ffa4497dde6582571670456db995228b97d0ecb2fb30c2ba6c16038c40059815c56b35666cc1c5090f6c38e0f4c12abf79919951b85a2734d32dd12b239912d541f9163387a4aa0be0b7a12d9c6b56dbcf1e9aadcfd72e2664a84d6c5147c72bffe7c3560ccd8c447b748dcd26cc9ca2a85cded742a8dccdfd8e78c96e78d405a19faab9e57183b37583f94b3d416b2920c6b746427ed75c08dc3be02720c1edc4743229153c48f1239b222b9fe2e21c0ae28122bc44f9dc78a59f3485ac8057eb21f0857bcfea2d9ebbbcc197e7880d81515bb1cb7192d97c4258c09926d137e245977db40812b253f99a504bb68137d8d73ca4e7c808d50f1dcc600e6a6db90238ff44e075932fe668c066e6988a6a8b4a8485120c8e4d6511268a75d8f9b0f06689aac8cd621e90c62af1e59aa9efe928e9ea098661b408a2825c4f9aac1efd9d54d163a651054b9ab32719d2be3b176f6795ddad0f1310b9237181689f2f9dd34a41d4d4cd2d7569bf56e6a80bc24d90df3bdde0f9649e699f4ef70c4f3faf9553a231215416bba26c29f17861e0f265e9641b2307ed43d6fde23a378669f4ade874e54c20a5e902205dcaa79a3e8584a3f78a86e703451115a1717df882507c607297afac0a056a0f3509a57502fd2ffff6035d04b91f72f5e1a69ddafaf80f7b2f7a13f38c683988436585e6bc7fc2da328449675c234ec0acf5294ce06c72442beba15e65d6a3e1b5dc3c8f115e1005798383f79b0194f6b7d4b1b32371acbf22340af6e5ee3ea840f7ed451226daef3041fc194e051af2fb450022b394c774273b9575c974c324ecd7268435176ee28c54bb54c8e829232ca636f3bdef60ed460b5ff425936626dd16a3f436f08a863582a79f393378f60f6c8ecdd13d83073bfda2e9f8d0c74a841021cbb8c148e70bfc585627449cdd9fb3045db3ea08a96108b52ee8a4f5048a5d910355789f4bb85c1362955e267e719581c38a2648eaa0b516db6277d2ee3c6e1e1090df3f53a31b747d99887e337dadddab16a297d9e56797007a3d18ce333311c70bb1bf45bdae517ffc589419af643773bb30a1fbff7ecd4a8ae7456a608fe73547c2eda4f070d57dc70b65d867526c946a435ea581497da18646ce569eaf6ccf3474cd6e7aa3d6d4732836ff4167c9153757ce58a34864be6d479f7b4ea1d6480b9ac16c5bff346a74e74133234744df867e16b3d2f1f7db4b21b89019b520917ef863e60f52999d6946b9e09cb60054f49d8a255f02e4b62fff6e6adb9a167ea70a177d00b26f56e29b63138a2ebc30b956161a4ab25d5da1c207c3f762714f651341ae771e17d84fa1c86685f2fcb0a128c2e1208d1930e7ff0d8d55299154112af574b881be8b69cc1721d548ad4dc02632e184c47f9b394bf4a834e60fbead8c8bfbf5087f8454513b0b086ac97bbbb9aa342af9def758fe88f1e4570e65f93fd4a9868665d08fac0cf6ebde786995c433504ca01cdf83311aaae20cc76f819a4344a8ee4e26c1094cb00d2c8a67c733fffcd89e97534cacb08a64d75e8594fa31f0dcfcafb0d1bc184c7067fec6a48ddefd580d4d9a4128d8f70f6fc6562da683904766e982ecd0286064db6844131bb7962a0a497f7b97fefad88a0b128bdf8cca774b1c32cb4af259bfebccda036e7e4ea8962838dbb5c04ffab0a2f1481848a27f06171645daf5246a2e563f3ed60097a9d7023d6ba5c8a58d39f733b12baf0863d82c427460f51cf9e3f77281a42221725b7bb75c2116ab31f704661f090d3eeddd2aa6efc619946b4933c398b635fd04ba3758294965c568997e1ef44b0562804e6c64558f6cfa87662a988c321a856ead51c848528a4954f9ff1948d517d67bc11db66801648848bfb7ee12296428bc3ffec863e9c77ff31ee386197679adab2a0e93bbe0c66ffe9c4b09b636f6216faa373aa8271678cc57ad46898222df7e2d8b14a5b70130596c0430997c4c04d9b5187fd9bb26b71fd19aacc8e08a3239f0eebca7b2873062a19f327a4a282012ebf9898a5ab6310b8623c864d4dada3ded00ad201ce8f3973f90396f5edc1ba466e16247fe6b0ee98acfd53792cc0fea33647b841596655b8d9efbc14b50fe0b588e4c41e2cbd0a700529e7ca91122d3d1b26e52bf44a0c9fe37cdbc352357f13b2adc68e78a00f6dc88a8e6ea54bd0b2c8276f9e1bfebc8655a1f47b72c25ffa97f4463630cc21428ca3bb381a6d3171d28bb946f746f820247bf3f7bb69caaeb5c47026ca9997e586e657a9e1569312bb443299ef4cfeacc9aaf4fc3aaa4a77a21579234d2aab6fd0234398ae07ca7c57ac6d6a51e025744b1430abce27f7f9b0d0e45c051e34d20db95cadcc0e4e327dbd979166b33e39a3951d0b8dd62c0d1542b69583cfc07b127243cac4b052cb29ccb3592972698fa4cd84633d222d78b8741d5f903f8636d95cddfe2ef13829df9ce32705edfda51ded2f0ef38f60a33a2e00373107eef56a01acb5e05d849279b5987343c8bbc73ea660ceaf7c9b90c0a8e1412ff3f517cef8fe604d7a26e085170a76e1bf43f5d1bb77ee771fe841d59fe2cc2874d25bf991b4af6bf9ffe1bfbf3a5587006b60bab5bdfd5a3192e82d474ecab0ab656967856c84cba9469c5823c1d1bf104d2a21c071bb08b2a137883dd9c8f545d6958db8efa45263ae303de76e70f2f6a10e1858e6654004f2a099dc31950ee730c465e0a1822935e309d41650fba489aa3050eedbf3f058d24d1f04fc340966e42d72052d84a66789ccf75000c3fc83b8842badd6b22ddaaaf53ed34e25c1b638e3630d66a7903405052902cf8e7395d54679e2f4a2bf7c8c89b0dc38969376ea164fe97b37b1172e6e8f05a929aa373108e891a64e38e18b432a115a44d754811e03c4f4ae7c525a6b9b92aab0d16967ee1a64eeeb2207c094f6aa96f126d058eff22435a4ae76c31f888ee13b327d2cab4ab5a56abf4cae88c583dd67129271708aa17f4f10886ead0e12734314bd4a49e64349beba4abdf94a1fb23a72cf7e16b5af2f1706d9646a5ff7dbf5c7b1cb2c3781346167b15d4625841d9f3d14392db1d39101d37175c42c522229db0708544058d75cebf3e399cd443d1b943c6f3017a898bd49836a8d92519deb810712aed76602682ef0df2be270734eeda7f289a76f4684baf75702a1ac3da005e62b83f794b934cf882db5d50e5ed4aca868e300d690c0b10daf0a47486e9f49d1b08eac6cf5090ddd2443b1459b2df86ab3447b2b5c6afe8aadb410de6a84b640e326eb882832d1a9cb12e0b8f13aef579f404af8631cdd5a30a031dad19cdf247575dd223229330f19fe4d88c51242217397acf66b86c743de283d5df7212fce59af17eb702eccab192f56f054a33709d41841e4a39638e02b4210559593f9b5c44fd22d9da637ef1a3a0a41c40469990dc4beec30a05b67931c0560d9a59fa875f3e26fd1eb32655aa30c7a1cd3d541716fdaacdda206328f3cbc8f16fc2be26690f18963a16febbaf2cb6c199330579ca067c60b54cbdd211c1350e066448fb50ae28ed58788ac98f0ded3414c8735ab90639916e26ab29102cc2609035e56d9b9d2dbc98118835bcf0e437c77052efe2293d9f19b7197aa1b94b10997b0b1efdef251de8945a97fec885f032c3bee2447335230b866d7aef515b04664d0c59e18233f9a229969e3e17d69716413ca3bc55f5959e340627ea803f7b26f4a74295b295344a3685287093998a1ce75b1ed5d730c9aec812617b4c200a0250c9ef8ef7d2fcfc59ef97422eca746bc6451a5b77307d14c1cfa0ea2c8eb7cf7819644577a6456efec0af058a0e3c8ec371019009462bfe174a11368b57fbe3090208a57b2236b97edc32cda5c6fc988cbaaf91c4020a06a7ad45519eaa761e045fc84d3219b287206282347a031ef1e7b7dbc67de738fa8f9fe71c44201fd1d548f8aebe93bf502d64d4b5f470a419e3fcd87f0616b9813048311ed20ac2efd7f18dcd6889542208b50c28c8c0700f73fa33a964e38d699819cab2098c6ff081266721cdced87ff41948c84037485f30d38a99eeeb3ff4c3049742a29eb09bb35c358e732546267c165a62fee9e25abdafdb8a48785bd432d160797e7a41d580f59d7d8e59b3e6b954d39f86db33b8f7cabde43e8e04cac1fcf9aa6fdbe4326e0d9c782d9a630055b36f85c2b8efebf18f42ef14ee5eb1d33ca322db69704f8bb90bf30eb05908b8d8ed169580923f53a6539cc3b55baa47718053d2ff103c23d90f9cb49ddc7d759950f605bafabcb7953c042c0523b84da994529a87ad68fc6f0709fd7af5fc20e53a17d3f5fd4d25fc5ff6598c6ddfc34668a08ee5e066d81a65e7979c50c08febf76dc5a3a405f551bb8449d94ea0dfdad6dd6dd6d6e4486f4ae1d2523c05f46198d8af4da12873ebdf7d6b5f2d0f1b2d29759ab0d78e34ae6f17b7ab83518cf8b18836ea5630ee934e5ecc123f0d3fe6b803ae1f735d65dcadcaaf6660e02ecad0290f6ead0594733a10b2b1654a44244424fa8b3180b551ac401828203e61603b017106e2256f01b9f26db33897167d9defb54ddfe49334150574493895370bad46cc658667aa9a8ed333c86f112b2a542936af92e2f933254b6fb0b1a599eec3bf2e476ae6714e2486dd31b29e4d26838d84bd7a62c62beab3ba71642278ecaf2e50d70670d9fdff105019791d36321bc57fdfd8f65f2ea1cb188035ecabf6140e777b7e6d2177ac29e9a1a2f87dd54d96184bb1a855bd9efdadfc606f13621f40e07cd8be9c2435c8c90b4ccba5eb7ddcf8cf1f76617c9a9e011abf4a63ffe31df63ecacb8b1d2d653e613cb399ce079392f9ca2e226c60b6e8103447c24c1f80d42e1ee747997602ae3ccff8f9f98ce9b56f6f3e3c0ba507df8b2169539cfc946c42da72644feb9b3b582ce332f8b2eda02192958194903d17b3e9b4bd60d08cd9a7989d946ece6d8dc01d6b66a7851bb11e4b075d38081d3ce7bf1875fec9daf47a589abdb72763c9747b83a28389238b0279c8e41db6521130420851acac463664a97be2190aff921923475f2c1f8a87d1169229e5f10dd0a92221e61358b156020f2c9ca2cb6580743a8d5e3c59e6fd97a7a246211450c7c62f1891cedb434102f8794d81c1caf2c1b4ae18b7c4b9c88de5c51da33e3343cef76da0d00341c2e60c4562c162e41a7efa8290cc9061f3d6a592d5f104c5018f31bcaf912bdd37370fbf8fedf0aa9026c1142299197d67ab026756927b5864ea42c45a82c23c275697d31a1b7900670c9a3c967d12974543c11f20c367a336bea9b9ebe480f9c806528138dff35c5f56b1199b75748e9c5cf50e6a32397dc3eeb04c3636c0848a5e13df8a9758bacea231f34cba13b466360b0dec69f74f8bf9a2dcf3dd94fa3a7d27e8caae00240559d75875ef9c619416593ca0072e7f38caae5a530c62dbe00e38c12cb8b924d63fca4d5c3a4c8f50e8f4f86fc1fe2b163219c46c21eb783e587e18e07ab7e1927a646c4f154c5000cb65ce9528457c3c66f43d9ab7d61580df0ecfb31cb38e4cbcdc3dafcca57311abec6b74048c8b74505ba678a4db07ed7243c70a821aee66a487bf91fd273418f8ef657d1eeb9ea6f095d47641e9f9fa30599e8b9c6b4453a1a5e8afd86fcafb46dd095fa4a98a2b26470e2c799b08c6000f5c3c4e28961463724377f37813f3922484fda986eb7c93ae8365baf648acbb344ca7e044d7ba93e7ba35c31085f3f99c5fdb2f9f2845f00b8590395e8ff730b86f5dd7f52297b8ecd5d5a6bb452bcd12b98d6adb27e7ef0e84b9567c66093ca3edab7e64ac4f56360501d81823ea2b1595f934c5f61c8558304c16154109a983a2af8725c7af91b5bc57e555768aa8115236a6ccc921d472b608eb6b82c4ba3747d79027d7856fae5369aa325df6a76138a5b41a94377eeeb251087e0b8510d8890e3f7a0cffaeddb9d2c29bc89f952489f82ee2e2b485cd297e6d30683701623cf73ee9ee606baeae9c3afba287eff57731b9cfaf034b1f56c8b31a32a1078c4fcab298c3f925a8e7cacceb9edf7ba2e54d31033a25462021e4a3c0bf5af341b462ee4417024da7c12c7f385de3af129aef1338a9c1fd68323d07ff47ec8bcca66b44300624d02c9202a2d093c3c85fd922b57b3bd14162c8ca5690734b7e4e4b8980b73a8e9908a9fa3dd508b30e3b1e1fd4ec388affa27c4bc26ca2820e0a902d51ff94984e8894fa5fca7b8704b7600ca6d6b1b1527ea999fcdf8fe3b290ec0036cad222f92cf8a5a54d0fa91de6e74ef61f60a233c9f15fdc86226c3f688de15ed8f0c3f1bc3afcad87cee47a19384afc6a804f197339ebce4aca211dbe0504a000755d18f20c4ecacd4123acdff7653cbb26456499495662508c8186afb883f5481c6bdf88cf137e263bde9d62f054573e0d1454cc119c95d4d9011332bd77682f79debcf5c21f0be7e9a83a58cec34e7cfb17a8122e030669228e4d3d9e274a678c5b77e6180aacc2fa8eb9952c5b04de6b2c7bee591badab96a3c3248c275b5b8faf5394eacc427a840570033be5006c33ce2d2c6e54f08681c3f74ad2fe54bca6dc62a9d84f6c58509c1e5dd5cfcc7a358493d428de48dfc1bc3f74154801c97e6aae38445045320b4cf66c1e56eb6ea2c1218de65f120b463c5cfb9255b3a25eb6e848cbd977f0605d71c561c2a754f5761c31f84101ee8178782cc8cf70b41a2204c5cb2f3134d572327fe4bbc1792249dfcf0ae7ba5d81fb5ae4a7978d044085f3b7f2e398c05733e2bf456cae898f8b5a81e9c79179bb5ca716713fce643dabe21eaee4386e646e25ad3adc5a4ad40f9bd6743f5f742efb1a674ffdbd2ced56c646ae590eb8f10283b47f57e6f96ad76adebecb24df74020b096fdee3c8d780d563a915f73c8b0246b861cd3a8580d5cf75798e8cf1c5875724661a39277e7165fe48ed8d5e6a20d68239f626fe8ea434a4e6e03ea434ec68c4b92a0fc2af15a135d6cbaeeca39a0c1896dab33daac", 0x2000, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, 0x50)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006780)={0x90, 0x0, 0x0, {0x5, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2000, 0x0, r2, 0x0, 0x440}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = open(&(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x0)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)

1.689749773s ago: executing program 3 (id=824):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x40)
fcntl$notify(r0, 0x402, 0x8000003d) (async)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0) (async)
syz_open_dev$vim2m(&(0x7f0000000000), 0x7f, 0x2) (async)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000000040), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r1, 0x45809000) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async, rerun: 32)
mremap(&(0x7f00005ab000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil) (rerun: 32)
mlock2(&(0x7f00002e5000/0xc00000)=nil, 0xc00000, 0x0)

1.662483235s ago: executing program 0 (id=825):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040ac054382408b0b00000109022400010000002009040000fd0301000009210000000122010009"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000003c0)={0x24, 0x0, 0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="002281"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f00000000c0), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r1, 0x81044804, &(0x7f0000000400)={0x1})

1.284369002s ago: executing program 2 (id=827):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x58, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x5, 0x0, {0xf, 0x4, 0x2, 0x1f, 0x0, 0x68, 0x53ca, 0x3, 0x6, 0x2006, @broadcast, @broadcast, {[@cipso={0x86, 0x28, 0x3, [{0x5, 0xc, "fac03c8b8493f23873f7"}, {0x5, 0xb, "67f54951950fc96486"}, {0x2, 0x2}, {0x6, 0x3, '~'}, {0x5, 0x6, "a482ba06"}]}]}}}}}, 0x66)

1.245210713s ago: executing program 3 (id=828):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000004000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002100)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x200000000, 0x20000000, 0x4, 0x6, 0x4, {0x0, 0x10001, 0x0, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x0, 0x0, 0xfffffffc, r2, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x26, 0x2d, 0xfffffffff323ca46, 0x0, 0xfffc, 0x6, 0x5d3186cf, 0x0, 0x0, 0x1, 0x10001}}, 0x50)
creat(&(0x7f0000000180)='./file0/file0\x00', 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46380e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec1567e866497bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a9031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f7500", 0x2000, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x80000001, {{0x4040001, 0x0, 0x108000005, 0x0, 0xfff, 0x1, {0x1, 0xfffffffd, 0x1137, 0xffff, 0x14000000, 0x1, 0x1ff, 0x9, 0x0, 0x2000, 0x2, 0xee00, r3, 0xfffffff9, 0x1}}, {0x0, 0xd}}}, 0x0, 0x0})

1.156450782s ago: executing program 3 (id=829):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10) (fail_nth: 2)

1.058568814s ago: executing program 2 (id=830):
creat(&(0x7f0000000140)='./file0\x00', 0x71)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$binderfs_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder-control\x00', 0x2, 0x0)
ioctl$BINDER_CTL_ADD(r1, 0xc1086201, &(0x7f0000000f00)={'binder0\x00'})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000340)={'wpan1\x00', <r4=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000600)={0x28, r2, 0x1, 0x70bd29, 0x0, {}, [@NL802154_ATTR_SEC_DEVKEY={0xc, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x400}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}]}, 0x28}, 0x1, 0x0, 0x0, 0x24000000}, 0x50)
r5 = socket(0x11, 0x800000002, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000540)={'wlan0\x00', {0x2, 0x0, @private=0xf30a0000}})
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000001440)='./file0\x00', &(0x7f0000000000)='bfs\x00', 0x208003, 0x0)

747.142627ms ago: executing program 3 (id=831):
r0 = gettid()
clock_nanosleep(0x2, 0x225c17d03, &(0x7f0000000140)={0x77359400}, 0x0)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000002d00)={0xfffffffe, 0x0, 0xffffffff})
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000100)={0xb8, 0x2, 0x6, 0x101, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0x78, 0x7, 0x0, 0x1, [@IPSET_ATTR_CIDR={0x5, 0x3, 0x6}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @empty}}, @IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x7}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty}}, @IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0xf11}, @IPSET_ATTR_LINENO={0x8, 0x9, 0x1, 0x0, 0x543}, @IPSET_ATTR_MAXELEM={0x8, 0x13, 0x1, 0x0, 0x8001}, @IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @private1}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:ip,mark\x00'}]}, 0xb8}, 0x1, 0x0, 0x0, 0x24040844}, 0x800)
connect$inet(r1, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
sendmsg$IPSET_CMD_HEADER(r2, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000080)={0x4c, 0xc, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0xc000}, 0x40)

746.808286ms ago: executing program 1 (id=832):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0x8, 0x0, 0x7fc00000}]})
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r1, 0x40047211, &(0x7f0000000040)=0x31)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r0, 0x40182103, &(0x7f0000000300)={0x0, 0x3, r0, 0xc87a, 0x80000})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYRES8=0x0], 0x2d)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x0)
mmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x2000000, 0x80010, r2, 0xc1e37000)

636.666913ms ago: executing program 2 (id=833):
syz_clone3(&(0x7f0000000080)={0x100801000, &(0x7f0000000180), 0x0, 0x0, {0x19}, 0x0, 0x0, 0x0, 0x0}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x2, 0x0, 0x0, 0x0, 0x0, 0xd000})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

483.896968ms ago: executing program 2 (id=834):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x22052, r0, 0x2000)
mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0x2000009, 0x4d032, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [], 0x6b}})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000000000)=@x86={0x4, 0x56, 0x7, 0x0, 0x8001, 0x2, 0x6, 0x80, 0x5, 0x80, 0xe, 0x8, 0x0, 0xef6, 0x7fff, 0x21, 0x2, 0xe, 0xe, '\x00', 0x5})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)

98.447971ms ago: executing program 2 (id=835):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000240)={@val={0x3, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0x6c, 0x1400, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @time_exceeded={0xb, 0x0, 0x0, 0x0, 0x5, 0x0, {0x14, 0x4, 0x2, 0x1f, 0x0, 0x68, 0x53ca, 0x3, 0x6, 0x2006, @broadcast, @broadcast, {[@cipso={0x86, 0x35, 0x3, [{0x5, 0xc, "fac03c8b8493f23873f7"}, {0x5, 0xb, "67f54951950fc96486"}, {0x2, 0x2}, {0x6, 0x2}, {0x5, 0x7, "a482ba0678"}, {0x5, 0x9, "1d5bc15d445fd7"}, {0x2, 0x4, 't<'}]}, @ssrr={0x89, 0x7, 0x56, [@initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}}, 0x7a)

0s ago: executing program 2 (id=836):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x2c, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x10, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x4}]}]}, 0x2c}}, 0x0) (fail_nth: 2)

kernel console output (not intermixed with test programs):

h 255, skipping remainder of the config
[   91.364760][ T5891] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   91.378328][ T5891] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   91.387838][ T5891] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.400719][ T5891] usb 1-1: config 0 descriptor??
[   91.413735][ T5891] hub 1-1:0.0: bad descriptor, ignoring hub
[   91.419924][ T5891] hub 1-1:0.0: probe with driver hub failed with error -5
[   91.429888][ T5891] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[   91.531134][ T5948] vxfs: WRONG superblock magic 00000000 at 1
[   91.538124][ T5948] vxfs: WRONG superblock magic 00000000 at 8
[   91.547431][ T5948] vxfs: can't find superblock.
[   91.714547][ T5836] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:7.0/0003:0458:5010.0001/input/input5
[   91.871173][ T5953] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11'.
[   91.894255][ T5953] Zero length message leads to an empty skb
[   91.935538][ T5836] kye 0003:0458:5010.0001: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0
[   92.033004][    T9] cfg80211: failed to load regulatory.db
[   92.042969][ T5836] usb 4-1: USB disconnect, device number 2
[   92.162032][ T5959] netlink: 16 bytes leftover after parsing attributes in process `syz.2.12'.
[   92.306818][ T5957] fido_id[5957]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[   92.351850][ T5963] capability: warning: `syz.2.14' uses deprecated v2 capabilities in a way that may be insecure
[   92.553897][ T5868] usb 1-1: USB disconnect, device number 2
[   92.608410][ T5969] warning: `syz.2.16' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   92.693090][ T5836] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   92.863927][ T5836] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[   92.874999][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   92.889275][ T5836] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   92.902174][ T5836] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[   92.932821][ T5836] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[   92.943408][ T5836] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[   92.951832][ T5836] usb 2-1: Manufacturer: syz
[   92.966110][ T5836] usb 2-1: config 0 descriptor??
[   92.972390][ T5837] Bluetooth: hci0: command tx timeout
[   92.996383][ T5837] Bluetooth: hci1: command tx timeout
[   93.051808][ T5837] Bluetooth: hci3: command tx timeout
[   93.053540][ T5849] Bluetooth: hci2: command tx timeout
[   93.424025][ T5836] appleir 0003:05AC:8243.0002: unknown main item tag 0x0
[   93.471404][ T5836] appleir 0003:05AC:8243.0002: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0

syzkaller
syzkaller login: [   94.445463][ T5922] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   94.643751][ T5922] usb 1-1: Using ep0 maxpacket: 16
[   94.656270][ T5922] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[   94.674006][ T5922] usb 1-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   94.708274][ T5922] usb 1-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[   94.732960][ T5922] usb 1-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   94.752786][ T5922] usb 1-1: config 7 interface 0 has no altsetting 0
[   94.760567][ T5922] usb 1-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[   94.784140][ T5922] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   94.844792][ T6002] vxfs: WRONG superblock magic 00000000 at 1
[   94.854892][ T6002] vxfs: WRONG superblock magic 00000000 at 8
[   94.860970][ T6002] vxfs: can't find superblock.
[   95.271627][ T5882] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   95.297783][ T5922] input: HID 0458:5010 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:7.0/0003:0458:5010.0003/input/input6
[   95.543482][ T5882] usb 3-1: Using ep0 maxpacket: 32
[   95.549649][   T43] usb 2-1: USB disconnect, device number 2
[   95.569640][ T5882] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[   95.585890][ T5882] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   95.635044][ T5882] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[   95.648205][ T5882] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.683883][ T5922] kye 0003:0458:5010.0003: input,hiddev1,hidraw1: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.0-1/input0
[   95.774283][ T5882] usb 3-1: config 0 descriptor??
[   95.796379][ T5882] hub 3-1:0.0: bad descriptor, ignoring hub
[   95.826426][ T5922] usb 1-1: USB disconnect, device number 3
[   95.832431][ T5882] hub 3-1:0.0: probe with driver hub failed with error -5
[   95.864804][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   95.884201][ T5882] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[   96.096472][ T6008] fido_id[6008]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/report_descriptor': No such file or directory
[   97.161878][    T9] usb 3-1: USB disconnect, device number 2
[   97.447511][ T6026] vxfs: WRONG superblock magic 00000000 at 1
[   97.461973][ T6026] vxfs: WRONG superblock magic 00000000 at 8
[   97.486055][ T6026] vxfs: can't find superblock.
[   98.162825][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.171559][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   98.179775][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[   98.265184][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   98.722492][ T5935] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   98.906431][ T5935] usb 3-1: Using ep0 maxpacket: 16
[   98.950620][ T5935] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[   98.971291][ T5935] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   99.001424][ T5935] usb 3-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.018753][ T5935] usb 3-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   99.034969][ T5935] usb 3-1: config 7 interface 0 has no altsetting 0
[   99.042208][ T5935] usb 3-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[   99.055844][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.142250][ T5978] Set syz1 is full, maxelem 65536 reached
[   99.341246][ T6050] vxfs: WRONG superblock magic 00000000 at 1
[   99.349764][ T6050] vxfs: WRONG superblock magic 00000000 at 8
[   99.357819][ T6050] vxfs: can't find superblock.
[   99.541753][ T5922] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   99.549774][ T5935] input: HID 0458:5010 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:7.0/0003:0458:5010.0004/input/input7
[   99.681681][ T5922] usb 4-1: device descriptor read/64, error -71
[   99.715337][ T5935] kye 0003:0458:5010.0004: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.2-1/input0
[   99.804043][ T5935] usb 3-1: USB disconnect, device number 3
[   99.842775][ T6060] netlink: 8 bytes leftover after parsing attributes in process `syz.0.54'.
[   99.894300][ T6060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.54'.
[   99.954760][ T5922] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   99.957178][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[   99.971138][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  100.003315][ T6059] fido_id[6059]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  100.131727][ T5922] usb 4-1: device descriptor read/64, error -71
[  100.271703][ T5922] usb usb4-port1: attempt power cycle
[  100.543717][ T6073] 9pnet_fd: Insufficient options for proto=fd
[  100.722756][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.731065][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  100.740431][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  100.851649][ T5922] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  100.873124][ T5922] usb 4-1: device descriptor read/8, error -71
[  101.121793][ T5922] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  101.177465][ T5922] usb 4-1: device descriptor read/8, error -71
[  101.265651][ T6085] netlink: 8 bytes leftover after parsing attributes in process `syz.1.64'.
[  101.333380][ T5922] usb usb4-port1: unable to enumerate USB device
[  101.385812][ T6089] netlink: 36 bytes leftover after parsing attributes in process `syz.1.64'.
[  102.624859][ T6099] 9pnet_fd: Insufficient options for proto=fd
[  103.168257][ T6116] fuse: Bad value for 'rootmode'
[  103.901740][   T43] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  103.913173][ T6121] netlink: 8 bytes leftover after parsing attributes in process `syz.3.77'.
[  104.041636][   T43] usb 1-1: device descriptor read/64, error -71
[  104.052609][ T6123] netlink: 16 bytes leftover after parsing attributes in process `syz.3.77'.
[  104.665318][   T43] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  104.881603][   T43] usb 1-1: device descriptor read/64, error -71
[  104.992219][   T43] usb usb1-port1: attempt power cycle
[  105.471690][   T43] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  105.492215][   T43] usb 1-1: device descriptor read/8, error -71
[  105.731652][   T43] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  105.762820][   T43] usb 1-1: device descriptor read/8, error -71
[  105.882682][   T43] usb usb1-port1: unable to enumerate USB device
[  106.321321][ T6071] Set syz1 is full, maxelem 65536 reached
[  106.344993][ T6122] Set syz1 is full, maxelem 65536 reached
[  106.769610][ T5922] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  106.933931][ T5922] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  106.955124][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.969611][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.981604][ T5922] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  107.006045][ T5922] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  107.016810][ T5922] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  107.175261][ T5922] usb 3-1: Manufacturer: syz
[  107.315655][ T5922] usb 3-1: config 0 descriptor??
[  107.740921][ T5922] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  107.784240][ T5922] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  107.878299][ T6150] fuse: Bad value for 'rootmode'
[  108.743364][ T6160] netlink: 8 bytes leftover after parsing attributes in process `syz.3.90'.
[  108.762973][ T6160] Set syz1 is full, maxelem 65536 reached
[  108.782374][ T6160] netlink: 16 bytes leftover after parsing attributes in process `syz.3.90'.
[  109.929863][ T5836] usb 3-1: USB disconnect, device number 4
[  110.101583][    T9] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  110.311628][    T9] usb 4-1: device descriptor read/64, error -71
[  110.561661][    T9] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  110.720980][    T9] usb 4-1: device descriptor read/64, error -71
[  110.842022][    T9] usb usb4-port1: attempt power cycle
[  110.907785][ T6175] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  111.256983][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  111.304670][    T9] usb 4-1: device descriptor read/8, error -71
[  111.544879][    T9] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  111.581588][    T9] usb 4-1: device descriptor read/8, error -71
[  111.822962][    T9] usb usb4-port1: unable to enumerate USB device
[  112.634647][ T6191] fuse: Bad value for 'rootmode'
[  114.951714][ T5882] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  115.111844][ T5882] usb 3-1: device descriptor read/64, error -71
[  115.441723][ T5882] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  115.641624][ T5882] usb 3-1: device descriptor read/64, error -71
[  115.789701][ T5882] usb usb3-port1: attempt power cycle
[  116.138565][ T6162] Set syz1 is full, maxelem 65536 reached
[  116.165160][ T5882] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  116.222096][ T5882] usb 3-1: device descriptor read/8, error -71
[  116.320613][ T6224] fuse: Unknown parameter 'use00000000000000000000'
[  116.533954][ T5882] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  116.592350][ T5882] usb 3-1: device descriptor read/8, error -71
[  116.745593][ T5882] usb usb3-port1: unable to enumerate USB device
[  117.485560][ T6240] vxfs: WRONG superblock magic 00000000 at 1
[  117.504409][ T6240] vxfs: WRONG superblock magic 00000000 at 8
[  117.517486][ T6240] vxfs: can't find superblock.

syzkaller
syzkaller login: [  118.257935][ T6255] netlink: 16 bytes leftover after parsing attributes in process `syz.0.123'.
[  118.293588][ T6255] Set syz1 is full, maxelem 65536 reached
[  118.438539][ T6257] fuse: Unknown parameter 'use00000000000000000000'
[  118.949396][ T6266] No control pipe specified
[  119.241883][   T43] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  119.381973][   T43] usb 2-1: device descriptor read/64, error -71
[  119.398782][ T5935] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  119.596685][ T5935] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  119.651766][ T5935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.664492][   T43] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  119.702453][ T5935] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.741912][ T5935] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  119.821977][ T5935] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  119.831068][ T5935] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  119.852010][   T43] usb 2-1: device descriptor read/64, error -71
[  119.871942][ T5935] usb 3-1: Manufacturer: syz
[  119.898381][ T5935] usb 3-1: config 0 descriptor??
[  119.982147][   T43] usb usb2-port1: attempt power cycle
[  120.130462][ T6283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'.
[  120.141242][ T6283] Set syz1 is full, maxelem 65536 reached
[  120.151251][ T6283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.134'.
[  120.321715][   T43] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  120.330898][ T5935] appleir 0003:05AC:8243.0006: unknown main item tag 0x0
[  120.343120][ T5935] appleir 0003:05AC:8243.0006: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  120.354988][   T43] usb 2-1: device descriptor read/8, error -71
[  120.524260][ T5934] usb 3-1: USB disconnect, device number 9
[  120.592444][   T43] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  120.622465][   T43] usb 2-1: device descriptor read/8, error -71
[  120.742071][   T43] usb usb2-port1: unable to enumerate USB device
[  121.190704][ T6297] fuse: Unknown parameter 'use00000000000000000000'
[  122.235179][ T6305] No control pipe specified
[  122.423161][ T6312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'.
[  122.456579][ T6312] Set syz1 is full, maxelem 65536 reached
[  122.477900][ T6312] netlink: 8 bytes leftover after parsing attributes in process `syz.0.143'.
[  123.581997][ T5934] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  123.633943][ T6333] vxfs: WRONG superblock magic 00000000 at 1
[  123.653842][ T6333] vxfs: WRONG superblock magic 00000000 at 8
[  123.660474][ T6333] vxfs: can't find superblock.
[  123.753435][ T5934] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  123.783679][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.802071][ T5882] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  123.821800][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.833970][ T5934] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  123.882426][ T5934] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  123.892009][ T5934] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  124.672500][ T5934] usb 2-1: Manufacturer: syz
[  124.701732][ T5882] usb 4-1: device descriptor read/64, error -71
[  124.722021][ T5934] usb 2-1: config 0 descriptor??
[  124.941672][ T5882] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  125.093926][ T5882] usb 4-1: device descriptor read/64, error -71
[  125.165020][ T5934] appleir 0003:05AC:8243.0007: unknown main item tag 0x0
[  125.202463][ T5934] appleir 0003:05AC:8243.0007: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  125.236027][ T5882] usb usb4-port1: attempt power cycle
[  125.378926][ T5836] usb 2-1: USB disconnect, device number 7
[  125.591620][ T5882] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  125.652564][ T5882] usb 4-1: device descriptor read/8, error -71
[  125.892438][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.153'.
[  125.901711][ T5882] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  125.915997][ T6348] Set syz1 is full, maxelem 65536 reached
[  125.941791][ T5882] usb 4-1: device descriptor read/8, error -71
[  125.948804][ T6348] netlink: 8 bytes leftover after parsing attributes in process `syz.0.153'.
[  126.052104][ T5882] usb usb4-port1: unable to enumerate USB device
[  127.111603][ T5882] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  127.284073][ T5882] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  127.297294][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.309349][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.319542][ T5882] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  127.350616][ T5882] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  127.368790][ T5882] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  127.393254][ T5882] usb 2-1: Manufacturer: syz
[  127.418168][ T5882] usb 2-1: config 0 descriptor??
[  127.854857][ T5882] appleir 0003:05AC:8243.0008: unknown main item tag 0x0
[  127.885459][ T5882] appleir 0003:05AC:8243.0008: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  128.012242][ T5934] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  128.056235][ T5882] usb 2-1: USB disconnect, device number 8
[  128.189362][ T5934] usb 1-1: no configurations
[  128.195758][ T5934] usb 1-1: can't read configurations, error -22
[  128.342513][ T5934] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  128.503199][ T5934] usb 1-1: no configurations
[  128.507851][ T5934] usb 1-1: can't read configurations, error -22
[  128.531868][ T5934] usb usb1-port1: attempt power cycle
[  128.876537][ T5934] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  128.917996][ T5934] usb 1-1: no configurations
[  128.922929][ T5934] usb 1-1: can't read configurations, error -22
[  128.954252][ T6407] fuse: Unknown parameter 'user_i00000000000000000000'
[  129.052706][ T5934] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  129.093012][ T5934] usb 1-1: no configurations
[  129.098893][ T5934] usb 1-1: can't read configurations, error -22
[  129.109255][ T5934] usb usb1-port1: unable to enumerate USB device
[  129.811630][ T5836] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  129.993284][ T5836] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  130.019623][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.051367][ T5836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.075130][ T5836] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  130.112233][ T5836] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  130.122899][ T5836] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  130.131128][ T5836] usb 3-1: Manufacturer: syz
[  130.140602][ T5836] usb 3-1: config 0 descriptor??
[  130.558210][ T5836] usbhid 3-1:0.0: can't add hid device: -71
[  130.582400][ T5836] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  130.610709][ T5836] usb 3-1: USB disconnect, device number 10
[  131.905193][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.1.187'.
[  132.014448][ T6444] netlink: 12 bytes leftover after parsing attributes in process `syz.1.187'.
[  132.811581][ T5836] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  132.986742][ T5836] usb 1-1: Using ep0 maxpacket: 32
[  133.011910][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  133.018545][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  133.027005][ T5836] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  133.047656][ T5836] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  133.075632][ T5836] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  133.098472][ T5836] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.130721][ T5836] usb 1-1: config 0 descriptor??
[  133.161101][ T5836] hub 1-1:0.0: bad descriptor, ignoring hub
[  133.251601][ T5836] hub 1-1:0.0: probe with driver hub failed with error -5
[  133.260687][ T5836] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  133.742120][    T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  133.904144][    T9] usb 4-1: no configurations
[  133.909053][    T9] usb 4-1: can't read configurations, error -22
[  134.001634][ T5882] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  134.071688][    T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  134.165708][ T5882] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  134.171950][   T43] usb 1-1: USB disconnect, device number 12
[  134.177625][ T5882] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.221693][ T5882] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.233242][    T9] usb 4-1: no configurations
[  134.237868][    T9] usb 4-1: can't read configurations, error -22
[  134.251770][ T5882] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  134.266288][    T9] usb usb4-port1: attempt power cycle
[  134.284137][ T5882] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  134.293713][ T5882] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  134.311541][ T5882] usb 3-1: Manufacturer: syz
[  134.322903][ T5882] usb 3-1: config 0 descriptor??
[  134.621914][    T9] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  134.663145][    T9] usb 4-1: no configurations
[  134.670060][    T9] usb 4-1: can't read configurations, error -22
[  134.785987][ T5882] usbhid 3-1:0.0: can't add hid device: -71
[  134.799340][ T5882] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  134.827545][    T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  134.842875][ T5882] usb 3-1: USB disconnect, device number 11
[  134.862752][    T9] usb 4-1: no configurations
[  134.867395][    T9] usb 4-1: can't read configurations, error -22
[  134.885681][    T9] usb usb4-port1: unable to enumerate USB device
[  135.131931][   T43] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  135.303266][   T43] usb 1-1: config 0 has an invalid interface number: 106 but max is 0
[  135.318246][   T43] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.331556][   T43] usb 1-1: config 0 has no interface number 0
[  135.339399][   T43] usb 1-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 43
[  135.372985][   T43] usb 1-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  135.421609][   T43] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  135.430769][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.452531][   T43] usb 1-1: config 0 descriptor??
[  135.462509][ T6469] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  135.502520][   T43] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  135.790457][   T43] usb 1-1: USB disconnect, device number 13
[  135.833315][ T2971] usb 1-1: Failed to submit usb control message: -71
[  135.840424][ T2971] usb 1-1: unable to send the bmi data to the device: -71
[  135.848305][ T2971] usb 1-1: unable to get target info from device
[  135.856290][ T2971] usb 1-1: could not get target info (-71)
[  135.862710][ T2971] usb 1-1: could not probe fw (-71)
[  136.083573][ T6486] fuse: Unknown parameter 'user_id00000000000000000000'
[  137.301689][ T5868] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  137.387911][ T6441] Set syz1 is full, maxelem 65536 reached
[  137.461792][ T5868] usb 3-1: Using ep0 maxpacket: 32
[  137.475292][ T5868] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  137.506694][ T5868] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  137.539166][ T5868] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  137.571648][ T5868] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.612073][ T5868] usb 3-1: config 0 descriptor??
[  137.638230][ T5868] hub 3-1:0.0: bad descriptor, ignoring hub
[  137.645948][ T5868] hub 3-1:0.0: probe with driver hub failed with error -5
[  137.664407][ T5868] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  138.064911][ T6516] fuse: Unknown parameter 'user_id00000000000000000000'
[  138.399804][ T6523] netlink: 8 bytes leftover after parsing attributes in process `syz.1.215'.
[  138.410802][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.1.215'.
[  138.451710][ T5868] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  138.585214][    T9] usb 3-1: USB disconnect, device number 12
[  138.622567][ T5868] usb 4-1: no configurations
[  138.627221][ T5868] usb 4-1: can't read configurations, error -22
[  138.663210][ T6528] overlayfs: failed to resolve './file1': -2
[  138.771619][ T5868] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  138.932523][ T5868] usb 4-1: no configurations
[  138.937391][ T5868] usb 4-1: can't read configurations, error -22
[  138.955076][ T5868] usb usb4-port1: attempt power cycle
[  139.099442][ T6544] fuse: Bad value for 'fd'
[  139.204170][ T6546] fuse: Bad value for 'fd'
[  139.266171][ T6549] netlink: 8 bytes leftover after parsing attributes in process `syz.1.226'.
[  139.322494][ T5868] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  139.363136][ T5868] usb 4-1: no configurations
[  139.367966][ T5868] usb 4-1: can't read configurations, error -22
[  139.511638][ T5868] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  139.533425][ T5868] usb 4-1: no configurations
[  139.538286][ T5868] usb 4-1: can't read configurations, error -22
[  139.552018][ T5868] usb usb4-port1: unable to enumerate USB device
[  139.611318][ T6558] overlayfs: failed to resolve './file1': -2
[  140.060021][ T6573] fuse: Bad value for 'fd'
[  140.112230][ T5882] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  140.136611][ T6576] netlink: 8 bytes leftover after parsing attributes in process `syz.1.235'.
[  140.251452][ T6580] overlayfs: failed to resolve './file0': -2
[  140.271665][ T5882] usb 1-1: Using ep0 maxpacket: 32
[  140.285852][ T5882] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  140.301759][ T5882] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  140.319397][ T5882] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  140.329497][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.349672][ T5882] usb 1-1: config 0 descriptor??
[  140.359725][ T5882] hub 1-1:0.0: bad descriptor, ignoring hub
[  140.376242][ T5882] hub 1-1:0.0: probe with driver hub failed with error -5
[  140.407518][ T5882] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  140.516995][ T6588] overlayfs: failed to resolve './file0': -2
[  140.596816][ T6590] fuse: Bad value for 'fd'
[  141.038281][ T5935] usb 1-1: USB disconnect, device number 14
[  141.116013][ T6600] fuse: Bad value for 'fd'
[  141.427610][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.245'.
[  141.519629][ T6614] netlink: 104 bytes leftover after parsing attributes in process `syz.2.249'.
[  141.555774][ T6617] overlayfs: failed to resolve './file0': -2
[  141.844017][ T6628] hpfs: Bad magic ... probably not HPFS
[  141.951572][   T43] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  142.133738][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  142.144183][   T43] usb 2-1: config 0 has no interfaces?
[  142.149692][   T43] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  142.159496][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.171100][   T43] usb 2-1: config 0 descriptor??
[  142.351607][ T5882] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  142.501725][ T5882] usb 1-1: Using ep0 maxpacket: 32
[  142.509540][ T5882] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  142.521206][ T5882] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  142.534361][ T5882] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  142.543650][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.555528][ T5882] usb 1-1: config 0 descriptor??
[  142.570793][ T5882] hub 1-1:0.0: bad descriptor, ignoring hub
[  142.584574][ T5882] hub 1-1:0.0: probe with driver hub failed with error -5
[  142.602152][ T5882] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  142.660302][ T6643] netlink: 8 bytes leftover after parsing attributes in process `syz.2.260'.
[  142.674017][ T6643] Set syz1 is full, maxelem 65536 reached
[  142.699501][ T6643] Set syz1 is full, maxelem 65536 reached
[  144.104232][ T5922] usb 1-1: USB disconnect, device number 15
[  144.706771][ T6676] netlink: 8 bytes leftover after parsing attributes in process `syz.0.271'.
[  144.740171][ T6676] Set syz1 is full, maxelem 65536 reached
[  144.753066][ T5935] usb 2-1: USB disconnect, device number 9
[  144.782429][ T6676] Set syz1 is full, maxelem 65536 reached
[  145.562021][ T5935] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  145.632587][ T6704] netlink: 8 bytes leftover after parsing attributes in process `syz.1.282'.
[  145.746647][ T5935] usb 4-1: Using ep0 maxpacket: 32
[  145.766488][ T5935] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  145.801682][ T5935] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  145.821961][   T43] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  145.841553][ T5935] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  145.851180][ T5935] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0

syzkaller
syzkaller login: [  145.876169][ T5935] usb 4-1: config 0 descriptor??
[  145.905360][ T5935] hub 4-1:0.0: bad descriptor, ignoring hub
[  145.907047][ T6707] vxfs: WRONG superblock magic 00000000 at 1
[  145.911417][ T5935] hub 4-1:0.0: probe with driver hub failed with error -5
[  145.937121][ T5935] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  145.941972][ T6707] vxfs: WRONG superblock magic 00000000 at 8
[  145.953574][ T6707] vxfs: can't find superblock.
[  146.027876][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  146.038120][   T43] usb 3-1: config 0 has no interfaces?
[  146.068125][   T43] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  146.090651][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.132803][   T43] usb 3-1: config 0 descriptor??
[  146.801866][   T43] usb 4-1: USB disconnect, device number 23
[  147.149554][ T6731] FAULT_INJECTION: forcing a failure.
[  147.149554][ T6731] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  147.181627][ T6731] CPU: 0 UID: 0 PID: 6731 Comm: syz.0.291 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  147.181653][ T6731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  147.181672][ T6731] Call Trace:
[  147.181680][ T6731]  <TASK>
[  147.181688][ T6731]  dump_stack_lvl+0x189/0x250
[  147.181722][ T6731]  ? __pfx____ratelimit+0x10/0x10
[  147.181748][ T6731]  ? __pfx_dump_stack_lvl+0x10/0x10
[  147.181768][ T6731]  ? __pfx__printk+0x10/0x10
[  147.181789][ T6731]  ? __might_fault+0xb0/0x130
[  147.181821][ T6731]  should_fail_ex+0x414/0x560
[  147.181858][ T6731]  _copy_from_iter+0x1db/0x16f0
[  147.181898][ T6731]  ? validate_chain+0x897/0x2140
[  147.181918][ T6731]  ? __pfx__copy_from_iter+0x10/0x10
[  147.181952][ T6731]  ? __lock_acquire+0xab9/0xd20
[  147.181989][ T6731]  tun_get_user+0x20f/0x3ce0
[  147.182021][ T6731]  ? aa_file_perm+0x13e/0x11b0
[  147.182046][ T6731]  ? aa_file_perm+0x13e/0x11b0
[  147.182069][ T6731]  ? aa_file_perm+0x3ed/0x11b0
[  147.182094][ T6731]  ? __pfx_tun_get_user+0x10/0x10
[  147.182123][ T6731]  ? __lock_acquire+0xab9/0xd20
[  147.182157][ T6731]  ? ref_tracker_alloc+0x318/0x460
[  147.182176][ T6731]  ? __lock_acquire+0xab9/0xd20
[  147.182205][ T6731]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  147.182232][ T6731]  ? tun_get+0x1c/0x2f0
[  147.182258][ T6731]  ? tun_get+0x1c/0x2f0
[  147.182277][ T6731]  ? tun_get+0x1c/0x2f0
[  147.182301][ T6731]  tun_chr_write_iter+0x113/0x200
[  147.182338][ T6731]  vfs_write+0x54b/0xa90
[  147.182372][ T6731]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  147.182393][ T6731]  ? __pfx_vfs_write+0x10/0x10
[  147.182426][ T6731]  ? __fget_files+0x2a/0x420
[  147.182461][ T6731]  ksys_write+0x145/0x250
[  147.182487][ T6731]  ? __pfx_ksys_write+0x10/0x10
[  147.182507][ T6731]  ? rcu_is_watching+0x15/0xb0
[  147.182532][ T6731]  ? do_syscall_64+0xbe/0x3b0
[  147.182561][ T6731]  do_syscall_64+0xfa/0x3b0
[  147.182586][ T6731]  ? lockdep_hardirqs_on+0x9c/0x150
[  147.182610][ T6731]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.182628][ T6731]  ? clear_bhb_loop+0x60/0xb0
[  147.182652][ T6731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  147.182671][ T6731] RIP: 0033:0x7f4a9f98e929
[  147.182694][ T6731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  147.182710][ T6731] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  147.182737][ T6731] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929
[  147.182751][ T6731] RDX: 000000000000007a RSI: 00002000000006c0 RDI: 0000000000000003
[  147.182763][ T6731] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000
[  147.182775][ T6731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  147.182786][ T6731] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868
[  147.182816][ T6731]  </TASK>
[  147.595881][ T6734] netlink: 8 bytes leftover after parsing attributes in process `syz.1.292'.

syzkaller
syzkaller login: [  148.622666][   T43] usb 3-1: USB disconnect, device number 13
[  149.431595][   T43] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  149.515921][ T6769] netlink: 8 bytes leftover after parsing attributes in process `syz.1.304'.
[  149.581757][   T43] usb 3-1: Using ep0 maxpacket: 32
[  149.599229][   T43] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  149.614697][   T43] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  149.648698][   T43] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  149.689092][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.720972][   T43] usb 3-1: config 0 descriptor??
[  149.744329][   T43] hub 3-1:0.0: bad descriptor, ignoring hub
[  149.750420][   T43] hub 3-1:0.0: probe with driver hub failed with error -5
[  149.781659][   T43] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  150.151578][ T5882] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  150.161053][ T6787] fuse: Unknown parameter '0x0000000000000004'
[  150.533711][ T5882] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  150.547525][ T5882] usb 4-1: config 0 has no interfaces?
[  150.559221][ T5882] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  150.578594][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  150.747432][ T5882] usb 4-1: config 0 descriptor??
[  150.783015][    T9] usb 3-1: USB disconnect, device number 14
[  151.082257][ T6792] netlink: 8 bytes leftover after parsing attributes in process `syz.1.314'.
[  151.831832][ T6810] syz.1.319: attempt to access beyond end of device
[  151.831832][ T6810] nbd1: rw=0, sector=2, nr_sectors = 1 limit=0
[  151.865280][ T6810] hfs: can't find a HFS filesystem on dev nbd1
[  152.059667][ T6812] fuse: Unknown parameter '0x0000000000000004'
[  152.673994][ T6825] netlink: 8 bytes leftover after parsing attributes in process `syz.2.323'.
[  152.707105][ T6825] Set syz1 is full, maxelem 65536 reached
[  152.725301][ T6825] Set syz1 is full, maxelem 65536 reached
[  152.861932][   T43] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  152.947715][ T5935] usb 4-1: USB disconnect, device number 24
[  153.021686][   T43] usb 1-1: Using ep0 maxpacket: 32
[  153.034982][   T43] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  153.058741][   T43] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  153.099731][   T43] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  153.128592][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.150688][   T43] usb 1-1: config 0 descriptor??
[  153.164362][   T43] hub 1-1:0.0: bad descriptor, ignoring hub
[  153.192129][   T43] hub 1-1:0.0: probe with driver hub failed with error -5
[  153.201223][   T43] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  153.966258][ T6839] overlayfs: failed to resolve './file1': -2
[  154.585868][ T6852] netlink: 8 bytes leftover after parsing attributes in process `syz.2.334'.
[  154.602353][ T6852] Set syz1 is full, maxelem 65536 reached
[  154.609471][ T6852] Set syz1 is full, maxelem 65536 reached
[  154.631952][ T5882] usb 1-1: USB disconnect, device number 16
[  154.651016][ T6853] syzkaller1: entered promiscuous mode
[  154.665513][ T6853] syzkaller1: entered allmulticast mode
[  154.991576][   T43] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  155.101765][ T6862] input: syz0 as /devices/virtual/input/input8
[  155.218706][   T43] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.231536][   T43] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  155.240567][   T43] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  155.987974][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.016518][   T43] usb 3-1: config 0 descriptor??
[  156.062522][ T6868] overlayfs: failed to resolve './file1': -2
[  156.470431][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.344'.
[  156.517919][ T6875] Set syz1 is full, maxelem 65536 reached
[  156.593378][ T6875] Set syz1 is full, maxelem 65536 reached
[  156.803860][ T6880] syzkaller1: entered promiscuous mode
[  156.821667][ T6880] syzkaller1: entered allmulticast mode
[  157.251562][   T43] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  157.411564][   T43] usb 4-1: Using ep0 maxpacket: 32
[  157.423279][   T43] usb 4-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  157.454417][   T43] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  157.472351][   T43] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  157.492460][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.503514][   T43] usb 4-1: config 0 descriptor??
[  157.513261][   T43] hub 4-1:0.0: bad descriptor, ignoring hub
[  157.519252][   T43] hub 4-1:0.0: probe with driver hub failed with error -5
[  157.541351][   T43] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  157.825600][   T43] usb 3-1: USB disconnect, device number 15
[  157.966197][ T6905] fuse: Bad value for 'fd'
[  158.375573][ T6913] syzkaller1: entered promiscuous mode
[  158.397104][ T6913] syzkaller1: entered allmulticast mode
[  158.682350][ T5935] usb 4-1: USB disconnect, device number 25
[  158.810136][ T6925] fuse: Unknown parameter '0x0000000000000004'
[  158.981723][ T5868] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  159.159010][ T5868] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  159.181284][ T5868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.203173][ T5868] usb 1-1: Product: syz
[  159.207391][ T5868] usb 1-1: Manufacturer: syz
[  159.223167][ T5868] usb 1-1: SerialNumber: syz
[  159.242577][ T5868] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  159.297349][ T5935] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  159.392555][ T5882] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  159.567415][ T5882] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  159.577841][ T5882] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  159.598219][ T5882] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  159.637314][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  159.675364][ T5882] usb 2-1: config 0 descriptor??
[  159.757721][ T5882] usb 1-1: USB disconnect, device number 17
[  160.425160][ T5935] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  160.425747][ T6949] syzkaller1: entered promiscuous mode
[  160.438594][ T5935] ath9k_htc: Failed to initialize the device
[  160.450272][ T5882] usb 1-1: ath9k_htc: USB layer deinitialized
[  160.452965][ T6949] syzkaller1: entered allmulticast mode
[  160.477513][ T6951] nftables ruleset with unbound set
[  160.716712][ T6955] fuse: Unknown parameter 'fd0x0000000000000004'
[  160.733174][ T6956] syzkaller1: entered promiscuous mode
[  160.738698][ T6956] syzkaller1: entered allmulticast mode
[  162.445343][ T5882] usb 2-1: USB disconnect, device number 10
[  162.518830][ T6978] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  162.820416][ T6984] vxfs: WRONG superblock magic 00000000 at 1
[  162.845056][ T6984] vxfs: WRONG superblock magic 00000000 at 8
[  162.851107][ T6984] vxfs: can't find superblock.
[  162.863683][ T6986] fuse: Unknown parameter 'fd0x0000000000000004'
[  165.285897][ T7008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  165.314190][ T7008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  165.521902][ T5935] usb 3-1: new low-speed USB device number 16 using dummy_hcd
[  165.677109][ T5935] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  165.685361][ T5935] usb 3-1: config 0 has no interface number 0
[  165.699738][ T5935] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  165.714995][ T5935] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  165.729860][ T5935] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  165.742175][ T5935] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  165.756974][ T5935] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  165.767484][ T5935] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  165.781136][ T5935] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  165.790542][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  165.816364][ T5935] usb 3-1: config 0 descriptor??
[  165.833004][ T7009] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  165.847950][ T5935] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  166.041337][ T7008] ldusb 3-1:0.55: Couldn't submit interrupt_in_urb -90
[  166.057268][ T5935] usb 3-1: USB disconnect, device number 16
[  166.067791][ T5935] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  167.517779][ T7034] fuse: Unknown parameter 'fd0x0000000000000004'
[  167.862591][   T30] audit: type=1326 audit(1751553044.124:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7041 comm="syz.1.403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94e938e929 code=0x0
[  167.987206][ T7045] netlink: 'syz.1.403': attribute type 11 has an invalid length.
[  170.199691][ T7068] vxfs: WRONG superblock magic 00000000 at 1
[  170.212993][ T7068] vxfs: WRONG superblock magic 00000000 at 8
[  170.230524][ T7068] vxfs: can't find superblock.
[  171.895381][ T7093] binder: 7092:7093 ioctl 4018620d 0 returned -22
[  173.713090][ T7137] binder: 7136:7137 ioctl 4018620d 0 returned -22
[  173.763221][ T7133] syzkaller1: entered promiscuous mode
[  173.773268][ T7133] syzkaller1: entered allmulticast mode
[  174.077636][ T7141] gfs2: not a GFS2 filesystem
[  174.277559][ T7145] vxfs: WRONG superblock magic 00000000 at 1
[  174.304032][ T7145] vxfs: WRONG superblock magic 00000000 at 8
[  174.334882][ T7145] vxfs: can't find superblock.
[  174.844411][ T7159] syzkaller1: entered promiscuous mode
[  174.871593][ T7159] syzkaller1: entered allmulticast mode
[  175.251320][ T5935] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  175.374010][ T7168] vxfs: WRONG superblock magic 00000000 at 1
[  175.393525][ T7168] vxfs: WRONG superblock magic 00000000 at 8
[  175.399563][ T7168] vxfs: can't find superblock.
[  175.452061][ T5935] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  175.468835][ T5935] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  175.494360][ T5935] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  175.526061][ T5935] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.612428][ T5935] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  175.635551][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  175.644229][ T7174] binder: 7173:7174 ioctl 4018620d 0 returned -22
[  175.651602][ T5935] usb 3-1: Product: syz
[  175.655817][ T5935] usb 3-1: Manufacturer: syz
[  175.743017][ T5935] cdc_wdm 3-1:1.0: skipping garbage
[  175.766382][ T5935] cdc_wdm 3-1:1.0: skipping garbage
[  175.802112][ T5935] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  175.808078][ T5935] cdc_wdm 3-1:1.0: Unknown control protocol
[  176.077550][ T5935] usb 3-1: USB disconnect, device number 17
[  176.721298][ T7192] syzkaller1: entered promiscuous mode
[  176.726824][ T7192] syzkaller1: entered allmulticast mode
[  177.558028][ T7212] binder: BINDER_SET_CONTEXT_MGR already set
[  177.574378][ T7212] binder: 7211:7212 ioctl 4018620d 2000000001c0 returned -16
[  178.824621][ T7232] syzkaller1: entered promiscuous mode
[  178.830304][ T7232] syzkaller1: entered allmulticast mode
[  179.070175][ T7238] fuse: Unknown parameter './file0'
[  179.249337][ T5868] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  179.486708][ T5868] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  179.506249][ T5868] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  179.538088][ T7245] binder: BINDER_SET_CONTEXT_MGR already set
[  179.550497][ T5868] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.561950][ T7245] binder: 7244:7245 ioctl 4018620d 2000000001c0 returned -16
[  179.582780][ T5868] usb 3-1: config 0 descriptor??
[  181.012676][ T7264] fuse: Unknown parameter './file0'
[  181.374955][ T7270] syzkaller1: entered promiscuous mode
[  181.425315][ T7270] syzkaller1: entered allmulticast mode
[  181.857235][ T7278] fuse: Bad value for 'fd'
[  182.071302][ T5868] usb 3-1: USB disconnect, device number 18
[  182.381521][ T7285] binder: BINDER_SET_CONTEXT_MGR already set
[  182.395756][ T7285] binder: 7284:7285 ioctl 4018620d 2000000001c0 returned -16
[  182.851993][ T7295] fuse: Unknown parameter './file0'
[  183.085505][ T7297] syzkaller1: entered promiscuous mode
[  183.101877][ T7297] syzkaller1: entered allmulticast mode
[  183.291535][ T7301] fuse: Bad value for 'fd'
[  183.380697][ T7303] netlink: 20 bytes leftover after parsing attributes in process `syz.2.498'.
[  184.460245][ T7326] fuse: Bad value for 'group_id'
[  184.495138][ T7325] binder: 7324:7325 ioctl c0306201 0 returned -14
[  184.504818][ T7326] fuse: Bad value for 'group_id'
[  184.873043][ T7331] syzkaller1: entered promiscuous mode
[  184.912223][ T7331] syzkaller1: entered allmulticast mode
[  185.193820][ T7337] netlink: 156 bytes leftover after parsing attributes in process `syz.3.510'.
[  185.331199][ T7340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.511'.
[  186.213121][ T7356] fuse: Bad value for 'group_id'
[  186.218248][ T7356] fuse: Bad value for 'group_id'
[  186.471863][ T7364] binder: 7361:7364 ioctl c0306201 0 returned -14
[  186.489129][ T7363] syzkaller1: entered promiscuous mode
[  186.494642][ T7363] syzkaller1: entered allmulticast mode
[  186.902572][ T7372] netlink: 8 bytes leftover after parsing attributes in process `syz.2.521'.
[  188.114600][ T7386] FAULT_INJECTION: forcing a failure.
[  188.114600][ T7386] name failslab, interval 1, probability 0, space 0, times 1
[  188.137501][ T7386] CPU: 1 UID: 0 PID: 7386 Comm: syz.0.524 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  188.137528][ T7386] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  188.137540][ T7386] Call Trace:
[  188.137548][ T7386]  <TASK>
[  188.137556][ T7386]  dump_stack_lvl+0x189/0x250
[  188.137584][ T7386]  ? __pfx____ratelimit+0x10/0x10
[  188.137612][ T7386]  ? __pfx_dump_stack_lvl+0x10/0x10
[  188.137635][ T7386]  ? __pfx__printk+0x10/0x10
[  188.137664][ T7386]  ? __pfx___might_resched+0x10/0x10
[  188.137683][ T7386]  ? fs_reclaim_acquire+0x7d/0x100
[  188.137714][ T7386]  should_fail_ex+0x414/0x560
[  188.137751][ T7386]  should_failslab+0xa8/0x100
[  188.137778][ T7386]  __kmalloc_noprof+0xcb/0x4f0
[  188.137798][ T7386]  ? kfree+0x4d/0x440
[  188.137815][ T7386]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  188.137845][ T7386]  tomoyo_realpath_from_path+0xe3/0x5d0
[  188.137871][ T7386]  ? tomoyo_domain+0xd9/0x130
[  188.137901][ T7386]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  188.137932][ T7386]  tomoyo_path_number_perm+0x1e8/0x5a0
[  188.137966][ T7386]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  188.138015][ T7386]  ? __lock_acquire+0xab9/0xd20
[  188.138066][ T7386]  ? __fget_files+0x2a/0x420
[  188.138097][ T7386]  ? __fget_files+0x2a/0x420
[  188.138122][ T7386]  ? __fget_files+0x3a0/0x420
[  188.138148][ T7386]  ? __fget_files+0x2a/0x420
[  188.138180][ T7386]  security_file_ioctl+0xcb/0x2d0
[  188.138211][ T7386]  __se_sys_ioctl+0x47/0x170
[  188.138241][ T7386]  do_syscall_64+0xfa/0x3b0
[  188.138266][ T7386]  ? lockdep_hardirqs_on+0x9c/0x150
[  188.138291][ T7386]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.138311][ T7386]  ? clear_bhb_loop+0x60/0xb0
[  188.138336][ T7386]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.138371][ T7386] RIP: 0033:0x7f4a9f98e929
[  188.138405][ T7386] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  188.138422][ T7386] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  188.138443][ T7386] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929
[  188.138457][ T7386] RDX: 0000200000000040 RSI: 0000000080045505 RDI: 0000000000000003
[  188.138470][ T7386] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000
[  188.138482][ T7386] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  188.138493][ T7386] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868
[  188.138525][ T7386]  </TASK>
[  188.138563][ T7386] ERROR: Out of memory at tomoyo_realpath_from_path.
[  188.604097][ T7386] usb usb7: usbfs: interface 0 claimed by hub while 'syz.0.524' sets config #0
[  188.965576][ T7392] fuse: Bad value for 'group_id'
[  188.970596][ T7392] fuse: Bad value for 'group_id'
[  189.187615][ T7400] FAULT_INJECTION: forcing a failure.
[  189.187615][ T7400] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.209669][ T7398] vxfs: WRONG superblock magic 00000000 at 1
[  189.216138][ T7400] CPU: 0 UID: 0 PID: 7400 Comm: syz.0.529 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  189.216165][ T7400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  189.216177][ T7400] Call Trace:
[  189.216185][ T7400]  <TASK>
[  189.216193][ T7400]  dump_stack_lvl+0x189/0x250
[  189.216221][ T7400]  ? __pfx____ratelimit+0x10/0x10
[  189.216247][ T7400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  189.216270][ T7400]  ? __pfx__printk+0x10/0x10
[  189.216292][ T7400]  ? __might_fault+0xb0/0x130
[  189.216336][ T7400]  should_fail_ex+0x414/0x560
[  189.216373][ T7400]  _copy_from_user+0x2d/0xb0
[  189.216395][ T7400]  __sys_connect+0x123/0x440
[  189.216424][ T7400]  ? __fget_files+0x3a0/0x420
[  189.216452][ T7400]  ? __pfx___sys_connect+0x10/0x10
[  189.216494][ T7400]  ? __pfx_ksys_write+0x10/0x10
[  189.216516][ T7400]  ? rcu_is_watching+0x15/0xb0
[  189.216544][ T7400]  __x64_sys_connect+0x7a/0x90
[  189.216574][ T7400]  do_syscall_64+0xfa/0x3b0
[  189.216599][ T7400]  ? lockdep_hardirqs_on+0x9c/0x150
[  189.216624][ T7400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.216644][ T7400]  ? clear_bhb_loop+0x60/0xb0
[  189.216668][ T7400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.216687][ T7400] RIP: 0033:0x7f4a9f98e929
[  189.216704][ T7400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  189.216720][ T7400] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  189.216741][ T7400] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929
[  189.216756][ T7400] RDX: 0000000000000010 RSI: 00002000000009c0 RDI: 0000000000000003
[  189.216768][ T7400] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000
[  189.216780][ T7400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  189.216792][ T7400] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868
[  189.216823][ T7400]  </TASK>
[  189.224589][ T7398] vxfs: WRONG superblock magic 00000000 at 8
[  189.512540][ T7404] binder: 7401:7404 ioctl c0306201 0 returned -14
[  189.567755][ T7398] vxfs: can't find superblock.
[  190.710760][ T7372] Set syz1 is full, maxelem 65536 reached
[  191.156920][ T7417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.534'.
[  191.480708][ T7429] FAULT_INJECTION: forcing a failure.
[  191.480708][ T7429] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.571363][ T7429] CPU: 1 UID: 0 PID: 7429 Comm: syz.2.539 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  191.571393][ T7429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  191.571405][ T7429] Call Trace:
[  191.571413][ T7429]  <TASK>
[  191.571421][ T7429]  dump_stack_lvl+0x189/0x250
[  191.571449][ T7429]  ? __pfx____ratelimit+0x10/0x10
[  191.571476][ T7429]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.571499][ T7429]  ? __pfx__printk+0x10/0x10
[  191.571522][ T7429]  ? __might_fault+0xb0/0x130
[  191.571556][ T7429]  should_fail_ex+0x414/0x560
[  191.571593][ T7429]  _copy_from_user+0x2d/0xb0
[  191.571614][ T7429]  ___sys_sendmsg+0x158/0x2a0
[  191.571638][ T7429]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.571696][ T7429]  ? __fget_files+0x2a/0x420
[  191.571723][ T7429]  ? __fget_files+0x3a0/0x420
[  191.571762][ T7429]  __x64_sys_sendmsg+0x19b/0x260
[  191.571785][ T7429]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  191.571815][ T7429]  ? __pfx_ksys_write+0x10/0x10
[  191.571837][ T7429]  ? rcu_is_watching+0x15/0xb0
[  191.571863][ T7429]  ? do_syscall_64+0xbe/0x3b0
[  191.571894][ T7429]  do_syscall_64+0xfa/0x3b0
[  191.571919][ T7429]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.571944][ T7429]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.571963][ T7429]  ? clear_bhb_loop+0x60/0xb0
[  191.571988][ T7429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.572007][ T7429] RIP: 0033:0x7fd822b8e929
[  191.572025][ T7429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.572042][ T7429] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.572063][ T7429] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  191.572078][ T7429] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  191.572090][ T7429] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  191.572102][ T7429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.572113][ T7429] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  191.572143][ T7429]  </TASK>
[  192.596488][ T7442] netlink: 8 bytes leftover after parsing attributes in process `syz.0.544'.
[  193.036881][ T7435] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0

syzkaller
syzkaller login: [  194.412703][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.419068][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  194.899319][ T7469] FAULT_INJECTION: forcing a failure.
[  194.899319][ T7469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  194.950057][ T7469] CPU: 0 UID: 0 PID: 7469 Comm: syz.2.552 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  194.950087][ T7469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  194.950117][ T7469] Call Trace:
[  194.950124][ T7469]  <TASK>
[  194.950133][ T7469]  dump_stack_lvl+0x189/0x250
[  194.950161][ T7469]  ? __pfx____ratelimit+0x10/0x10
[  194.950189][ T7469]  ? __pfx_dump_stack_lvl+0x10/0x10
[  194.950212][ T7469]  ? __pfx__printk+0x10/0x10
[  194.950234][ T7469]  ? __might_fault+0xb0/0x130
[  194.950269][ T7469]  should_fail_ex+0x414/0x560
[  194.950307][ T7469]  _copy_from_user+0x2d/0xb0
[  194.950328][ T7469]  ___sys_sendmsg+0x158/0x2a0
[  194.950351][ T7469]  ? __pfx____sys_sendmsg+0x10/0x10
[  194.950409][ T7469]  ? __fget_files+0x2a/0x420
[  194.950436][ T7469]  ? __fget_files+0x3a0/0x420
[  194.950474][ T7469]  __x64_sys_sendmsg+0x19b/0x260
[  194.950497][ T7469]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  194.950528][ T7469]  ? __pfx_ksys_write+0x10/0x10
[  194.950550][ T7469]  ? rcu_is_watching+0x15/0xb0
[  194.950575][ T7469]  ? do_syscall_64+0xbe/0x3b0
[  194.950606][ T7469]  do_syscall_64+0xfa/0x3b0
[  194.950631][ T7469]  ? lockdep_hardirqs_on+0x9c/0x150
[  194.950656][ T7469]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.950675][ T7469]  ? clear_bhb_loop+0x60/0xb0
[  194.950700][ T7469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  194.950719][ T7469] RIP: 0033:0x7fd822b8e929
[  194.950737][ T7469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  194.950753][ T7469] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  194.950774][ T7469] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  194.950788][ T7469] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  194.950801][ T7469] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  194.950813][ T7469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  194.950824][ T7469] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  194.950855][ T7469]  </TASK>
[  195.745264][ T7417] Set syz1 is full, maxelem 65536 reached
[  196.012653][   T30] audit: type=1326 audit(1768330288.297:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7476 comm="syz.3.556" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb7ab8e929 code=0x0
[  196.058737][ T7479] FAULT_INJECTION: forcing a failure.
[  196.058737][ T7479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.089387][ T7479] CPU: 1 UID: 0 PID: 7479 Comm: syz.2.557 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  196.089415][ T7479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  196.089426][ T7479] Call Trace:
[  196.089434][ T7479]  <TASK>
[  196.089442][ T7479]  dump_stack_lvl+0x189/0x250
[  196.089470][ T7479]  ? __pfx____ratelimit+0x10/0x10
[  196.089495][ T7479]  ? __pfx_dump_stack_lvl+0x10/0x10
[  196.089517][ T7479]  ? __pfx__printk+0x10/0x10
[  196.089539][ T7479]  ? __might_fault+0xb0/0x130
[  196.089572][ T7479]  should_fail_ex+0x414/0x560
[  196.089607][ T7479]  _copy_from_user+0x2d/0xb0
[  196.089628][ T7479]  ___sys_sendmsg+0x158/0x2a0
[  196.089651][ T7479]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.089706][ T7479]  ? __fget_files+0x2a/0x420
[  196.089732][ T7479]  ? __fget_files+0x3a0/0x420
[  196.089769][ T7479]  __x64_sys_sendmsg+0x19b/0x260
[  196.089791][ T7479]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  196.089820][ T7479]  ? __pfx_ksys_write+0x10/0x10
[  196.089850][ T7479]  ? rcu_is_watching+0x15/0xb0
[  196.089894][ T7479]  ? do_syscall_64+0xbe/0x3b0
[  196.089925][ T7479]  do_syscall_64+0xfa/0x3b0
[  196.089950][ T7479]  ? lockdep_hardirqs_on+0x9c/0x150
[  196.089975][ T7479]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.089994][ T7479]  ? clear_bhb_loop+0x60/0xb0
[  196.090019][ T7479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.090038][ T7479] RIP: 0033:0x7fd822b8e929
[  196.090055][ T7479] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.090071][ T7479] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.090110][ T7479] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  196.090123][ T7479] RDX: 0000000004040080 RSI: 0000200000000280 RDI: 0000000000000003
[  196.090136][ T7479] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  196.090147][ T7479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  196.090159][ T7479] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  196.090188][ T7479]  </TASK>
[  196.953379][ T7443] Set syz1 is full, maxelem 65536 reached
[  198.417807][ T7506] input: syz1 as /devices/virtual/input/input9
[  198.562916][ T7511] netlink: 8 bytes leftover after parsing attributes in process `syz.2.568'.
[  198.578322][ T7511] Set syz1 is full, maxelem 65536 reached
[  198.611818][ T5935] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  198.782128][ T5935] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  198.794236][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.808611][ T5935] usb 2-1: config 0 descriptor??
[  199.003380][ T7525] FAULT_INJECTION: forcing a failure.
[  199.003380][ T7525] name failslab, interval 1, probability 0, space 0, times 0
[  199.031811][ T7525] CPU: 0 UID: 0 PID: 7525 Comm: syz.0.572 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  199.031840][ T7525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  199.031851][ T7525] Call Trace:
[  199.031859][ T7525]  <TASK>
[  199.031867][ T7525]  dump_stack_lvl+0x189/0x250
[  199.031895][ T7525]  ? __pfx____ratelimit+0x10/0x10
[  199.031921][ T7525]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.031942][ T7525]  ? __pfx__printk+0x10/0x10
[  199.031970][ T7525]  ? __pfx___might_resched+0x10/0x10
[  199.031989][ T7525]  ? fs_reclaim_acquire+0x7d/0x100
[  199.032019][ T7525]  should_fail_ex+0x414/0x560
[  199.032055][ T7525]  should_failslab+0xa8/0x100
[  199.032080][ T7525]  __kmalloc_noprof+0xcb/0x4f0
[  199.032118][ T7525]  ? kfree+0x4d/0x440
[  199.032135][ T7525]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  199.032164][ T7525]  tomoyo_realpath_from_path+0xe3/0x5d0
[  199.032190][ T7525]  ? tomoyo_domain+0xd9/0x130
[  199.032220][ T7525]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  199.032252][ T7525]  tomoyo_path_number_perm+0x1e8/0x5a0
[  199.032286][ T7525]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  199.032335][ T7525]  ? __lock_acquire+0xab9/0xd20
[  199.032387][ T7525]  ? __fget_files+0x2a/0x420
[  199.032417][ T7525]  ? __fget_files+0x2a/0x420
[  199.032443][ T7525]  ? __fget_files+0x3a0/0x420
[  199.032469][ T7525]  ? __fget_files+0x2a/0x420
[  199.032501][ T7525]  security_file_ioctl+0xcb/0x2d0
[  199.032534][ T7525]  __se_sys_ioctl+0x47/0x170
[  199.032558][ T7525]  do_syscall_64+0xfa/0x3b0
[  199.032584][ T7525]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.032609][ T7525]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.032629][ T7525]  ? clear_bhb_loop+0x60/0xb0
[  199.032653][ T7525]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.032680][ T7525] RIP: 0033:0x7f4a9f98e929
[  199.032698][ T7525] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.032715][ T7525] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  199.032736][ T7525] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929
[  199.032751][ T7525] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003
[  199.032763][ T7525] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000
[  199.032775][ T7525] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.032791][ T7525] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868
[  199.032822][ T7525]  </TASK>
[  199.033919][ T7525] ERROR: Out of memory at tomoyo_realpath_from_path.
[  199.700111][ T5935] gspca_main: spca508-2.14.0 probing 8086:0110
[  199.929773][ T5935] gspca_spca508: reg_read err -32
[  199.944778][ T5935] gspca_spca508: reg_read err -32
[  199.988994][ T5935] gspca_spca508: reg_read err -32
[  200.021508][ T5935] gspca_spca508: reg_read err -32
[  200.040136][ T5935] gspca_spca508: reg_read err -32
[  200.045897][ T5935] gspca_spca508: reg write: error -71
[  200.053068][ T5935] spca508 2-1:0.0: probe with driver spca508 failed with error -71
[  200.091886][ T5935] usb 2-1: USB disconnect, device number 11
[  200.304712][ T7534] netlink: 8 bytes leftover after parsing attributes in process `syz.0.577'.
[  200.332743][ T7534] Set syz1 is full, maxelem 65536 reached
[  200.983746][ T7543] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  201.036323][ T7543] vxfs: WRONG superblock magic 00000000 at 1
[  201.058649][ T7543] vxfs: WRONG superblock magic 00000000 at 8
[  201.087033][ T7543] vxfs: can't find superblock.
[  201.196247][ T7555] hfs: can't find a HFS filesystem on dev rnullb0
[  201.516812][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.1.586'.
[  202.428308][ T5882] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  202.600325][ T5882] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  202.609739][ T5882] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  202.622654][ T5882] usb 1-1: config 0 descriptor??
[  202.638091][ T5882] gspca_main: spca508-2.14.0 probing 8086:0110
[  202.656703][ T7564] Set syz1 is full, maxelem 65536 reached
[  202.839852][ T5882] gspca_spca508: reg_read err -32
[  202.856696][ T5882] gspca_spca508: reg_read err -32
[  202.863643][ T5882] gspca_spca508: reg_read err -32
[  202.870101][ T5882] gspca_spca508: reg_read err -32
[  202.881004][ T5882] gspca_spca508: reg_read err -32
[  202.889075][ T5882] gspca_spca508: reg write: error -71
[  202.907749][ T5882] spca508 1-1:0.0: probe with driver spca508 failed with error -71
[  202.950632][ T5882] usb 1-1: USB disconnect, device number 18
[  203.106909][ T7584] fuse: Unknown parameter 'grou00000000000000000000'
[  203.328926][ T7591] FAULT_INJECTION: forcing a failure.
[  203.328926][ T7591] name failslab, interval 1, probability 0, space 0, times 0
[  203.345562][ T7591] CPU: 0 UID: 0 PID: 7591 Comm: syz.3.596 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  203.345591][ T7591] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  203.345602][ T7591] Call Trace:
[  203.345610][ T7591]  <TASK>
[  203.345618][ T7591]  dump_stack_lvl+0x189/0x250
[  203.345655][ T7591]  ? __pfx____ratelimit+0x10/0x10
[  203.345682][ T7591]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.345705][ T7591]  ? __pfx__printk+0x10/0x10
[  203.345734][ T7591]  ? __pfx___might_resched+0x10/0x10
[  203.345753][ T7591]  ? fs_reclaim_acquire+0x7d/0x100
[  203.345784][ T7591]  should_fail_ex+0x414/0x560
[  203.345822][ T7591]  should_failslab+0xa8/0x100
[  203.345848][ T7591]  __kmalloc_noprof+0xcb/0x4f0
[  203.345869][ T7591]  ? kfree+0x4d/0x440
[  203.345886][ T7591]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  203.345914][ T7591]  tomoyo_realpath_from_path+0xe3/0x5d0
[  203.345951][ T7591]  ? tomoyo_domain+0xd9/0x130
[  203.345979][ T7591]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  203.346020][ T7591]  tomoyo_path_number_perm+0x1e8/0x5a0
[  203.346050][ T7591]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  203.346094][ T7591]  ? __lock_acquire+0xab9/0xd20
[  203.346157][ T7591]  ? __fget_files+0x2a/0x420
[  203.346187][ T7591]  ? __fget_files+0x2a/0x420
[  203.346211][ T7591]  ? __fget_files+0x3a0/0x420
[  203.346235][ T7591]  ? __fget_files+0x2a/0x420
[  203.346265][ T7591]  security_file_ioctl+0xcb/0x2d0
[  203.346296][ T7591]  __se_sys_ioctl+0x47/0x170
[  203.346319][ T7591]  do_syscall_64+0xfa/0x3b0
[  203.346344][ T7591]  ? lockdep_hardirqs_on+0x9c/0x150
[  203.346368][ T7591]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.346387][ T7591]  ? clear_bhb_loop+0x60/0xb0
[  203.346411][ T7591]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.346428][ T7591] RIP: 0033:0x7fcb7ab8e929
[  203.346444][ T7591] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.346460][ T7591] RSP: 002b:00007fcb7b970038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  203.346481][ T7591] RAX: ffffffffffffffda RBX: 00007fcb7adb5fa0 RCX: 00007fcb7ab8e929
[  203.346495][ T7591] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  203.346506][ T7591] RBP: 00007fcb7b970090 R08: 0000000000000000 R09: 0000000000000000
[  203.346518][ T7591] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.346528][ T7591] R13: 0000000000000000 R14: 00007fcb7adb5fa0 R15: 00007ffd168a2248
[  203.346559][ T7591]  </TASK>
[  203.346930][ T7591] ERROR: Out of memory at tomoyo_realpath_from_path.
[  203.625073][ T7597] netlink: 8 bytes leftover after parsing attributes in process `syz.0.598'.
[  203.635243][ T7597] Set syz1 is full, maxelem 65536 reached
[  203.932530][ T7609] fuse: Unknown parameter 'grou00000000000000000000'
[  204.361814][ T7619] netlink: 8 bytes leftover after parsing attributes in process `syz.3.607'.
[  204.372392][ T7619] Set syz1 is full, maxelem 65536 reached
[  204.396847][    T9] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  204.434200][ T7621] FAULT_INJECTION: forcing a failure.
[  204.434200][ T7621] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  204.448863][ T7621] CPU: 1 UID: 0 PID: 7621 Comm: syz.3.608 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  204.448891][ T7621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  204.448902][ T7621] Call Trace:
[  204.448910][ T7621]  <TASK>
[  204.448918][ T7621]  dump_stack_lvl+0x189/0x250
[  204.448945][ T7621]  ? __pfx____ratelimit+0x10/0x10
[  204.448972][ T7621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  204.448994][ T7621]  ? __pfx__printk+0x10/0x10
[  204.449016][ T7621]  ? __might_fault+0xb0/0x130
[  204.449050][ T7621]  should_fail_ex+0x414/0x560
[  204.449088][ T7621]  _copy_from_user+0x2d/0xb0
[  204.449109][ T7621]  ___sys_sendmsg+0x158/0x2a0
[  204.449132][ T7621]  ? __pfx____sys_sendmsg+0x10/0x10
[  204.449189][ T7621]  ? __fget_files+0x2a/0x420
[  204.449215][ T7621]  ? __fget_files+0x3a0/0x420
[  204.449253][ T7621]  __x64_sys_sendmsg+0x19b/0x260
[  204.449276][ T7621]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  204.449306][ T7621]  ? __pfx_ksys_write+0x10/0x10
[  204.449336][ T7621]  ? do_syscall_64+0xbe/0x3b0
[  204.449367][ T7621]  do_syscall_64+0xfa/0x3b0
[  204.449392][ T7621]  ? lockdep_hardirqs_on+0x9c/0x150
[  204.449416][ T7621]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.449441][ T7621]  ? clear_bhb_loop+0x60/0xb0
[  204.449465][ T7621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.449484][ T7621] RIP: 0033:0x7fcb7ab8e929
[  204.449501][ T7621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.449517][ T7621] RSP: 002b:00007fcb7b970038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  204.449547][ T7621] RAX: ffffffffffffffda RBX: 00007fcb7adb5fa0 RCX: 00007fcb7ab8e929
[  204.449561][ T7621] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  204.449573][ T7621] RBP: 00007fcb7b970090 R08: 0000000000000000 R09: 0000000000000000
[  204.449586][ T7621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.449597][ T7621] R13: 0000000000000000 R14: 00007fcb7adb5fa0 R15: 00007ffd168a2248
[  204.449628][ T7621]  </TASK>
[  204.556904][ T5882] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  204.703094][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  204.716783][    T9] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  204.728047][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  204.737356][    T9] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  204.745965][    T9] usb 1-1: Manufacturer: syz
[  204.752853][    T9] usb 1-1: config 0 descriptor??
[  204.898500][ T5882] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  204.907848][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.925590][ T5882] usb 2-1: config 0 descriptor??
[  204.938502][ T5882] gspca_main: spca508-2.14.0 probing 8086:0110
[  205.068860][ T7631] fuse: Unknown parameter 'grou00000000000000000000'
[  205.106683][ T7633] syzkaller1: entered promiscuous mode
[  205.114056][ T7633] syzkaller1: entered allmulticast mode
[  205.144649][ T5882] gspca_spca508: reg_read err -32
[  205.154031][ T5882] gspca_spca508: reg_read err -32
[  205.161663][ T5882] gspca_spca508: reg_read err -32
[  205.169250][ T5882] gspca_spca508: reg_read err -32
[  205.175038][ T5882] gspca_spca508: reg_read err -32
[  205.180502][    C0] raw-gadget.1 gadget.1: ignoring, device is not running
[  205.187877][ T5882] gspca_spca508: reg write: error -32
[  205.193345][ T5882] spca508 2-1:0.0: probe with driver spca508 failed with error -32
[  205.214039][ T5882] usb 2-1: USB disconnect, device number 12
[  205.364610][ T7642] netlink: 8 bytes leftover after parsing attributes in process `syz.2.616'.
[  205.375292][ T7642] Set syz1 is full, maxelem 65536 reached
[  205.552999][ T7650] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  205.566302][ T7650] VFS: Can't find a romfs filesystem on dev rnullb0.
[  205.566302][ T7650] 
[  205.724730][ T7657] netlink: 8 bytes leftover after parsing attributes in process `syz.2.622'.
[  205.737182][ T7657] Set syz1 is full, maxelem 65536 reached
[  205.834624][ T7659] fuse: Unknown parameter 'group_i00000000000000000000'
[  205.900639][ T7661] syzkaller1: entered promiscuous mode
[  205.906612][ T7661] syzkaller1: entered allmulticast mode
[  206.092186][ T7664] netlink: 8 bytes leftover after parsing attributes in process `syz.1.625'.
[  207.183441][    T9] usb 1-1: USB disconnect, device number 19
[  207.575883][ T7687] fuse: Unknown parameter 'group_i00000000000000000000'
[  207.698133][ T7689] syzkaller1: entered promiscuous mode
[  207.703812][ T7689] syzkaller1: entered allmulticast mode
[  207.729151][   T43] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  207.848274][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.635'.
[  207.859352][ T7691] Set syz1 is full, maxelem 65536 reached
[  207.890240][   T43] usb 4-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  207.911436][   T43] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.943804][   T43] usb 4-1: config 0 descriptor??
[  207.964425][   T43] gspca_main: spca508-2.14.0 probing 8086:0110
[  208.121865][ T5935] usb 2-1: new low-speed USB device number 13 using dummy_hcd
[  208.193788][   T43] gspca_spca508: reg_read err -32
[  208.202126][   T43] gspca_spca508: reg_read err -32
[  208.210315][   T43] gspca_spca508: reg_read err -32
[  208.218310][   T43] gspca_spca508: reg_read err -32
[  208.225021][   T43] gspca_spca508: reg_read err -32
[  208.243211][   T43] gspca_spca508: reg write: error -71
[  208.254846][   T43] spca508 4-1:0.0: probe with driver spca508 failed with error -71
[  208.272961][   T43] usb 4-1: USB disconnect, device number 26
[  208.289731][ T5935] usb 2-1: Invalid ep0 maxpacket: 16
[  208.453764][ T5935] usb 2-1: new low-speed USB device number 14 using dummy_hcd
[  208.614607][ T5935] usb 2-1: Invalid ep0 maxpacket: 16
[  208.620442][ T5935] usb usb2-port1: attempt power cycle
[  208.704561][ T5868] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  208.871863][ T5868] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  208.887753][ T5868] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  208.902615][ T5868] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  208.922002][ T5868] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  208.931860][ T5868] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  208.952303][ T5868] usb 3-1: Manufacturer: syz
[  208.968600][ T5868] usb 3-1: config 0 descriptor??
[  208.975660][ T5935] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[  209.011755][ T5868] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  209.044718][ T5935] usb 2-1: Invalid ep0 maxpacket: 16
[  209.204582][ T5935] usb 2-1: new low-speed USB device number 16 using dummy_hcd
[  209.425194][ T5935] usb 2-1: Invalid ep0 maxpacket: 16
[  209.431098][ T5935] usb usb2-port1: unable to enumerate USB device
[  210.270110][ T7716] fuse: Unknown parameter 'group_i00000000000000000000'
[  210.415784][ T7718] syzkaller1: entered promiscuous mode
[  210.421340][ T7718] syzkaller1: entered allmulticast mode
[  211.567454][    T9] usb 3-1: USB disconnect, device number 19
[  211.846075][ T5156] Bluetooth: hci1: command 0x0406 tx timeout
[  211.852221][ T5156] Bluetooth: hci0: command 0x0406 tx timeout
[  211.858335][ T5156] Bluetooth: hci3: command 0x0406 tx timeout
[  211.864481][ T5156] Bluetooth: hci2: command 0x0406 tx timeout
[  212.477797][ T7749] FAULT_INJECTION: forcing a failure.
[  212.477797][ T7749] name failslab, interval 1, probability 0, space 0, times 0
[  212.490688][ T7749] CPU: 0 UID: 0 PID: 7749 Comm: syz.2.654 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  212.490716][ T7749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  212.490734][ T7749] Call Trace:
[  212.490742][ T7749]  <TASK>
[  212.490750][ T7749]  dump_stack_lvl+0x189/0x250
[  212.490779][ T7749]  ? __pfx____ratelimit+0x10/0x10
[  212.490806][ T7749]  ? __pfx_dump_stack_lvl+0x10/0x10
[  212.490829][ T7749]  ? __pfx__printk+0x10/0x10
[  212.490859][ T7749]  ? __pfx___might_resched+0x10/0x10
[  212.490879][ T7749]  ? fs_reclaim_acquire+0x7d/0x100
[  212.490910][ T7749]  should_fail_ex+0x414/0x560
[  212.490953][ T7749]  should_failslab+0xa8/0x100
[  212.490980][ T7749]  __kmalloc_noprof+0xcb/0x4f0
[  212.491007][ T7749]  ? kfree+0x4d/0x440
[  212.491024][ T7749]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  212.491054][ T7749]  tomoyo_realpath_from_path+0xe3/0x5d0
[  212.491080][ T7749]  ? tomoyo_domain+0xd9/0x130
[  212.491115][ T7749]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  212.491147][ T7749]  tomoyo_path_number_perm+0x1e8/0x5a0
[  212.491181][ T7749]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  212.491242][ T7749]  ? __lock_acquire+0xab9/0xd20
[  212.491291][ T7749]  ? __fget_files+0x2a/0x420
[  212.491321][ T7749]  ? __fget_files+0x2a/0x420
[  212.491345][ T7749]  ? __fget_files+0x3a0/0x420
[  212.491370][ T7749]  ? __fget_files+0x2a/0x420
[  212.491400][ T7749]  security_file_ioctl+0xcb/0x2d0
[  212.491432][ T7749]  __se_sys_ioctl+0x47/0x170
[  212.491456][ T7749]  do_syscall_64+0xfa/0x3b0
[  212.491481][ T7749]  ? lockdep_hardirqs_on+0x9c/0x150
[  212.491506][ T7749]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.491524][ T7749]  ? clear_bhb_loop+0x60/0xb0
[  212.491548][ T7749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.491567][ T7749] RIP: 0033:0x7fd822b8e929
[  212.491584][ T7749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  212.491600][ T7749] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  212.491621][ T7749] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  212.491636][ T7749] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  212.491647][ T7749] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  212.491659][ T7749] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.491670][ T7749] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  212.491700][ T7749]  </TASK>
[  212.491709][ T7749] ERROR: Out of memory at tomoyo_realpath_from_path.
[  212.513718][ T5935] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  212.833245][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8
[  212.843265][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61
[  212.858140][ T5935] usb 2-1: can't read configurations, error -61
[  213.012475][ T5935] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  213.179361][ T7755] fuse: Unknown parameter 'group_id00000000000000000000'
[  213.192405][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8
[  213.204360][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61
[  213.211964][ T5935] usb 2-1: can't read configurations, error -61
[  213.229331][ T5935] usb usb2-port1: attempt power cycle
[  213.582179][ T5868] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  213.592486][ T5935] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  213.634740][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8
[  213.645154][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61
[  213.752229][ T5836] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  213.915793][ T5836] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  213.927955][ T5836] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  213.941070][ T5836] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  213.959549][ T5836] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  213.969145][ T5836] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  213.980870][ T5836] usb 4-1: Manufacturer: syz
[  214.005309][ T5836] usb 4-1: config 0 descriptor??
[  214.026388][ T5836] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  214.604284][ T5935] usb 2-1: can't read configurations, error -61
[  214.685272][ T5868] usb 1-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  214.694564][ T5868] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.716213][ T5868] usb 1-1: config 0 descriptor??
[  214.725900][ T5868] gspca_main: spca508-2.14.0 probing 8086:0110
[  214.741767][ T5935] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  214.775740][ T7780] FAULT_INJECTION: forcing a failure.
[  214.775740][ T7780] name failslab, interval 1, probability 0, space 0, times 0
[  214.792779][ T7780] CPU: 0 UID: 0 PID: 7780 Comm: syz.2.663 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  214.792806][ T7780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  214.792817][ T7780] Call Trace:
[  214.792825][ T7780]  <TASK>
[  214.792833][ T7780]  dump_stack_lvl+0x189/0x250
[  214.792865][ T7780]  ? __pfx____ratelimit+0x10/0x10
[  214.792892][ T7780]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.792914][ T7780]  ? __pfx__printk+0x10/0x10
[  214.792942][ T7780]  ? __pfx___might_resched+0x10/0x10
[  214.792961][ T7780]  ? fs_reclaim_acquire+0x7d/0x100
[  214.792992][ T7780]  should_fail_ex+0x414/0x560
[  214.793028][ T7780]  should_failslab+0xa8/0x100
[  214.793053][ T7780]  __kmalloc_noprof+0xcb/0x4f0
[  214.793073][ T7780]  ? kfree+0x4d/0x440
[  214.793089][ T7780]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  214.793118][ T7780]  tomoyo_realpath_from_path+0xe3/0x5d0
[  214.793143][ T7780]  ? tomoyo_domain+0xd9/0x130
[  214.793172][ T7780]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  214.793204][ T7780]  tomoyo_path_number_perm+0x1e8/0x5a0
[  214.793238][ T7780]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  214.793287][ T7780]  ? __lock_acquire+0xab9/0xd20
[  214.793338][ T7780]  ? __fget_files+0x2a/0x420
[  214.793387][ T7780]  ? __fget_files+0x2a/0x420
[  214.793413][ T7780]  ? __fget_files+0x3a0/0x420
[  214.793438][ T7780]  ? __fget_files+0x2a/0x420
[  214.793471][ T7780]  security_file_ioctl+0xcb/0x2d0
[  214.793504][ T7780]  __se_sys_ioctl+0x47/0x170
[  214.793529][ T7780]  do_syscall_64+0xfa/0x3b0
[  214.793555][ T7780]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.793580][ T7780]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.793600][ T7780]  ? clear_bhb_loop+0x60/0xb0
[  214.793625][ T7780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.793645][ T7780] RIP: 0033:0x7fd822b8e929
[  214.793663][ T7780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.793679][ T7780] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  214.793701][ T7780] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  214.793716][ T7780] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003
[  214.793729][ T7780] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  214.793741][ T7780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.793753][ T7780] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  214.793785][ T7780]  </TASK>
[  214.793793][ T7780] ERROR: Out of memory at tomoyo_realpath_from_path.
[  215.043945][ T5935] usb 2-1: too many configurations: 63, using maximum allowed: 8
[  215.060947][ T5868] gspca_spca508: reg_read err -32
[  215.070368][ T5868] gspca_spca508: reg_read err -32
[  215.076294][ T5935] usb 2-1: unable to read config index 0 descriptor/start: -61
[  215.084530][ T5868] gspca_spca508: reg_read err -32
[  215.089742][ T5935] usb 2-1: can't read configurations, error -61
[  215.096731][ T5868] gspca_spca508: reg_read err -32
[  215.102070][ T5935] usb usb2-port1: unable to enumerate USB device
[  215.109323][ T5868] gspca_spca508: reg_read err -32
[  215.115962][ T5868] gspca_spca508: reg write: error -71
[  215.121815][ T5868] spca508 1-1:0.0: probe with driver spca508 failed with error -71
[  215.145555][ T5868] usb 1-1: USB disconnect, device number 20
[  215.376248][ T7785] fuse: Unknown parameter 'group_id00000000000000000000'
[  215.879851][ T7803] syzkaller1: entered promiscuous mode
[  215.885570][ T7803] syzkaller1: entered allmulticast mode
[  216.212225][ T7809] fuse: Unknown parameter 'group_id00000000000000000000'
[  216.383153][ T5935] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  216.533606][ T5935] usb 1-1: device descriptor read/64, error -71
[  216.534748][ T5882] usb 4-1: USB disconnect, device number 27
[  216.783446][ T5935] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  216.931361][ T5935] usb 1-1: device descriptor read/64, error -71
[  216.984318][ T7828] syzkaller1: entered promiscuous mode
[  216.990025][ T7828] syzkaller1: entered allmulticast mode
[  217.046869][ T5935] usb usb1-port1: attempt power cycle
[  217.391893][ T5935] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  217.443543][ T5935] usb 1-1: device descriptor read/8, error -71
[  217.500350][ T5868] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  217.662291][ T5868] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  217.680154][ T5868] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  217.723510][ T5935] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  217.733202][ T5868] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  217.761763][ T5868] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  217.780090][ T5868] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  217.788497][ T5868] usb 4-1: Manufacturer: syz
[  217.793340][ T5935] usb 1-1: device descriptor read/8, error -71
[  217.812891][ T5868] usb 4-1: config 0 descriptor??
[  217.821623][ T5868] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  217.838074][ T7845] FAULT_INJECTION: forcing a failure.
[  217.838074][ T7845] name failslab, interval 1, probability 0, space 0, times 0
[  217.851762][ T7845] CPU: 1 UID: 0 PID: 7845 Comm: syz.1.686 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  217.851788][ T7845] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  217.851799][ T7845] Call Trace:
[  217.851807][ T7845]  <TASK>
[  217.851815][ T7845]  dump_stack_lvl+0x189/0x250
[  217.851842][ T7845]  ? __pfx____ratelimit+0x10/0x10
[  217.851868][ T7845]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.851890][ T7845]  ? __pfx__printk+0x10/0x10
[  217.851923][ T7845]  ? __pfx___might_resched+0x10/0x10
[  217.851942][ T7845]  ? fs_reclaim_acquire+0x7d/0x100
[  217.851971][ T7845]  should_fail_ex+0x414/0x560
[  217.852026][ T7845]  should_failslab+0xa8/0x100
[  217.852051][ T7845]  __kmalloc_noprof+0xcb/0x4f0
[  217.852072][ T7845]  ? kfree+0x4d/0x440
[  217.852089][ T7845]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  217.852119][ T7845]  tomoyo_realpath_from_path+0xe3/0x5d0
[  217.852145][ T7845]  ? tomoyo_domain+0xd9/0x130
[  217.852176][ T7845]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  217.852206][ T7845]  tomoyo_path_number_perm+0x1e8/0x5a0
[  217.852239][ T7845]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  217.852289][ T7845]  ? __lock_acquire+0xab9/0xd20
[  217.852340][ T7845]  ? __fget_files+0x2a/0x420
[  217.852372][ T7845]  ? __fget_files+0x2a/0x420
[  217.852408][ T7845]  ? __fget_files+0x3a0/0x420
[  217.852433][ T7845]  ? __fget_files+0x2a/0x420
[  217.852465][ T7845]  security_file_ioctl+0xcb/0x2d0
[  217.852496][ T7845]  __se_sys_ioctl+0x47/0x170
[  217.852521][ T7845]  do_syscall_64+0xfa/0x3b0
[  217.852547][ T7845]  ? lockdep_hardirqs_on+0x9c/0x150
[  217.852572][ T7845]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.852592][ T7845]  ? clear_bhb_loop+0x60/0xb0
[  217.852616][ T7845]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.852636][ T7845] RIP: 0033:0x7f94e938e929
[  217.852653][ T7845] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  217.852670][ T7845] RSP: 002b:00007f94ea277038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  217.852690][ T7845] RAX: ffffffffffffffda RBX: 00007f94e95b5fa0 RCX: 00007f94e938e929
[  217.852705][ T7845] RDX: 0000200000000080 RSI: 0000000040187542 RDI: 0000000000000003
[  217.852718][ T7845] RBP: 00007f94ea277090 R08: 0000000000000000 R09: 0000000000000000
[  217.852730][ T7845] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  217.852741][ T7845] R13: 0000000000000000 R14: 00007f94e95b5fa0 R15: 00007ffc26fec448
[  217.852773][ T7845]  </TASK>
[  217.852781][ T7845] ERROR: Out of memory at tomoyo_realpath_from_path.
[  218.107124][ T5935] usb usb1-port1: unable to enumerate USB device
[  218.592888][ T7859] syzkaller1: entered promiscuous mode
[  218.601536][ T7859] syzkaller1: entered allmulticast mode
[  218.634551][ T7857] netlink: 104 bytes leftover after parsing attributes in process `syz.2.690'.
[  218.766636][ T7864] /dev/rnullb0: Can't open blockdev


	


	
		

	


	


	


	


	

syzkaller
syzkaller login: [  220.646972][ T7894] FAULT_INJECTION: forcing a failure.
[  220.646972][ T7894] name failslab, interval 1, probability 0, space 0, times 0
[  220.691068][ T7899] syzkaller1: entered promiscuous mode
[  220.700454][ T7894] CPU: 1 UID: 0 PID: 7894 Comm: syz.0.703 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  220.700482][ T7894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  220.700494][ T7894] Call Trace:
[  220.700502][ T7894]  <TASK>
[  220.700511][ T7894]  dump_stack_lvl+0x189/0x250
[  220.700538][ T7894]  ? __pfx____ratelimit+0x10/0x10
[  220.700565][ T7894]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.700588][ T7894]  ? __pfx__printk+0x10/0x10
[  220.700616][ T7894]  ? __pfx___might_resched+0x10/0x10
[  220.700635][ T7894]  ? fs_reclaim_acquire+0x7d/0x100
[  220.700667][ T7894]  should_fail_ex+0x414/0x560
[  220.700708][ T7894]  should_failslab+0xa8/0x100
[  220.700734][ T7894]  kmem_cache_alloc_noprof+0x73/0x3c0
[  220.700756][ T7894]  ? getname_flags+0xb8/0x540
[  220.700789][ T7894]  getname_flags+0xb8/0x540
[  220.700822][ T7894]  do_sys_openat2+0xbc/0x1c0
[  220.700844][ T7894]  ? __pfx_do_sys_openat2+0x10/0x10
[  220.700864][ T7894]  ? ksys_write+0x22a/0x250
[  220.700890][ T7894]  ? __pfx_ksys_write+0x10/0x10
[  220.700910][ T7894]  ? rcu_is_watching+0x15/0xb0
[  220.700934][ T7894]  __x64_sys_openat+0x138/0x170
[  220.700959][ T7894]  do_syscall_64+0xfa/0x3b0
[  220.700984][ T7894]  ? lockdep_hardirqs_on+0x9c/0x150
[  220.701008][ T7894]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.701027][ T7894]  ? clear_bhb_loop+0x60/0xb0
[  220.701051][ T7894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.701070][ T7894] RIP: 0033:0x7f4a9f98e929
[  220.701088][ T7894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.701104][ T7894] RSP: 002b:00007f4aa071e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  220.701125][ T7894] RAX: ffffffffffffffda RBX: 00007f4a9fbb5fa0 RCX: 00007f4a9f98e929
[  220.701140][ T7894] RDX: 0000000000000000 RSI: 0000200000000040 RDI: ffffffffffffff9c
[  220.701153][ T7894] RBP: 00007f4aa071e090 R08: 0000000000000000 R09: 0000000000000000
[  220.701165][ T7894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.701176][ T7894] R13: 0000000000000000 R14: 00007f4a9fbb5fa0 R15: 00007ffc54870868
[  220.701213][ T7894]  </TASK>
[  220.930843][ T7899] syzkaller1: entered allmulticast mode
[  221.297935][ T7911] fuse: Bad value for 'fd'
[  221.409376][ T7916] input: syz0 as /devices/virtual/input/input10
[  221.579655][ T5935] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  221.739946][ T5935] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  221.750588][ T5935] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  221.767281][ T5935] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  221.939714][ T5935] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  221.949757][ T5935] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  221.958176][ T5935] usb 4-1: Manufacturer: syz
[  221.974944][ T5935] usb 4-1: config 0 descriptor??
[  221.989786][ T5935] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  222.061131][ T7923] /dev/rnullb0: Can't open blockdev
[  222.575564][ T7930] syzkaller1: entered promiscuous mode
[  222.600226][ T7930] syzkaller1: entered allmulticast mode
[  223.017175][ T7944] fuse: Bad value for 'fd'
[  223.299481][ T7954] vxfs: WRONG superblock magic 00000000 at 1
[  223.316740][ T7954] vxfs: WRONG superblock magic 00000000 at 8
[  223.324035][ T7954] vxfs: can't find superblock.
[  223.403751][ T7959] netlink: 'syz.1.724': attribute type 39 has an invalid length.
[  223.494763][ T7961] syzkaller1: entered promiscuous mode
[  223.500449][ T7961] syzkaller1: entered allmulticast mode
[  223.782274][ T7969] netlink: 60 bytes leftover after parsing attributes in process `syz.0.728'.
[  223.787401][ T7968] fuse: Bad value for 'fd'
[  223.793423][ T7969] netlink: 60 bytes leftover after parsing attributes in process `syz.0.728'.
[  223.806411][ T7969] netlink: 60 bytes leftover after parsing attributes in process `syz.0.728'.
[  223.820091][ T7969] binder: 7967:7969 ioctl c0306201 200000000380 returned -14
[  224.050760][ T7975] vxfs: WRONG superblock magic 00000000 at 1
[  224.063591][ T7975] vxfs: WRONG superblock magic 00000000 at 8
[  224.071246][ T7975] vxfs: can't find superblock.
[  224.178785][ T7980] syzkaller1: entered promiscuous mode
[  224.187645][ T7980] syzkaller1: entered allmulticast mode
[  224.308506][ T7984] loop8: detected capacity change from 0 to 7
[  224.332182][ T7984] Dev loop8: unable to read RDB block 7
[  224.350088][ T7984]  loop8: unable to read partition table
[  224.356063][ T7984] loop8: partition table beyond EOD, truncated
[  224.373396][ T7984] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  224.379585][    T9] usb 4-1: USB disconnect, device number 29
[  224.516841][ T7988] openvswitch: netlink: Key 0 has unexpected len 20 expected 0
[  224.733355][ T8001] syzkaller1: entered promiscuous mode
[  224.747614][ T8001] syzkaller1: entered allmulticast mode
[  224.803486][ T8004] /dev/rnullb0: Can't open blockdev
[  224.923405][ T8008] syzkaller1: entered promiscuous mode
[  224.932582][ T8008] syzkaller1: entered allmulticast mode
[  225.065179][   T30] audit: type=1326 audit(1768330317.351:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8010 comm="syz.0.746" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4a9f98e929 code=0x0
[  225.086742][    C0] vkms_vblank_simulate: vblank timer overrun
[  225.177217][ T8012] netlink: 'syz.0.746': attribute type 11 has an invalid length.
[  225.223942][ T8014] netlink: 'syz.3.747': attribute type 27 has an invalid length.
[  225.271183][ T8014] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.279978][ T8014] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.366947][ T8014] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  225.381554][ T8014] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  225.572804][   T61] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  225.592385][   T61] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  225.625784][   T61] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  225.639807][   T61] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  225.740809][ T8022] fuse: Bad value for 'fd'
[  225.803503][ T8024] vxfs: WRONG superblock magic 00000000 at 1
[  225.824736][ T8024] vxfs: WRONG superblock magic 00000000 at 8
[  225.847939][ T8024] vxfs: can't find superblock.
[  225.861594][ T8027] tipc: Started in network mode
[  225.870700][ T8027] tipc: Node identity ac14140c, cluster identity 4711
[  225.881951][ T8027] tipc: New replicast peer: 255.255.255.255
[  225.891208][ T8027] tipc: Enabled bearer <udp:syz2>, priority 10
[  225.939709][ T8028] syzkaller1: entered promiscuous mode
[  225.945261][ T8028] syzkaller1: entered allmulticast mode
[  226.043184][ T8031] syzkaller1: entered promiscuous mode
[  226.051837][ T8031] syzkaller1: entered allmulticast mode
[  226.122983][ T8037] netlink: 'syz.2.758': attribute type 3 has an invalid length.
[  226.134831][ T8037] netlink: 132 bytes leftover after parsing attributes in process `syz.2.758'.
[  226.167544][ T8037] /dev/rnullb0: Can't open blockdev
[  226.818268][ T8048] fuse: Bad value for 'fd'
[  226.918070][ T8050] /dev/rnullb0: Can't open blockdev
[  227.016829][ T5934] tipc: Node number set to 2886997004
[  227.136353][ T8051] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  227.278569][ T8059] syzkaller1: entered promiscuous mode
[  227.284209][ T8059] syzkaller1: entered allmulticast mode
[  227.516592][ T8066] syzkaller1: entered promiscuous mode
[  227.522243][ T8066] syzkaller1: entered allmulticast mode
[  227.759539][ T8074] /dev/rnullb0: Can't open blockdev
[  227.923920][   T30] audit: type=1800 audit(1768330320.203:5): pid=8079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.775" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  228.275799][ T8088] tipc: Enabled bearer <udp:s>, priority 10
[  228.310100][ T8092] syzkaller1: entered promiscuous mode
[  228.328177][ T8092] syzkaller1: entered allmulticast mode
[  228.377894][ T5868] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  228.554933][ T5868] usb 2-1: not running at top speed; connect to a high speed hub
[  228.555783][ T8097] tipc: Started in network mode
[  228.568370][ T8097] tipc: Node identity ac14140c, cluster identity 4711
[  228.576074][ T8097] tipc: New replicast peer: 255.255.255.255
[  228.576087][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8
[  228.583608][ T8097] tipc: Enabled bearer <udp:syz2>, priority 10
[  228.599558][ T8095] syzkaller1: entered promiscuous mode
[  228.606571][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61
[  228.609359][ T8095] syzkaller1: entered allmulticast mode
[  228.621355][ T5868] usb 2-1: can't read configurations, error -61
[  228.764546][ T5868] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  228.849674][ T8103] FAULT_INJECTION: forcing a failure.
[  228.849674][ T8103] name failslab, interval 1, probability 0, space 0, times 0
[  228.889751][ T8106] vxfs: WRONG superblock magic 00000000 at 1
[  228.898339][ T8103] CPU: 1 UID: 0 PID: 8103 Comm: syz.2.783 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  228.898366][ T8103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  228.898378][ T8103] Call Trace:
[  228.898386][ T8103]  <TASK>
[  228.898394][ T8103]  dump_stack_lvl+0x189/0x250
[  228.898422][ T8103]  ? __pfx____ratelimit+0x10/0x10
[  228.898449][ T8103]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.898471][ T8103]  ? __pfx__printk+0x10/0x10
[  228.898499][ T8103]  ? __pfx___might_resched+0x10/0x10
[  228.898519][ T8103]  ? fs_reclaim_acquire+0x7d/0x100
[  228.898550][ T8103]  should_fail_ex+0x414/0x560
[  228.898587][ T8103]  should_failslab+0xa8/0x100
[  228.898612][ T8103]  __kmalloc_noprof+0xcb/0x4f0
[  228.898632][ T8103]  ? kfree+0x4d/0x440
[  228.898649][ T8103]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  228.898694][ T8103]  tomoyo_realpath_from_path+0xe3/0x5d0
[  228.898716][ T8103]  ? tomoyo_domain+0xd9/0x130
[  228.898745][ T8103]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  228.898777][ T8103]  tomoyo_path_number_perm+0x1e8/0x5a0
[  228.898811][ T8103]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  228.898861][ T8103]  ? __lock_acquire+0xab9/0xd20
[  228.898913][ T8103]  ? __fget_files+0x2a/0x420
[  228.898951][ T8103]  ? __fget_files+0x2a/0x420
[  228.898977][ T8103]  ? __fget_files+0x3a0/0x420
[  228.899003][ T8103]  ? __fget_files+0x2a/0x420
[  228.899035][ T8103]  security_file_ioctl+0xcb/0x2d0
[  228.899067][ T8103]  __se_sys_ioctl+0x47/0x170
[  228.899093][ T8103]  do_syscall_64+0xfa/0x3b0
[  228.899118][ T8103]  ? lockdep_hardirqs_on+0x9c/0x150
[  228.899143][ T8103]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.899163][ T8103]  ? clear_bhb_loop+0x60/0xb0
[  228.899187][ T8103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.899206][ T8103] RIP: 0033:0x7fd822b8e929
[  228.899224][ T8103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.899239][ T8103] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  228.899261][ T8103] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  228.899275][ T8103] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003
[  228.899288][ T8103] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  228.899301][ T8103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.899312][ T8103] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  228.899345][ T8103]  </TASK>
[  228.899354][ T8103] ERROR: Out of memory at tomoyo_realpath_from_path.
[  228.925486][ T8106] vxfs: WRONG superblock magic 00000000 at 8
[  228.925514][ T8106] vxfs: can't find superblock.
[  229.186203][ T5868] usb 2-1: not running at top speed; connect to a high speed hub
[  229.205163][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8
[  229.238513][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61
[  229.266133][ T5868] usb 2-1: can't read configurations, error -61
[  229.283837][ T5868] usb usb2-port1: attempt power cycle
[  229.387310][ T8112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.786'.
[  229.476208][ T8115] hfs: can't find a HFS filesystem on dev rnullb0
[  229.584323][ T5935] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  229.654484][ T5868] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  229.694388][ T5882] tipc: Node number set to 2886997004
[  229.704236][ T5868] usb 2-1: not running at top speed; connect to a high speed hub
[  229.712066][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8
[  229.722561][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61
[  229.730904][ T5868] usb 2-1: can't read configurations, error -61
[  229.764174][    T9] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  229.800710][ T5935] usb 1-1: config 4 has an invalid interface number: 85 but max is 1
[  229.814451][ T5935] usb 1-1: config 4 has an invalid interface number: 95 but max is 1
[  229.824797][ T5935] usb 1-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  229.836906][ T5935] usb 1-1: config 4 has no interface number 0
[  229.843011][ T5935] usb 1-1: config 4 has no interface number 1
[  229.849841][ T5935] usb 1-1: config 4 interface 85 altsetting 2 endpoint 0xB has invalid maxpacket 576, setting to 64
[  229.862915][ T5935] usb 1-1: config 4 interface 85 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[  229.876076][ T5868] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  229.884306][ T5935] usb 1-1: config 4 interface 95 altsetting 1 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  229.895666][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  229.910198][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  229.922099][ T5935] usb 1-1: config 4 interface 95 altsetting 1 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  229.934459][ T5868] usb 2-1: not running at top speed; connect to a high speed hub
[  229.942241][ T5868] usb 2-1: too many configurations: 251, using maximum allowed: 8
[  229.950801][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[  229.961706][    T9] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  229.963254][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  229.982555][ T5935] usb 1-1: config 4 interface 95 altsetting 1 has a duplicate endpoint with address 0xD, skipping
[  229.987690][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  229.993437][ T5868] usb 2-1: unable to read config index 0 descriptor/start: -61
[  230.014274][ T5868] usb 2-1: can't read configurations, error -61
[  230.017085][    T9] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  230.020625][ T5935] usb 1-1: config 4 interface 85 has no altsetting 0
[  230.030547][    T9] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  230.052297][    T9] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  230.054205][ T5868] usb usb2-port1: unable to enumerate USB device
[  230.062065][    T9] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  230.078731][ T5935] usb 1-1: config 4 interface 95 has no altsetting 0
[  230.079209][    T9] usb 4-1: Product: syz
[  230.089976][    T9] usb 4-1: Manufacturer: syz
[  230.095287][ T5935] usb 1-1: New USB device found, idVendor=0403, idProduct=e0eb, bcdDevice=fc.5e
[  230.104962][ T5935] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.111658][    T9] cdc_wdm 4-1:1.0: skipping garbage
[  230.112986][ T5935] usb 1-1: Product: syz
[  230.139118][    T9] cdc_wdm 4-1:1.0: skipping garbage
[  230.148487][ T5935] usb 1-1: Manufacturer: 큥籣៙푃ꇬよ⿋ጋ䥟疔蜾᧨긷癋怹빉•헍蕈奄㒗ꤢ뿦⟉懴槝噽ꗏኣᕬ棪뚞ು⯓검ᢥ諴ᩨ
[  230.164905][ T5935] usb 1-1: SerialNumber: syz
[  230.182459][    T9] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  230.193004][    T9] cdc_wdm 4-1:1.0: Unknown control protocol
[  230.208140][ T8123] syzkaller1: entered promiscuous mode
[  230.214616][ T8123] syzkaller1: entered allmulticast mode
[  230.394197][    T9] usb 4-1: USB disconnect, device number 30
[  230.640344][ T5935] ftdi_sio 1-1:4.85: FTDI USB Serial Device converter detected
[  230.653053][ T5935] ftdi_sio ttyUSB0: unknown device type: 0xfc5e
[  230.667441][ T5935] ftdi_sio 1-1:4.95: FTDI USB Serial Device converter detected
[  230.677390][ T5935] ftdi_sio ttyUSB1: unknown device type: 0xfc5e
[  230.695247][ T5935] usb 1-1: USB disconnect, device number 25
[  230.703579][ T5935] ftdi_sio 1-1:4.85: device disconnected
[  230.716281][ T5935] ftdi_sio 1-1:4.95: device disconnected
[  230.962687][ T8128] vxfs: WRONG superblock magic 00000000 at 1
[  230.969089][ T8128] vxfs: WRONG superblock magic 00000000 at 8
[  230.975526][ T8128] vxfs: can't find superblock.
[  231.060452][ T8130] exFAT-fs (rnullb0): invalid boot record signature
[  231.068009][ T8130] exFAT-fs (rnullb0): failed to read boot sector
[  231.074598][ T8130] exFAT-fs (rnullb0): failed to recognize exfat type
[  231.381794][ T8136] FAULT_INJECTION: forcing a failure.
[  231.381794][ T8136] name failslab, interval 1, probability 0, space 0, times 0
[  231.419746][ T8136] CPU: 0 UID: 0 PID: 8136 Comm: syz.2.797 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  231.419775][ T8136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  231.419787][ T8136] Call Trace:
[  231.419795][ T8136]  <TASK>
[  231.419804][ T8136]  dump_stack_lvl+0x189/0x250
[  231.419831][ T8136]  ? __pfx____ratelimit+0x10/0x10
[  231.419857][ T8136]  ? __pfx_dump_stack_lvl+0x10/0x10
[  231.419878][ T8136]  ? __pfx__printk+0x10/0x10
[  231.419923][ T8136]  ? __pfx___might_resched+0x10/0x10
[  231.419942][ T8136]  ? fs_reclaim_acquire+0x7d/0x100
[  231.419974][ T8136]  should_fail_ex+0x414/0x560
[  231.420011][ T8136]  should_failslab+0xa8/0x100
[  231.420038][ T8136]  __kmalloc_noprof+0xcb/0x4f0
[  231.420059][ T8136]  ? kfree+0x4d/0x440
[  231.420087][ T8136]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  231.420115][ T8136]  tomoyo_realpath_from_path+0xe3/0x5d0
[  231.420156][ T8136]  ? tomoyo_domain+0xd9/0x130
[  231.420186][ T8136]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  231.420217][ T8136]  tomoyo_path_number_perm+0x1e8/0x5a0
[  231.420251][ T8136]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  231.420300][ T8136]  ? __lock_acquire+0xab9/0xd20
[  231.420350][ T8136]  ? __fget_files+0x2a/0x420
[  231.420381][ T8136]  ? __fget_files+0x2a/0x420
[  231.420407][ T8136]  ? __fget_files+0x3a0/0x420
[  231.420433][ T8136]  ? __fget_files+0x2a/0x420
[  231.420464][ T8136]  security_file_ioctl+0xcb/0x2d0
[  231.420495][ T8136]  __se_sys_ioctl+0x47/0x170
[  231.420520][ T8136]  do_syscall_64+0xfa/0x3b0
[  231.420546][ T8136]  ? lockdep_hardirqs_on+0x9c/0x150
[  231.420572][ T8136]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.420591][ T8136]  ? clear_bhb_loop+0x60/0xb0
[  231.420615][ T8136]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.420634][ T8136] RIP: 0033:0x7fd822b8e929
[  231.420652][ T8136] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  231.420669][ T8136] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  231.420691][ T8136] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  231.420705][ T8136] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000003
[  231.420718][ T8136] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  231.420747][ T8136] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  231.420759][ T8136] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  231.420791][ T8136]  </TASK>
[  231.420884][ T8136] ERROR: Out of memory at tomoyo_realpath_from_path.
[  231.923590][ T8144] syzkaller1: entered promiscuous mode
[  231.951047][ T8144] syzkaller1: entered allmulticast mode
[  232.096384][ T8151] vxfs: WRONG superblock magic 00000000 at 1
[  232.102641][ T8151] vxfs: WRONG superblock magic 00000000 at 8
[  232.115667][ T8151] vxfs: can't find superblock.
[  233.176057][ T8179] kAFS: unparsable volume name
[  233.201026][ T8173] sctp: failed to load transform for md5: -2
[  233.349329][ T8184] syzkaller1: entered promiscuous mode
[  233.357420][ T8184] syzkaller1: entered allmulticast mode
[  233.361996][ T8186] vxfs: WRONG superblock magic 00000000 at 1
[  233.390610][ T8186] vxfs: WRONG superblock magic 00000000 at 8
[  233.399337][ T8186] vxfs: can't find superblock.
[  233.506898][   T30] audit: type=1326 audit(1768330325.796:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8187 comm="syz.3.814" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcb7ab8e929 code=0x0
[  233.561748][ T8193] netlink: 92 bytes leftover after parsing attributes in process `syz.3.814'.
[  233.572231][ T8193] netlink: 24 bytes leftover after parsing attributes in process `syz.3.814'.
[  233.592876][ T8198] netlink: 4 bytes leftover after parsing attributes in process `syz.2.816'.
[  233.703262][ T8195] netlink: 156 bytes leftover after parsing attributes in process `syz.1.817'.
[  233.729501][ T8203] netlink: 'syz.3.819': attribute type 27 has an invalid length.
[  233.817027][ T8208] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  233.860624][ T8210] usb usb7: usbfs: interface 0 claimed by hub while 'syz.3.821' sets config #0
[  234.248962][ T8223] syzkaller1: entered promiscuous mode
[  234.254786][ T8223] syzkaller1: entered allmulticast mode
[  234.321825][    T9] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  234.439570][ T8225] syzkaller1: entered promiscuous mode
[  234.445488][ T8225] syzkaller1: entered allmulticast mode
[  234.459084][ T8227] fuse: Bad value for 'rootmode'
[  234.503860][    T9] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  234.523904][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 253
[  234.542461][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  234.556709][    T9] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  234.559466][ T8229] FAULT_INJECTION: forcing a failure.
[  234.559466][ T8229] name failslab, interval 1, probability 0, space 0, times 0
[  234.565166][    T9] usb 1-1: Manufacturer: syz
[  234.594421][    T9] usb 1-1: config 0 descriptor??
[  234.601586][ T8229] CPU: 1 UID: 0 PID: 8229 Comm: syz.3.829 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  234.601614][ T8229] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  234.601626][ T8229] Call Trace:
[  234.601634][ T8229]  <TASK>
[  234.601642][ T8229]  dump_stack_lvl+0x189/0x250
[  234.601670][ T8229]  ? __pfx____ratelimit+0x10/0x10
[  234.601695][ T8229]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.601716][ T8229]  ? __pfx__printk+0x10/0x10
[  234.601744][ T8229]  ? __pfx___might_resched+0x10/0x10
[  234.601763][ T8229]  ? fs_reclaim_acquire+0x7d/0x100
[  234.601794][ T8229]  should_fail_ex+0x414/0x560
[  234.601829][ T8229]  ? __pfx_sock_alloc_inode+0x10/0x10
[  234.601853][ T8229]  should_failslab+0xa8/0x100
[  234.601879][ T8229]  ? __pfx_sock_alloc_inode+0x10/0x10
[  234.601900][ T8229]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  234.601920][ T8229]  ? sock_alloc_inode+0x28/0xc0
[  234.601940][ T8229]  ? tomoyo_supervisor+0x4b2/0x1480
[  234.601964][ T8229]  ? __pfx_sock_alloc_inode+0x10/0x10
[  234.601986][ T8229]  sock_alloc_inode+0x28/0xc0
[  234.602009][ T8229]  alloc_inode+0x67/0x1b0
[  234.602037][ T8229]  __sock_create+0x12d/0x9f0
[  234.602064][ T8229]  ? __pfx_tomoyo_supervisor+0x10/0x10
[  234.602113][ T8229]  mptcp_subflow_create_socket+0xfd/0xb40
[  234.602147][ T8229]  ? snprintf+0xda/0x120
[  234.602173][ T8229]  ? __pfx_mptcp_subflow_create_socket+0x10/0x10
[  234.602203][ T8229]  ? aa_label_sk_perm+0x4d3/0x630
[  234.602235][ T8229]  __mptcp_nmpc_sk+0x150/0x720
[  234.602258][ T8229]  ? __pfx___mptcp_nmpc_sk+0x10/0x10
[  234.602282][ T8229]  ? look_up_lock_class+0x74/0x170
[  234.602323][ T8229]  mptcp_connect+0x70/0xc10
[  234.602357][ T8229]  __inet_stream_connect+0x295/0xf10
[  234.602394][ T8229]  ? __local_bh_enable_ip+0x12d/0x1c0
[  234.602413][ T8229]  ? __pfx___inet_stream_connect+0x10/0x10
[  234.602438][ T8229]  ? __local_bh_enable_ip+0x12d/0x1c0
[  234.602457][ T8229]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  234.602488][ T8229]  inet_stream_connect+0x66/0xa0
[  234.602516][ T8229]  __sys_connect+0x313/0x440
[  234.602545][ T8229]  ? __fget_files+0x3a0/0x420
[  234.602573][ T8229]  ? __pfx___sys_connect+0x10/0x10
[  234.602615][ T8229]  ? __pfx_ksys_write+0x10/0x10
[  234.602636][ T8229]  ? rcu_is_watching+0x15/0xb0
[  234.602664][ T8229]  __x64_sys_connect+0x7a/0x90
[  234.602694][ T8229]  do_syscall_64+0xfa/0x3b0
[  234.602720][ T8229]  ? lockdep_hardirqs_on+0x9c/0x150
[  234.602745][ T8229]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.602765][ T8229]  ? clear_bhb_loop+0x60/0xb0
[  234.602789][ T8229]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.602809][ T8229] RIP: 0033:0x7fcb7ab8e929
[  234.602827][ T8229] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.602845][ T8229] RSP: 002b:00007fcb7b970038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  234.602866][ T8229] RAX: ffffffffffffffda RBX: 00007fcb7adb5fa0 RCX: 00007fcb7ab8e929
[  234.602881][ T8229] RDX: 0000000000000010 RSI: 00002000000009c0 RDI: 0000000000000003
[  234.602894][ T8229] RBP: 00007fcb7b970090 R08: 0000000000000000 R09: 0000000000000000
[  234.602907][ T8229] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.602919][ T8229] R13: 0000000000000000 R14: 00007fcb7adb5fa0 R15: 00007ffd168a2248
[  234.602951][ T8229]  </TASK>
[  234.603432][ T8229] socket: no more sockets
[  234.616839][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  235.549491][ T8248] syzkaller1: entered promiscuous mode
[  235.556064][ T8248] syzkaller1: entered allmulticast mode
[  235.679038][ T8251] FAULT_INJECTION: forcing a failure.
[  235.679038][ T8251] name failslab, interval 1, probability 0, space 0, times 0
[  235.695420][ T8251] CPU: 1 UID: 0 PID: 8251 Comm: syz.2.836 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  235.695441][ T8251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  235.695450][ T8251] Call Trace:
[  235.695461][ T8251]  <TASK>
[  235.695467][ T8251]  dump_stack_lvl+0x189/0x250
[  235.695489][ T8251]  ? __pfx____ratelimit+0x10/0x10
[  235.695508][ T8251]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.695525][ T8251]  ? __pfx__printk+0x10/0x10
[  235.695547][ T8251]  ? __pfx___might_resched+0x10/0x10
[  235.695565][ T8251]  should_fail_ex+0x414/0x560
[  235.695592][ T8251]  should_failslab+0xa8/0x100
[  235.695611][ T8251]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  235.695628][ T8251]  ? __alloc_skb+0x112/0x2d0
[  235.695652][ T8251]  __alloc_skb+0x112/0x2d0
[  235.695675][ T8251]  netlink_sendmsg+0x5c6/0xb30
[  235.695703][ T8251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  235.695726][ T8251]  ? aa_sock_msg_perm+0xf1/0x1d0
[  235.695744][ T8251]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  235.695765][ T8251]  ? __pfx_netlink_sendmsg+0x10/0x10
[  235.695786][ T8251]  __sock_sendmsg+0x219/0x270
[  235.695806][ T8251]  ____sys_sendmsg+0x505/0x830
[  235.695824][ T8251]  ? __pfx_____sys_sendmsg+0x10/0x10
[  235.695845][ T8251]  ? import_iovec+0x74/0xa0
[  235.695867][ T8251]  ___sys_sendmsg+0x21f/0x2a0
[  235.695888][ T8251]  ? __pfx____sys_sendmsg+0x10/0x10
[  235.695945][ T8251]  ? __fget_files+0x2a/0x420
[  235.695972][ T8251]  ? __fget_files+0x3a0/0x420
[  235.696010][ T8251]  __x64_sys_sendmsg+0x19b/0x260
[  235.696033][ T8251]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  235.696059][ T8251]  ? __pfx_ksys_write+0x10/0x10
[  235.696080][ T8251]  ? do_syscall_64+0xbe/0x3b0
[  235.696103][ T8251]  do_syscall_64+0xfa/0x3b0
[  235.696121][ T8251]  ? lockdep_hardirqs_on+0x9c/0x150
[  235.696139][ T8251]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.696153][ T8251]  ? clear_bhb_loop+0x60/0xb0
[  235.696170][ T8251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  235.696184][ T8251] RIP: 0033:0x7fd822b8e929
[  235.696197][ T8251] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  235.696211][ T8251] RSP: 002b:00007fd823945038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  235.696226][ T8251] RAX: ffffffffffffffda RBX: 00007fd822db5fa0 RCX: 00007fd822b8e929
[  235.696237][ T8251] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  235.696246][ T8251] RBP: 00007fd823945090 R08: 0000000000000000 R09: 0000000000000000
[  235.696255][ T8251] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  235.696263][ T8251] R13: 0000000000000000 R14: 00007fd822db5fa0 R15: 00007fffbc8ec598
[  235.696285][ T8251]  </TASK>
[  235.962594][    C1] ==================================================================
[  235.970683][    C1] BUG: KASAN: slab-use-after-free in flush_tlb_func+0x23d/0x6c0
[  235.972311][   T30] audit: type=1326 audit(1768330328.267:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8236 comm="syz.1.832" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f94e938e929 code=0x7fc00000
[  235.978334][    C1] Write of size 8 at addr ffff88807de96ac0 by task swapper/1/0
[  235.978351][    C1] 
[  235.978362][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  235.978384][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  235.978396][    C1] Call Trace:
[  235.978402][    C1]  <IRQ>
[  235.978410][    C1]  dump_stack_lvl+0x189/0x250
[  235.978443][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  235.978467][    C1]  ? rcu_is_watching+0x15/0xb0
[  235.978488][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  235.978510][    C1]  ? rcu_is_watching+0x15/0xb0
[  235.978528][    C1]  ? lock_release+0x4b/0x3e0
[  235.978560][    C1]  ? __virt_addr_valid+0x1c8/0x5c0
[  235.978601][    C1]  ? __virt_addr_valid+0x4a5/0x5c0
[  235.978626][    C1]  print_report+0xd2/0x2b0
[  235.978654][    C1]  ? flush_tlb_func+0x23d/0x6c0
[  235.978676][    C1]  kasan_report+0x118/0x150
[  235.978704][    C1]  ? flush_tlb_func+0x23d/0x6c0
[  235.978734][    C1]  kasan_check_range+0x2b0/0x2c0
[  235.978760][    C1]  flush_tlb_func+0x23d/0x6c0
[  235.978787][    C1]  ? sched_clock+0x3f/0x60
[  235.978815][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  235.978843][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  235.978869][    C1]  __flush_smp_call_function_queue+0x370/0xaa0
[  235.978891][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  235.978919][    C1]  __sysvec_call_function_single+0xa8/0x3d0
[  235.978948][    C1]  sysvec_call_function_single+0x4f/0xc0
[  235.978974][    C1]  asm_sysvec_call_function_single+0x1a/0x20
[  235.978997][    C1] RIP: 0010:handle_softirqs+0x1b0/0x870
[  235.979020][    C1] Code: 89 64 24 30 0f b7 db 48 c7 c7 a0 99 89 8b e8 87 55 f1 09 65 66 c7 05 c5 4e 3e 11 00 00 e8 f8 55 42 00 fb 49 c7 c7 c0 c0 00 8e <b8> ff ff ff ff 0f bc c3 41 89 c5 41 ff c5 0f 84 c2 03 00 00 89 5c
[  235.979039][    C1] RSP: 0018:ffffc90000a08e40 EFLAGS: 00000286
[  235.979058][    C1] RAX: 574809cd86862400 RBX: 0000000000000382 RCX: 574809cd86862400
[  235.979074][    C1] RDX: 0000000000000000 RSI: ffffffff8da6993f RDI: ffffffff8be4b100
[  235.979088][    C1] RBP: ffffc90000a08f50 R08: ffffffff8fc29e37 R09: 1ffffffff1f853c6
[  235.979104][    C1] R10: dffffc0000000000 R11: fffffbfff1f853c7 R12: 000000000000000a
[  235.979120][    C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8e00c0c0
[  235.979145][    C1]  ? lapic_next_event+0x11/0x20
[  235.979165][    C1]  ? clockevents_program_event+0x24d/0x360
[  235.979193][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  235.979215][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  235.979237][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  235.979266][    C1]  __irq_exit_rcu+0xca/0x1f0
[  235.979285][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  235.979309][    C1]  irq_exit_rcu+0x9/0x30
[  235.979327][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  235.979353][    C1]  </IRQ>
[  235.979360][    C1]  <TASK>
[  235.979369][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  235.979390][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  235.979416][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 83 86 11 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  235.979434][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  235.979477][    C1] RAX: 574809cd86862400 RBX: ffffffff81971188 RCX: 574809cd86862400
[  235.979494][    C1] RDX: 0000000000000001 RSI: ffffffff8da6993f RDI: ffffffff8be4b100
[  235.979523][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f1b R09: 1ffff110170e65e3
[  235.979538][    C1] R10: dffffc0000000000 R11: ffffed10170e65e4 R12: ffffffff8fc29e30
[  235.979554][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a57b40
[  235.979571][    C1]  ? do_idle+0x1e8/0x510
[  235.979597][    C1]  default_idle+0x13/0x20
[  235.979624][    C1]  default_idle_call+0x74/0xb0
[  235.979655][    C1]  do_idle+0x1e8/0x510
[  235.979677][    C1]  ? __pfx_do_idle+0x10/0x10
[  235.979708][    C1]  cpu_startup_entry+0x44/0x60
[  235.979728][    C1]  start_secondary+0x101/0x110
[  235.979756][    C1]  common_startup_64+0x13e/0x147
[  235.979791][    C1]  </TASK>
[  235.979798][    C1] 
[  236.389231][    C1] Allocated by task 5833:
[  236.393582][    C1]  kasan_save_track+0x3e/0x80
[  236.398270][    C1]  __kasan_slab_alloc+0x6c/0x80
[  236.403128][    C1]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  236.408588][    C1]  copy_mm+0xdb/0x4b0
[  236.412576][    C1]  copy_process+0x1706/0x3c00
[  236.417253][    C1]  kernel_clone+0x21e/0x870
[  236.421757][    C1]  __x64_sys_clone+0x18b/0x1e0
[  236.426521][    C1]  do_syscall_64+0xfa/0x3b0
[  236.431028][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.436922][    C1] 
[  236.439245][    C1] Freed by task 8250:
[  236.443224][    C1]  kasan_save_track+0x3e/0x80
[  236.447902][    C1]  kasan_save_free_info+0x46/0x50
[  236.452933][    C1]  __kasan_slab_free+0x62/0x70
[  236.457701][    C1]  kmem_cache_free+0x18f/0x400
[  236.462467][    C1]  exit_mm+0x1da/0x2c0
[  236.466547][    C1]  do_exit+0x648/0x2300
[  236.470710][    C1]  do_group_exit+0x21c/0x2d0
[  236.475307][    C1]  __x64_sys_exit_group+0x3f/0x40
[  236.480355][    C1]  x64_sys_call+0x21f7/0x2200
[  236.485059][    C1]  do_syscall_64+0xfa/0x3b0
[  236.489575][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.495485][    C1] 
[  236.497815][    C1] The buggy address belongs to the object at ffff88807de960c0
[  236.497815][    C1]  which belongs to the cache mm_struct of size 2584
[  236.511781][    C1] The buggy address is located 2560 bytes inside of
[  236.511781][    C1]  freed 2584-byte region [ffff88807de960c0, ffff88807de96ad8)
[  236.525778][    C1] 
[  236.528108][    C1] The buggy address belongs to the physical page:
[  236.534602][    C1] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7de90
[  236.543370][    C1] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  236.551967][    C1] memcg:ffff88803374c401
[  236.556210][    C1] ksm flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  236.564119][    C1] page_type: f5(slab)
[  236.568103][    C1] raw: 00fff00000000040 ffff88801a84bb40 ffffea0000cfc400 dead000000000003
[  236.576691][    C1] raw: 0000000000000000 00000000800b000b 00000000f5000000 ffff88803374c401
[  236.585279][    C1] head: 00fff00000000040 ffff88801a84bb40 ffffea0000cfc400 dead000000000003
[  236.594036][    C1] head: 0000000000000000 00000000800b000b 00000000f5000000 ffff88803374c401
[  236.602739][    C1] head: 00fff00000000003 ffffea0001f7a401 00000000ffffffff 00000000ffffffff
[  236.611417][    C1] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  236.620094][    C1] page dumped because: kasan: bad access detected
[  236.626513][    C1] page_owner tracks the page as allocated
[  236.632234][    C1] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5203, tgid 5203 (S02sysctl), ts 33653808155, free_ts 30898579963
[  236.653334][    C1]  post_alloc_hook+0x240/0x2a0
[  236.658118][    C1]  get_page_from_freelist+0x21e4/0x22c0
[  236.663671][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  236.669504][    C1]  alloc_pages_mpol+0x232/0x4a0
[  236.674358][    C1]  allocate_slab+0x8a/0x370
[  236.678877][    C1]  ___slab_alloc+0xbeb/0x1410
[  236.683563][    C1]  kmem_cache_alloc_noprof+0x283/0x3c0
[  236.689024][    C1]  mm_alloc+0x23/0xd0
[  236.693005][    C1]  alloc_bprm+0x378/0x5b0
[  236.697338][    C1]  do_execveat_common+0x1b3/0x6a0
[  236.702370][    C1]  __x64_sys_execve+0x94/0xb0
[  236.707054][    C1]  do_syscall_64+0xfa/0x3b0
[  236.711565][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.717459][    C1] page last free pid 1 tgid 1 stack trace:
[  236.723267][    C1]  __free_frozen_pages+0xb80/0xd80
[  236.728400][    C1]  free_contig_range+0x1bd/0x4a0
[  236.733342][    C1]  destroy_args+0x7e/0x5d0
[  236.737778][    C1]  debug_vm_pgtable+0x3fa/0x430
[  236.742629][    C1]  do_one_initcall+0x233/0x820
[  236.747393][    C1]  do_initcall_level+0x137/0x1f0
[  236.752331][    C1]  do_initcalls+0x69/0xd0
[  236.756665][    C1]  kernel_init_freeable+0x3d9/0x570
[  236.761869][    C1]  kernel_init+0x1d/0x1d0
[  236.766193][    C1]  ret_from_fork+0x3fc/0x770
[  236.770782][    C1]  ret_from_fork_asm+0x1a/0x30
[  236.775549][    C1] 
[  236.777872][    C1] Memory state around the buggy address:
[  236.783496][    C1]  ffff88807de96980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.791560][    C1]  ffff88807de96a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.799619][    C1] >ffff88807de96a80: fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc
[  236.807675][    C1]                                            ^
[  236.813834][    C1]  ffff88807de96b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  236.821892][    C1]  ffff88807de96b80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  236.829949][    C1] ==================================================================
[  236.838013][    C1] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  236.845211][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted 6.16.0-rc4-next-20250702-syzkaller #0 PREEMPT(full) 
[  236.856325][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  236.866394][    C1] Call Trace:
[  236.869675][    C1]  <IRQ>
[  236.872522][    C1]  dump_stack_lvl+0x99/0x250
[  236.877124][    C1]  ? __asan_memcpy+0x40/0x70
[  236.881740][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  236.887115][    C1]  ? __pfx__printk+0x10/0x10
[  236.891808][    C1]  panic+0x2db/0x790
[  236.895710][    C1]  ? __pfx_panic+0x10/0x10
[  236.900144][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  236.906040][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  236.912378][    C1]  ? print_memory_metadata+0x314/0x400
[  236.917847][    C1]  ? flush_tlb_func+0x23d/0x6c0
[  236.922704][    C1]  check_panic_on_warn+0x89/0xb0
[  236.927650][    C1]  ? flush_tlb_func+0x23d/0x6c0
[  236.932506][    C1]  end_report+0x78/0x160
[  236.936755][    C1]  kasan_report+0x129/0x150
[  236.941261][    C1]  ? flush_tlb_func+0x23d/0x6c0
[  236.946119][    C1]  kasan_check_range+0x2b0/0x2c0
[  236.951086][    C1]  flush_tlb_func+0x23d/0x6c0
[  236.955772][    C1]  ? sched_clock+0x3f/0x60
[  236.960195][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  236.965399][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  236.970605][    C1]  __flush_smp_call_function_queue+0x370/0xaa0
[  236.976775][    C1]  ? __pfx_flush_tlb_func+0x10/0x10
[  236.982009][    C1]  __sysvec_call_function_single+0xa8/0x3d0
[  236.987914][    C1]  sysvec_call_function_single+0x4f/0xc0
[  236.993558][    C1]  asm_sysvec_call_function_single+0x1a/0x20
[  236.999539][    C1] RIP: 0010:handle_softirqs+0x1b0/0x870
[  237.005098][    C1] Code: 89 64 24 30 0f b7 db 48 c7 c7 a0 99 89 8b e8 87 55 f1 09 65 66 c7 05 c5 4e 3e 11 00 00 e8 f8 55 42 00 fb 49 c7 c7 c0 c0 00 8e <b8> ff ff ff ff 0f bc c3 41 89 c5 41 ff c5 0f 84 c2 03 00 00 89 5c
[  237.024709][    C1] RSP: 0018:ffffc90000a08e40 EFLAGS: 00000286
[  237.030785][    C1] RAX: 574809cd86862400 RBX: 0000000000000382 RCX: 574809cd86862400
[  237.038762][    C1] RDX: 0000000000000000 RSI: ffffffff8da6993f RDI: ffffffff8be4b100
[  237.046820][    C1] RBP: ffffc90000a08f50 R08: ffffffff8fc29e37 R09: 1ffffffff1f853c6
[  237.054812][    C1] R10: dffffc0000000000 R11: fffffbfff1f853c7 R12: 000000000000000a
[  237.062788][    C1] R13: 0000000000000000 R14: dffffc0000000000 R15: ffffffff8e00c0c0
[  237.070789][    C1]  ? lapic_next_event+0x11/0x20
[  237.075662][    C1]  ? clockevents_program_event+0x24d/0x360
[  237.081475][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[  237.086257][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  237.091556][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  237.096763][    C1]  __irq_exit_rcu+0xca/0x1f0
[  237.101382][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[  237.106587][    C1]  irq_exit_rcu+0x9/0x30
[  237.110840][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  237.116483][    C1]  </IRQ>
[  237.119427][    C1]  <TASK>
[  237.122378][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  237.128376][    C1] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  237.134115][    C1] Code: cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 83 86 11 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  237.153728][    C1] RSP: 0018:ffffc90000197de0 EFLAGS: 000002c6
[  237.159829][    C1] RAX: 574809cd86862400 RBX: ffffffff81971188 RCX: 574809cd86862400
[  237.167803][    C1] RDX: 0000000000000001 RSI: ffffffff8da6993f RDI: ffffffff8be4b100
[  237.175788][    C1] RBP: ffffc90000197f20 R08: ffff8880b8732f1b R09: 1ffff110170e65e3
[  237.183771][    C1] R10: dffffc0000000000 R11: ffffed10170e65e4 R12: ffffffff8fc29e30
[  237.191751][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff11003a57b40
[  237.199730][    C1]  ? do_idle+0x1e8/0x510
[  237.203987][    C1]  default_idle+0x13/0x20
[  237.208333][    C1]  default_idle_call+0x74/0xb0
[  237.213106][    C1]  do_idle+0x1e8/0x510
[  237.217179][    C1]  ? __pfx_do_idle+0x10/0x10
[  237.221865][    C1]  cpu_startup_entry+0x44/0x60
[  237.226630][    C1]  start_secondary+0x101/0x110
[  237.231404][    C1]  common_startup_64+0x13e/0x147
[  237.236353][    C1]  </TASK>
[  237.239714][    C1] Kernel Offset: disabled
[  237.244037][    C1] Rebooting in 86400 seconds..