last executing test programs: 6m56.135951314s ago: executing program 4 (id=276): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) gettid() openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/25], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0xc8}}, 0x20000880) sendmsg$WG_CMD_SET_DEVICE(r7, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8010000", @ANYRES16, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x0) 6m55.113151799s ago: executing program 4 (id=278): r0 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0) r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$TIPC_CMD_SET_LINK_WINDOW(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010025bd7000ffdbdf25010010000000000007797a3200"], 0x30}, 0x1, 0x0, 0x0, 0x4090}, 0x4040080) 6m54.90952686s ago: executing program 4 (id=282): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f00000018010000646c012500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000001040)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180000000000000000000000000000008500000050"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000200)='fdb_delete\x00', r0}, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x8) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000200)='fdb_delete\x00', r1}, 0x10) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1fe) fallocate(r4, 0x10, 0x2, 0x7fff) ioctl$BINDER_GET_NODE_DEBUG_INFO(r4, 0xc018620b, &(0x7f0000000280)={0x1}) r5 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000f00)=@newqdisc={0x74, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x44, 0x2, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x1ff, 0x4, 0x2, 0x8, 0x9}}]}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x74}}, 0x0) ioctl$SIOCSIFHWADDR(r2, 0x8924, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"}) 6m54.506224502s ago: executing program 4 (id=284): syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000000)='./file0\x00', 0xa00a14, &(0x7f0000000080)=ANY=[], 0x1, 0x322, &(0x7f0000000580)="$eJzs3M9LI2cYwPEnP4xJxEwOpaWF4kt7aXsYNO25EIpCaaCiplQLhVEnbcg0kUywpJRqT72W/ge97EE8ehN29x/wsrfdy1725mVhDyuL7CyZH5roJO6OZqPr9wMy78zzPOP7khieCc4c/vjvb7WKrVeMlsTTSmIiIkcieYlLIOZv4+44Jd225fOJZw8/Xlxe+a5YKs0uKDVXXPqyoJTKTd39/c+Mn7Y/Lgf5nw+fFp4cvH/w4eHLpV+rtqraqt5oKUOtNh63jFXLVOtVu6YrNW+Zhm2qat02m1684cUrVmNjo62M+vpkdqNp2rYy6m1VM9uq1VCtZlsZvxjVutJ1XU1mJUwq9OhtVd5ZWDCKEYvXrngyiOqF4zgDwk6saCREJHMuUt4Z6rwAAMC1dKb/T7gtfaT+X3Ju/99JPu3/dz+535r4YS/n9//7qbD+/6tH3rl6+v+0iFxp/58OWf35jujG23qT5Ev1/7geps5f08Z69prNopH1/35df/+0O+0O6P8BAAAAAAAAAAAAAAAAAAAAALgJjhxHcxxHC7b+zxenGd6xUc4Rw9Pn9dfG/Tumgv1RzxPDsbi8Imn3xr1kTsT6Z7O8Wfa2fjxInBZNjt33g68zDu48Uh15uWdt+fVbm+WEGylWpCqWmDIjmuTP1jvO3Lel2Rnl6a0fk2x3fUE0eS+8vhBan5LPPu2q10WTB2vSEEvWO+/rY+ek/q8Zpb75vnSmPuPmAQAAAADwLtDVidDrd13vF/fqT66ve78fEOm6Pp8OvT5Pah8lR7t2AAAAAABuC7v9R82wLLM5YJCRi3OiD5LRyscG5SS6VtgTku2+S075Twge3koHDIJ/pKilukJp+d8/HOXMwfqHM+e4RKmaEmfcm9VlfnvwtVG/HJkf9uuV7BP64L87z6OdOeY/tbc79PVe+oKVDm0w9lofHk7ikp8+AAAAAN6moOnP2O5ubNTzAQAAAAAAAAAAAAAAAAAAAAAAAAAAAADgNhrwGLDkVT1ObNRrBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK6LVwEAAP//mxn/6g==") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc042, 0x0) open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r1 = open(&(0x7f0000000000)='./bus\x00', 0x14113e, 0x0) r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e2793b10d10501200006010203010902120008000000000904"], 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) syz_usb_control_io(r2, 0x0, &(0x7f0000000980)={0x84, &(0x7f0000000500)={0x20, 0x16, 0x1, 'Z'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) write$binfmt_script(r1, &(0x7f0000000080), 0x208e24b) write$P9_RXATTRCREATE(r0, &(0x7f0000000400)={0x7}, 0x2000) 6m50.016128764s ago: executing program 4 (id=301): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sys_enter\x00', r0}, 0x10) sigaltstack(0x0, 0x0) 6m49.873648295s ago: executing program 4 (id=305): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) gettid() openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/25], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0xc8}}, 0x20000880) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x0) 6m49.873307605s ago: executing program 32 (id=305): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0) gettid() openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="0900000004000000e27f000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/25], 0x48) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10) r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[], 0xc8}}, 0x20000880) sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000001040)={0x0, 0x0, &(0x7f0000001000)={&(0x7f0000000040)=ANY=[@ANYBLOB="d8010000", @ANYRES16=r7, @ANYBLOB="010000000000fbdbdf25010000000800050001000000060006004e220000140002007767320000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5427c010880"], 0x1d8}}, 0x0) 13.899844211s ago: executing program 3 (id=1978): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="03000000040000009c0100000c00000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="f800000000f2ffffff00"/28], 0x50) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="fb7526753b740c865e2db3219e816c"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000000)=0xf) ioctl$TCFLSH(r5, 0x400455c8, 0x40000000004) r6 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$TCFLSH(r6, 0x400455c8, 0x0) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000300)={'ip6tnl0\x00', 0x0, 0x7b, 0x7, 0x1, 0xd, 0x29, @private1, @local, 0x40, 0x8000, 0x7, 0x4}}) bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="02000100000080000000", @ANYRES32=0x1, @ANYBLOB='\x00'/15, @ANYRES32=r7, @ANYBLOB, @ANYRESHEX=r2], 0x50) 11.697887502s ago: executing program 3 (id=1989): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000407d1eb42d000000090001090224000100000000090400000103000000092100000001220b0009058103"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff00000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100"/28], 0x48) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000070018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, 0xffffffffffffffff}, 0x0, &(0x7f0000000040)}, 0x20) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc)=0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) pipe(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r6, 0x0, r7, 0x0, 0xf3a, 0x0) write$binfmt_aout(r7, &(0x7f0000001fc0)={{0xcc, 0x7, 0x70, 0xa2, 0x67, 0x6, 0x84, 0x9}}, 0x20) munmap(&(0x7f0000001000/0x4000)=nil, 0x4000) write$binfmt_misc(r7, &(0x7f0000000980), 0xfdef) timer_settime(r5, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r8 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000004c0)={0xffffffffffffffff, 0x20, &(0x7f0000000400)={&(0x7f0000000300)=""/149, 0x95, 0x0, &(0x7f0000000280)=""/59, 0x3b}}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x4, 0x5, &(0x7f0000000000)=@raw=[@map_fd={0x18, 0xb, 0x1, 0x0, r3}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x5}, @func={0x85, 0x0, 0x1, 0x0, 0x5}], &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0xe, r8, 0x8, &(0x7f00000001c0)={0xa, 0x4}, 0x8, 0x10, &(0x7f0000000200)={0x2, 0xd, 0x1bb, 0x5}, 0x10, r9, r2, 0x7, 0x0, &(0x7f00000005c0)=[{0x3, 0x5, 0x2, 0x1}, {0x0, 0x4, 0xa}, {0x2, 0x4, 0x8, 0x9}, {0x4, 0x4, 0xf, 0x9}, {0x0, 0x3, 0x1, 0x6}, {0x4, 0x1, 0x0, 0xa}, {0x5, 0x5, 0xf}], 0x10, 0xfff, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r10}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000500)={0x24, &(0x7f0000000580)=ANY=[@ANYBLOB="40004f0000004f0ed1abc63f6e866bbc4d"], 0x0, 0x0, 0x0}, 0x0) 10.16606086s ago: executing program 5 (id=1996): syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x35d, &(0x7f0000000f00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPNiDurJvyeatLzFpfr/2+4GSycw8u7OZSXk27WYv3/3yo0rJ0kp6Q6JJJRERkSuRrEQlEPEfo245IWGH8srMnz+/uL5ZTHoVaiW/8WpOKTU3/8PHn6X8bmfTcpF9//KP3O8Xz148f/nvxodlS5UtVa01lK62a7829G3TULtlq6IptWoaumWoctUy6l77d/52zNreXlPp1d3Z9F7dsCylV5uqYjRVo6Ya9abSP9DLVaVpmppNC25SPF5b0/NDBu+MeDAYk3o9r0+JSKqnpXg8kQEBAICJ6s7/o05KP0z+vyVzhcLymnI6t/P/k5fOGzPvnM75+f9Zol/+/9ov3rY68n/ndKKd/9e884PSzfn/13KH/L83I3pchs7/s2MYDIYzn+ipinQ8c/L/tP/+dR29d7LoFsj/AQAAAAAAAAAAAAAAAAAAAAB4GlzZdsa27UzwGPy0LyHwn+NBGjT/0yKSdGbfZv4fsvXNLUm6F+45c2x+sV/cL3qPfodzETHF+Mfu5qyN4Moj5cjKj+aBH3+wX5xyW/IlKTvxsiQZybrrKRRv2ytvFZaXlMePb12mlA7H5yQjz4Tjv3dXpxOf64z395+QlxdC8Zpk5KcdqYkpu25ke/+fLyn15tuFrviU209Efrv3SQEAAAAAYMQ01dL3/F3TBrV73zKSL7kfExmyKBn5u//5/WLf8/NY5oXYpI8eAAAAAIDHwWp+WtElatTdgmn2K6RkYNMICrGOmriI9O2c6KqJX7flqdAR3nY8CfHuYPJ/j+ub4FW9S1TwjxTOwFtN/h1VZLjxBMfv1kRiw09T5FDcBXAYborKLcJj3YOfdypU384LA7dz5B9Iqyb42Cgx4HWW1d7tRK9ZCfGeGjsy3AJ47qtv/xrdG+T1U38FfHJz5yPTsA/kNpPSVXB20dsUH/svHgAAAAD3rp30BzVvhJvDNxIJ3yyHv9wDAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBCY/lKv67CpI8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFL8FwAA//8GuPOT") r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_COALESCE_GET(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000300)={0x2c, r2, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_bond\x00'}]}]}, 0x2c}}, 0x4000000) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3) ioctl$FS_IOC_GETFSLABEL(r3, 0x800452d3, &(0x7f0000000100)) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff) ioctl$ifreq_SIOCGIFINDEX_wireguard(r4, 0x8933, &(0x7f00000003c0)={'wg2\x00', 0x0}) sendmsg$WG_CMD_SET_DEVICE(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={0x68, r5, 0x1, 0x70bd29, 0x0, {}, [@WGDEVICE_A_IFINDEX={0x8, 0x1, r6}, @WGDEVICE_A_PEERS={0x4c, 0x8, 0x0, 0x1, [{0x48, 0x0, 0x0, 0x1, [@WGPEER_A_ENDPOINT6={0x20, 0x4, {0xa, 0x4e21, 0x0, @loopback, 0xfffffffe}}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}]}]}]}, 0x68}}, 0x8000) r7 = creat(&(0x7f0000000040)='./bus\x00', 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000002304e800000000000000ea850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000400)='netlink_extack\x00', r8}, 0x10) pwritev2(r8, &(0x7f0000000700)=[{&(0x7f0000000240)="39613c4939eb6255e11fc6a2f877f89ec0ba6d236c2a5710575f155fb06a31dc1ddd4b600590dd6d966eda3f0e1a3026e579bbbcc2ac0aed647f7a1f205e14fdc2ef5c8fcd4e9fdb6c5913bcf4e24b8a2bf487215622a67c8ae01e5b6418410bf5bbe36d3a534ae979b1c70598dd4282ba47239c40bc041b46f16662a8e6a10cb59b9950bf3badcd5a942c4e2f41da5c52e1512c9c5f906233c78106ffcfd25bd25378c1d4c585463554de412017ae720e082591", 0xb4}, {&(0x7f0000000580)="2907c8384479983e5b349e18e761bda12a338e8e9dbedfba2f32607ecb96d378fd2228021a90de1b101805b537f7f9b6e50d9aa14c00a679173eb7e70930b8c57d09e61628165919f62ab716081fd017de540154c2f5f479adcb03a66043dc369a2e5b079dc6f377cb2772d94df67982804f05159e7bdfb07bd5a91b8592b31199c9e0bdf2ea8c0d46ce67424244ccc9e4489bab7b73c252bfb8c85d9718eec9cea8ba72dc23b2032c92caa85830bd2df18496d186b95bf409766d21703241e6fb7dee1eb96c6fcf2180229976b0", 0xce}, {&(0x7f0000000740)="73efe6aba0022e0c4d70d96487809854064af5d0eadbb376d8b41550ff6497fba1b32ad44c96ca10f05078cf2744a02a2c40f91fe0f0eeef3b935118c9ce9426094d8268df09b9710d4791c97075c9266a44c523a26142672f5918ddeb419c0a49573efdf91c9f3a4a9fbfc3cb892dd4ebf77f596f4b980fe70445b7bf06271960dfb579e55b4bf42c51e1b90b3a76f02c7b0e8c0e9bd98673d4b141cefc25667efbb5", 0xa3}, {&(0x7f0000002280)="79653b73c1d320c2eba805cfc4f8261f30dc3abf6ebb85d9cd9ea009e1f9b54a631660cc4b76333c74e0f2210da04365d5e0b1201bf17b8de47a6fb10cf1c320e8cd4579480db86e7016428db6df93699ac74df1a54a9907adb943cf885b816327db72effbbc85d9d1f92ee16447af625311d4f2268e23293a08ff9a6fc21c34b222a45a1211c50f621961bb4203fc9f3b768b20f41197837a43abee6e5c6a531c50c3e6ffed148287ce845199f582f1eb3711e6c2ce26010faf7c6a582e2cd39c96b49b3cde5c23bbbddec2ed0f0609b5fff1fca9ffa6b2275b04ad1906eab23566de6a5fd68b72a5e022dcc00f8eece946bfccd3beb223722e19dbf44592fd2272a8375f3092d5cee9dbbad6d7b79a6c861bd70c12935c70b90399fb132868f98d2f1c119b57e56a2fd2678ae7f8851cbfe9b3450c4af9c2ba1647004ec15b1447eeb945acc80d5c0e8238e9516a5b5f4302e3912f6f750f9b49d01b549e7224cafaad7070e06d80abdb6cd2a2eb607e38f377a433b37e90b606c982b04756dc6a4f8bda30bedcefb812e6b197d9754ea94d5b711b319627416d631005f8f019e8418fc7555473ba157207f50c235dcae87836bf4de48d05071d8a66387161a1660dba024760da12a9795c274a18b8e1e3651bde7e2328eda0067a6d6982c95c74b8b9594117957cf603bf20f52a9cb662f9a913b706489f9665b8ad46c9eae0f2bc2ded44f0f3096eac08faaeb102cc44f3cbd0d5e1624f115ccba08277b9c979d38bb0719913f5c4bf4d8fccfd031b6f65e431619abc7d65d185925e8f334f2daf3a2b14338f99ece756401f2eb1490482820b5e7696a2257ef7469d1ce4c19ab7c3b7b2f25a1e146a0dc94273ce4f5e8a6968f54aad0c21b4bc6588ec4f76de053fedd86f285f82d7146ac6161d368d8b6a7d55bda3575e691fd874b7c143932295692989a2ac69ce2343a36f93b866d9e7d9615c022cfee5fa62776f4a393dd873f24526b58734e981d1169bc5727559344926719be21244e81e447fcbdb853e772da48e85414f5b497d6a09bd40e795adcaf0c592d928e4721b8a4946ed7948f896273a8e1623e8ffad2f37b422f1d97ffc134500a385d8043626814e9881df2fa92cf99c1f2ed44adaa78c2cb9ba757c8b5724c16ffa72d853797f3369fadac4babdd3409c9f419195214b79790ff982f8dd37a6beb3c8dc9bd31d5124f23be1b29d33447f7ddf55cefe38896adc71c3d54b0f621421ae6520f1ab6d5c7f7b9b04c0dab4ddde883fa45d0d090e60914a4b38d132e375c9d7622b222a642547d017456319b1d996537042cf16054577b4c5d89f993df539ea77e116935db2134957b9cfddae086ab79d4ed7ed832db47da6a6c4b76c8efd6b31196c7730c201336408026053f5f9f57ff7b9ce7429e0af935f3ab5c7afb26b4e765a22a681765c021f637fa84b2fd97f3ee8142f65b008467bb53f9534ad4e371f90d91b2facdbc75ded58a91ce2004f4fdf6332fe9dbeadcc55e63c26a841b35d70e8a17273cebea3eca1b773b992ce7d15359563a3ee7cc10572d70257eed85e0b2b6c363ce6c7e8d141146abbc28a4dd5ea9518bd0cb793ff8355dc4980d746b801023d6822356f5f0527d36e3d321ef4c6ddc264acfc9e7d581aaf641a9d34915d36be9abd5e7ec76a1fcacc0af791dd6b2fe7a7532f8edc063f30d0ddf18d2790b1bc082f67b733beaea703022debaf66f1e71b7c3fa267dbfe63c5cf40899d4ecb886ca25516cf233943a268324836a305bb2d7f8921ab5abfbd14d16937b9fc6197be4ad91c01e61e96d3f50fbd091388806950bd5f218f7d8e459150ee89215108d9a34d6d303c737eb57f65d3e4034e7463f50238f8d06bed040144cf1bbbe87075ca623c529735987026acbc1bb1d0361f3ebe8335c5c99be6d51d18c402afdd5c3a15b64f1c96bf01051e10122d1d45b638fa0de875c6ed6ff2e90c9c6e6b75476639b1301fb229262428637372bc78baf3795930ceff9aabc1b7b1515ec1b8871e6acfdf1af75c41f93be9ad0b6c3041929b9625861ee7a767dd15e3025d6ac95af062d25b831f859fdb2917916d2380de7a771a47df5c0d23f4d8580ce56d82203d1a5745b987a2692d4d93acae5dd2b7da2649b299021b059354739bc84d8c45c4ed3b5d3355108514394ebf41d94c842279b63fdc58804bd6265066c59cc9c0098d3cd097e846e2df28dc0c4f0685804911249ccb71eae798d14a14c550a8c8fd05994bc564e284f9fe9d8fe4c92009299cf11946e704bf9c06dec2334693225d2202de10f9746513052cf4675fe5a2b5caf5e550440e3924aee92d5dca217d95e8659291a9eebf41c86fce6c0833f5338e976d465b6bda81994b14e42f46789665fae742b92c7a3fcce6e6c165a603e07041b61c4e4b1a5747141a42a916087b6cd73af0daaa31b5b2ff781a1b7781eef0e62838cda05ce5942b1acfd645b54dd97c421a4e9a3f41e89f36ce4a1a7fbfba7271f51ea2409ebfabca6b481a3036a291687d650c139671c0a2836fa0bbd3a0f37b8e043301123bcaff7c4a08b33c563764e7df5bae36868c424ee119096271683b335cb7866c7d76a794bca8da9718355de06dd91c2fce7450cff2cf32e9a95f5808da354cbbb3faff27a213fa262b830fb019dc147ca51a67429c9651817fb1806c568ac5549d277efc4102330fe507686306c3730c08b238a2c1bf24b58eb8d17f96aa338e5c84573fe2d395328625cc05b68117969d4a1b4b046e05fccc2ac483298e4a9203cf96c41d9fbbb9308cd7761d53692a6975325ff8e2111564e29e2860cc933d51216aee6281b0321e0f98525ff1c8c05906e79289cabe0f7ea87cdcc61051f1934760ee5569844e9ed469cd3617de294cca18faacdab5c75c28b04f24cdea287a731e0d4cca901ea6fc779a13a40f2b29cd3822fd29822a579d16c0f4034f868f9272b0d1025624bab622c3d6c6e5d4002a240566738301e0cbcf60fc726d70a26a3d9d5c379420250793ad195f4a8509723cd973273673dc6a5f683064b33acd0cdf030b5ca0debe4f4968b3386aed30a9778481c14c453382d2da4ded5c45571d77894b89bd294ed97e35621aa3312cec682160ebfc3223a06cb40a751e1e755f7d62de26cc27ffab3bbdf78ea150bff737f5aabf5586ae15dd1c845778181397d2fc817577f97bf67347161f0e5cac208d732258b53fc98b55f4be3973610b6eea17d80261240a65ea3509404f1ed77a09c6945949f49055f0b819506e253e660dc111b556229f96198afa55829d28f28e3984ceb88005ce34443a708aa356439c0e68b3765ca799b7655b34453725c561bcca50c110962bac40651664a47fca956c1f97aa26934848346d0f09de3045edad3d170b3414a09597e01b71855009ef87e126638cab40523ec3df9b39c7105ac11c15bf1246fa83a62039a5e863d73e332d5c58657a906240b36a1d2ab9a7ed6a587d726788a6e2586bafd5562c2c130b355b1128b5335085911ef2c338dca119f92fa74bd97f189148bde23f773df378f7ddcf3b8e1778e3dff76380ca4c3993bca52b05b14c760af24aae6be004607046b88a3c6596910c75d6cf10ac27b9ef85defe2e4fcfe813c353d352ed6d3f26665012798168cb0e0b827ad89b71c605a322cbba043dbf7a568d92d4be92e1f0ba3500d6909e2193360330e3a93ed626d927c2f40423767e75ad25d87f86b3b7254e9e60e500f9e2574340b06f97c44147d55f064f43986c01573883524e533977ce36b1318b3ba83bef469b52882cecb06451ba2ac201464212662acc3ac02bc4723979c969bd596d060da51288dda5a6b15e393049f05eb320dbc094f74449a2ed9d986e1b54fcb8b535dfc9690587326bceed92159b81ea4458c0cf18dfad769a0d669b22e8cbcab3ab12e8eec2753a442202bd61f1c6d13b3cba9e42d5841c7acf7adf3082d924957cdb574826c15b43eaaddcd14b9b8293f54470298a98155105fdd98a8ce0a265a4924a2463e9e6bbd7c18e5e845065839b8e706d6e477b1b1b46b17885d69a64ea3ff54c0604497075ca62e692e0cda9643b519455af293a4ccd5aee587fbfc4cbfd52884c48106f432eb5d6b81233c6697f177c59d5f79df8fe9d69cd92c184f46076e088d7082f4f3b7f66d07518c6939ddfef9794a027c0f853e1275d7b874a8bf02ef78b7b8583d0a575aa2270d2aa8d70a8f4fc3d51d7f182787e5d6ebdff0c0582a48260ad21b23903b33517293b85e8b8f1e7ae95f8792ee4545e60857d20d12adafbc235ac54601ec909056f9c0eea2721efd293a99d9320a1a531ee66f6618bac2e028fe15721c288ee88faeca8076b535b1c6d6ca0e02c57dcba74572e20114284c7bd9ddf7df11bd59e84a41bd03e9d5bc7b6f765d907426347c90465dba9012beda721cd932882772048d0ca4455bc4dbcd4acda61f4f208b69cb910630b83db8d27689b9c43021bd39217b96b91afb29823e9c49681e4c495ae9f04f0dd82fdf8c258fd3c5ce324205459b3f358d1420d0806e0d9a1fa067848a93ddbb51570bc621cc41bca609c0aa15fc912a4e51cd91ae568d19f570166b083192534ea3cd29c5726341be480b5a741515b58bb1b51975e533e74abef255dc58e0e14a5a14bff4f223c2f2b9670c6b04a5a91559e6efcaf75be1d78360f1315af97c7cdc8a030ccd9e7837e54c60caffbeda6d44f1ba0284f7376be41a4bdd9b5120cf286c7ea5afeb67cad41201335274700bfb81fd523390266bde58949978d0a92b3d79feab8b5c6cbce139f8483a2a7b02e1da5bc2100fd1601a70d9c2427136a161790a78188acac90749cace1293aeea3982d932542252924a481772561dece7b966e70e577221ad14a48303d0f725f25fd1813090976c2327d890a944efffa5c1ab382d369c66b81c7b0dd84fbd131643eab083076b374491f61d69eb2515fecf68c1d499b3f89b28bc8d0309a967e0ae1dacb9bf59002aea604aa07b731e330c34ba1d2deb90eeac4b5b8faa47da5a945c90bf8a304638ca71dbb52a178511dd124f1cc55eb6840e808baa085578bc40a1978224f5265e1ed11c518b57d922935fd3d52615326abd56adf43c16e03f4a01bc06489e30ada0ec79e33065122fb82eecb2a8358cb70c255255882b42c82866a48874bd568700002057ae52e54de31ad871443c286058aa1f9452b9367c53284fc4862b504884ae9f3db023b7c736b56ca72a33341fec2292593f5a07b29424c66d5be7f657e18134d9618b9738a12a539e09d31f83953c659d5d8a4bc4719ee605d355eb974386369eee806550cf16614a3ccbab5901db2789009440112851a75e1df1d234e473967d52077187b02a332c8d8517326cefb5e5dfb1003263ecc5181ab80b315620d5ef5d659931665a8e5d0136d64ff97487d8465455e6ef7eb0a5a9df4426aa6998cd4c5ba41c896a7719f576a36e697945217740e39ad7bcc5c9090d5fe15d132306e51d613a53fa06be2a0b80fa14bd578e88d98a7c1697e9e41e8a1d0027fd56bd4ef4981f523b737216ecf54bc370cb101688c02a3f9d2d5d687b981c7a9477aae583886ed8d1ddffbfedf6345a95e1e1b2202fa3592417903740af127880bc1b39d885353c82c051b9c894e781e9d97ef3dc8e89130cfc63adeb433a047efea80e942bbd4d8c070e809e1ee2e10e5459328d7a9ee39858c56c9f5de5a1195d7da6ed8c09781f5ffed04faee6e97787676477f9c16", 0x1000}], 0x4, 0xe99b, 0x10001, 0x4) r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r7) ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r7, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000340)={0x1e0, r9, 0x1, 0x70bd25, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x51}, @NL80211_ATTR_IE={0x125, 0x2a, [@perr={0x84, 0x10e, {0x1, 0x10, [{{}, @device_a, 0x4, @void, 0x16}, {{0x0, 0x1}, @device_a, 0x4, @value=@broadcast, 0xe}, {{0x0, 0x1}, @device_b, 0x7fff, @value, 0x31}, {{}, @device_b, 0xffff8001, @void, 0xa}, {{0x0, 0x1}, @device_a, 0x8e, @value=@device_b, 0x32}, {{0x0, 0x1}, @device_a, 0x101, @value, 0x15}, {{0x0, 0x1}, @broadcast, 0x3, @value, 0x7}, {{0x0, 0x1}, @device_b, 0x400, @value, 0x2f}, {{}, @broadcast, 0x5, @void, 0x1f}, {{0x0, 0x1}, @device_a, 0x6, @value=@device_b, 0x7}, {{0x0, 0x1}, @device_b, 0xffffffff, @value=@broadcast, 0x28}, {{}, @device_b, 0x1, @void, 0x18}, {{0x0, 0x1}, @broadcast, 0xf09, @value=@broadcast, 0x28}, {{}, @broadcast, 0x80, @void, 0x23}, {{}, @device_a, 0x8001, @void, 0x1a}, {{0x0, 0x1}, @broadcast, 0x73, @value=@device_b, 0x1a}]}}, @mesh_config={0x71, 0x7, {0x1, 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x6, 0x1}}, @mesh_id={0x72, 0x6}]}, @NL80211_ATTR_IE={0x87, 0x2a, [@erp={0x2a, 0x1, {0x0, 0x1, 0x1}}, @chsw_timing={0x68, 0x4, {0x9, 0xc}}, @tim={0x5, 0x5b, {0x2, 0x4d, 0x2e, "9308dbb6691255745a33529b9f6ffc681d3d1600ef9477565f89b4a48fd791356ed44c21290d9025b0eb8b9bc11f2ddb713dc5547550b708c9126ff6d736796cbaddd2937cc31c2c199f5bbcda0d1aa7a2c94b1b2f68e760"}}, @rann={0x7e, 0x15, {{}, 0x4, 0x1, @broadcast, 0x3ff, 0x9, 0x4}}, @ext_channel_switch={0x3c, 0x4, {0x0, 0x8, 0xad, 0x7}}]}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x1e0}, 0x1, 0x0, 0x0, 0xc001}, 0x10008804) io_setup(0x200, &(0x7f0000000140)=0x0) io_submit(r11, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x2, 0x1, 0x0, r7, &(0x7f0000000000), 0x77000}]) truncate(&(0x7f0000000300)='./bus\x00', 0x6) 9.693841442s ago: executing program 5 (id=1997): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af81a45b734cf2dc030000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000009500000000000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000020000402505a1a440000000010109023b000101006000090400001a02060000052406000005240000000d240f01000000003900000000090582020002000000090503020002"], 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="d4000000190019a9000000000000000002200000ff02ff000000000008000100ac141412"], 0x1}}, 0x0) write$binfmt_misc(r3, &(0x7f0000000140), 0x4240a2ca) splice(r2, 0x0, r4, 0x0, 0x84ffe0, 0x0) 9.221791905s ago: executing program 1 (id=2002): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000407d1eb42d000000090001090224000100000000090400000103000000092100000001220b0009058103"], 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_usb_control_io(r0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000500)={0x24, &(0x7f0000000580)=ANY=[@ANYBLOB="40004f0000004f0ed1abc63f6e866bbc4d"], 0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$selinux_access(0xffffffffffffffff, &(0x7f0000000040)={'system_u:object_r:setrans_var_run_t:s0', 0x20, '/usr/sbin/cups-browsed'}, 0x53) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 6.855920016s ago: executing program 3 (id=2007): r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x77, 0x29, 0x4, 0x20, 0x424, 0x9901, 0xc257, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x43, 0x0, 0x2, 0x31, 0x7d, 0x55, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x200}}]}}]}}]}}, 0x0) syz_usb_control_io(r0, 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f00000003c0), 0x5, r1}, 0x38) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000001040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='kfree\x00', r2}, 0x18) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000500)={0x44, &(0x7f00000001c0)={0x0, 0x13, 0x4, "f2c93366"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) rt_sigqueueinfo(0x0, 0x2, &(0x7f00000001c0)={0x0, 0x0, 0xffffff09}) close(r2) 5.807343791s ago: executing program 5 (id=2010): socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000004584286e000000000000000000000000a6eb5c81eebd319d2e2e58898304c20a027cd2b49a9243c87a76608b6945ce3351dff3848ecf64298e71ec7c6e9fc1f7b32f9f95e3b15329f70e52bbf82650"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00808000"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) 5.504182403s ago: executing program 1 (id=2011): prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="500000001a000100000000000000000002002000000000000000000005"], 0x50}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) tkill(r1, 0x35) r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37) close(r4) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='syzkaller\x00', 0x7, 0x1000, &(0x7f0000000240)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000013c0)={@map=r5, r7, 0x5, 0x18, 0x0, @void, @value}, 0x20) 4.964699305s ago: executing program 5 (id=2014): r0 = socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r1 = socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000004584286e000000000000000000000000a6eb5c81eebd319d2e2e58898304c20a027cd2b49a9243c87a76608b6945ce3351dff3848ecf64298e71ec7c6e9fc1f7b32f9f95e3b15329f70e52bbf82650"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00808000"], 0xb8}}, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000240)={0x0, r1, 0x61cd, 0xe7, 0x8000, 0x4}) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x19, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 4.603628577s ago: executing program 1 (id=2015): socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000001857489c5d44a3dc33b51d8a1c54d764423b4507687e70233ab03e1b4ac9716da9486ce85ef1ee6fd8dd30eaa44b97d877b59cdd8a6af27f9c65f7e2b3c5630ea315dd77a427e89b72b29bbe7865c1bd60d9a371b48dc08884a8d6c4872b2ecbadf2bd0c90994e0832948536b863ba140e8a2f53502977e26528f388e37fd3c23e38d41ff7a133f7e74fee0c47d44688"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00808000"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) 4.347263328s ago: executing program 2 (id=2018): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) userfaultfd(0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(r1, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) syz_open_procfs(r1, &(0x7f0000000100)='net/nf_conntrack_expect\x00') bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xe, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = socket(0xb, 0x80000, 0x2) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(r4, 0x5) syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) mount$incfs(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, 0x0) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x2000, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@redirect_dir_nofollow}, {@verity_on}]}) syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0) 4.04425546s ago: executing program 3 (id=2019): syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000540)={[{@test_dummy_encryption}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x200340, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) faccessat2(0xffffffffffffffff, 0x0, 0x0, 0x1100) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r4, &(0x7f0000000040)={0xa, 0x402}, 0x1c) setsockopt$inet6_int(r4, 0x29, 0x3a, &(0x7f00000003c0)=0xe03, 0x4) sendto$inet6(r4, 0x0, 0x0, 0x2200c041, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000a00)={0x2, 0x1, 0xfffffffff8471910, 0xfffffffffffffffd, r1}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r5, &(0x7f0000000180)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$exfat(0x0, &(0x7f0000000f00)='./bus\x00', 0x2065820, 0x0, 0x0, 0x0, &(0x7f0000000000)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb0100180000000000000040000000400000000200000000000000000000030000000002000000020000000000e800000000000000000105000000080000000000000001000085000fffff0000000001"], 0x0, 0x5a, 0x0, 0x0, 0x6, 0x0, @void, @value}, 0x28) vmsplice(0xffffffffffffffff, &(0x7f0000000900)=[{&(0x7f00000005c0)="57bdc0b92b265db91d831adafcd6a30f532993689201211c61a94fc56ec2d9514ed4e1b881e36226c6f23f1218cef7fb56686598499a3a62bb8b99ec526960b027153a2d6090954a65a561ba52adbea11151dc056100225bdcaa59871133b7402d512c5acc8848e1dd366e819650255af24f4d8f838ec2c16e5bc19010279aafdf7eb5fe558e41a5859bf8f894f89ca47f8c98d83f207d52689e40fa7d916c7d03cf8e580d654696e68825797d402277481e8117d6a8171071ab882877d22cce", 0xc0}, {&(0x7f0000000680)="72698f9009ca837a1c60ed2f", 0xc}, {&(0x7f00000006c0)="817d913d58a40f3af2776550c99d7d4c993811bb12dac249f1408119498e9902b458ac8a7fcfff711e5f889a375d3e44f67d0e45c433709bff44236935fc1a3954e6841ffe5e7c7a2ec7513b777e2138981c8b029fbb2d76c2fd0c2a134abd81dea1565d1200d56606c6736b46b3e499d09552301149f4f6a92efe595e87bb15cc0c6c07f5a1bb5a56d8870634e533b102971f4ae9cb6a20935000519219b139b4028ec858faf50f0ba063169746211a0679cb4f534142c9bbdf9e3e0090cabc4a7eb70bf9a5d7e68680c769278d7512c9e8a8b1ff9aca155225f7ebf0b42ece6b3b", 0xe2}, {&(0x7f00000007c0)="626b584ebff92323031372b05cf25b9586bfb618", 0x14}, {&(0x7f0000000800)="20ee1d78a35d8a6cc444921c5ea96b9c8912524b36b55d1a82a0252a012723765772b64445fe3bd201a5e72f05f1fd83fbe48c405dee530cc39a21bb3163a627225e38cf33b5a1c22094d9e4a6dd229386e315825f4ba6b9dff1954faf3a92d20c437c2a10c474836cd5c87560fe63290489a6f731f73c9a14ad9b8cb84390fa361583e58e967a4d80ec155848d917c51ab5447ccff732cac11324d53552af2a15880ec71a959940674a75b9e60112daa3e1ee92f235e6f1ee1eed3422236e5b11", 0xc1}], 0x5, 0x7) 4.04324649s ago: executing program 5 (id=2020): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4) syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000140)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0xfd, 0x1f9, &(0x7f0000000300)="$eJzsmb9v00AUx793dpw0QlQsDCwgUYkOrWM7gLowwD8AUsuvjYiaqtRtUOqhrYRExMLCn8HOxNCJgY2NFQZAQmIgI/Ohu3tJrnUbxcgoA+8j9fy9u3fv7l6d75CAYZj/lu/ffn99fWtlbQnAGSygTuM/vXGMdOK/NEh8fvNh5+zzw+P5dCwtfT/tGTx4yEkrpZQ7t0DPNUir7zaPrL0PgZD0I0jcI51C4CHpp47uzpHI0vBxN1t/spmlkW5i3SS6abv5fQCDvsA6gAadTzjzu/sHW50sS3vHRU0N9ylMlRWTaucD/uCmxA2nfvp/8ODVy77uD2sTDesHIIZETLoNgVXSK6gjDEP9CtiSOPe/4I/ze9Pcv7xQ4natijxbnQBWnFueFLxUyV5/KQIAs9u9tOhXlOftPDDz6whnZE4L/YEejZwfHH4srvrxLw92qdqEPo5aD8izC8GfmlYExampREAbnRgz9k9tuVccf/Lhj/yjlW8/a+3uHyxvbnc20o10J0na16OrUXQtaRlvtu0E/2sYf2o6+WunxAYiwF4nz3vxHpD34lE/sa3juKvvur/MGmn8T2Lxss2hXxVz7frJewj6k+ap1aJ36uEZhmEYhmEYhmEYhmEYhmFKcRHCfAtKP1QppfACUPN2Vg1J7pj+nwAAAP//OnFOUQ==") socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e) recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', 0x0}) inotify_init() syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0xa1008a, &(0x7f00000003c0)=ANY=[], 0x21, 0x150f, &(0x7f0000000480)="$eJzs3AuYjtX6MPD7Xms9DE16m+QwrLXuhzcNliFJDklySJJkS5JTQmiSJCExzpKGJMlxkhyGkBymMWmcz4eckyRpkiQkJFnfNW199t7tvfv2/9/3ub7/3L/rei7rfp/3Xu/9vPfzeg7v9c63PUfXbV6vVlMigv8W/Os/yQAQAwDDAeA6AAgAoFJcpbic9fkkJv/3XoT9uR5Ku9oVsKuJ+5+7cf9zN+5/7sb9z924/7kb9z934/7nbtx/xnKz7XOKXs9L7l34/n9uxsf//0Gyy03+cmO5G3v9Bync/9yN+5+7cf9zN+5/7sb9z924/7kb9z934/4zlpv91+8d83cH/xOWq73/McYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLHc77KxQA/Da+2nUxxhhjjDHGGGPsz+PzXu0KGGOMMcYYY4wx9n8fggAJCgLIA3khBvJBfrgGYuFaKADXQQSuhzi4AQrCjVAICkMRKArxUAyKgwYDFghCKAElIQo3QSm4GRKgNJSBsuCgHCRCeagAt0BFuBUqwW1QGW6HKlAVqkF1uANqwJ1QE+6CWnA31IY6UBfqwT1QH+6FBnAfNIT7oRE8AI3hQWgCf4Gm8BA0g4ehOTwCLeBRaAmtoDW0gbb/pfwXoC+8CP2gPyTDABgIg2AwDIGhMAyGw0swAl6GkfAKpMAoGA2vwhh4DcbC6zAO3oDx8CZMgIkwCSbDFJgKqfAWTIO3YTq8AzNgJsyC2ZAGc2AuvAvzYD4sgPdgIbwPi2AxLIGlkA4fQAYsg0z4EJbDR5AFK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A4fww7YCbtgN+yBvbAPPoH98CkcgM/gIHz+H+af+4f8XggIKFCgQoV5MA/GYAzmx/wYi7FYAAtgBCMYh3FYEAtiISyERbAIxmM8FsfiaNAgIaG6vCeVwlKYgAlYBsugQ4eJmIgV8BasiBWxElbCylgZq2BVrIrVsTrWwBpYE2tiLayFtbE21sW6eA/eg/diA2yADbEhNsJG2BgbYxNsgk2xKTbDZtgcm2MLbIEtsSW2xtbYFttiO2yH7bE9dsSO2Ak7YRfsgkmYhF2xK3bDbtgdu2MP7IE9sSf2wt7YG1/AF/BFfBH7Y20xAAfiQByMg3EoDsNh+BKOwJfxZXwFU3AUjsZX8VV8DcfiWRyHb+B4HI81xESchJORxFRMxVSchtNwOk7HGTgTZ+JsTMM5OBfn4jycj/PxPVyI7+P7uBgX41JMx3TMwGWYiZm4HM9hFq7AlbgKV+MaXI3rcD2uw424CTfiFtyC23Abfowf407cibtxN+7Nea/xE/wUP8UUPIgH8RAewsN4GI/gEczGbDyKR/EYHsPjeBxP4Ak8iafwNJ7CM3gGz+I5PI/n8QJewIv4XPzXzfaW3pACIocSSuQReUSMiBH5RX4RK2JFAVFARERExIk4UVAUFIVEIVFEFBHxIl4UF8WFEUaQCEUJUUJERVSUEqVEgkgQZUQZ4YQTiSJRVBAVREVRUVQSt4nK4nZRRVQVHVx1UV3UEB1dTXGXqCVqidqijqgr6ol6or6oLxqIBqKhaCgaiUaisXhQNBEDcCg+JHI601yMwhZiNLYUrURr0Ua8ho+JdmIsthcdREfxhHgDx2EX0c4liadEVzEJu4lnxGR8VvQQU7GneF70Er1FH/GC6Cvau36iv5iBA8RAMRsHiyFiqBgm5mEdkdOxuuIVkSJGidHiVbEUXxO/7ePjxZtigpgoJonJYoqYKlLFW2KaeFtMF++IGWKmmCVmizQxR8wV74p5Yr5YIN4TC8X7YpFYLJaIpSJdfCAyxDKRKT4Uy8VHIkusECvFKrFarBFrxTqxXmwQG8UmsVlsEVvFNrFdfCx2iJ1il9gt9oi9Yp/4ROwXn4oD4jNxUHwuDokvxGHxpTgivhLZ4mtxVHwjjolvxXHxnTghvhcnxSlxWvwgzogfxVlxTpwXP4kL4mdxUfwiLgkvQKIUUkolA5lH5pUxMp/ML6+RsfJaWUBeJyPyehknb5AF5Y2ykCwsi8iiMl4Wk8WllkZaSTKUJWRJGZU3yVLyZpkgS8sysqx0spxMlOVlBXmLrChvlZXkbbKyvF1WkVVlNVld3iFryDtlTXmXrCXvlrVlHVlX1pP3yPryXtlA3icbyvtlI/mAbCwflE3kX2RT+ZBsJh+WzeUjsoV8VLaUrWRr2Ua2lY/JdvJx2V52kB3lE7KT7Cy7yCdlknxKdpVPy27yGdldPit7yOdkT/m87CV7yz7yF3lJetlP9pfJcoAcKAfJwXKIHCqHyeHyJTlCvixHyldkSgwAyFflGPmaHCtfl+PkG3K8fFNOkBPlJDlZTpFTZap8S06Tb8vp8h05Q86Us+RsmSbnyKGXZ1rwf5D/9j/JHylT5Ci5TW6XH8sdcqfcJXfLPXKv3Cf3yf1yvzwgD8iD8qA8JA/Jw/KwPCKPyGyZLY/Ko/KYPCaPy+PyhDwhT8pT8if5gzwjf5Rn5Tl5Tv4kL8gL8uLl9wAUKqGkUipQeVReFaPyqfzqGhWrrlUF1HUqoq5XceoGVVDdqAqpwqqIKqriVTFVXGlllFWkQlVClVRRdRNe/oioMqqscqqcSlTl/5N8VUrdrBJU6b/L/6P62qq2qp1qp9qr9qqj6qg6qU6qi+qiklSS6qq6qm6qm+quuqseqofqqXqqXqqX6qP6qL6qr+qn+qlklawGqkFqsBqihqphavgAUCPUCDVSjVQpKkWNVqPVGDVGjVVj1Tg1To1X49UENUFNUpPUFDVFpapUNU1NU9PVdDVDzVCz1CyVptLUXDVXzVPz1AK1QC1UC9UitUgtUUtUukpXGSpDZapMtVwtV1lqhVqhVqlVao1ao9apdWqD2qA2qU1qi9qistR2tV3tUDvULrVL7VF71D61T+1X+9UBdUAdVAfVIXVIHVaH1RF1RGWrbHVUHVXH1DF1XB1XJ9QJdVKdVKfVaXVGnVFn1Vl1Xp1XF9QFdVFdVJfUpZzTvkAEIlCBCvIEeYKYICbIH+QPYoPYoEBQIIgEkSAuiAsKBjcGhYLCQZGgaBAfFAuKBzowgQ0oCIMSQckgGtwUlApuDhKC0kGZoGzggnJBYlA+qBDcElQMbg0qBbcFlYPbgypB1aBaUD24I6gR3BnUDO4KagV3B7WDOkHdoF5wT1A/uDdoENwXNAzuDxoFDwSNgweDJsFfgqbBQ0Gz4OGgefBI0CJ4NGgZtApaB22Ctn/q/N6fLfy466f762Q9QA/Ug/RgPUQP1cP0cP2SHqFf1iP1KzpFj9Kj9at6jH5Nj9Wv63H6DT1ev6kn6Il6kp6sp+ipOlW/pafpt/V0/Y6eoWfqWXq2TtNz9Fz9rp6n5+sF+j29UL+vF+nFeoleqtP1BzpDL9OZ+kO9XH+ks/QKvVKv0qv1Gr1Wr9Pr9Qa9UW/Sm/UWvVVv09v1x3qH3ql36d16j96r9+lP9H79qT6gP9MH9ef6kP5CH9Zf6iP6K52tv9ZH9Tf6mP5WH9ff6RP6e31Sn9Kn9Q/6jP5Rn9Xn9Hn9k76gf9YX9S/6kvY5J/c5h3ejjDJ5TB4TY2JMfpPfxJpYU8AUMBETMXEmzhQ0BU0hU8gUMUVMvIk3xU1xk4MMmRKmhImaqCllSpkEk2DKmDLGGWcSTaKpYCqYiqaiqWQqmcqmsqliqphqppq5w9xh7jR3mrvMXeZuc7epY+qYeqaeqW/qmwamgWloGppGppFpbBqbJqaJaWqammammWlumpsWpoVpaVqa1qa1aWvamnamnWlv2puOpqPpZDqZLqaLSTJJpqvparqZbqa76W56mB6mp+lpeplepo/pY/qavqaf6WeSTbIZaAaawWawGWqGmuFmuBlhRpiRZqRJMSlmtBltxpgxZqwZa8aZN8x486aZYCaaSWaymWKmmlSTaqaZaWa6mW5mmBlmlpll0kyamWvmmnlmnllgFpiFZqFZZBaZJWaJSTfpJsNkmEyTaZab5SbLZJmVZqVZbVabtWatWW/Wm41mo9lsNputZqvZbrabHWaH2WV2mT1mj9ln9pn9Zr85YA6Yg+agOWQOeQQwR8wRk22yzVFz1Bwzx8xxc9ycMCfMSXPSnDanzRlzxpw1Z815c95cMD+bi+YXc8l4E2Pz2fz2Ghtrr7UF7HX2H+MitqiNt8VscattIVv472JjrU2wpW2Z3y4xbXmbkHMstWWts+Vsoi1vq9iqtpqtbu+wNeydtubv4vr2XtvA3mcb2vttPXvP38WN7AO2sX3ENrGP2qa2lW1m29jm9hHbwj5qW9pWtrVtYzvZzraLfdIm2adsV/v07+IMu8yutxvsRrvJ7ref2vP2J3vMfmsv2J9tP9vfDrcv2RH2ZTvSvmJT7KjfxePtm3aCnWgn2cl2ip36u3iWnW3T7Bw7175r59n5v4vT7Qd2oc20i+xiu8Qu/TXOqSnTfmiX249sll1hV9pVdrVdY9fadf+71lV2i91qt9l99hO7w+60u+xuu8fu/TXO2Y4D9jN70H5uj9pv7GH7pT1ij9ts+/Wvcc72Hbff2RP2e3vSnrKn7Q/2jP3RnrXncrbf52z7D/YXe8l6C4QkSJKigPJQXoqhfJSfrqFYupYK0HUUoespjm6ggnQjFaLCVISKUjwVo+KkyZAlopBKUEmK0k1Uim6mBCpNZagsOSpHiVSeKtAtVJFupUp0G1Wm26kKVaVqVJ3uoBp0J9Wku6gW3U21qQ7VpXp0D9Wne6kB3UcN6X5qRA9QY3qQmtBfqCk9RM3oYWpOj1ALepRaUitqTW2oLT1G7ehxak8dqCM9QZ2oM3WhJymJnqKu9DR1o2eoOz1LPeg56knPUy/qTX3oBepLL1I/6k/JNIAG0iAaTENoKA2j4fQSjaCXaSS9Qik0ikbTqzSGXqOx9DqNozdoPL1JE2giTaLJNIWmUiq9RdPobZpO79AMmkmzaDal0RyaS+/SPJpPC+g9Wkjv0yJaTEtoKaXTB5RByyiTPqTl9BFl0QpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTx7SDdtIu2k17aC/to09oP+W7/IH7nA7RF3SYvqQj9BVl09d0lL6hY/QtHafv6AR9TyfpFJ2mH+gM/Uhn6Rydp5/oAv1MF+kXukSeIMRQhDJUYRDmCfOGMWG+MH94TRgbXhsWCK8LI+H1YVx4Q1gwvDEsFBYOi4RFw/iwWFg81KEJbUhhGJYIS4bR8KawVHhzmBCWDsuEZUMXlgsTw/JhhfCWsGJ4a1gpvC2sHN4eVgmrho/cXz28I6wR3hnWDO8Ka4V3h7XDOmHdsF54T1g/vDdsEN4XNgzvDyuGD4SNwwdDuPx7lWbhw2Hz8JGwRfho2DJsFbYO24Rtw8fCduHjYfuwQ9gxfCLsFHYOu4RPhknhU2HX8Ok/XJ8cDggHhoPCQaH398kl0aXR9OgH0Yzosmhm9MPo8uhH0azoiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lao9/XygkMnnHTKBS6Py+tiXD6X313jYt21roC7zkXc9S7O3eAKuhtdIVfYFXFFXbwr5oo77YyzjlzoSriSLupucqXczS7BlXZlXFnnXDmX6Nq4tq6ta+ced+1dB9fRPeGecJ1dZ/eke9I95bq6p10394zr7p51Pdxz7jn3vOvlers+7gXX173o+rn+Ltklu4FuoBvsBruhbqgb7oa7EW6EG+lGuhSX4ka70W6MG+PGurFunBvnxrvxboKb4Ca5SW6Km+JSXaqb5qa56W66CwBglpvl0lyam+vmunlunlvgFriFCQvdIrfILXFLXLpLdxkuw2W6TLfcLXdZLsutdCvdarfarXVr3Xq33m10G91mt9ltdVvddrfd7XA73C63y+1xe9w+t8/td/vdAXfAHXQH3SF3yB12h90R95XLdl+7o+4bd8x9646779wJ97076U650+4Hd8b96M66c+68+8ldcD+7i+4Xd8l5lxp5KzIt8nZkeuSdyIzIzMisyOxIWmROZG7k3ci8yPzIgsh7kYWR9yOLIosjSyJLI+mRDyIZkWWRzMiHkeWRjyJZkRWRlZFVkdWRNQp8sR2hL+FL+qi/yZfyN/sEX9qX8WW98+V8oi/vK/hbfEV/q6/kb/OV/e2+iq/qq/lHfUvfyrf2bXxb/5hv5x/37X0H39E/4Tv5zr6Lf9In+ad8V/+07+af8d39s76Hf8739M/7Xr637+Nf8H39i76f7++T/QA/0A/yg/0QP9QP88P9S36Ef9mP9K/4FD/Kj/av+jH+NT/Wv+7H+Tf8eP+mn+An+kl+sp/ip/pU/5af5t/20/07foaf6Wf52T7Nz/Fz/bt+np/vF/j3/EL/vl/kF/slfqlP9x/4DL/MZ/oP/XL/kc/yK/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9x/7HX6n3+V3+z1+r9/nP/H7/af+gP/MH/Sf+0P+C3/Yf+mP+K98tv/aH836xh/z3/rj/jt/wn/vT/pT/rT/wZ/xP/qz/pw/73/yF/zP/qL/xV/6D3+zVufPuHXOGGOMMfb/oUF/sH7AP3lMAYC4PP7Ze3/tzqLZf7teAsDmQn8dDxHxnSIA8FT/ng/9ttSunZycfPm5WRKCkosBIPIPL3A5XgEdoTMkQQeo8E/rGyJ6X6B/M3/GWJoSvQ0g/9/kxMCV+Mr8X/yL+R97YnxG5fB83L+uP7oYIKHklZycq/Df4hXQ8devDjtAxX8xf+F2/67+LAn5vkwFaP83ObEA0D7fP9afCI/D05D0d89kjDHGGGOMMcb+aoio1v0Prj9/vT6PV1dy8sKV+I+uzxljjDHGGGOMMXb1Pdu7z5OPJSV16M4DHvAglw06/5vnXO3/mRhjjDHGGGN/tisn/Vcey3c1C2KMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxnKh/xd/aexqbyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2vAAAA///aYjRz") bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f00000000c0), 0x800}, 0x38) r4 = socket(0x1, 0x803, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xb) r6 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x6101, 0x0, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macsec={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x44}}, 0x0) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10) mkdir(&(0x7f0000000200)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x180) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10) r10 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0xe, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="1809000000000000000000000000000018120000", @ANYRES32=r10, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r5, @fallback=0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r10}, &(0x7f0000000380), &(0x7f0000000580)=r11}, 0x20) 3.232974224s ago: executing program 1 (id=2021): syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0xff, 0x0, 0x0) socket$pptp(0x18, 0x1, 0x2) socket$nl_generic(0x10, 0x3, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r0}, 0x18) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e01f3440cee51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cad32b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337602d3e5a815232f5e16c1b30c3a6abc85018e5ff2c91018afc9ffc2cc788bee1b47683db012469398685211dfbbae3e2ed0a50e7393bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d300006aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7af22e30d46a9d26d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977fb536a9caab37d9ac4cfc1c7b400000000000007ffc826b956ba859ac8e3c177b91bd7d5e41ff83ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d000069a16203a967c1bbe09315c29877a308bcc87dc3addb08142bdee5d27874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8240000e3428d2129369ee1b85af9ffffff0d0df414b315f651c8412392191fa83ee830548f11be359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92000000000f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb74d4ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905de328c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a978ee56c83a3466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342e0eaf6f330e935878a6d169c80aa"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03316844268cb89e14f0080047e0ffff00124000632f77fbac14fe16e000030a07080403fe80000020006558845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x24, 0x60000000}, 0x2c) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000400"/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000400b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000c63289eec99cc0c210210eb176ffcb365d1a98c5a287642d6daa6177323b1a0458b5aba33bef60cb0335210874efe02c05b2aedfca25fa959c05c7ce3926e0312ab507c611b372fea4bc709a2348137c7655bf811a69914bd43dbf9a0da7eee0ff9644e4741a9d48e1d3a73e42909e60202e76a9f57435ad9eed65"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000840)=ANY=[], 0x2, 0x1ea, &(0x7f00000003c0)="$eJzsmb2LE0EYxp+Z3eydhyg2FjYWHniit9ndqFxzxQmWgnCKWgZvPU73LpKskAQEg42NpYVga2NpYWFl4V9gq4UKgoUp7YSR+djdyWYT4gdG9P3BzT7z9c68L9yzsAFBEP8tHz98ff/w3NqlUwD2YxkLZvyzo5/i4Oj6d4/vnHy0fv7J87dPX+8duPuyHI/JPWL28z0ArzYcpGCuOXFk93IRNtO4DI4TRl8Bg6/lN6HQnRgM18yam5Zu7TMiif3rrWTrxk4SB7IJZRPJpmGfLy81HDBsAVhUtxOCWfOdXv9WM0nidlnURHbO2NSPimn1U/fb4FhHVj0hOICrD+4PZN/UBgF4Xr8QHKHRDTBsGr2GBfi+X5TEyv+IW8R3Zsl/vuKZEodW/9Sh4Locf0Pu/7Co/ZY4rDwi/6HzkcPDzAPtNZ/mnvvPC2VcAMam3iwlyYVfiOxVFCoXhT9JZz9u+ZMLN/ePerp7u97p9Vd3dpvb8Xa8F0WNs8HpIDgT1ZUR6XaK/y0qf1qy4tcmrPWYh24zTdthF0jbYd6PdGs57uaL1he1hyv/41g5pmMw887KX5QlmPnj6inVilO98t7EnAiCIAiCIAiCIAiCIAiCIKo5Cgb9S5hg5oNoFdFF9YXyewAAAP//L0Rm/Q==") socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000480)=ANY=[@ANYBLOB="7a0af8ff75253073bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f81d9217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651ddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000098045f785a1292fcb8c1d3079a00db453620ce72d75946c2b638d91dbef661935839c77edf2d34b12cd48a1b20fb7dd8430a19f2c50d77bc0ea9b0af58e604f4942eb613eff28902010045ef76d7d864409ef2dc9518a09f4886afc26abba34635d0e8b598a51bc7421d33fe226c944bc76be40d435aa8b5208ff0df2db7619a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60020500000000000000abe4cb8d826e1ec03cc492f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e02200b95941d34ac81fd48f9b7314ffa730017f3d37fdb23bc26992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000080c4adf75a0a108585e9b2000000000000000000000074054d643c2b5692d8304a23eaf9153c457ae5bbe49b3c164461470a452bd357fa62341c759dc21b45a06ec414cadf9695d030012acad582e3fe75e61ae908347e4d6d089b"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 2.985632955s ago: executing program 5 (id=2022): bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000407d1eb42d000000090001090224000100000000090400000103000000092100000001220b0009058103"], 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) syz_usb_control_io(r0, 0x0, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10) syz_usb_control_io$hid(r0, &(0x7f0000000500)={0x24, &(0x7f0000000580)=ANY=[@ANYBLOB="40004f0000004f0ed1abc63f6e866bbc4d"], 0x0, 0x0, 0x0}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) write$selinux_access(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 2.854405216s ago: executing program 2 (id=2023): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r2, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1.932290161s ago: executing program 2 (id=2025): ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000080)={0x0, 0x5, 0x18, 0x0, 0x0, 0x0, 0x0}) 1.891529131s ago: executing program 2 (id=2026): prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="500000001a000100000000000000000002002000000000000000000005"], 0x50}}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) tkill(r1, 0x35) r4 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0xf, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x37) close(r4) r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) close(r6) socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e73"], 0x0, 0x4, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='syzkaller\x00', 0x7, 0x1000, &(0x7f0000000240)=""/4096, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000013c0)={@map=r5, r7, 0x5, 0x18, 0x0, @void, @value}, 0x20) 1.699906531s ago: executing program 3 (id=2027): prlimit64(0x0, 0xe, &(0x7f0000000240)={0xc, 0xfffffffffffff800}, 0x0) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000900)=ANY=[@ANYBLOB="500000001a000100000000000000000002002000000000000000000005"], 0x50}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x8, 0x4, &(0x7f0000000000)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x8, 0x76}, [@call={0x27}]}, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffed8, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x3f) 1.630366002s ago: executing program 0 (id=2028): r0 = socket$xdp(0x2c, 0x3, 0x0) mremap(&(0x7f0000186000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000ad000/0x3000)=nil) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x201000, 0x1000}, 0x20) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@bloom_filter={0x1e, 0x7f, 0xfffffffe, 0x100, 0x100, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x3, 0x2, 0xf, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x206, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='block_plug\x00'}, 0x10) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (fail_nth: 4) r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f00000000c0)='./bus\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) ioctl$KVM_CAP_XEN_HVM(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000280)={0x26, 0x0, 0x49}) r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x5d) fdatasync(r3) waitid(0x0, 0x0, 0x0, 0x4, 0x0) r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000700)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00', r5}, 0x10) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYRESDEC=r6, @ANYRESDEC=r2, @ANYRESOCT], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0xfffffe0c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00', r7}, 0x10) r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wake_lock', 0x202, 0x0) write$tcp_mem(r8, &(0x7f0000000a00)={0x101, 0x20, 0x4, 0x20, 0x7}, 0x1f) 1.597575732s ago: executing program 1 (id=2029): socket$inet6_udp(0xa, 0x2, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mkdirat(0xffffffffffffff9c, &(0x7f0000002340)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[], 0x1, 0x14fe, &(0x7f0000002ac0)="$eJzs3QuYjtX6MPB1r7UexjTxNslhWPe6H940WCZJckiSQ5IkSZJTQtIkSUJiyCkJSchxkhyGkBwmJo3z+ZBz0mRLkiSnnML6rqndtve//b/s/e39//y/Pffvutb1rvtaz72etd6beZ/nuebwQ9fhtZrUrt6IiMS/BH57SRFCxAghBgkh8gkhAiFE+fjy8dnjeRSk/GsnYf9ej6Zd6xWwa4nrn7Nx/XM2rn/OxvXP2bj+ORvXP2fj+udsXH/GcrKtMwvfwC3ntn/9+X/Mby/8/P//Q/z5n7Nx/f/TnM7zzxzN9f9Pctl7/89lcP1zNq5/zsb1z9m4/jkb1z9n4/ozlpNd6+fP3K5tu9b//hhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM5Qzn/BVaCPF7/1qvizHGGGOMMcYYY/8+Pve1XgFjjDHGGGOMMcb+54GQQgktApFL5BYxIo+IFdeJOHG9yCvyiYi4QcSLG0V+cZMoIAqKQqKwSBBFRFFhBAorSISimCguouJmUULcIhJFSVFKlBZOlBFJ4lZRVtwmyonbRXlxh6gg7hQVRSVRWVQRd4mq4m5RTdwjqot7RQ1RU9QStcV9oo64X9QVD4h64kFRXzwkGoiHRUPxiGgkHhWNxWOiiXhcNBVPiGaiuWghWopW/1f5r4ie4lXRS/QWKaKP6CteE/1EfzFADBSDxOtisHhDDBFviqFimBgu3hIjxNtipHhHjBKjxRjxrhgrxonxYoKYKCaJVPGemCzeF1PEB2KqmCamixkiTcwUs8SHYraYI+aKj8Q88bGYLxaIhWKRSBefiMViicgQn4ql4jORKZaJ5WKFWClWidVijVgr1on1YoPYKDaJzWKL2Co+F9vEdrFD7BS7xG6xR3wh9oovxT7xlcgSX/+T+Wf/S343ECBAggQNGnJBLoiBGIiFWIiDOMgLeSECEYiHeMgP+aEAFIBCUAgSIAGKQlFAQCAgKAbFIApRKAElIBESoRSUAgcOkiAJysJtUA7KQXkoDxWgAlSESlAJqkAVqApVoRpUg+pQHWpADagFteA+uA/uh7pQF+pBPagP9aEBNICG0BAaQSNoDI2hCTSBptAUmkEzaAEtoBW0gtbQGtpAG2gH7aA9tIcO0AGSIRk6QkfoBJ2gM3SGLtAFukJX6AbdoTu8Aq/Aq/Aq9IYasg/0hb7QD/rBABgIA+F1GAxvwBvwJgyFYTAc3oK34G0YCWdgFIyGMTAGqspxMB4mAMlJkAqpMBkmwxSYAlNhGkyDGZAGM2EWzILZMAfmwEcwDz6Gj2EBLIBFkA7psBiWQAZkwFI4C5mwDJbDClgJq2AlrIG1sAbWwwZYD5tgE2yBLfA5fA7bYTvshJ2wG3bDF/AFfAlfwlDIgizYD/vhAByAg3AQDsEhOAyH4QgcgaNwFI7BMTgOJ+AknIDTcBrOwFk4B+fgAlyAi3ARLsPl7P/8MpuWWuaSuWSMjJGxMlbGyTiZV+aVERmR8TJe5pf5ZQFZQBaShWSCTJBFZVGJEiXJUBaTxWRURmUJWUImykRZSpaSTjqZJJNkWVlWlpPlZHl5h6wg75QVZSXZ1lWRVWRV2c5Vk/fI6rK6rCFrylqytqwt68g6sq6sK+vJerK+rC8byIdlQ9kHBsCjMrsyTeQwaCqHQzPZXLaQLeXb8KRsLUdCG9lWtpNPy9EwCjrI1i5ZPic7yvHQSb4gJ8CLsoucBF3ly7Kb7C57yFdkT9nG9ZK95VToI/vKGdBP9pcD5EA5G2rK7IrVkm/KoXKYHC7fkovgbTlSviNHydFyjHxXjpXj5Hg5QU6Uk2SqfE9Olu/LKfIDOVVOk9PlDJkmZ8pZ8kM5W86Rc+VHcp78WM6XC+RCuUimy0/kYrlEZshP5VL5mcyUy+RyuUKulKvkarlGrpXr5Hq5QW6Um+RmuUVulZ/LbXK73CF3yl1yt9wjv5B75Zdyn/xKZsmv5X75J3lAfiMPym/lIfmdPCy/l0fkD/Ko/FEekz/J4/KEPClPydPyZ3lGnpXn5Hl5Qf4iL8pL8rL0UihQUimlVaByqdwqRuVRseo6FaeuV3lVPhVRN6h4daPKr25SBVRBVUgVVgmqiCqqjEJlFalQFVPFVVTdrEqoW1SiKqlKqdLKqTIqSd2qyqrbVDl1uyqv7lAV1J2qoqqkKqsq6i5VVd2tqql7VHV1r6qhaqpaqra6T9VR96u66gFVTz2o6quHVAP1sGqoHlGN1KOqsXpMNVGPq6bqCdVMNVctVEvVSj2pWqunVBvVVrVTT6v26hnVQT2rktVzqqN6XnVSL6jO6kXVRb2kuqqXVTfVXfVQl9Rl5VUv1VulqD6qr3pN9VP91QA1UA1Sr6vB6g01RL2phqpharh6S41Qb6uR6h01So1WY9S7aqwap8arCWqimqRS1XtqsnpfTVEfqKlqmpquZqg0NVMN+PNMc/+B/Pf/Tv6QX8++RW1Vn6ttarvaoXaqXWq32qP2qL1qr9qn9qkslaX2q/3qgDqgDqqD6pA6pA6rw+qIOqKOqqPqmDqmjqsT6rw6pU6rn9UZdVadVefVBXVBXfzzeyA0aKmV1jrQuXRuHaPz6Fh9nY7T1+u8Op+O6Bt0vL5R59c36QK6oC6kC+sEXUQX1Uajtpp0qIvp4jqqb9Yl9C06UZfUpXRp7XQZnaRv/Zfzr7a+VrqVbq1b6za6jW6n2+n2ur3uoDvoZJ2sO+qOupPupDvrzrqL7qK76q66m+6me+geuqfuqb0QIkWn6L76Nd1P99cD9EA9SL+uB+vBeogeoofqoXq4Hq5H6BF6pB6pR+lReoweo8fqsXq8Hq8n6ok6VafqyXqynqKn6Kl6qp6up+s0naZn6Vl6tp6t5+q5ep6ep+fr+XqhXqjTdbperBfrDJ2hl+qlOlMv08v0Cr1Cr9Kr9Bq9Rq/T6/QGvUFv0pt0pv79GzR36B16l96l9+g9eq/eq/fpfTpLZ+n9er8+oA/og/qgPqQP6cP6sD6ij+ij+qg+po/p4/q4PqlP6tP6tD6jz+hz+py+oC/oi/qivqwvZ1/2BTKQgQ50kCvIFcQEMUFsEBvEBXFB3iBvEAkiQXwQH+QPbgoKBAWDQkHhICEoEhQNTICBDSgIg2JB8SAa3ByUCG4JEoOSQamgdOCCMkFScGtQNrgtKBfcHpQP7ggqBHcGFYNKQeWgSnBXUDW4O6gW3BNUD+4NagQ1g1pB7eC+oE5wf1A3eCCoFzwY1A8eChoEDwcNg0eCRsGjQePgsaBJ8HjQNHgiaBY0D1oELYNW/9b5vT9T8CnXy/Q2KaaP6WteM/1MfzPADDSDzOtmsHnDDDFvmqFmmBlu3jIjzNtmpHnHjDKjzRjzrhlrxpnxZoKZaCaZVPOemWzeN1PMB2aqmWammxkmzcw0s8yHZraZY+aaj8w887GZbxaYhWaRSTefmMVmickwn5ql5jOTaZaZ5WaFWWlWmdVmjVlr1pn1ZoPZaDaZzWaL2Wo+N9vMdrPD7DS7zG6zx3xh9povzT7zlckyX5v95k/mgPnGHDTfmkPmO3PYfG+OmB/MUfOjOWZ+MsfNCXPSnDKnzc/mjDlrzpnz5oL5xVw0l8xl47Mv7rM/3lGjxlyYC2MwBmMxFuMwDvNiXoxgBOMxHvNjfiyABbAQFsIETMCiWBSzERIWw2IYxSiWwBKYiIlYCkuhQ4dJmIRlsSyWw3JYHstjBayAFbEiVsbs+5G78G68G+/Be/BevBdrYk2sjbWxDtbBulgX62E9rI/1sQE2wIbYEBthI2yMjbEJNsGm2BSbYTNsgS2wFbbC1tga22AbbIftsD22xw7YAZMxGTtiR+yEnbAzdsYu2AW7Ylfsht2wB/bAntgTe2EvTMEU7It9sR/2wwE4AAfhIByMg3EIDsGhOBSH43AcgSNwJI7EUTgax+C7OBbH4XicgBNxEqZiKk7GyTgFp+BUnIrTcTqmYRrOwlk4G2fjXJyL83Aezsf5uBAXYjqm42JcjBmYgUtxKWZiJi7H5bgSV+JqXI1rcS2ux/W4ETfiZtyMW3ErbsNtuAN34C7chXtwD+7FvbgP92EWZuF+3I8H8AAexIN4CA/hYTyMR/AIHsWjeAyP4XE8DifxJJ7G03gGz+A5PIcX8Be8iJfwMnqMsXlsrL3OxtnrbV6bz8bYPL2FEH+JC9nCNsEWsUWtsQVswb+J0VqbaEvaUra0dbaMTbK3/iGuaCvZyraKvctWtXfban+I69j7bV37gK1nH7S17X1/E9e3D9kG9nHb0D5hG9nmtrFtaZvYx21T+4RtZpvbFralbW+fsR3sszbZPmc72uf/EC+2S+xau86utxvsXvulPWfP2yP2B3vB/mJ72d52kH3dDrZv2CH2TTvUDvtDPMa+a8facXa8nWAn2kl/iKfbGTbNzrSz7Id2tp3zhzjdfmLn2Qw73y6wC+2iX+PsNWXYT+1S+5nNtMvscrvCrrSr7Gq75i9rXWE32c12i91jv7Db7Ha7w+60u+zuX+PsfeyzX9ks+7U9bL+3B+w39qA9ag/Z736Ns/d31P5oj9mf7HF7wp60p+xp+7M9Y8/+uv/svZ+yl+xl660gIEmKNAWUi3JTDOWhWLqO4uh6ykv5KEI3UDzdSPnpJipABakQFaYEKkJFyRCSJaKQilFxitLNVIJuoUQqSaWoNDkqQ0l0K5Wl26gc3U7l6Q6qQHdSRapElakK3UVV6W6qRvdQdbqXalBNqkW16T6qQ/dTXXqA6tGDVJ8eogb0MDWkR6gRPUqN6TFqQo9TU3qCmlFzakEtqRU9Sa3pKWpDbakdPU3t6RnqQM9SMj1HHel56kQvUGd6kbrQS9SVXqZu1J160CvUk16lXtSbUqgP9aXXqB/1pwE0kAbR6zSY3qAh9CYNpWE0nN6iEfQ2jaR3aBSNpjH0Lo2lcTSeJtBEmkSp9B5NpvdpCn1AU2kaTacZlEYzaRZ9SLNpDs2lj2gefUzzaQEtpEWUTp/QYlpCGfQpLaXPKJOW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6nbbSddtBO2kW7aQ99QXvpS9pHX1EWfU376U90gL6hg/QtHaLv6DB9T0foBzpKP9Ix+omO0wk6SafoNP1MZ+gsnaPzdIF+oYt0iS6TJxFCKEMV6jAIc4W5w5gwTxgbXhfGhdeHecN8YSS8IYwPbwzzhzeFBcKCYaGwcJgQFgmLhibE0IYUhmGxsHgYDW8OS4S3hIlhybBUWDp0YZkwKbw1LBveFpYLbw/Lh3eEFcI7w4phpbByWCW8K6wa3h1WC+8Jq4f3hjXCmmGtsHZ4X1gnvD+sGz4Q1gsfDMuFD4UNwofDhuEjYaPw0bBx+FjYJHw8bBo+ETYLm4ctwpZhq/DJsHX4VNgmbBu2C58O24fPhB3CZ8Pk8LmwY/j8VcdTwj5h3/C18LXQ+wfUwuiiaHr0k+ji6JJoRvTT6NLoZ9HM6LLo8uiK6Mroqujq6Jro2ui66ProhujG6Kbo5uiWqPe1cwsHTjrltAtcLpfbxbg8LtZd5+Lc9S6vy+ci7gYX7250+d1NroAr6Aq5wi7BFXFFnXHorCMXumKuuIu6m10Jd4tLdCVdKVfaOVfGJbmWrpVr5Vq7p1wb19a1c0+7p90z7hn3rHvWPec6uuddJ/eC6+xedF3cS+4l97Lr5rq7Hu4V19O96nq53i7Fpbi+rq/r5/q5AW6AG+QGucFusBvihrihbqgb7oa7EW6EG+lGulFulBvjxrixbqwb78a7iW6iS3WpbrKb7Ka4KW6qm+qmu+kuzaW5WW6Wm+1mu7lurpvn5rn5br5b6Ba6dJfuFrvFLsNluKVuqct0mW65W+5WupVutVvt1rq1br1b7za6jW6z2+y2uq1um9vmdrgdbpfb5fa4PW6v2+v2uX0uy2W5/W6/O+AOuIPuW3fIfecOu+/dEfeDO+p+dMfcT+64O+FOulPutPvZnXFn3Tl33l1wv7iL7pK77LxLjbwXmRx5PzIl8kFkamRaZHpkRiQtMjMyK/JhZHZkTmRu5KPIvMjHkfmRBZGFkUWR9MgnkcWRJZGMyKeRpZHPIpmRZZHlkRWRlZFVEe+LbAt9MV/cR/3NvoS/xSf6kr6UL+2dL+OT/K2+rL/Nl/O3+/L+Dl/B3+kr+kq+sn/CN/PNfQvf0rfyT/rW/infxrf17fzTvr1/xnfwz/pk/5zv6J/3nfwLvrN/0XfxL/mu/mXfzXf3Pfwrvqd/1ffyvX2K7+P7+td8P9/fD/AD/SD/uh/s3/BD/Jt+qB/mh/u3/Aj/th/p3/Gj/Gg/xr/rx/pxfryf4Cf6ST7Vv+cn+/f9FP+Bn+qn+el+hk/zM/0s/6Gf7ef4uf4jP89/7Of7BX6hX+TT/Sd+sV/iM/ynfqn/zGf6ZX65X+FX+lV+tV/j1/p1fr3f4Df6TX6z3+K3+s/9Nr/d7/A7/S6/2+/xX/i9/ku/z3/ls/zXfr//kz/gv/EH/bf+kP/OH/bf+yP+B3/U/+iP+Z/8cX/Cn/Sn/Gn/sz/jz/pz/ry/4H/xF/0lf5l/Zo0xxhhj7B+irjLe57/JkX/u9xVCXL+98KH/Or6xwG/9/rkT2keEEM/17vro761GjZSUlD8fm6lEUHyBECJyJT+XuBIvE+3EMyJZtBVl/zIe81fn6i+7X6CrzB+9Q4jYv8rJzv89vjL/bX93//3luHlXnX+BEInFr+TkEVfiK/OX+2/mL9j6KvPn+SZViDZ/lRMnrsRX5k8ST4nnRfLfHMkYY4wxxhhjjP2mv6zc+Wr3t9n35wn6Sk5ucSX+e/fnjDHGGGOMMcYY+9/lxe49nn0yObltZ+78T3V8vt/e6v8t6+EOd/6BzrX+ysQYY4wxxhj7d7ty0X+tV8IYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjOVc/y9+ndjv57ra3xpkjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/lP9nwAAAP//sjE7Eg==") mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0) mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x800000, 0x0) chdir(&(0x7f0000000040)='./file0\x00') rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000000)='./file0/file0\x00') read$FUSE(r0, &(0x7f0000008340)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) syz_fuse_handle_req(r0, &(0x7f0000004300)="69c0b1af1fc191cf8a89bd1bc6bee9d0dd45f4fe6c15a6b0faa5fbd74dd228ab66508e5914d532739ce0bd48a366f61db86ffad902f42c9a33bfb1f78b8e568f0003c6b38aa54c358424d338e2de24c5ef2e5ca4f80c29fc33358a0a7dcc5697e10e636a032f6934e13d6fe5bef0f16d324e2a73eb76d95f68b3f6f771adcee8f245dd24cf1c3c1a448f280faeeb2e962cf5276acf5131002d3541b8751b68be1d20262c055277d1610835a941472e93db6f525a5184576bbf035362defc6d3a2a3041d72c0b20ad890fe59ac858a815e1f8fcbea0000908ad7d26dec63f067b0a11119131198604a72187c3579928259044dc49860613e46919fa5dc14cfbd53c950eb9b3fb6cc1e7ce82db1b1a534cb2fb0df49797a9161308107d7efa0226604be0a6519e1f37c3b1fc7b216147c1894f6de6e5d47d170d1f641ff39967e3a2dd2d043f77eccac9ffff6ff0452ca927fa2415434df44bab99d5b67afe6a62a9baf69a2fb85fa6a36d2423bdfc6661ff43fdfef86d5aef3e9a721a45d440ae5cfe9d09957e7c6eaa4373d1eb2f8e1ea84e853805486f5b3f002d5b8a5a5c67c95474b545eff536ef1eb91beaa9bf2e0b843cad4ecd61c00d1e3a01617f98dc37961dc58c87c87c46bb9cd97d2ee7302b34cbeae9e922afdf8e3cdada43ca06828768067a824faee656e7edcb01337d6321a246fb47f99ac2e44f37850734b1807f93188f21fb2c778c764ba17e527c768e55ac97ad8e7633815f20b8cc19c76381a06b99c8a50af83d4953580eb033d26270c5a5fe7233d9f701e5763133f533a2e4d43be447d4293f0eb8acf25b41f78f7ce6f51b8699ab4cb133109e08966ad8aa44d7d51c7ed469b49c7464ce47a89eb962afd568594b9f4471f5e5a8ccb18e9c11d42be1f6d0fbe216813cf2f91e56d7a0fdc219af2d5c3aff5f42bf8f226e0210de527df47f13390f39af1f4b9e26f86cc26eeb296c7a2937e74140a13d6fee3fddb80142fd7d03f8f252eccb2b6109083c66e730303cb20d874c17d97508589b062503673e089debc509d9f6fcaaf13758ab827de3270f5c0934c0509d8a4ea79872195aa3f78e907eb39a1020d3dae59de68cbb30cbef54480fb87dacb76681b8b75a1885181c277960e1fbbf5f3f406ba2d053871e1c10925e89ba45e4f3a2df2c021a5560ba597e9f56c43a0fec6ada4ec8b1ed235dcf05a7c797d705492fe276dd6e682d28cd4d63ebba9178cd41dc81eb2f87e5e63296768b2f9389450a01cf0d2c0b481a66d33ca6311c1f7482e65242ee16341bd6afe81f95d64b5a1617ea8ce25423cb2b458cece6894684455dd29d298d55c9b30ea311c90694c0282421158f96919de6344ea240e43a6de6ad37a83fdd709848cd320049c9c96a9f87b8d49173a30e9e3c156abf28fb415ee3768143676c6328452278a34a705f37264de1729c9d42fa05c862cbd5d9379c74f9322779def9ef0f1790d1a63d98666d6663d376cca46d832f3fe3b178a24f6bda673aa6c1f2f76b436764822766b9c2bb51b6aa6f0ce712c6dbecdce72aeeead8c6c4ffa4984060b350d744ce287c8cd57b403e636fff4e58243d262cb2e0dd71d710f0c74ee199672a4e3b32e46609818be36dd1393f4046aa5e91044eea087402e6230c2d91980732dad401f3af662d266b2e25ecc7c80a2a1624523250329e84382f0657dcc94d2357be348a5c1b7a51729241f13e18dcebba67bff770fe8d7a612edb0393cbdc1a54cf814c42118e2e783bbf861985c02b1ea0a1696861a06801eeaea36ee1fba58c2d2a0c1fb0616a0157a17b9dd7646d16c943dc22a512774eecc5d42a3b4669a03ac3191554763c2fa57cd6ec41fce3bc33af46d4cc5496931028da2bb99a09b5ec0913a9756e42a54343acb800443a630e745fbe65453934deb9cc151bd21779772a8fc36103336abc8d3417f4fbc371ab1eb3c6621990ab0b2db8b80e06d5d0f58cae6a9837895d290defc8417b63eaae7b734f09dad5130289e1cb9dc900ef4284a62d170b8f5747de66ac31efcb6ceac06ccdfe2fdf138f8bf4f26f90a2011b6e8214b10f0dec6658d3a540b407b5cf8c7567dd06aad858787387b5a30c7f43accaf8400bba85a94941d6cf720d377343033294537d45ac56953501a455026afab88152ee83bc25bad9e8fbcde22fd3b27069f14e8af75620558941e82d73ab8a6b0144baa10edf8aab0879de874edba8aac74dfcb5199f3dc5a41e4246ad859d4fcd8ca0e60a371ec71741245932b12d67f71ff6b2aa11a76bf1da79e885d36eab860c47b7d5d220b3d2de7e9eec52afc704bd932bac48b67d442f84cd69af4385202cc6ed0678b09b3be74dea864998dc1a45ff72301e1c045a0ba9e0e5121534360b5a917f830e71f49279b6ddd76d739106ded08efbdf1ec65f81c70f3a133cf8a279701d77fe8a424a93cec82ecd4f5f868920fdb4b5396c0d6b0342e7b3f27ee869e918a991b7b3ce60019d849297d36c42f2dd92d6dbd9dd024de13866f36a60babfac6a991e5e402cba7a549c4aea1fd627b2c27d96a3351e24a0635e0e8be442c11c38485f6d662da29533a2fb698fbf1cd0e9e21d76e5943256d027eabb567b75f1d926564a654a61e64eef06b16ef4a2d4b8db8ca813e7b1875dbd4d175889f8094b8d4543564890b2c8b09151998395a49aa74bef18481ed8b06cc41b7afac3d0291fa2be4012400019f5185275c35afd2f52db54d6f102d7905c41528887a5b573cbd5059f460cef5a72d39a7b448f6f394f248cc6a9f22e076631d59539488d1c30f713c223f2722eeeda9f1233247c4b30b698491f64c454dd37e7960fe64a0ba47d7be87055b2bd5b03fb58be7ceca18b5c557dcf4f44222bbfafdefc9a39bcf9820cc8a96f38a2a534f19940ce4e375f8c8defe22dd5e8d7b1fcfa2cc38e0a9522d7583dd3f42cd9c5eb928e1b1995accf151172ade642fd9a3b754945c5192bb9ede9f2cba59ad35a7f0fd3c021476f5c58efba4ccbe00670599ff1b1c88f92c48775f517843acd273e66e3814e2aa017862b84bc3b3c34b2d50c3b92752e45afc4cda096fa815a3311183014630eefc3c10186bfc69e68c3a4f35bcd921cf66a1d793024b404f75460483b31b65cdfbdb07e87cbe05e06f9e0e1331a6190ed2102eae340c7ddce6aee69c0e59043997426978f8da1b5b30f076500399d2ce66c9ee634a6ad5c30f77ce6093f05670fff8924c85667c7f2910f56e93dfffa137fefcf34ac27b196bcc58dae8a9618dbbfe18d90b9a94bdf9ed76a095d454dc2a2d621bdaa5ca3373637861b2a7843440230425b80bba81f57ae547ba6c5aa4c609d7513103178dad0077e6727d89bf40597f036d4040c8d3dbb39cf7f2bbb66ce9c85a934a1672bf19030c7a473452635faa69a967ae248590b8127ffba96890d7db4ce19f0dd389e4195280b7b574cbc945800f767216c15898d8d21ed89653a280b626d0eb6a41931999530866da99e7d042ab78171520fadea41447c44a12213f90e3a9491ef57926376d7b408dcdc3a4a293d46b2a1eae5e92c910fafe557b538d88fa797ce0584cabffd69ef083b4290e90b360a9d8280038bbeb3d03d149ecf31b8b0da9a8c0c54e559764e1ea04699c262b38de26b51ffd53ca6c710ee81058002e898267eb00a8e86a875035bebf58681ff39da1ecd476c66351cc1bfeaa0970e3e17ac1bb06cd167485007a1de6cc557325c3889af0319a0e3d11d00ce405f6e77a9417ed7fb071db78a47f4bd7fb27f1d791928ecbcf355ae0968fd8d377a8ec253a734eb999c409566669f1ff061b55bed7873138adaed24a7103aa68724a5913a7ceb255d4eaf695ce5be29e3582d4d1426feb9234b5dbf18313014721baef14e999075906c8f6e1c5b284e97b54a76c843c563cdf6eb06fab8a0aadbe124bea0e5b30215fd909ffe73a6593cf89f2e105a72f8e09852195f5a26b472b49d102d5ffecbbb35421b938ded93269b1216b7d37a6d406e47e9637021abaa30074082f8d1d411e5667f3f3c3686119222b89ca72de4b0442bb28fe1a242209c34dd2f305705d68771cd451b4be4b3f7ffd531a8bb719aaad1625bd0f6711218ec08c819fd165e8eafb9be91ff8e5efa09ba564718e8e1584d6a7a2c1e167a2a0f2254af50ae07e76c99f30c983fe9b83637e2ab5689674062eae1c604143200932d35be80f17bb2b28818aca82adc5c29b21f783725f4dc796bcf2a8243d218fa957905b72e81c7bfa3e64e2bd7ae0896903aa8a4129d902626f82ad9dd1db1a528af66845a8cd8714353b74df9aad248452bb66f409036eb1a05389cb2bba90655d3298c0c8e101fbfc3fdd72ade2a350f623d0ce90cffb187bdb6a1e6a2602fa3060e65dee4182350c540ab6cd5e876bae26cddba01a3f4166497f16f5ea03ab986a22cf7a4aead1bbbca24322b2bd23f7bb2b05b91953b420a5aba1a166ca8d96fbeb51057f3202081fc168f3375cc7aeb346afdec9a3577c9ad12050e60e2a1e0d5f822776701c26ed618149cfc2948fd737d981a6e1c885bb2f639d7f7f64de3fd5cc25bcf88b2f183a471d98a33f065bf6e840a1b9583a6197be88a4bd3d2f39d50322c129403b3c4e802f6523573aea1f17322d676c80be3dc63513dcbea386f933eafdd258c8d974aca3fd30c93a1227a0f3579fd19548e5dd51e506483c216dccc8e3fa04700c3627f0ae9f71b7cd1e3b058ecd037f0f3114a468c1c84a8f3b29c559c6dcee3e504399cecd7f7e6cc7232d4cf1f1e0966ea864ef9a7179f956ef3389243f2890bf02e67fdcf4a14f99a0c90f6c80c76e17e97e6c93cff9e797e6b90d4b0ced0f8ede0b528825fadea2cf57f9fdd8490a2a7c1bf3bb64e73bc097ce2521974b30033249831197e490eb9a967a31a90a4101838b0d0d959785578541f8c3c62a3a697aa30d6cd27f59f6ff66d2c31e483e8f4b78ac693fb0963d5cc13bad55414a6a7d9e39306291a0b86318b797c0f2fd1da622c05758923ff50f95a8e7069d4a322c61b8774ae968ff8fb7f11c8065391ab7ccad20042522114f5c1e70216c5fcb93a31470283fcfa3bd0a907aa707283073597057e712133ff6477178fb6861ccbc053dd1d562c4d05502c7bc366f9bdc322ea4115865e6b27fe0b461372d556609559963fd2ce0ed5fe2aa3ac482b26bdacd86e53a274a106291dafb58b0a4e0c5dc11bd89e3caa628b6a425b6d8471de8f40e5cb896d12c9100ea2efa2c43b0f7ca936f598ba50770a1fd6697e0ca56f92c5d2ea9f2076055e5714bfd55bc9424463820f550c29b10ae95acf47bc5dc0ad16d8b03de5aaafc6ea8d0d00e09978282d56417e307460c26648319f0127abb63ac635e7ff122efd998d3ceae547e5765e554d73fca1976b677716cb1ccbdcf9be11d457abf25253ca08c4b98af8028507fdc36601c0a61e11576ba92f40e54385041af6214c2d68e23d0b5d345a85fd87cd792d1312a6223beedf9a9a627f1cfd1fc756c6c08bb42d510850fd438702f5f7d5b6a9d87b5c77085f6701322b7ee5bd1a01e9aada643ecaebac0c8da6c895d089cf7357515e16eee6a67f1c9853e9dd9f8192ef46b828d8113e5389ab7b7c18dcb256df459de02dc0f808afc15d76504e952d29442f9c62c9f389fdd4d78f941cff98bb829554202135b7da60280da082adce8a9441de99299f3faa3e76d599385d2712a02e65c712dc56885b3763e3a4b43b39f0431580bde49f354b43e753457ef5b8bb95a1b31de1fbfe80964738afc6c875f5b7f7a3daba71b4750dd08b39caf71ae8bf80fcec47a17faf8c4c9af9cccad78db9d9e7ab804fd71ac8d78c2e3402a77eb8e25f4d3b2f0ebdb103fc569c2c630c01b0ab58b43ebd289ba371cd5de5bfbb0bc6f5585ce2a9c052d5f63927d8bdce3c447a1e2563ba6c5cc5e74117fb247b836ce83b5e2f13c33ece1441aa0273bcc975a5a56dc34adcec300734ccce973f7333eb3e0bfb16ac95bd919f3a1d7dde50e4f39f964f69441af4b5231da303286ed249abf51947a9ac45e23690a09ee5a0440aab2b83c3372144e63ebf583116ff843907ae111e3a7f5ba023a56ff122aed15569d7186505056e587b5f05b24410197effc98a0ec71015d2f266f4fb1713aa608879aa3d42e418568dbbef797fde11c6ea971832618ce680c81f75a6e1d24dccafcde119a7dce38d182a402b99f3010b86ada8fa8d548f0c732d4731a517451f4a328314851c07516f533dc4ce7479c77674801bb7e6ac78c9784f371285138aafe254e52fc74f995d3ae87edcdf93b0244d6648fef261e0de6264288d5ec177466fb9b5114a0b474155bda995f7b7554040cf4366d90bf85dfb8c5a4c6dc43c3c3c4e8319a28c9247481398da5675445ba1c87ae729d80eb70cc87e676639bef5b783c0103f7dcfb2aae8f1fdfb8f2bb12b481c1721ffe467d0ae9ee93ed796785a37bc99b69738537985b58f03db924e7286dac27b55bdeea98949e2e173e37188c75ee557a531d18b2277906c33cb9640530a6650849a045c4684bb5d783b662a4157a836251edeef3116d5479a5fa805563c510ac088415463316eae74bef025e3f43e75a7d48a69e603c746ca6300453103aacc55b71738c8337bc6175382e728f5288771e642c09338f6928100d2516203727b61496527127538b5c73f3173258011d57f9014e00ae2e170bd0fb2757e7667144762e46eb9c9ab46a210097efdf7de0a4bd95543ba476513631d981ee50fd5ef98c5ba2005e1d51fd07769be5b35d7ad111a25b3314302d34f741c25cb46fede53bf7ab41ea4bb72a1359875752408472834b13568ee121d2916a17470e4515648367370f7630673f77b289ddccbf5b63179da91acb1b7b52a1ed88bd0700a2b3adbc2722a0718d576dff719048a2cab36c3595d8d5c833f977fe977487bd604d748c44ee154c4a69c0336c16a5b42c0633be84706a841882c73887a34aa0553489a3a7f64fe1671a753ddaa8374e7c323e37207b148128d8d02ea9b198a820f083a05b867740b435f31ceb46b09e055097a73a653ab693ac04dedd96eb3d5a0e2f3be5b11b0fa278f0842368a03936e65b7b52133873d240d1985899ab4de8b831451a57acccd799d1200ed0314d72588f600a29ee1c169d0f4c5d0075a28398df07d8adcbea1c44b96e3d5dbdc910a259514375db49b73c7e17568b8dcfe143f862f3d90b45cd7596552f0f88a86dde8907f8609d2b95fb7521cf118c3f5cdc4e885a2101418f17320d65c4be0af88fbec86aa632703a701280a3f351bab2b909e9308fb769a5bd610d92134e1326e3c2ac24a037057a038ea76bd9b2cd6987d51e57190e989b46b9efc4fd81902aa851a255cf7f56a4a3d3d9330b4e9c46b5e283fb98b6da68ac8f42c2cf2c2c1a72de62937ce3cbba5a3083624f1bd14a0de4bced7d7c259ddf8b072d0ceac287d746d5ca55ed8f7c58b8f4d733935cfe9267def7e55ae4e55789000ae7fc23c5072c6d5e5de715f4f79706462f17590396eed1e1218d79788a90168ea51182fa7caa2d0876dbd2e5fd3fe0c614b42f1d86c0903cd0108fa3e83d160726097e74aed95c9e985f6c7bff4f28438ffcd791fa3a3b08468def18ad621107826ef7107e7ea9bb6e513e868658f45a2a24abf034775a0a44e1f99a4dc9a9e80643e62d46041d4fcf70e93c47277854a0585387aa5af9bb9ad09e34f1c6088528991e3071157e39123489eb3d34429ccc0e3453c86478c4f640fcae12a345797bae195fb2eb785cd150fad3e0ab16b75a7c9c799f0f1350a8c93e258a9dac9a17f337d78dcc692d57f194a8651812ba67bd3007117afecc0a3754a9f19683ad1e721f8f3cc9884a1c7673bdb58622b1a3801d1458a787e3c59e9b5bf804724d06bd1cb99b3e29471be811158d596dbd69d27b8119a88fee23867e5be6815349665dfb1568f212b37553f2d0857085bfa273e236b5f3f3b44b6536f65d2f4df874dd7f20115a4464f662947c27f9bf218d24f29fff76475777487d733ff4864207e3354e4985badfe58ea9261855202575d6352a25a8f7f64b153e5ed2ac5677dd48c63210a2436a48b67689ba13952a0167e5ea8f096faf4a63c3912d3aaa075ad706b40280cf1f07767b7cc0935748db2660c2599c2c08144b06a834fe4d2a057da3703c4b23b387be4331b43209765ce56cbfbcac13722be08cdb6254dd103c07d7e858b3d0be3b60dc087dcad99efbaab8d561b0c51100e6df203cf858e1dddfaa9ff2cb4af4d78158e58c7b76b158d8072a9e482b96c33185f0a094867a983c6a42d7ef72e5dbb2f2d704db5896ecc35c8d7d37ea080e5a395a59858b6dabd638f9531342419b616a2e8d63657d0fdde1060ef33b75e26fdb2f0c3e786443002f7f3a1c8ece235a3e7ab320baab063700bc0ee9c29ae0753291532e6c462ee44ae3f372479045a7912d9dfaefd674b4dab07c4bba99e837df23fbdb2b1788f888646938b4ce0078ea49ea1194c43bf6c73b2b6c9b1400f100b9466a7b5d9cb153a6c666dbeb78fd774dcfad42ed8258f55ddb35f6be9425e33507ccb7321f6b15ddc53ad535a6a5dbca1fb4e1a91e706ba05cd178d6ff381efeabc33da671fbbabfcb53bfa36e6a4939af161bf3be05b6e38329059eb480bf84e6f775739857e9fb08b34efe37d8337bbdc6bb7d1d205ce46d988867090c4289570582067e8207fed08c373efdc8fa8190db0717e036bd52330fa07c3a2c878c44383a575df375688879fbe246be914917c9faa25491a614fc067a1109014c69be11ad37eee345c801d8de0eba112af0d7f72682f57c9dee5cebf364b3e3d4ec1ac0a0a0fc7ca3f71dbafca84c8b9877dab0803c167dfc2a3e7063acb7713510c0e63c70a2ba17191e669ff123d1eb795fce5d1700b74c59fa16152036489b16002e904f751aafad489ce6b89a055594d734da2f997a46f8f4b9cc4c8025346e212be0804d6aa4df81f31c0f8badd75407fcf221e17893efae087db51111ea8574c2d993a1f1377b158caf627411306c210a69916415335c4fe5d38b061fc08c3f8e84f6ddf938dabf37277411c1d1b44a1c1682ed5da244f7297e150e9868ed4cebdfde99492c49cda9b0f944314725d47fcefd98e3e425fd1ef4941ea0f179389aafc6654778baf054ad56d4558eb9a1a829bb92283daf4d9d4689e4f31a7e142a38c1e46fab2b51c259034294f9e3df46369300d7abb035961f3fb87bfac284698ea38654f8af4ae92b79d3b83d340a93711cf5e54b7a477abcced57eb5eeeba75ea2ce91e4ea54d9fc89d510f91751bab88877443eab7873b47fb11269becd9bf2da9873b4311a997df83347605fdacc3ff1715e23fb4a0d50b8c0df549dcad3e87b2f58c6638cf0f5f01e166fc5bb7b817db995363f37ccbececd99ef0597063010474fef4301318ef20b61b01d5db865842efcf7e4adf39c64792c3da2ae57b2987e980d6d98a6dcdc8f47c2080358df9dd4502caf72d3486589f3b63e1d49f3675582defce94c0d2c7c522cbf3fe407ccf6b23bd64378cba66326ded5bf23ae983daa171e2b84dc3442df84ab592b3228f8a1b1de2af23e832fca114e1c19ad94868630243a217855fe59b5128c8f0bd3452c79f4b5b50a247b1011eb55a7cb60004bad5d43158976eff07f9dd6123a542f5c8031c6484ea07daa0d03d8025bb5052b4b5c56752bf0fb498a447f5dc8195884adf2a18e46357968683146074ce2ab98774251da0e748aac58b46c27fae9227bb2b079a2213c38b92c6fe45bcb068869328edc2e8558c4133ec63a7125c98a8e48e3fcdd7e0f173fdfe1394e38a2eed3cc89d7ba0318124080459fa08994111287bb76166bedee79cd46dadcfc719f1bcb322c2235bc86ca6fd73886db577c88df1ed2bcc7034c3cde5c4dc4dae5c63f9cfb1d7afced7844eb28f1d5b68be5dfef1e3799a9daccbbccc18728f9db6224eb8f87ebfb72b476efe5bdeb17367870100000000000000fc2edad2c45712abdd76a59531bee79f9c9c3837f635d883deafaea999f7e69fa7e83c81ee41eb3ca87d1f42f5b8135679dec5a0e956c8ca0eb70f265b4d46cf61c1eadfdf14e6e5123e8ebdcf819eda6ac72c4c71432c7e702bebd1ea8d3e3408b445bcadab97b0756079a763bf64d31c08e1a9cd4424ac704aaf2809e467b2dd20c523d4bbe4d4ebf637d7ad5a156879faaad794fb9f112cf06873862c3f776ee4b19781bb8fcd77614bc7c168a045e3f88b26c4ab606c55b030eeae0f34675d006dd68a712a76bdbe04061aed274fc5a3c04a34909d2be143aeeb9ef7609a5e79980a46e3523f34d87c5147639229eb3d02a66b6de2b8ec46e52c04185766ab50d2fa1426cb947779579405b31e9339f02d1b4f94c3366942ae314f98f1558df88f732179107af4c068fb6cde24dfe95c7befa37ecc075a8a2c432b28b5b56a5a9f5f7a32bf2ccc515927acba32e2208989db9d1467ad845e9adf5f1633a0f82022a9027247e754455d4468588d462ee5156861efa15fb392c4fe916a9a04a3598907651d96d86235b101e81998ff562415a2a469442eb4160e1c3a04f19ceb8d5a1ea5bfb42685520e085acfd70402b4a7314613e24af97ffb6dda85f3320be13e48d62d32f394427219433a516753c0a77f33231a0e04fd8bdbe70c60244dd838a4d4637edaf37fbe4f1c201c689eb873a0a487f47abbec3ae20f264a2ffd58ead26e845e9e6c0f080988cd84fe641ed840b08cef588664a524053976ec78fdcc7bcaabf7bc051b1a5d00271c40071c15eadbe0d70e6bd83a029919a9e1ac02cf0a8c5aa01bc05208ecfb566f24b3c63850d3e1ba6aefa08445801c282e10fa5c4e32afbf452429f3cc9d47b6d03c315818dfdbf5269603eef73b4ff7352e6a6604aa4d2b4adcd3d4bab6a5c113e268fa735e2de8a590715c0d4f2fe8f9c14004f4b68b4e576d42d3dd9ed9de5b6317d9cc62d23d25527123f8969904dfb8487154ddddc357aa72265f2d3e58103bed8b0b8cfbdaa23e446a7cfdaaec2e8719e37c3b17f706043cd43836fd75d91ff8b0cc9f7474aacb5cf2457b5c978a4d5050f45c34556cdc07b3fb4ab06b2d27897faf7dcff1b34f9dfdb619bd34e1fed2f562b2da02ac178a6bc0112c883c8f3948000b68d6d8ffb406b95560c17ab9a0275cce2d200ce7e72982652b43951eafa93b786f138c61a67f0d0452bd1b7486c04d779e7631e4473489f99fb0621e3d15abe3f5e52988d25b43648f9d43c8cca47991ef55eae7feff5bd5602ee092a95a0a82765586d40916ffe26b5a2c6e82c874a61d5ab4f6e99809c7811109834b1ba1081e39d3b5082233f4d179d77c85c0db3ea9b9926bafb68b5024df32c5ceb0d2447f3c77ea6f70b8c9c742fc69c4f4f02922d43cd8f046529695aa43539dbc88e57f45ac1d12580f3c279a60677a16558b549afafdda654d155260993ff58296083e7f4eebd7748d803ee2760f65d155dcb0c300", 0x2000, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x78, 0x0, 0x9, {0x3, 0xffff, 0x0, {0x6, 0x8000000000000000, 0xa0, 0x6, 0x1, 0x0, 0x3, 0x85, 0x61, 0x2000, 0x2, r2, r3, 0x6, 0xc}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x21, 0x0, 0x128200}}, 0x50) mkdir(&(0x7f0000000080)='./file0/file0\x00', 0x82) setxattr$incfs_id(&(0x7f0000000340)='./file0\x00', &(0x7f00000003c0), 0x0, 0x0, 0x2) syz_genetlink_get_family_id$gtp(&(0x7f0000000040), 0xffffffffffffffff) syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000002240)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="73686f72746e616d653d77696e6e742c666c7573682c646d61736b3d30303030303030303030303030303030303137373737372c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d6d697865642c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c726f6469722c696f636861727365743d757466382c666d61736b3d30303030303030303030303030303030303030303030342c646d61736b3d30303030303030303030303030303030303030303030372c757466383d312c726f6469722c73686f72746e616d653d77696e39352c726f6469722c00743ccfec81d6c7d05b0f2a54ddce151ec4cbbaacb9552647fd950fedfdc024b3953e7669bc9d4f66e3beaecb80fe73633280b1d3e82023d4f5c7f5a4989406c0f0d0cf537f132dc1e63d84a17532cb78ae7a368bc0029207b9b166705972f4e8dad041e6be170bf43057b456d43f100c53b471aa6c8e3751", @ANYRES16], 0x1, 0x2b8, &(0x7f0000001080)="$eJzs3T2LY1UYAOD3JpkkuxZJYSWCF7SwWna2tckgWVhMpaRQCx3cXZAkCLsw4CgGK1sbS3+BINj5J2wEf4DgD7BzioEjN7mXZGbyMUEz48fzFJl37jnvPe85OcwHwz3z4cuT0eM8nn75+a/RbmdR60UvzrLoRi0qKaUUC72vAwD4NztLKX5Pc9dM6RUvWUS091saALAnO3///2HvJQEAe/bOu++9dTQY9N/O83Y8nHx1Mix+sy8+ztuPnsbHMY4ncT86cT7/W0D100Lx+jClNG3khW68NpmeDIvMyQc/lfc/qgY6jE50Z9HF/EeD/mE+t5Q/Leq4W47fK8Z/EJ14ccX4jwb9ByvyY9iM119dqv9edOLnj+KTGMfjWRGL/C8O8/zN9M0fn71flFfkZ9OTYWvWbyHVb+5dAQAAAAAAAAAAAAAAAAAAAADgv+5eeXZOK2bn9xSXyvN36ufFJweRV7oXz+eZ52fVjS6dDzRN8W1KrUbEoH8/z/NUdlzkN+KlRjRuZ9YAAAAAAAAAAAAAAAAAAADwz/L809PR8Xj85NmK4Je7EWua1gTVaQDVY/1bsurrmnpLV16J09Fxa/0Nl5pqZbhh0KhXfbKIjdMpJrHL3P9CcGddzd99v+sN29v7HGxan78nqHbX6DhbvYatqK60q/f0x+U+zbjmWM11TWn79lsKmiubOjvPvfnCLJhu6BPZpsLe+G2+cuWV7PIsmrNVXZl+UAZL6Zf2xk77+erXisxpHQAAAAAAAAAAAAAAAAAAsFeLh36vNN3ZklpLrb2VBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3avH//3cIpmXyNTo349nzW54iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wN/BgAA//+kKlw+") r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x18, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b00000000001b000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000006ffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, 0x0, 0x0, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) 1.197826284s ago: executing program 0 (id=2030): syz_read_part_table(0x601, &(0x7f0000000000)="$eJzs1M9rXFUUAODz5veIIaEWBBEMBLoa24W4CDi0odTSTRpKLS7cCYJQN4WAXciEtkuR4kZEiJsKIQbyD+hGwiQQsskqZBmCILhJECFEuDLvTSaJZCFkMCrft3j3vnPvfec+zuUG/2mlqHdSyprROYpUY7zovFI0tUgppcGC5x8+flj0xiPeW5xYipiZunc/4qW5D3rB11+O+OX7wbcGaqfzptHDFOs39xfHNiY2V8u9UNZ7VCJiLiI+2XlR+ctWy9EY4o/zv7Dc/vSnyM9Nu5kfuG8iJr8rxjoPXn3n/VKWHZ/C7Mbw83dH84Mb9dg6TrQ3P3K1cj0i1vqBVm/Sz0W/+1WxmemTHyoVTfmsJM1h75ph6dX/6bNHtS+L22r328s7208Opq8szF5rXdpe6TzPiuK9EZFfX1l+zZXOrjMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA5LLe7o7V+f+v2Z7tvffTmrev1U1N6b70pjeI1i2ZEyrtzw8n/dP3zZtTbH28dpJTSjUjp7t78yNXqajXuzvfztrI89cDXD/Kmdv4dcJHy+j97dPuLx+3fl4pQ48nB9JWF2WutS9srnaMC/1ZrdC7PRkT55OrKBewYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPi3u/XunfGZqXv3IyKrNCKiNPai2x/7NSJSinjtx7cXHq5NTR6v+qN2p14/TOs39xfHNiY2V8sxUy9GfihFpGxyJCqVIrCcP6v/9H/x9/wZAAD//4qTcdA=") r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x101, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000140)='mm_page_alloc\x00', r0}, 0x10) syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) r1 = syz_open_dev$usbfs(0x0, 0x0, 0x24a80) mmap(&(0x7f0000b15000/0x4000)=nil, 0x4000, 0x0, 0x11, 0xffffffffffffffff, 0x0) mkdir(0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES64=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r3, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0xb, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_DETACH(0x8, &(0x7f00000007c0)=ANY=[@ANYRES32=r4, @ANYBLOB="0700000000000008000000009de220e0401605738a13fd76e3120710a09caa5ad818e5b705444d43323ab850176d12b4b67d351f4155170c37e4152b1c4020af2d8ace314bd9d104573a3a1f8e6adc70a5556d0a696a8032be61c7aa34daaf165ca8490e01492c309b7096fe8145818b94b001cb9b71a4385ec933016d4b11915424c53e7f21e6fc44aee1c333fc3cf6fc74605da4ae6a22c0bdf2532c75f5f4000000000015e63c45818c12a9abb5f7af0fe2a00f1e1966954da94244144c8df4a6cee57c41ac1f6e9d1507c3223f91d753201b637a3e4895abde330f111b7460d4c2e6ae36e9167d775011c701b7760814fdc878b098a160e0bb3913eccdd766a39d34a1cb4591", @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=@base={0xa, 0x8, 0x7, 0x6, 0x0, r4, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1}) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000006c0)='vnet_rx_stopped_ack\x00', r6}, 0x18) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000940)={'lo\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x27}}) close(r2) utimes(&(0x7f00000001c0)='./file0\x00', 0x0) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0b000000079409f68e32c4b2d0a27815a6ab7733206fae0e000000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r7}, 0x0, 0x0}, 0x20) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000740)={r7, &(0x7f0000000000), &(0x7f00000000c0)=""/109}, 0x20) 1.141066344s ago: executing program 0 (id=2031): socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000001857489c5d44a3dc33b51d8a1c54d764423b4507687e70233ab03e1b4ac9716da9486ce85ef1ee6fd8dd30eaa44b97d877b59cdd8a6af27f9c65f7e2b3c5630ea315dd77a427e89b72b29bbe7865c1bd60d9a371b48dc08884a8d6c4872b2ecbadf2bd0c90994e0832948536b863ba140e8a2f53502977e26528f388e37fd3c23e38d41ff7a133f7e74fee0c47d44688"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00808000"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) 1.010740215s ago: executing program 2 (id=2032): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="3000000018000100000000020f0000000a000000010000000000000014000500fe"], 0x30}}, 0x0) 889.704625ms ago: executing program 2 (id=2033): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) r1 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r1, &(0x7f0000000c00)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x3, @mcast1, 0x9}, 0x1c, &(0x7f00000001c0)=[{&(0x7f00000003c0)="3d0bc458e7eb7a4605d2aebf94780450fe5d46befe07333c3aa090d0926adc2424c8d65edf7f1e0a4e375a0df21133e3200b55e82d857f965fb2d29bc360d9735c7fd5a06dae4cbf26e2637d10555bbdcad14dfe", 0x54}, {&(0x7f0000000580)="06b14b04d25f592a0c2ccc4efcd41bfcc5e9771f8afc2efd07d5beea938eb310c4cd2823ecba0224871bff2a7e96fb522cfe7d852d8609f6e3c6cc23155b0056952e", 0x42}, {&(0x7f0000000600)="04a5441bb105fa6abee31651185bcdaca4fa28240e1fae08bfc366932680607b528759f101eabb36bd34fcbcb6187a267069834e668d0940565a12434768280b33cbed6a31bae4b953986f34a1d3e9858cbc065a2daf6766f77da722406aacea0fd268d0d3558738794f2c", 0x6b}, {&(0x7f0000000680)="dcfef40012cfe9318a26f4dc7e61bcd73ea330e7ff5b7d36eb5c2904ad99f40105f019112d72475fea3990ffdab85e5a188c5f869b26fbf1457003b6a33d530b38ba7584a7f3b83f9dce6e5e3141e252a4f6b10c64c17a1dc9a8ca7ff166c3215dbef3ac7ed9f39f5eeae259de4606f263f4f967a2337cdab6274f27f4081ecc15af0418745f5af472197957dca4546980d750e01efb5937356ecb0f8fd86404f448cbe7ad2243647fd6f48e5715cbff194751c98d6b8503d7028e2c07cc185c21cb42c9fc15d7768a9558c42d328f1362943527058bc5ade547fb5ef86152bab59d4dd433e48d878567ea243adbf7559f8f3b746b9a947b23", 0xf9}], 0x4}}, {{0x0, 0x0, &(0x7f0000000a80)=[{&(0x7f0000000a00)="0e5f59842cc3b5fa66e31eb5078251cbd3d1a79b7d0262d57b240c6903bc277ef15a0452b63b060fbb6474f8ce81625ec7bd231a0687eb359efa951ce0ed6c3996f74d60d78f794b6b0225925b54f1a1f1b43349695ee5d2", 0x58}], 0x1, &(0x7f0000000ac0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x6}}, @tclass={{0x14, 0x29, 0x43, 0x6}}], 0x30}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000b00)="0720479b430229ecf83b77de2ae410c6d07f336ea4c271d74d3b70bb7b088d4fc2e3c469f28a2fd0afa626d2e348c6d1d1dc63fc35be476c58b3da58264c944c303c2a181551874874f704687f82efaafee5a4d91bb0a12746851f73343fe57ceb8884e8ab81b92d7805288428e360de80ba6d36dd439466570c8cba48bea7f3370e6e1e865b94719a4e", 0x8a}], 0x1}}], 0x3, 0x4001) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) gettid() sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prlimit64(0x0, 0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r5 = add_key$keyring(&(0x7f0000000340), &(0x7f00000004c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, &(0x7f0000000240)='asymmetric\x00', &(0x7f0000000500)=@chain) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000180)=0x8000000000000000, 0x12) r6 = signalfd(r3, &(0x7f0000000140)={[0x9]}, 0x8) ioctl$UI_DEV_CREATE(r6, 0x5501) add_key$fscrypt_provisioning(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x0}, &(0x7f0000000100)=ANY=[@ANYBLOB="010000000000000061624b646590ef68696a6b6c6d6e6f707172737475767778797a3031323334"], 0x29, r5) 521.256098ms ago: executing program 3 (id=2034): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x8142, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x8, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) ioctl$KVM_CAP_DISABLE_QUIRKS(r1, 0x4068aea3, &(0x7f0000000000)={0x74, 0x0, 0x12}) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0) syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000080)='./file0\x00', 0x822090, &(0x7f0000000a40)=ANY=[], 0x6, 0x2d1, &(0x7f0000000740)="$eJzs3T9rJGUcB/DfbGb/qMVuYSWCA1pYHZdrbTbIHYipPLY4LTR4dyDZRUgg4h9cU4mdjaWvQBB8ITZ2loKtYGeEwMjMzmR3k3GzkWxE8/kUyZOZ5zvP73lmkkyTJ++9ONl/nMXT489+iV4vidawG3GSxCBaUfsilgy/DgDgv+wkz+P3fKbh9M9frcj2NlgXALA5l/z+r6Tlx0dFjx9urjYAYDMePnr7zZ3d3ftvZVkvHky+PBolEVF8np3feRofxDiexN3ox2lE+aLQjvJtoWg+yPN8mmaFQbwymR6NiuTk3R+r6+/8FlHmt6Mfg/LQ2dtGmX9j9/52NrOQnxZ1PFuNPyzy96Ifz5+Fl/L3GvIx6sSrLy/Ufyf68dP78WGM43FZxDz/+XaWvZ5/88en7xTlFflkejTqlv3m8q168OkN3yMAAAAAAAAAAAAAAAAAAAAAAP5/7lR753Sj3L+nOFTtv7N1WnzRjqw2WN6fZ5ZP6gvN9weKVp7n0zy+rffXuZtlWV51nOfTeCGtNhYEAAAAAAAAAAAAAAAAAACAW+7w40/298bjJwfX0qh3A0gj4s+HEf/0OsOFIy/F6s7dasy98bhVNZf7pItHYqvuk0SsLKOYxDUty2WNZy7UXDW++74xVczoMI2mU73LB203j3XFxkft2To29qmfrv29pHkNu2fF94obF+dvXCeaR2/HuSOdv6uwfhTXm06n8VT/ysvSea5sTFf0iWTV98Vrv87KXpjFUp9OuaqN8XbVWIifezbWep6jN4tf/FmR2K0DAAAAAAAAAAAAAAAAAAA2av7Xvw0nj1dGW3l3Y2UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwI2a////dRrpcniNVCcODv+tuQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB7/BUAAP//vaZV2Q==") write$binfmt_script(r5, &(0x7f00000008c0), 0xfecc) syz_mount_image$exfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0xa10812, &(0x7f0000000640)=ANY=[@ANYBLOB='discard,utf8,fmask=00000000000000000000271,namecase=1,discard,errors=continue,errors=remount-ro,umask=00000000000000000003377,utf8,iocharset=cp861,iocharset=macturkish,umask=00000000000000000005454,dmask=00000000000000000000005,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',euid=', @ANYRESDEC=0x0, @ANYBLOB=',fscontext=user_u,subj_type=iocharset,dont_measure,uid>', @ANYRESDEC=0x0, @ANYBLOB="2c736d61636b6673666c6f6f723dda08d2b66c053ea3fe49e94ce4a991b23fb060827efcf28bd3926e46dcef32f03b7a7c690350d9ae752dadd8c9f7ebc6042462e42a43eab845c2298f1d480bf7db736035f9b6d3b34f14542aab3c1158afbfbbf2827a9c907aaaa752a5f8de74a5c8f217399f2fcd93c4f15b3106a8ee8aaa4cac999da5e1c0a7222169c3720133e6d3f9b6b59159dab0b07a5077e594aa5dfc1e180c35667988a19cb0805b00de66f2060770cc808d82974b98e9222f3ea386232be847d9c4ca81fe0631dcfb6026363a00a6dadae840ab9c12915c8c04cbad3dc338396dd6a03fb53fb184d1c403a62cf39ffa1ebc1453e1ab3b1a2d062e26f1c038cfb9458ebd158564e64f2d987952cf1f2518ffc8ab8d1efb9a6017f75c1bdf8004beab7616f8d12150fbb3f0c9a283052c6d61736b3d4d41595f415050454e442c7065726d69745f646972656374696f2c666f776e65723c", @ANYRESOCT=0x0, @ANYBLOB="5bba993834d1c8888cb7f625a7ffdc8ec8b4769356c29b1e8da21cf5419f9efe09e69589951df595bf978bfeb0a392302cfd873e4212d72d41862aa048871fa1c232bb21f9f3bcc98b70aa975e5fe24368c7ca3cc0acceeac49facca6e5781bd74acabc74a9c5c774a450c0cf5c98e5a416e565702ca3f4e71e2e324cb66c1ed"], 0x1, 0x14fd, &(0x7f0000003f40)="$eJzs3Au0jtXWOPA511oPm6Q3yX3NNR/etLFIklyS5JIkyZEkt4QkSZKkcr8lIQm5J7mH5BaS+/2We5Ik7SQJyS1Z/6HT+XRO5/v3ne873zDGt+dvjGfsNd/nneuZ65177Od53j3e97sOg6rUq1qxDjPD/wj+9UdXAEgBgL4AcA0ARABQMlvJbJf2Z9LY9X92EPHv9eDUK12BuJKk/+mb9D99k/6nb9L/9E36n75J/9M36X/6Jv0XIj3bOi33tbKl303e/0/P5Pz/f0ha0dFfrS96fcd/IUX6n75J/9M36X/6Jv1P36T/6Zv0P32T/qdv0n8h0rP//nvH8r+D/wvblf79E0IIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRPpwNlxkA+Nv4StclhBBCCCGEEEKIf5+Q8UpXIIQQQgghhBBCiP99CAo0GIggA2SEFMgEmeEqyAJXQ1a4BhJwLWSD6yA7XA85ICfkgtyQB/JCPrBA4IAhhvxQAJJwAxSEGyEVCkFhKAIeikIxuAmKw81QAm6BknArlILboDSUgbJQDm6H8nAHVIA7oSLcBZWgMlSBqnA3VIN7oDrcCzXgPqgJ90MteABqw1+gDjwIdeEhqAcPQ314BBpAQ2gEjaHJfyv/RXgJXobO0AW6QjfoDj2gJ/SC3tAH+sIr0A9SfnttBsIgeB0GwxswBN6EoTAMhsNbMAJGwigYDWNgLIyDt2E8vAMT4F2YCJNgMkyBqTANpsN7MANmwix4H2bDBzAH5sI8mA8L4ENYCItgMXwES+BjWArLYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCp/ANtgOO2An7ILdsAc+hb3wGeyDz2E/fPEv5p/5h/yOCAioUKFBgxkwA6ZgCmbGzJgFs2BWzIoJTGA2zIbZMTvmwBw35sJcmAfzYD7Mh4SEjIz5MT8mMYkFsSCmYioWxsLo0WMxLIbF8WYsgSWwJJbEUlgKS2MZLIPlsByWx/JYAStgRayIlbASVsEqeDfejfdgdayONbAG1sSaWAtrYVre2lgH62BdrIv1sB7Wx/rYABtgI2yETbAJNsWm2AybYQtsgS2xJbbCVtgaW2MbbINtsS22w3bYHttjB+yAHfEFfAFfxBfxZXwZu2Al1Q27Y3fsiT2xN/bBPvgK9sNX8VV8DQfgQByEr+Pr+AYOwdM4FIfhcByO5dVIHIWjkdVYHIfjcDyOxwk4ASfiJJyEU3AqTsPpOB1n4Eycie/jbPwAP8C5OBfn4wJcgAtxES7GxbgEz+BSXIbLcQWuxFW4EtfgWlyD63EDrsdNuAm34Bb8BD/B7bgdd+JO3I0GAD/Fz/AzHID7cT8ewAN4EA/iITyEaZiGh/EwHsEjeBSP4jE8hsfxBJ7EE3gKT+FpPINn8Syex/N4AZ/L803d3YXWDQB1iVFGZVAZVIpKUZlVZpVFZVFZVVaVUAmVTWVT2VV2lUPlULlULpVH5VH51DlFihSrWOVX+VVSJVVBVVClqlRVWBVWXnlVTBVTxVVxVUKVUCXVraqUuk2VVmVUc19OlVPlVQtfQd2pKqqKqpKqrKqoqqqqqqaqqeqquqqhaqiaqqaqpR5QtVU37I0PqkudqacGYn01CBuohqqRaqzewEdVUzUEm6nmqoV6XA3DodhKNfWt1VOqjRqFbdUzajQ+q9qrsdhBPa86qhdUJ/Wiekk1851VFzURu6nuagr2VL1Ub9VHzcDK6lLHqqjX1AA1UA1Sr6v5+IYaot5UQ9UwNVy9pUaokWqUGq3GqLFqnHpbjVfvqAnqXTVRTVKT1RQ1VU1T09V7aoaaqWap99Vs9YGao+aqeWq+WqA+VAvVIrVYfaSWqI/VUrVMLVcr1Eq1Sq1Wa9RatU6tVxvURrVJbVZb1Fb1idqmtqsdaqfapXarPepTtVd9pvapz9V+9YU6oL5UB9VX6pD6WqWpb9Rh9a06or5TR9X36pj6QR1XJ9RJ9aM6pX5Sp9UZdVadU+fVz+qC+kVdVEGBRq201kZHOoPOqFN0Jp1ZX6Wz6Kt1Vn2NTuhrdTZ9nc6ur9c5dE6dS+fWeXRenU9bTdpp1rHOrwvopL5BF9Q36lRdSBfWRbTXRXUxfZMurm/WJfQtuqS+VZfSt+nSuowuq8vp23V5fYeuoO/UFfVdupKurKvoqvpuXU3fo6vre3UNfZ+uqe/XtfQDurb+i66jH9R19UO6nn5Y19eP6Aa6oW6kG+sm+lHdVD+mm+nmuoV+XLfUT+hW+kndWj+l2+indVv9jG6nn9Xt9XO6g35ed9Qv6E76F31RB91Zd9FddTfdXffQPXUv3Vv30X31K7qfflX316/pAXqgHqRf14P1G3qIflMP1cP0cP2WHqFH6lF6tB6jx+px+m09Xr+jJ+h39UQ9SU/WU/RUPU33/m2mWf+F/Hf+SX7/X4++RW/Vn+hterveoXfqXXq33qP36L16r96n9+n9er8+oA/og/qgPqQP6TSdpg/rw/qIPqKP6qP6mD6mj+sT+pz+UZ/SP+nT+ow+o8/p8/q8vvDbawAGjTLaGBOZDCajSTGZTGZzlclirjZZzTUmYa412cx1Jru53uQwOU0uk9vkMXlNPmMNGWfYxCa/KWCS5gb87aRpCpsixpuippi56V/JNwXNjSbVFPq7/D+rr4lpYpqapqaZaWZamBampWlpWplWprVpbdqYNqataWvamXamvWlvOpgOpqPpaDqZTuYl85LpbDqbrqar6W56mJ6ml+lt+pi+5hXTz/Qz/U1/M8AMMIPMIDPYDDZDzBAz1Aw1w81wM8KMMKPMKDPGjDHjzDgz3ow3E8wEM9FMNJPNZDPVTDXTzXQzw8wws8wsM9vMNnPMHDPPzDMLzAKz0Cw0i81is8QsMUvNMrPMrDArzCqzyqwxa8w6s85sMBvMJrPJLM241Ww128w2s8PsMLvMLrPH7DF7zV6zz+wz+81+c8AcMAfNQXPIHDJpJs0cNofNEXPEHDVHzTFzzBw3x81Jc9KcMqfMaXPanDVnzXlz3lwwF8xFc/HSZV+kIhWZyEQZogxRSpQSZY4yR1miLFHWKGuUiBJRtihblD26PsoR5YxyRbmjPFHeKF9kI4pcxFEc5Y8KRMnohqhgdGOUGhWKCkdFIh8VjYpFN0XFo5ujEtEtUcno1qhUdFtUOioTlY3KRbdH5aM7ogrRnVHF6K6oUlQ5qhJVje6OqkX3RNWje6Ma0X1Rzej+qFb0QFQ7+ktUJ3owqhs9FNWLHo7qR49EDaKGUaOocdTk3zp/CKdzPuY72y62q+1mu9setqftZXvbPravfcX2s6/a/vY1O8AOtIPs63awfcMOsW/aoXaYHW7fsiPsSDvKjrZj7Fg7zr5tx9t37AT7rp1oJ9nJdoqdaqfZ6fY9O8POtLPs+3a2/cDOsXPtPDvfLrAf2oV2kV1sP7JL7Md2qV1ml9sVdqVdZVfbNXatXWfX2w12o91kN9stdqv9xG6z2+0Ou9PusrvtHvup3Ws/s/vs53a//cIesF/ag/Yre8h+bdPsN/aw/dYesd/Zo/Z7e8z+YI/bE/ak/dGesj/Z0/aMPWvP2fP2Z3vB/mIv2nDp4v7S6Z0MGcpAGSiFUigzZaYslIWyUlZKUIKyUTbKTtkpB+WgXJSL8lAeykf56BImpvyUn5KUpIJUkFIplQpTYfLkqRgVo+JUnEpQCSpJJakUlaLSVJrKUlm6nW6nO+gOupPupLvoLqpMlakqVaVqVI2qU3WqQTWoJtWkWlSLalNtqkN1qC7VpXpUj+pTfWpADagRNaIm1ISaUlNqRs2oBbWgltSSWlErak2tqQ21obbUltpRO2pP7akDdaCO1JE6USd6iV6iztSZulJX6k7dqSf1pN7Um/pSX+pH/ag/9acBNIAG0SAaTINpCA2hoTSMhtNbNIJG0igaTWNoLI2jcTSextMEmkATaSJNpsk0labSdJpOM2gGzaJZNJtm0xyaQ/NoHi2gBbSQFtJiWkxLaAktpaW0nJbTSlpJq2k1raW1tJ7W00baSJtpM22lrbSNttEO2kG7aBftoT20l/bSPtpH+2k/HaADdJAO0iE6RGmURofpMB2hI3SUjtIxOkbH6TidpJN0ik7RaTpNZ+ksnaef6QL9QhcpUIrL5DK7q1wWd7XL6q5x/xjncrldHpfX5XPW5XA5/y4m51yqK+QKuyLOu6KumLvJpV66pfpdXNqVcWVdOXe7K+/ucBX+EFdz97jq7l5Xw93nqrq7/y6u6e53tdzDrrZ7xNVxDV1d19jVcw+7+u4R18A1dI1cY9fSPeFauSdda/eUa+Oe/kO80C1ya906t95tcHvdZ+6sO+eOuO/cefez6+y6uL7uFdfPver6u9fcADfwD/Fw95Yb4Ua6UW60G+PG/iGe7Ka4qW6am+7eczPczD/EC9yHbrZb7Oa4uW6em/9rfKmmxe4jt8R97Ja6ZW65W+FWulVutVvzH7WucJvcZrfF7XGfum1uu9vhdrpdbvev8aV17HOfu/3uC3fYfesOuq/cIXfUpblvfo0vre+o+94dcz+44+6EO+l+dKfcT+60O/Pr+i+t/Uf3i7voggNGVqzZcMQZOCOncCbOzFdxFr6as/I1nOBrORtfx9n5es7BOTkX5+Y8nJfzsWVix8wx5+cCnOQbuCDfyKlciAtzEfZclIvxTVycb+YSfAuX5Fu5FN/GpbkMl+VyfDuX5zu4At/JFfkursSVuQpX5bu5Gt/D1flersH3cU2+n2vxA1yb/8J1+EGuyw9xPX6Y6/Mj3IAbciNuzE34UW7Kj3Ezbs4t+HFuyU9wK36SW/NT3Iaf5rb8DLfjZ7k9P8cd+HnuyC9wJ36RX+KXuTN34a7cjbtzD+7Jvbg39+G+/Ar341e5P7/GA3ggD+LXeTC/wUP4TR7Kw3g4v8UjeCSP4tE8hsfyOH6bx/M7PIHf5Yk8iSfzFJ7K03g6v8czeCbP4vd5Nn/Ac3guz+P5vIA/5IW8iBfzR7yEP+alvIyX8wpeyat4Na/htbyO1/MG3sibeDNv4a38CW/j7byDd/Iu3s17+FPey5/xPv6c9/MXfIC/5IP8FR/irzmNv+HD/C0f4e/4KH/Px/gHPs4n+CT/yKf4Jz7NZ/gsn+Pz/DNf4F/4IgeGGGMV69jEUZwhzhinxJnizPFVcZb46jhrfE2ciK+Ns8XXxdnj6+Mccc44V5w7zhPnjfPFNqbYxRzHcf64QJyMb4gLxjfGqXGhuHBcJPZx0bhYfFNcPL45LhHfEpeMb41LxbfFpeMy8cP3lYtvj8vHd8QV4jvjivFdcaW4clwlrhrfHVeL74mrx/fGNeL74hLx/XGt+IEYfvu8St34obhe/HBcP34kbhA3jBvFjeMm8aNx0/ixuFncPG4RPx63jJ+IW8VPxq3jp+I28dN/ur9r3C3uHveIe8Qh3KvnJecnFyQ/TC5MLkouTn6UXJL8OLk0uSy5PLkiuTK5Krk6uSa5NrkuuT65IbkxuSm5ObklGULVjODRK6+98ZHP4DP6FJ/JZ/ZX+Sz+ap/VX+MT/lqfzV/ns/vrfQ6f0+fyuX0en9fn89aTd5597PP7Aj7pb/AF/Y0+1RfyhX0R731RX8w39k18E9/UP+ab+ea+hX/cP+6f8E/4J/2T/infxj/t2/pnfDv/rG/vn/PP+ed9R/+C7+Rf9C/5l31n38V39V19d9/d9/Q9fW/f2/f1fX0/38/39/39AD/AD/KD/GA/2A/xQ/xQP9QP98P9CD/Cj/Kj/Bg/xo/z4/x4P95P8BP8RD/RT/aT/VQ/1U/30/0MP8PP8rP87NTZfo6f4+f5eX6BX+AX+oV+sV/sl/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/2qf5b/xh/60/4r/zR/33/pj/wR/3J/xJ/6M/5X/yp/0Zf9af8+f9z/6C/8Vf9MGPS7ydGJ94JzEh8W5iYmJSYnJiSmJqYlpieuK9xIzEzMSsxPuJ2YkPEnMScxPzEvMTCxIfJhYmFiUWJz5KLEl8nFiaWJZYnliRWJlYlQgh77Y45A8FQjLcEAqGG0NqKBQKhyLBh6KhWLgpFA83hxLhllAy3BpKhdtC6VAmlA2PhAahYWgUGocm4dHQNDwWmoXmoUV4PLQMT4RW4cnQOjwV2oSnQ9vwTGgXng3tw3OhQ3g+dPzbHVd4OXQOXULX0C10Dz1Cz9Ar9A59Qt/wSugXXg39w2thQBgYBoXXw+DwRhgS3gxDw7AwPLwVRoSRYVQYHcaEsWFceDuMD++ECeHdMDFMCpPDlDA1TAvTw3thRpgZZoX3w+zwQZgT5oZ5YX5YED4MC8OisDh8FJaEj8PSsCwsDyvCyrAqrA5rwtqwLqwPG8LGsClsDlvC1vBJ2Ba2hx1hZ9gVdoc94dOwN3wW9oXPw/7wRTgQvgwHw1fhUPg6pIVvwuHwbTgSvgtHw/fhWPghHA8nwsnwYzgVfgqnw5lwNpwL58PP4UL4JVyUz6wJIYQQQvyX9PiT/d3+yWMGANRv4+4AcPX23Gm/368BYGOOv457qTwtEwDwVJcOD/5tq1Spa9euvz13qYaowFwASPzDAX6Ll0ELeAJaQ3Mo/k/r66VeOM9/Mn/yVoDMv8tJgcvx5fm//E/mf/Tx4QtLxWez/X/mnwuQWuByTia4HC+DFpdWA82hxH8yf86mf1J/pq/GATT7XU4WuBxfrr8YPAZPQ+u/e6YQQgghhBBCCPFXvVTZdn92/3zp/jyPuZyTES7Hf3Z/LoQQQgghhBBCiCvv2Rc6Pflo69bN28lABjKQwX8MrvRfJiGEEEIIIcS/2+WL/suPZbqSBQkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOnQ7770KxMA/K98ndiVXqMQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQghxpf2/AAAA//+7dzOa") mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000000000002400000060000000100000008000000040000000000000008000000000000000000000000000000e0e354d4bd5879edcf7e8db199187bb51c999787ba536f3e1f530fbf8d5294a44794a7ba7dfb31157261aef28f9555616622ec398557b797bece89731cdd600327b64ead656f4cdeb1ffdf895a9d94a1e519a6e1047b5a26b244aa65a0b6c3df7c4908c74b7f0241fd0e16db1d6898abfaadefa10ab32da304e2e95c8e648baff9276c0bb38581144083c03f5719c6"]) 261.579759ms ago: executing program 1 (id=2035): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) r2 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r2, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r2, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r2, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 125.78884ms ago: executing program 0 (id=2036): ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0) sched_setscheduler(0x0, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000080)={0x0, 0x5, 0x18, 0x0, 0x0, 0x0, 0x0}) 67.77181ms ago: executing program 0 (id=2037): bpf$MAP_CREATE(0x0, &(0x7f0000000540)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10) r1 = socket$inet6(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r1, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0) sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 0s ago: executing program 0 (id=2038): socket$can_raw(0x1d, 0x3, 0x1) socket$can_raw(0x1d, 0x3, 0x1) bpf$ENABLE_STATS(0x20, 0x0, 0x0) socket$igmp(0x2, 0x3, 0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, 0x0, 0x0, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000004584286e000000000000000000000000a6eb5c81eebd319d2e2e58898304c20a027cd2b49a9243c87a76608b6945ce3351dff3848ecf64298e71ec7c6e9fc1f7b32f9f95e3b15329f70e52bbf82650"], 0x48) socket$nl_generic(0x10, 0x3, 0x10) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00808000"], 0xb8}}, 0x0) sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0) kernel console output (not intermixed with test programs): .422314][ T444] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 437.431429][ T444] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 437.439358][ T444] usb 2-1: Product: syz [ 437.444035][ T444] usb 2-1: config 0 descriptor?? [ 437.612767][ T6293] loop2: detected capacity change from 0 to 512 [ 437.642793][ T319] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 437.841965][ T2633] usb 6-1: new high-speed USB device number 54 using dummy_hcd [ 437.853589][ T2556] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.007C/input/input43 [ 437.866594][ T2556] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.007C/input/input44 [ 437.879548][ T2556] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.007C/input/input45 [ 437.892997][ T2556] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.007C/input/input46 [ 437.909599][ T2556] uclogic 0003:256C:006D.007C: input,hiddev96,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0 [ 437.932091][ T19] usb 3-1: new high-speed USB device number 85 using dummy_hcd [ 438.057880][ T2556] usb 4-1: USB disconnect, device number 72 [ 438.202026][ T2633] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 438.212105][ T2633] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 438.222108][ T444] usbhid 2-1:0.0: can't add hid device: -71 [ 438.225609][ T2633] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 438.239733][ T444] usbhid: probe of 2-1:0.0 failed with error -71 [ 438.240572][ T2633] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.252632][ T444] usb 2-1: USB disconnect, device number 85 [ 438.263427][ T2633] usb 6-1: config 0 descriptor?? [ 438.302957][ T2633] usbhid 6-1:0.0: couldn't find an input interrupt endpoint [ 438.342078][ T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 438.354563][ T19] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 438.363588][ T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 438.372211][ T19] usb 3-1: config 0 descriptor?? [ 438.842566][ T19] keytouch 0003:0926:3333.007D: fixing up Keytouch IEC report descriptor [ 438.852202][ T19] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.007D/input/input47 [ 438.944836][ T19] keytouch 0003:0926:3333.007D: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0 [ 438.971966][ T2556] usb 4-1: new high-speed USB device number 73 using dummy_hcd [ 439.031990][ T2633] usb 2-1: new high-speed USB device number 86 using dummy_hcd [ 439.044808][ T19] usb 3-1: USB disconnect, device number 85 [ 439.362035][ T2556] usb 4-1: config index 0 descriptor too short (expected 769, got 36) [ 439.370122][ T2556] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 439.380078][ T2556] usb 4-1: config 0 has no interfaces? [ 439.385402][ T2556] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 439.392023][ T2633] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 439.394190][ T2556] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.404755][ T2633] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 439.413375][ T2556] usb 4-1: config 0 descriptor?? [ 439.492012][ T444] usb 1-1: new high-speed USB device number 67 using dummy_hcd [ 439.502051][ T2633] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 439.511176][ T2633] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 439.519019][ T2633] usb 2-1: Product: syz [ 439.523671][ T2633] usb 2-1: config 0 descriptor?? [ 439.832010][ T2556] usb 3-1: new high-speed USB device number 86 using dummy_hcd [ 439.872151][ T444] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 439.882243][ T444] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 439.892848][ T444] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 439.902426][ T444] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 439.915038][ T444] usb 1-1: New USB device found, idVendor=a9cd, idProduct=cdee, bcdDevice= 5.b9 [ 439.923859][ T444] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 439.932303][ T444] usb 1-1: config 0 descriptor?? [ 439.972776][ T444] usb 1-1: MIDIStreaming interface descriptor not found [ 440.091948][ T2556] usb 3-1: Using ep0 maxpacket: 32 [ 440.174912][ T498] usb 1-1: USB disconnect, device number 67 [ 440.432039][ T2556] usb 3-1: New USB device found, idVendor=0b95, idProduct=2791, bcdDevice= d.2d [ 440.441101][ T2556] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 440.448850][ T2556] usb 3-1: Product: syz [ 440.452954][ T2556] usb 3-1: Manufacturer: syz [ 440.457330][ T2556] usb 3-1: SerialNumber: syz [ 440.592475][ T444] usb 6-1: USB disconnect, device number 54 [ 440.722073][ T2556] aqc111: probe of 3-1:1.0 failed with error -22 [ 440.930999][ T2556] usb 3-1: USB disconnect, device number 86 [ 441.011956][ T444] usb 6-1: new high-speed USB device number 55 using dummy_hcd [ 441.392013][ T444] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 441.402802][ T444] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 441.412317][ T444] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 441.421194][ T444] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 441.430002][ T444] usb 6-1: config 0 descriptor?? [ 441.685153][ T6332] loop5: detected capacity change from 0 to 256 [ 441.691735][ T6332] FAT-fs (loop5): Unrecognized mount option "" or missing value [ 441.743115][ T6349] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1716'. [ 441.753251][ T6332] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 441.761792][ T6332] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 441.786439][ T4988] usb 2-1: USB disconnect, device number 86 [ 441.831941][ T6] usb 1-1: new high-speed USB device number 68 using dummy_hcd [ 441.854058][ T498] usb 4-1: USB disconnect, device number 73 [ 441.954410][ T6379] loop3: detected capacity change from 0 to 512 [ 441.969265][ T6379] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 441.978516][ T6379] ext4 filesystem being mounted at /303/bus supports timestamps until 2038 (0x7fffffff) [ 442.042921][ T296] EXT4-fs (loop3): unmounting filesystem. [ 442.142089][ T444] usbhid 6-1:0.0: can't add hid device: -71 [ 442.147875][ T444] usbhid: probe of 6-1:0.0 failed with error -71 [ 442.155266][ T444] usb 6-1: USB disconnect, device number 55 [ 442.212171][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 442.224207][ T6386] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1722'. [ 442.233564][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 442.322017][ T6] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 442.331128][ T6] usb 1-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 442.339235][ T6] usb 1-1: Product: syz [ 442.343967][ T6] usb 1-1: config 0 descriptor?? [ 442.618384][ T6394] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1724'. [ 442.621606][ T6395] xt_TPROXY: Can be used only with -p tcp or -p udp [ 442.692039][ T498] usb 2-1: new high-speed USB device number 87 using dummy_hcd [ 442.862374][ T6401] loop5: detected capacity change from 0 to 8192 [ 443.082039][ T498] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 443.092036][ T6] usbhid 1-1:0.0: can't add hid device: -71 [ 443.097987][ T6] usbhid: probe of 1-1:0.0 failed with error -71 [ 443.102336][ T498] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 443.107847][ T6] usb 1-1: USB disconnect, device number 68 [ 443.123827][ T498] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 443.141935][ T498] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 443.152188][ T498] usb 2-1: config 0 descriptor?? [ 443.202545][ T498] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 443.297828][ T6412] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1730'. [ 444.072740][ T6440] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1736'. [ 444.216244][ T28] audit: type=1400 audit(1732233561.513:692): avc: denied { relabelfrom } for pid=6437 comm="syz.3.1739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 444.470979][ T6434] loop5: detected capacity change from 0 to 40427 [ 444.471850][ T28] audit: type=1400 audit(1732233561.513:693): avc: denied { relabelto } for pid=6437 comm="syz.3.1739" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tun_socket permissive=1 [ 444.516537][ T6434] F2FS-fs (loop5): Invalid SB checksum offset: 0 [ 444.527348][ T6434] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock [ 444.556868][ T6434] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 444.568040][ T28] audit: type=1400 audit(1732233561.873:694): avc: denied { mount } for pid=6449 comm="syz.2.1741" name="/" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 444.597137][ T6450] loop2: detected capacity change from 0 to 512 [ 444.598685][ T6434] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0 [ 444.608425][ T6450] ext2: Unknown parameter 'euid>00000000000000000000' [ 444.617385][ T6434] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5 [ 444.734122][ T28] audit: type=1400 audit(1732233562.043:695): avc: denied { unmount } for pid=294 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=filesystem permissive=1 [ 444.991010][ T6465] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1743'. [ 445.102087][ T6472] FAULT_INJECTION: forcing a failure. [ 445.102087][ T6472] name failslab, interval 1, probability 0, space 0, times 0 [ 445.115116][ T6472] CPU: 1 PID: 6472 Comm: syz.5.1747 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 445.124747][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 445.134643][ T6472] Call Trace: [ 445.137776][ T6472] [ 445.140546][ T6472] dump_stack_lvl+0x151/0x1b7 [ 445.145073][ T6472] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 445.150355][ T6472] dump_stack+0x15/0x1e [ 445.154346][ T6472] should_fail_ex+0x3d0/0x520 [ 445.158857][ T6472] __should_failslab+0xaf/0xf0 [ 445.163457][ T6472] ? legacy_init_fs_context+0x51/0xb0 [ 445.168663][ T6472] should_failslab+0x9/0x20 [ 445.173006][ T6472] __kmem_cache_alloc_node+0x3d/0x2a0 [ 445.178209][ T6472] ? alloc_fs_context+0x65/0x830 [ 445.182985][ T6472] ? legacy_init_fs_context+0x51/0xb0 [ 445.188192][ T6472] kmalloc_trace+0x2a/0xa0 [ 445.192447][ T6472] legacy_init_fs_context+0x51/0xb0 [ 445.197481][ T6472] alloc_fs_context+0x674/0x830 [ 445.202168][ T6472] fs_context_for_mount+0x24/0x30 [ 445.207029][ T6472] do_new_mount+0x15c/0xb30 [ 445.211369][ T6472] ? do_move_mount_old+0x160/0x160 [ 445.216311][ T6472] ? security_capable+0x87/0xb0 [ 445.221015][ T6472] ? ns_capable+0x89/0xe0 [ 445.225427][ T6472] path_mount+0x671/0x1070 [ 445.229772][ T6472] ? user_path_at_empty+0x14e/0x1a0 [ 445.234808][ T6472] __se_sys_mount+0x2c4/0x3b0 [ 445.239316][ T6472] ? __x64_sys_mount+0xd0/0xd0 [ 445.243916][ T6472] ? debug_smp_processor_id+0x17/0x20 [ 445.249124][ T6472] __x64_sys_mount+0xbf/0xd0 [ 445.253547][ T6472] x64_sys_call+0x49d/0x9a0 [ 445.257888][ T6472] do_syscall_64+0x3b/0xb0 [ 445.262141][ T6472] ? clear_bhb_loop+0x55/0xb0 [ 445.266653][ T6472] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 445.272380][ T6472] RIP: 0033:0x7f8f1a37e819 [ 445.276635][ T6472] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.296072][ T6472] RSP: 002b:00007f8f1b13c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5 [ 445.304317][ T6472] RAX: ffffffffffffffda RBX: 00007f8f1a535fa0 RCX: 00007f8f1a37e819 [ 445.312128][ T6472] RDX: 0000000020000040 RSI: 0000000020000000 RDI: 0000000000000000 [ 445.320024][ T6472] RBP: 00007f8f1b13c090 R08: 0000000020000140 R09: 0000000000000000 [ 445.327836][ T6472] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.335656][ T6472] R13: 0000000000000000 R14: 00007f8f1a535fa0 R15: 00007ffe2be3e658 [ 445.343467][ T6472] [ 445.402640][ T6473] FAULT_INJECTION: forcing a failure. [ 445.402640][ T6473] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 445.416885][ T6473] CPU: 0 PID: 6473 Comm: syz.3.1748 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 445.422002][ T498] usb 3-1: new high-speed USB device number 87 using dummy_hcd [ 445.426629][ T6473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 445.444075][ T6473] Call Trace: [ 445.447202][ T6473] [ 445.449973][ T6473] dump_stack_lvl+0x151/0x1b7 [ 445.454489][ T6473] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 445.459786][ T6473] dump_stack+0x15/0x1e [ 445.463779][ T6473] should_fail_ex+0x3d0/0x520 [ 445.468284][ T6473] should_fail+0xb/0x10 [ 445.472283][ T6473] should_fail_usercopy+0x1a/0x20 [ 445.477138][ T6473] _copy_to_user+0x1e/0x90 [ 445.481392][ T6473] simple_read_from_buffer+0xc7/0x150 [ 445.486603][ T6473] proc_fail_nth_read+0x1a3/0x210 [ 445.491465][ T6473] ? proc_fault_inject_write+0x390/0x390 [ 445.496925][ T6473] ? fsnotify_perm+0x269/0x5b0 [ 445.501529][ T6473] ? security_file_permission+0x86/0xb0 [ 445.506909][ T6473] ? proc_fault_inject_write+0x390/0x390 [ 445.512377][ T6473] vfs_read+0x26c/0xae0 [ 445.516369][ T6473] ? kernel_read+0x1f0/0x1f0 [ 445.520792][ T6473] ? mutex_lock+0xb1/0x1e0 [ 445.525049][ T6473] ? bit_wait_io_timeout+0x120/0x120 [ 445.530174][ T6473] ? __fdget_pos+0x2e2/0x390 [ 445.534681][ T6473] ? ksys_read+0x77/0x2c0 [ 445.538850][ T6473] ksys_read+0x199/0x2c0 [ 445.542926][ T6473] ? __this_cpu_preempt_check+0x13/0x20 [ 445.548316][ T6473] ? xfd_validate_state+0x6f/0x170 [ 445.553258][ T6473] ? vfs_write+0xed0/0xed0 [ 445.557510][ T6473] ? fpregs_restore_userregs+0x130/0x290 [ 445.562983][ T6473] __x64_sys_read+0x7b/0x90 [ 445.567318][ T6473] x64_sys_call+0x28/0x9a0 [ 445.571571][ T6473] do_syscall_64+0x3b/0xb0 [ 445.575826][ T6473] ? clear_bhb_loop+0x55/0xb0 [ 445.580343][ T6473] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 445.586065][ T6473] RIP: 0033:0x7f235b97d25c [ 445.590319][ T6473] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 445.609759][ T6473] RSP: 002b:00007f235c757030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 445.618004][ T6473] RAX: ffffffffffffffda RBX: 00007f235bb36080 RCX: 00007f235b97d25c [ 445.625814][ T6473] RDX: 000000000000000f RSI: 00007f235c7570a0 RDI: 0000000000000009 [ 445.633715][ T6473] RBP: 00007f235c757090 R08: 0000000000000000 R09: 0000000000000000 [ 445.641658][ T6473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 445.649493][ T6473] R13: 0000000000000000 R14: 00007f235bb36080 R15: 00007ffd7de12e18 [ 445.657285][ T6473] [ 445.692414][ T4988] usb 2-1: USB disconnect, device number 87 [ 449.133352][ T498] usb 3-1: device descriptor read/all, error -71 [ 450.260537][ T6505] binder: 6501:6505 ioctl 4018620d 0 returned -22 [ 450.267694][ T6507] binder: 6494:6507 ioctl 4018620d 0 returned -22 [ 450.280404][ T6507] FAULT_INJECTION: forcing a failure. [ 450.280404][ T6507] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 450.312266][ T6507] CPU: 1 PID: 6507 Comm: syz.5.1756 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 450.322002][ T6507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 450.331902][ T6507] Call Trace: [ 450.335016][ T6507] [ 450.337803][ T6507] dump_stack_lvl+0x151/0x1b7 [ 450.342311][ T6507] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 450.343854][ T6496] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1753'. [ 450.347601][ T6507] ? netlink_getsockopt+0x540/0x540 [ 450.361498][ T6507] dump_stack+0x15/0x1e [ 450.365487][ T6507] should_fail_ex+0x3d0/0x520 [ 450.369997][ T6507] should_fail+0xb/0x10 [ 450.373990][ T6507] should_fail_usercopy+0x1a/0x20 [ 450.378846][ T6507] _copy_to_user+0x1e/0x90 [ 450.383104][ T6507] simple_read_from_buffer+0xc7/0x150 [ 450.388311][ T6507] proc_fail_nth_read+0x1a3/0x210 [ 450.393330][ T6507] ? proc_fault_inject_write+0x390/0x390 [ 450.398727][ T6507] ? fsnotify_perm+0x269/0x5b0 [ 450.403324][ T6507] ? security_file_permission+0x86/0xb0 [ 450.408706][ T6507] ? proc_fault_inject_write+0x390/0x390 [ 450.414172][ T6507] vfs_read+0x26c/0xae0 [ 450.418171][ T6507] ? kernel_read+0x1f0/0x1f0 [ 450.422763][ T6507] ? mutex_lock+0xb1/0x1e0 [ 450.427021][ T6507] ? bit_wait_io_timeout+0x120/0x120 [ 450.432332][ T6507] ? __fdget_pos+0x2e2/0x390 [ 450.436914][ T6507] ? ksys_read+0x77/0x2c0 [ 450.441079][ T6507] ksys_read+0x199/0x2c0 [ 450.445334][ T6507] ? __this_cpu_preempt_check+0x13/0x20 [ 450.451000][ T6507] ? xfd_validate_state+0x6f/0x170 [ 450.455923][ T6507] ? vfs_write+0xed0/0xed0 [ 450.460176][ T6507] ? fpregs_restore_userregs+0x130/0x290 [ 450.465729][ T6507] __x64_sys_read+0x7b/0x90 [ 450.470424][ T6507] x64_sys_call+0x28/0x9a0 [ 450.474674][ T6507] do_syscall_64+0x3b/0xb0 [ 450.478969][ T6507] ? clear_bhb_loop+0x55/0xb0 [ 450.483437][ T6507] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 450.489165][ T6507] RIP: 0033:0x7f8f1a37d25c [ 450.493429][ T6507] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 450.512873][ T6507] RSP: 002b:00007f8f1b11b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 450.521101][ T6507] RAX: ffffffffffffffda RBX: 00007f8f1a536080 RCX: 00007f8f1a37d25c [ 450.528912][ T6507] RDX: 000000000000000f RSI: 00007f8f1b11b0a0 RDI: 0000000000000009 [ 450.536727][ T6507] RBP: 00007f8f1b11b090 R08: 0000000000000000 R09: 0000000000000000 [ 450.544546][ T6507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 450.552349][ T6507] R13: 0000000000000000 R14: 00007f8f1a536080 R15: 00007ffe2be3e658 [ 450.560167][ T6507] [ 450.683919][ T6514] loop1: detected capacity change from 0 to 128 [ 450.716331][ T6517] loop3: detected capacity change from 0 to 128 [ 450.732388][ T4008] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 450.979742][ T28] audit: type=1326 audit(1732233568.283:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6513 comm="syz.1.1760" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f72f7e819 code=0x0 [ 451.111729][ T28] audit: type=1326 audit(1732233568.413:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6516 comm="syz.3.1761" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f235b97e819 code=0x0 [ 451.505212][ T6525] netlink: 165 bytes leftover after parsing attributes in process `syz.1.1763'. [ 451.516243][ T6525] netlink: 277 bytes leftover after parsing attributes in process `syz.1.1763'. [ 451.527387][ T6525] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1763'. [ 451.541042][ T6525] loop1: detected capacity change from 0 to 512 [ 451.547755][ T6525] ext4: Bad value for 'commit' [ 451.591966][ T6] usb 1-1: new high-speed USB device number 69 using dummy_hcd [ 451.602478][ T6528] loop5: detected capacity change from 0 to 1024 [ 451.627079][ T6528] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 451.630364][ T6534] loop2: detected capacity change from 0 to 1024 [ 451.651927][ T4008] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 451.661534][ T28] audit: type=1400 audit(1732233568.963:698): avc: denied { watch } for pid=6526 comm="syz.5.1764" path="/319/file1" dev="loop5" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 451.703824][ T6534] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 451.924334][ T6539] FAULT_INJECTION: forcing a failure. [ 451.924334][ T6539] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 451.937262][ T6539] CPU: 1 PID: 6539 Comm: syz.2.1765 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 451.946852][ T6539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 451.956754][ T6539] Call Trace: [ 451.959870][ T6539] [ 451.962648][ T6539] dump_stack_lvl+0x151/0x1b7 [ 451.967197][ T6539] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 451.972462][ T6539] ? _raw_spin_lock+0x1b0/0x1b0 [ 451.977162][ T6539] dump_stack+0x15/0x1e [ 451.981160][ T6539] should_fail_ex+0x3d0/0x520 [ 451.985647][ T6539] should_fail+0xb/0x10 [ 451.989636][ T6539] should_fail_usercopy+0x1a/0x20 [ 451.994505][ T6539] _copy_from_user+0x1e/0xc0 [ 451.998926][ T6539] copy_msghdr_from_user+0xaa/0x670 [ 452.003957][ T6539] ? irqentry_exit+0x30/0x40 [ 452.008391][ T6539] ? sysvec_reschedule_ipi+0x80/0x160 [ 452.013600][ T6539] ? sendmsg_copy_msghdr+0x70/0x70 [ 452.018545][ T6539] __sys_sendmsg+0x236/0x390 [ 452.022965][ T6539] ? ____sys_sendmsg+0x9a0/0x9a0 [ 452.027743][ T6539] ? bpf_send_signal_common+0x2d8/0x420 [ 452.033133][ T6539] __x64_sys_sendmsg+0x7f/0x90 [ 452.037732][ T6539] x64_sys_call+0x16a/0x9a0 [ 452.042064][ T6539] do_syscall_64+0x3b/0xb0 [ 452.046312][ T6539] ? clear_bhb_loop+0x55/0xb0 [ 452.050924][ T6539] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 452.056736][ T6539] RIP: 0033:0x7f202e17e819 [ 452.060990][ T6539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 452.080432][ T6539] RSP: 002b:00007f202ef0b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 452.088675][ T6539] RAX: ffffffffffffffda RBX: 00007f202e336160 RCX: 00007f202e17e819 [ 452.096484][ T6539] RDX: 0000000000000000 RSI: 0000000020000700 RDI: 000000000000000a [ 452.104297][ T6539] RBP: 00007f202ef0b090 R08: 0000000000000000 R09: 0000000000000000 [ 452.112116][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 452.119919][ T6539] R13: 0000000000000000 R14: 00007f202e336160 R15: 00007ffc22c0ccf8 [ 452.127739][ T6539] [ 452.171984][ T6] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 452.182031][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21 [ 452.195052][ T6] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 452.204076][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 452.213044][ T6] usb 1-1: config 0 descriptor?? [ 452.252650][ T6] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 452.357867][ T6542] loop1: detected capacity change from 0 to 1024 [ 452.384049][ T6542] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none. [ 452.413079][ T1503] EXT4-fs (loop5): unmounting filesystem. [ 452.496751][ T294] EXT4-fs (loop2): unmounting filesystem. [ 452.656186][ T6551] netlink: 'syz.1.1767': attribute type 15 has an invalid length. [ 454.548388][ T291] EXT4-fs (loop1): unmounting filesystem. [ 454.605190][ T28] audit: type=1400 audit(1732233571.913:699): avc: denied { write } for pid=6560 comm="syz.1.1771" name="ppp" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 454.628390][ T28] audit: type=1400 audit(1732233571.913:700): avc: denied { ioctl } for pid=6560 comm="syz.1.1771" path="/dev/ppp" dev="devtmpfs" ino=154 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 455.152569][ T6567] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1772'. [ 455.216682][ T6570] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1773'. [ 455.425736][ T6572] loop2: detected capacity change from 0 to 128 [ 455.656799][ T28] audit: type=1326 audit(1732233572.963:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6571 comm="syz.2.1774" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f202e17e819 code=0x0 [ 455.929494][ T28] audit: type=1400 audit(1732233573.233:702): avc: denied { ioctl } for pid=6580 comm="syz.5.1777" path="socket:[41549]" dev="sockfs" ino=41549 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 455.955325][ T28] audit: type=1400 audit(1732233573.233:703): avc: denied { setattr } for pid=6580 comm="syz.5.1777" name="NETLINK" dev="sockfs" ino=41549 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 455.985895][ T28] audit: type=1400 audit(1732233573.233:704): avc: denied { remount } for pid=6580 comm="syz.5.1777" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 456.005712][ T28] audit: type=1400 audit(1732233573.233:705): avc: denied { getopt } for pid=6580 comm="syz.5.1777" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 456.176063][ T2556] usb 1-1: USB disconnect, device number 69 [ 457.629865][ T28] audit: type=1326 audit(1732233574.893:706): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.661486][ T28] audit: type=1326 audit(1732233574.893:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.770622][ T28] audit: type=1326 audit(1732233574.893:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.798969][ T28] audit: type=1326 audit(1732233574.893:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.824071][ T28] audit: type=1326 audit(1732233574.903:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.831949][ T6] usb 2-1: new high-speed USB device number 88 using dummy_hcd [ 457.879023][ T28] audit: type=1326 audit(1732233574.903:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.969979][ T28] audit: type=1326 audit(1732233574.903:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 457.995638][ T28] audit: type=1326 audit(1732233574.903:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6587 comm="syz.5.1780" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 458.204413][ T6618] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1785'. [ 458.351958][ T6] usb 2-1: device descriptor read/64, error -71 [ 458.453400][ T6624] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1787'. [ 458.771991][ T6] usb 2-1: device descriptor read/64, error -71 [ 458.906039][ T6640] sch_tbf: burst 0 is lower than device lo mtu (65550) ! [ 459.130002][ T6643] loop1: detected capacity change from 0 to 512 [ 459.144197][ T6643] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 459.153740][ T6643] ext4 filesystem being mounted at /353/bus supports timestamps until 2038 (0x7fffffff) [ 459.539056][ T291] EXT4-fs (loop1): unmounting filesystem. [ 459.575110][ T6658] loop1: detected capacity change from 0 to 128 [ 461.178823][ T28] kauditd_printk_skb: 13 callbacks suppressed [ 462.057527][ T28] audit: type=1326 audit(1732233578.483:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6656 comm="syz.1.1795" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f72f7e819 code=0x0 [ 462.119220][ T6670] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1797'. [ 462.150399][ T6675] FAULT_INJECTION: forcing a failure. [ 462.150399][ T6675] name failslab, interval 1, probability 0, space 0, times 0 [ 462.162939][ T6675] CPU: 1 PID: 6675 Comm: syz.1.1800 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 462.172538][ T6675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 462.182522][ T6675] Call Trace: [ 462.185642][ T6675] [ 462.188422][ T6675] dump_stack_lvl+0x151/0x1b7 [ 462.192936][ T6675] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 462.198228][ T6675] dump_stack+0x15/0x1e [ 462.202221][ T6675] should_fail_ex+0x3d0/0x520 [ 462.206731][ T6675] __should_failslab+0xaf/0xf0 [ 462.211332][ T6675] should_failslab+0x9/0x20 [ 462.215676][ T6675] kmem_cache_alloc_node+0x42/0x330 [ 462.220703][ T6675] ? __alloc_skb+0xcc/0x2d0 [ 462.225052][ T6675] __alloc_skb+0xcc/0x2d0 [ 462.229221][ T6675] inet6_rt_notify+0x2db/0x560 [ 462.233811][ T6675] ? rt6_nh_dump_exceptions+0x650/0x650 [ 462.239198][ T6675] ? call_fib_notifiers+0x9f/0xc0 [ 462.244061][ T6675] fib6_del+0xce0/0x1060 [ 462.248147][ T6675] ? fib6_locate+0x560/0x560 [ 462.252561][ T6675] ? enqueue_task_fair+0xe82/0x2260 [ 462.257599][ T6675] fib6_clean_node+0x2ed/0x550 [ 462.262224][ T6675] ? node_free_rcu+0x30/0x30 [ 462.266625][ T6675] ? psi_task_change+0x1d3/0x360 [ 462.271581][ T6675] fib6_walk_continue+0x52d/0x720 [ 462.276437][ T6675] fib6_walk+0x172/0x2d0 [ 462.280509][ T6675] fib6_clean_all+0x202/0x2c0 [ 462.285032][ T6675] ? rt6_sync_down_dev+0x170/0x170 [ 462.289967][ T6675] ? fib6_del+0x1060/0x1060 [ 462.294307][ T6675] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 462.299959][ T6675] ? node_free_rcu+0x30/0x30 [ 462.304379][ T6675] ? rt6_sync_down_dev+0x170/0x170 [ 462.309326][ T6675] ? cpu_curr_snapshot+0x200/0x200 [ 462.314446][ T6675] rt6_disable_ip+0x166/0x9e0 [ 462.318958][ T6675] ? wake_up_process+0x10/0x20 [ 462.323559][ T6675] ? insert_work+0x283/0x310 [ 462.327982][ T6675] ? fib6_ifdown+0x510/0x510 [ 462.332496][ T6675] ? __kasan_check_read+0x11/0x20 [ 462.337365][ T6675] addrconf_ifdown+0x15e/0x1ab0 [ 462.342039][ T6675] ? sock_ioctl+0x455/0x740 [ 462.346379][ T6675] ? __se_sys_ioctl+0x114/0x190 [ 462.351069][ T6675] ? wq_worker_last_func+0x50/0x50 [ 462.356014][ T6675] ? addrconf_cleanup+0x140/0x140 [ 462.360872][ T6675] ? mutex_unlock+0xb2/0x260 [ 462.365302][ T6675] ? __mutex_lock_slowpath+0x10/0x10 [ 462.370419][ T6675] ? nf_nat_masq_schedule+0x600/0x600 [ 462.375626][ T6675] ? masq_device_event+0xd0/0xd0 [ 462.380400][ T6675] addrconf_notify+0x32f/0xe10 [ 462.385014][ T6675] ? ip6mr_device_event+0x1e3/0x210 [ 462.390035][ T6675] raw_notifier_call_chain+0x8c/0xf0 [ 462.395170][ T6675] __dev_notify_flags+0x304/0x610 [ 462.400020][ T6675] ? __dev_change_flags+0x6e0/0x6e0 [ 462.405063][ T6675] ? __dev_change_flags+0x505/0x6e0 [ 462.410186][ T6675] ? avc_denied+0x1b0/0x1b0 [ 462.414512][ T6675] ? dev_get_flags+0x1e0/0x1e0 [ 462.419119][ T6675] ? kstrtouint+0xf6/0x180 [ 462.423365][ T6675] dev_change_flags+0xf0/0x1a0 [ 462.427972][ T6675] dev_ifsioc+0x177/0x1150 [ 462.432250][ T6675] ? dev_ioctl+0xe60/0xe60 [ 462.436476][ T6675] ? __kasan_check_write+0x14/0x20 [ 462.441417][ T6675] ? mutex_lock+0xb1/0x1e0 [ 462.445672][ T6675] ? bit_wait_io_timeout+0x120/0x120 [ 462.450904][ T6675] dev_ioctl+0x543/0xe60 [ 462.454973][ T6675] sock_do_ioctl+0x26b/0x450 [ 462.459411][ T6675] ? has_cap_mac_admin+0x3c0/0x3c0 [ 462.464349][ T6675] ? sock_show_fdinfo+0xa0/0xa0 [ 462.469225][ T6675] ? selinux_file_ioctl+0x3cc/0x540 [ 462.474238][ T6675] sock_ioctl+0x455/0x740 [ 462.478407][ T6675] ? sock_poll+0x400/0x400 [ 462.482745][ T6675] ? __fget_files+0x2cb/0x330 [ 462.487265][ T6675] ? security_file_ioctl+0x84/0xb0 [ 462.492209][ T6675] ? sock_poll+0x400/0x400 [ 462.496455][ T6675] __se_sys_ioctl+0x114/0x190 [ 462.500969][ T6675] __x64_sys_ioctl+0x7b/0x90 [ 462.505400][ T6675] x64_sys_call+0x98/0x9a0 [ 462.509649][ T6675] do_syscall_64+0x3b/0xb0 [ 462.513897][ T6675] ? clear_bhb_loop+0x55/0xb0 [ 462.518412][ T6675] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 462.524180][ T6675] RIP: 0033:0x7f2f72f7e819 [ 462.528688][ T6675] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 462.548114][ T6675] RSP: 002b:00007f2f73dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 462.556350][ T6675] RAX: ffffffffffffffda RBX: 00007f2f73135fa0 RCX: 00007f2f72f7e819 [ 462.564169][ T6675] RDX: 0000000020000280 RSI: 0000000000008914 RDI: 0000000000000004 [ 462.571982][ T6675] RBP: 00007f2f73dff090 R08: 0000000000000000 R09: 0000000000000000 [ 462.579870][ T6675] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 462.587770][ T6675] R13: 0000000000000000 R14: 00007f2f73135fa0 R15: 00007ffc37c4d1a8 [ 462.595595][ T6675] [ 462.728527][ T6693] loop1: detected capacity change from 0 to 256 [ 462.737844][ T498] usb 6-1: new high-speed USB device number 56 using dummy_hcd [ 462.783140][ T6693] FAT-fs (loop1): Directory bread(block 64) failed [ 462.796711][ T6693] FAT-fs (loop1): Directory bread(block 65) failed [ 462.809462][ T6693] FAT-fs (loop1): Directory bread(block 66) failed [ 462.819106][ T6693] FAT-fs (loop1): Directory bread(block 67) failed [ 462.825597][ T6693] FAT-fs (loop1): Directory bread(block 68) failed [ 462.832127][ T6693] FAT-fs (loop1): Directory bread(block 69) failed [ 462.838735][ T6693] FAT-fs (loop1): Directory bread(block 70) failed [ 462.845191][ T6693] FAT-fs (loop1): Directory bread(block 71) failed [ 462.851569][ T6693] FAT-fs (loop1): Directory bread(block 72) failed [ 462.857944][ T6693] FAT-fs (loop1): Directory bread(block 73) failed [ 462.933428][ T6696] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1804'. [ 463.101988][ T498] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 463.126088][ T498] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40 [ 463.158527][ T498] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 463.196864][ T498] usb 6-1: config 0 descriptor?? [ 463.377036][ T6703] FAULT_INJECTION: forcing a failure. [ 463.377036][ T6703] name failslab, interval 1, probability 0, space 0, times 0 [ 463.389519][ T6703] CPU: 0 PID: 6703 Comm: syz.5.1808 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 463.399102][ T6703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 463.408996][ T6703] Call Trace: [ 463.412123][ T6703] [ 463.414897][ T6703] dump_stack_lvl+0x151/0x1b7 [ 463.419496][ T6703] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 463.424794][ T6703] dump_stack+0x15/0x1e [ 463.428780][ T6703] should_fail_ex+0x3d0/0x520 [ 463.433298][ T6703] __should_failslab+0xaf/0xf0 [ 463.437900][ T6703] should_failslab+0x9/0x20 [ 463.441998][ T498] usbhid 6-1:0.0: can't add hid device: -71 [ 463.442253][ T6703] kmem_cache_alloc_node+0x42/0x330 [ 463.448473][ T498] usbhid: probe of 6-1:0.0 failed with error -71 [ 463.452996][ T6703] ? __alloc_skb+0xcc/0x2d0 [ 463.453030][ T6703] __alloc_skb+0xcc/0x2d0 [ 463.467670][ T6703] fdb_notify+0x77/0x130 [ 463.471744][ T6703] fdb_delete+0x870/0xaf0 [ 463.475622][ T498] usb 6-1: USB disconnect, device number 56 [ 463.475911][ T6703] fdb_delete_local+0x3d1/0x470 [ 463.486341][ T6703] br_fdb_changeaddr+0x1bb/0x1c0 [ 463.491216][ T6703] br_device_event+0x3c4/0x7d0 [ 463.495822][ T6703] ? br_boolopt_multi_get+0x130/0x130 [ 463.501019][ T6703] ? packet_notifier+0x8c0/0x8e0 [ 463.505790][ T6703] ? ip6mr_device_event+0x1e3/0x210 [ 463.510824][ T6703] ? ipv6_mc_netdev_event+0xa4/0x480 [ 463.515950][ T6703] raw_notifier_call_chain+0x8c/0xf0 [ 463.521073][ T6703] dev_set_mac_address+0x325/0x470 [ 463.526016][ T6703] ? dev_pre_changeaddr_notify+0x220/0x220 [ 463.531659][ T6703] dev_set_mac_address_user+0x31/0x50 [ 463.536865][ T6703] dev_ifsioc+0x843/0x1150 [ 463.541138][ T6703] ? dev_ioctl+0xe60/0xe60 [ 463.545368][ T6703] ? __kasan_check_write+0x14/0x20 [ 463.550317][ T6703] ? mutex_lock+0xb1/0x1e0 [ 463.554578][ T6703] ? bit_wait_io_timeout+0x120/0x120 [ 463.559869][ T6703] dev_ioctl+0x543/0xe60 [ 463.563945][ T6703] sock_do_ioctl+0x26b/0x450 [ 463.568372][ T6703] ? has_cap_mac_admin+0x3c0/0x3c0 [ 463.573422][ T6703] ? sock_show_fdinfo+0xa0/0xa0 [ 463.578121][ T6703] ? selinux_file_ioctl+0x3cc/0x540 [ 463.583129][ T6703] sock_ioctl+0x455/0x740 [ 463.587815][ T6703] ? sock_poll+0x400/0x400 [ 463.592328][ T6703] ? __fget_files+0x2cb/0x330 [ 463.596926][ T6703] ? security_file_ioctl+0x84/0xb0 [ 463.601872][ T6703] ? sock_poll+0x400/0x400 [ 463.606131][ T6703] __se_sys_ioctl+0x114/0x190 [ 463.610640][ T6703] __x64_sys_ioctl+0x7b/0x90 [ 463.615153][ T6703] x64_sys_call+0x98/0x9a0 [ 463.619408][ T6703] do_syscall_64+0x3b/0xb0 [ 463.623921][ T6703] ? clear_bhb_loop+0x55/0xb0 [ 463.628432][ T6703] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 463.634157][ T6703] RIP: 0033:0x7f8f1a37e819 [ 463.638410][ T6703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 463.658114][ T6703] RSP: 002b:00007f8f1b13c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 463.666361][ T6703] RAX: ffffffffffffffda RBX: 00007f8f1a535fa0 RCX: 00007f8f1a37e819 [ 463.674171][ T6703] RDX: 0000000020000000 RSI: 0000000000008924 RDI: 0000000000000005 [ 463.681983][ T6703] RBP: 00007f8f1b13c090 R08: 0000000000000000 R09: 0000000000000000 [ 463.689991][ T6703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 463.697809][ T6703] R13: 0000000000000000 R14: 00007f8f1a535fa0 R15: 00007ffe2be3e658 [ 463.705619][ T6703] [ 463.743792][ T6708] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1810'. [ 463.791295][ T6604] kworker/u4:0: attempt to access beyond end of device [ 463.791295][ T6604] loop1: rw=1, sector=1224, nr_sectors = 544 limit=256 [ 463.805641][ T6604] kworker/u4:0: attempt to access beyond end of device [ 463.805641][ T6604] loop1: rw=1, sector=1800, nr_sectors = 128 limit=256 [ 463.868866][ T6604] kworker/u4:0: attempt to access beyond end of device [ 463.868866][ T6604] loop1: rw=1, sector=1960, nr_sectors = 31840 limit=256 [ 463.892002][ T6714] loop5: detected capacity change from 0 to 512 [ 463.922986][ T6714] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 463.983366][ T6714] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 463.992192][ T6714] ext4 filesystem being mounted at /329/file1 supports timestamps until 2038 (0x7fffffff) [ 464.008924][ T28] audit: type=1400 audit(1732233581.313:728): avc: denied { rename } for pid=6702 comm="syz.5.1808" name="file0" dev="loop5" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 464.032361][ T6714] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters [ 464.065270][ T6720] device pim6reg1 entered promiscuous mode [ 464.075279][ T6720] loop2: detected capacity change from 0 to 512 [ 464.083258][ T6720] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled [ 464.114687][ T6720] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 464.123508][ T6720] ext4 filesystem being mounted at /337/file1 supports timestamps until 2038 (0x7fffffff) [ 464.460435][ T1503] EXT4-fs (loop5): unmounting filesystem. [ 464.535879][ T294] EXT4-fs (loop2): unmounting filesystem. [ 464.870962][ T6749] loop2: detected capacity change from 0 to 1024 [ 464.877864][ T6749] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869) [ 464.887459][ T6749] EXT4-fs (loop2): external journal device major/minor numbers have changed [ 464.896029][ T6749] EXT4-fs (loop2): filesystem has both journal inode and journal device! [ 465.092021][ T6] usb 1-1: new high-speed USB device number 70 using dummy_hcd [ 465.511641][ T6] usb 1-1: Using ep0 maxpacket: 16 [ 465.717445][ T6] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 8 [ 466.539001][ T6775] loop1: detected capacity change from 0 to 1024 [ 466.545613][ T6775] EXT4-fs: Ignoring removed orlov option [ 466.551638][ T6775] EXT4-fs (loop1): Test dummy encryption mode enabled [ 466.560845][ T6775] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback. [ 466.586829][ T291] EXT4-fs (loop1): unmounting filesystem. [ 466.622061][ T6] usb 1-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 466.631124][ T6] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 466.639016][ T6] usb 1-1: Product: syz [ 466.643370][ T6] usb 1-1: Manufacturer: syz [ 466.647811][ T6] usb 1-1: SerialNumber: syz [ 466.653421][ T6] usb 1-1: config 0 descriptor?? [ 466.702835][ T6] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 466.710587][ T6] usb 1-1: Detected FT232R [ 466.760441][ T6780] loop3: detected capacity change from 0 to 1024 [ 466.767067][ T6780] EXT4-fs: Ignoring removed orlov option [ 466.773167][ T6780] EXT4-fs (loop3): Test dummy encryption mode enabled [ 466.781976][ T6780] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 466.794381][ T6780] fscrypt: AES-256-XTS using blk-crypto-fallback [ 466.814458][ T296] EXT4-fs (loop3): unmounting filesystem. [ 466.922012][ T6] ftdi_sio ttyUSB0: Unable to read latency timer: -32 [ 466.951944][ T1828] usb 2-1: new high-speed USB device number 90 using dummy_hcd [ 467.182026][ T6] ftdi_sio 1-1:0.0: GPIO initialisation failed: -71 [ 467.189140][ T6] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0 [ 467.198165][ T6] usb 1-1: USB disconnect, device number 70 [ 467.205396][ T6] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0 [ 467.215122][ T6] ftdi_sio 1-1:0.0: device disconnected [ 467.312032][ T1828] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 467.323118][ T1828] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 467.332725][ T1828] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 467.345475][ T1828] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 467.354428][ T1828] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 467.362925][ T1828] usb 2-1: config 0 descriptor?? [ 467.785707][ T6788] loop3: detected capacity change from 0 to 256 [ 467.832324][ T4008] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 467.853086][ T1828] plantronics 0003:047F:FFFF.007E: No inputs registered, leaving [ 467.865368][ T1828] plantronics 0003:047F:FFFF.007E: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 467.980036][ T6790] loop2: detected capacity change from 0 to 1024 [ 467.997949][ T6790] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 468.023843][ T294] EXT4-fs (loop2): unmounting filesystem. [ 468.254178][ T6778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 468.262601][ T6778] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 468.271214][ T1828] usb 2-1: USB disconnect, device number 90 [ 468.774688][ T6808] loop3: detected capacity change from 0 to 1024 [ 468.781454][ T6808] EXT4-fs (loop3): Can't support bigalloc feature without extents feature [ 468.781454][ T6808] [ 468.792267][ T6808] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities [ 468.809325][ T6810] loop1: detected capacity change from 0 to 256 [ 468.815904][ T6810] FAT-fs (loop1): Unrecognized mount option "hash" or missing value [ 468.872468][ T4008] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 468.975402][ T28] audit: type=1400 audit(1732233586.283:729): avc: denied { setattr } for pid=6807 comm="syz.3.1836" name="/" dev="configfs" ino=14141 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=dir permissive=1 [ 469.052380][ T6825] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1838'. [ 469.231981][ T2633] usb 3-1: new high-speed USB device number 89 using dummy_hcd [ 469.491986][ T2633] usb 3-1: Using ep0 maxpacket: 32 [ 469.589176][ T6832] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1843'. [ 469.752322][ T2633] usb 3-1: config 0 has an invalid interface number: 67 but max is 0 [ 469.768604][ T2633] usb 3-1: config 0 has no interface number 0 [ 469.867785][ T28] audit: type=1400 audit(1732233587.173:730): avc: denied { unmount } for pid=296 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:configfs_t tclass=filesystem permissive=1 [ 470.012162][ T2633] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 470.021558][ T2633] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 470.030715][ T2633] usb 3-1: Product: syz [ 470.036003][ T2633] usb 3-1: Manufacturer: syz [ 470.040470][ T2633] usb 3-1: SerialNumber: syz [ 470.095611][ T2633] usb 3-1: config 0 descriptor?? [ 470.102061][ T498] usb 6-1: new high-speed USB device number 57 using dummy_hcd [ 470.141398][ T2633] smsc95xx v2.0.0 [ 470.147987][ T6847] FAULT_INJECTION: forcing a failure. [ 470.147987][ T6847] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 470.161058][ T6847] CPU: 0 PID: 6847 Comm: syz.1.1848 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 470.170696][ T6847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 470.180847][ T6847] Call Trace: [ 470.183972][ T6847] [ 470.186754][ T6847] dump_stack_lvl+0x151/0x1b7 [ 470.191271][ T6847] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 470.196561][ T6847] ? __kasan_check_write+0x14/0x20 [ 470.201789][ T6847] dump_stack+0x15/0x1e [ 470.205793][ T6847] should_fail_ex+0x3d0/0x520 [ 470.210297][ T6847] should_fail+0xb/0x10 [ 470.214286][ T6847] should_fail_usercopy+0x1a/0x20 [ 470.219149][ T6847] _copy_to_user+0x1e/0x90 [ 470.223414][ T6847] simple_read_from_buffer+0xc7/0x150 [ 470.228782][ T6847] proc_fail_nth_read+0x1a3/0x210 [ 470.233642][ T6847] ? proc_fault_inject_write+0x390/0x390 [ 470.239206][ T6847] ? fsnotify_perm+0x269/0x5b0 [ 470.243800][ T6847] ? security_file_permission+0x86/0xb0 [ 470.249176][ T6847] ? proc_fault_inject_write+0x390/0x390 [ 470.254740][ T6847] vfs_read+0x26c/0xae0 [ 470.258819][ T6847] ? kernel_read+0x1f0/0x1f0 [ 470.263237][ T6847] ? mutex_lock+0xb1/0x1e0 [ 470.267493][ T6847] ? bit_wait_io_timeout+0x120/0x120 [ 470.272620][ T6847] ? __fdget_pos+0x2e2/0x390 [ 470.277044][ T6847] ? ksys_read+0x77/0x2c0 [ 470.281199][ T6847] ksys_read+0x199/0x2c0 [ 470.285292][ T6847] ? vfs_write+0xed0/0xed0 [ 470.289534][ T6847] __x64_sys_read+0x7b/0x90 [ 470.293880][ T6847] x64_sys_call+0x28/0x9a0 [ 470.298122][ T6847] do_syscall_64+0x3b/0xb0 [ 470.302376][ T6847] ? clear_bhb_loop+0x55/0xb0 [ 470.306892][ T6847] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 470.312618][ T6847] RIP: 0033:0x7f2f72f7d25c [ 470.316875][ T6847] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 470.336489][ T6847] RSP: 002b:00007f2f73dff030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 470.344736][ T6847] RAX: ffffffffffffffda RBX: 00007f2f73135fa0 RCX: 00007f2f72f7d25c [ 470.352542][ T6847] RDX: 000000000000000f RSI: 00007f2f73dff0a0 RDI: 0000000000000006 [ 470.360353][ T6847] RBP: 00007f2f73dff090 R08: 0000000000000000 R09: 0000000000000000 [ 470.368169][ T6847] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 470.375977][ T6847] R13: 0000000000000000 R14: 00007f2f73135fa0 R15: 00007ffc37c4d1a8 [ 470.383802][ T6847] [ 470.495633][ T498] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 470.506526][ T498] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 470.692629][ T498] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 470.702074][ T498] usb 6-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 470.741118][ T498] usb 6-1: Product: syz [ 470.749858][ T6856] loop3: detected capacity change from 0 to 128 [ 470.755525][ T498] usb 6-1: config 0 descriptor?? [ 470.757021][ T6856] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 470.782107][ T2633] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 470.793051][ T2633] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 470.821996][ T2633] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 470.832754][ T2633] smsc95xx: probe of 3-1:0.67 failed with error -71 [ 470.839871][ T2633] usb 3-1: USB disconnect, device number 89 [ 471.067321][ T6868] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1854'. [ 471.303648][ T498] konepure 0003:1E7D:2DB4.007F: unknown main item tag 0x0 [ 471.313465][ T498] konepure 0003:1E7D:2DB4.007F: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.5-1/input0 [ 471.328766][ T28] audit: type=1400 audit(1732233588.633:731): avc: denied { read } for pid=6872 comm="syz.0.1857" path="socket:[43182]" dev="sockfs" ino=43182 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 471.547982][ T6878] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1856'. [ 471.560741][ T24] usb 2-1: new high-speed USB device number 91 using dummy_hcd [ 471.571551][ T498] usb 6-1: USB disconnect, device number 57 [ 471.942182][ T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 471.952969][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 472.042219][ T24] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 472.051198][ T24] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 472.059128][ T24] usb 2-1: Product: syz [ 472.064336][ T24] usb 2-1: config 0 descriptor?? [ 472.102631][ T24] usbhid 2-1:0.0: couldn't find an input interrupt endpoint [ 472.111957][ T4988] usb 4-1: new high-speed USB device number 74 using dummy_hcd [ 472.677576][ T28] audit: type=1400 audit(1732233589.973:732): avc: denied { accept } for pid=6893 comm="syz.0.1862" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 472.702206][ T4988] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 472.713614][ T4988] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 472.762533][ T6901] device batadv_slave_1 entered promiscuous mode [ 472.773403][ T6900] device batadv_slave_1 left promiscuous mode [ 472.802252][ T4988] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 472.811478][ T6905] FAULT_INJECTION: forcing a failure. [ 472.811478][ T6905] name failslab, interval 1, probability 0, space 0, times 0 [ 472.811665][ T4988] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 472.824097][ T6905] CPU: 0 PID: 6905 Comm: syz.0.1866 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 472.832116][ T4988] usb 4-1: Product: syz [ 472.841333][ T6905] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 472.841353][ T6905] Call Trace: [ 472.841361][ T6905] [ 472.850273][ T4988] usb 4-1: config 0 descriptor?? [ 472.855218][ T6905] dump_stack_lvl+0x151/0x1b7 [ 472.855253][ T6905] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 472.875843][ T6905] ? __kasan_check_write+0x14/0x20 [ 472.880782][ T6905] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 472.886082][ T6905] dump_stack+0x15/0x1e [ 472.890076][ T6905] should_fail_ex+0x3d0/0x520 [ 472.894593][ T6905] ? getname_flags+0xba/0x520 [ 472.899097][ T6905] __should_failslab+0xaf/0xf0 [ 472.903697][ T6905] should_failslab+0x9/0x20 [ 472.908035][ T6905] kmem_cache_alloc+0x3b/0x320 [ 472.912646][ T6905] getname_flags+0xba/0x520 [ 472.916976][ T6905] ? __mutex_lock_slowpath+0x10/0x10 [ 472.922097][ T6905] __x64_sys_statx+0x142/0x230 [ 472.926697][ T6905] ? cp_statx+0xa60/0xa60 [ 472.930863][ T6905] ? bpf_trace_run2+0x138/0x290 [ 472.935547][ T6905] ? __this_cpu_preempt_check+0x13/0x20 [ 472.940929][ T6905] ? bpf_trace_run1+0x240/0x240 [ 472.945711][ T6905] ? __ia32_sys_read+0x90/0x90 [ 472.950305][ T6905] ? __bpf_trace_sys_enter+0x62/0x70 [ 472.955444][ T6905] x64_sys_call+0x8cc/0x9a0 [ 472.959763][ T6905] do_syscall_64+0x3b/0xb0 [ 472.964016][ T6905] ? clear_bhb_loop+0x55/0xb0 [ 472.968532][ T6905] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 472.974262][ T6905] RIP: 0033:0x7fe0cfb7e819 [ 472.978525][ T6905] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 472.997964][ T6905] RSP: 002b:00007fe0d0990038 EFLAGS: 00000246 ORIG_RAX: 000000000000014c [ 472.997997][ T6905] RAX: ffffffffffffffda RBX: 00007fe0cfd35fa0 RCX: 00007fe0cfb7e819 [ 473.014011][ T6905] RDX: 0000000000000800 RSI: 0000000000000000 RDI: ffffffffffffffff [ 473.021819][ T6905] RBP: 00007fe0d0990090 R08: 0000000000000000 R09: 0000000000000000 [ 473.029629][ T6905] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001 [ 473.037528][ T6905] R13: 0000000000000000 R14: 00007fe0cfd35fa0 R15: 00007ffd859d7408 [ 473.045346][ T6905] [ 473.267822][ T6917] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1869'. [ 473.377919][ T4988] konepure 0003:1E7D:2DB4.0080: unknown main item tag 0x0 [ 473.398759][ T4988] konepure 0003:1E7D:2DB4.0080: unknown main item tag 0x0 [ 473.407509][ T4988] konepure 0003:1E7D:2DB4.0080: unknown main item tag 0x0 [ 473.416348][ T4988] konepure 0003:1E7D:2DB4.0080: unknown main item tag 0x0 [ 473.424254][ T4988] konepure 0003:1E7D:2DB4.0080: unknown main item tag 0x0 [ 473.431356][ T4988] konepure 0003:1E7D:2DB4.0080: unknown main item tag 0x0 [ 473.439506][ T4988] konepure 0003:1E7D:2DB4.0080: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0 [ 473.603012][ T1828] usb 4-1: USB disconnect, device number 74 [ 474.432010][ T964] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 474.432048][ T5467] Bluetooth: hci0: command 0x1003 tx timeout [ 474.785390][ T6929] loop2: detected capacity change from 0 to 128 [ 474.824490][ T24] usb 2-1: USB disconnect, device number 91 [ 474.867379][ T6935] FAULT_INJECTION: forcing a failure. [ 474.867379][ T6935] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 474.890779][ T6929] FAULT_INJECTION: forcing a failure. [ 474.890779][ T6929] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 474.924625][ T6935] CPU: 0 PID: 6935 Comm: syz.1.1875 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 474.934287][ T6935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 474.944389][ T6935] Call Trace: [ 474.947430][ T6935] [ 474.950210][ T6935] dump_stack_lvl+0x151/0x1b7 [ 474.954721][ T6935] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 474.960014][ T6935] ? vfs_write+0x952/0xed0 [ 474.964270][ T6935] ? __kasan_slab_free+0x11/0x20 [ 474.969040][ T6935] dump_stack+0x15/0x1e [ 474.973069][ T6935] should_fail_ex+0x3d0/0x520 [ 474.977549][ T6935] should_fail+0xb/0x10 [ 474.981537][ T6935] should_fail_usercopy+0x1a/0x20 [ 474.986401][ T6935] _copy_from_user+0x1e/0xc0 [ 474.990827][ T6935] __sys_bpf+0x23b/0x7f0 [ 474.994917][ T6935] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 475.000122][ T6935] ? __ia32_sys_read+0x90/0x90 [ 475.004711][ T6935] ? debug_smp_processor_id+0x17/0x20 [ 475.009920][ T6935] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 475.015824][ T6935] __x64_sys_bpf+0x7c/0x90 [ 475.020079][ T6935] x64_sys_call+0x87f/0x9a0 [ 475.024410][ T6935] do_syscall_64+0x3b/0xb0 [ 475.028667][ T6935] ? clear_bhb_loop+0x55/0xb0 [ 475.033178][ T6935] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 475.038909][ T6935] RIP: 0033:0x7f2f72f7e819 [ 475.043157][ T6935] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 475.062782][ T6935] RSP: 002b:00007f2f73dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 475.071018][ T6935] RAX: ffffffffffffffda RBX: 00007f2f73135fa0 RCX: 00007f2f72f7e819 [ 475.078918][ T6935] RDX: 0000000000000014 RSI: 0000000020000200 RDI: 0000000000000005 [ 475.086728][ T6935] RBP: 00007f2f73dff090 R08: 0000000000000000 R09: 0000000000000000 [ 475.094537][ T6935] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 475.102443][ T6935] R13: 0000000000000000 R14: 00007f2f73135fa0 R15: 00007ffc37c4d1a8 [ 475.110261][ T6935] [ 475.113620][ T6929] CPU: 0 PID: 6929 Comm: syz.2.1872 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 475.123256][ T6929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 475.133147][ T6929] Call Trace: [ 475.136264][ T6929] [ 475.139065][ T6929] dump_stack_lvl+0x151/0x1b7 [ 475.143564][ T6929] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 475.148851][ T6929] dump_stack+0x15/0x1e [ 475.152843][ T6929] should_fail_ex+0x3d0/0x520 [ 475.157358][ T6929] should_fail+0xb/0x10 [ 475.161347][ T6929] should_fail_usercopy+0x1a/0x20 [ 475.166215][ T6929] _copy_from_user+0x1e/0xc0 [ 475.170638][ T6929] usbdev_ioctl+0x1016/0x5f90 [ 475.175153][ T6929] ? usbdev_poll+0x200/0x200 [ 475.179575][ T6929] ? 0xffffffffa0003bc0 [ 475.183568][ T6929] ? is_bpf_text_address+0x172/0x190 [ 475.188688][ T6929] ? stack_trace_save+0x1c0/0x1c0 [ 475.193550][ T6929] ? kernel_text_address+0xa9/0xe0 [ 475.198495][ T6929] ? __kernel_text_address+0xd/0x40 [ 475.203532][ T6929] ? unwind_get_return_address+0x4d/0x90 [ 475.209106][ T6929] ? arch_stack_walk+0xf3/0x140 [ 475.213787][ T6929] ? _parse_integer_limit+0x19b/0x1e0 [ 475.219009][ T6929] ? avc_has_extended_perms+0x90b/0x10f0 [ 475.224471][ T6929] ? memcpy+0x56/0x70 [ 475.228286][ T6929] ? avc_has_extended_perms+0xad7/0x10f0 [ 475.233765][ T6929] ? avc_flush+0x290/0x290 [ 475.238004][ T6929] ? kstrtouint+0xf6/0x180 [ 475.242269][ T6929] ? _kstrtol+0x150/0x150 [ 475.246429][ T6929] ? do_vfs_ioctl+0xba7/0x29a0 [ 475.251038][ T6929] ? __x64_compat_sys_ioctl+0x90/0x90 [ 475.256242][ T6929] ? kstrtol_from_user+0x180/0x180 [ 475.261191][ T6929] ? __kasan_check_write+0x14/0x20 [ 475.266214][ T6929] ? ioctl_has_perm+0x1f8/0x560 [ 475.270903][ T6929] ? ioctl_has_perm+0x3f0/0x560 [ 475.275586][ T6929] ? has_cap_mac_admin+0x3c0/0x3c0 [ 475.280530][ T6929] ? vfs_write+0x952/0xed0 [ 475.284792][ T6929] ? selinux_file_ioctl+0x3cc/0x540 [ 475.289827][ T6929] ? __mutex_lock_slowpath+0x10/0x10 [ 475.294938][ T6929] ? selinux_file_alloc_security+0x120/0x120 [ 475.300759][ T6929] ? __fget_files+0x2cb/0x330 [ 475.305283][ T6929] ? security_file_ioctl+0x84/0xb0 [ 475.310225][ T6929] ? usbdev_poll+0x200/0x200 [ 475.314643][ T6929] __se_sys_ioctl+0x114/0x190 [ 475.319180][ T6929] __x64_sys_ioctl+0x7b/0x90 [ 475.323592][ T6929] x64_sys_call+0x98/0x9a0 [ 475.327845][ T6929] do_syscall_64+0x3b/0xb0 [ 475.332087][ T6929] ? clear_bhb_loop+0x55/0xb0 [ 475.336600][ T6929] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 475.342325][ T6929] RIP: 0033:0x7f202e17e819 [ 475.346585][ T6929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 475.366023][ T6929] RSP: 002b:00007f202ef4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 475.374267][ T6929] RAX: ffffffffffffffda RBX: 00007f202e335fa0 RCX: 00007f202e17e819 [ 475.382086][ T6929] RDX: 0000000020000080 RSI: 00000000802c550a RDI: 0000000000000005 [ 475.389892][ T6929] RBP: 00007f202ef4d090 R08: 0000000000000000 R09: 0000000000000000 [ 475.397702][ T6929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 475.405513][ T6929] R13: 0000000000000000 R14: 00007f202e335fa0 R15: 00007ffc22c0ccf8 [ 475.413334][ T6929] [ 475.470321][ T6944] FAULT_INJECTION: forcing a failure. [ 475.470321][ T6944] name failslab, interval 1, probability 0, space 0, times 0 [ 475.482861][ T6944] CPU: 1 PID: 6944 Comm: syz.3.1876 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 475.492496][ T6944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 475.502387][ T6944] Call Trace: [ 475.505611][ T6944] [ 475.508388][ T6944] dump_stack_lvl+0x151/0x1b7 [ 475.512906][ T6944] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 475.518200][ T6944] dump_stack+0x15/0x1e [ 475.522190][ T6944] should_fail_ex+0x3d0/0x520 [ 475.526712][ T6944] ? getname_flags+0xba/0x520 [ 475.531212][ T6944] __should_failslab+0xaf/0xf0 [ 475.535816][ T6944] should_failslab+0x9/0x20 [ 475.540157][ T6944] kmem_cache_alloc+0x3b/0x320 [ 475.544761][ T6944] getname_flags+0xba/0x520 [ 475.549183][ T6944] getname+0x19/0x20 [ 475.552911][ T6944] __se_sys_quotactl+0x1f9/0x760 [ 475.557690][ T6944] ? __x64_sys_quotactl+0xb0/0xb0 [ 475.562547][ T6944] ? __sched_text_start+0x8/0x8 [ 475.567235][ T6944] ? ksys_write+0x260/0x2c0 [ 475.571572][ T6944] ? __sched_text_start+0x8/0x8 [ 475.576267][ T6944] ? fpregs_restore_userregs+0x130/0x290 [ 475.581731][ T6944] __x64_sys_quotactl+0x9b/0xb0 [ 475.586426][ T6944] x64_sys_call+0x4ea/0x9a0 [ 475.590754][ T6944] do_syscall_64+0x3b/0xb0 [ 475.595018][ T6944] ? clear_bhb_loop+0x55/0xb0 [ 475.599522][ T6944] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 475.605251][ T6944] RIP: 0033:0x7f235b97e819 [ 475.609500][ T6944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 475.628949][ T6944] RSP: 002b:00007f235c736038 EFLAGS: 00000246 ORIG_RAX: 00000000000000b3 [ 475.637185][ T6944] RAX: ffffffffffffffda RBX: 00007f235bb36160 RCX: 00007f235b97e819 [ 475.645000][ T6944] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: ffffffff80000302 [ 475.652808][ T6944] RBP: 00007f235c736090 R08: 0000000000000000 R09: 0000000000000000 [ 475.660626][ T6944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 475.668431][ T6944] R13: 0000000000000000 R14: 00007f235bb36160 R15: 00007ffd7de12e18 [ 475.676255][ T6944] [ 475.684755][ T6943] loop3: detected capacity change from 0 to 1024 [ 475.691787][ T6943] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 475.721743][ T6943] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 475.731580][ T6943] tipc: Started in network mode [ 475.736347][ T6943] tipc: Node identity 101, cluster identity 4711 [ 475.742591][ T6943] tipc: Node number set to 257 [ 475.868829][ T6956] loop5: detected capacity change from 0 to 1024 [ 475.875643][ T6956] SELinux: security_context_str_to_sid (root) failed with errno=-22 [ 475.884942][ T296] EXT4-fs (loop3): unmounting filesystem. [ 475.902647][ T6960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1881'. [ 475.932929][ T4008] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 476.804644][ T28] audit: type=1326 audit(1732233594.113:733): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6976 comm="syz.0.1886" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe0cfb7e819 code=0x0 [ 478.003267][ T6992] loop2: detected capacity change from 0 to 512 [ 478.044090][ T6992] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 478.062150][ T6992] System zones: 1-12 [ 478.066530][ T6992] EXT4-fs (loop2): orphan cleanup on readonly fs [ 478.082427][ T6992] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1891: bg 0: block 328: padding at end of block bitmap is not set [ 478.105384][ T6992] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 478.122215][ T6992] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1891: invalid indirect mapped block 65280 (level 0) [ 478.149140][ T6992] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1891: attempt to clear invalid blocks 33619980 len 1 [ 478.176822][ T6992] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1891: invalid indirect mapped block 1819239214 (level 0) [ 478.205085][ T6992] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1891: invalid indirect mapped block 1819239214 (level 1) [ 478.233274][ T6992] EXT4-fs (loop2): 1 orphan inode deleted [ 478.245378][ T6992] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 478.318150][ T6990] loop5: detected capacity change from 0 to 40427 [ 478.367871][ T6996] FAULT_INJECTION: forcing a failure. [ 478.367871][ T6996] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 478.382883][ T4008] I/O error, dev loop5, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 478.411707][ T6996] CPU: 1 PID: 6996 Comm: syz.0.1888 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 478.421528][ T6996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 478.431471][ T6996] Call Trace: [ 478.434547][ T6996] [ 478.437327][ T6996] dump_stack_lvl+0x151/0x1b7 [ 478.441839][ T6996] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 478.447148][ T6996] ? __kasan_check_write+0x14/0x20 [ 478.452086][ T6996] dump_stack+0x15/0x1e [ 478.456076][ T6996] should_fail_ex+0x3d0/0x520 [ 478.460597][ T6996] should_fail+0xb/0x10 [ 478.464579][ T6996] should_fail_usercopy+0x1a/0x20 [ 478.469526][ T6996] _copy_to_user+0x1e/0x90 [ 478.473848][ T6996] simple_read_from_buffer+0xc7/0x150 [ 478.478986][ T6996] proc_fail_nth_read+0x1a3/0x210 [ 478.483858][ T6996] ? proc_fault_inject_write+0x390/0x390 [ 478.489316][ T6996] ? fsnotify_perm+0x269/0x5b0 [ 478.494001][ T6996] ? security_file_permission+0x86/0xb0 [ 478.499380][ T6996] ? proc_fault_inject_write+0x390/0x390 [ 478.504850][ T6996] vfs_read+0x26c/0xae0 [ 478.508845][ T6996] ? kernel_read+0x1f0/0x1f0 [ 478.513269][ T6996] ? mutex_lock+0xb1/0x1e0 [ 478.517522][ T6996] ? bit_wait_io_timeout+0x120/0x120 [ 478.522644][ T6996] ? __fdget_pos+0x2e2/0x390 [ 478.527074][ T6996] ? ksys_read+0x77/0x2c0 [ 478.531321][ T6996] ksys_read+0x199/0x2c0 [ 478.535402][ T6996] ? __this_cpu_preempt_check+0x13/0x20 [ 478.540798][ T6996] ? vfs_write+0xed0/0xed0 [ 478.545035][ T6996] ? debug_smp_processor_id+0x17/0x20 [ 478.550245][ T6996] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 478.556234][ T6996] __x64_sys_read+0x7b/0x90 [ 478.560569][ T6996] x64_sys_call+0x28/0x9a0 [ 478.564825][ T6996] do_syscall_64+0x3b/0xb0 [ 478.569250][ T6996] ? clear_bhb_loop+0x55/0xb0 [ 478.573787][ T6996] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 478.579494][ T6996] RIP: 0033:0x7fe0cfb7d25c [ 478.583743][ T6996] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 478.603366][ T6996] RSP: 002b:00007fe0d094e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 478.611608][ T6996] RAX: ffffffffffffffda RBX: 00007fe0cfd36160 RCX: 00007fe0cfb7d25c [ 478.619685][ T6996] RDX: 000000000000000f RSI: 00007fe0d094e0a0 RDI: 0000000000000007 [ 478.627489][ T6996] RBP: 00007fe0d094e090 R08: 0000000000000000 R09: 0000000000000000 [ 478.635306][ T6996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 478.643112][ T6996] R13: 0000000000000000 R14: 00007fe0cfd36160 R15: 00007ffd859d7408 [ 478.650937][ T6996] [ 478.654091][ T964] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 478.703937][ T6990] loop5: detected capacity change from 0 to 256 [ 478.786704][ T4008] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 478.811630][ T6990] loop5: detected capacity change from 0 to 512 [ 478.818145][ T6990] EXT4-fs: Ignoring removed i_version option [ 478.824782][ T6990] journal_path: Lookup failure for './file0' [ 478.830825][ T6990] EXT4-fs: error: could not find journal device path [ 478.845193][ T294] EXT4-fs (loop2): unmounting filesystem. [ 479.066796][ T7014] FAULT_INJECTION: forcing a failure. [ 479.066796][ T7014] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 479.080869][ T7014] CPU: 1 PID: 7014 Comm: syz.2.1895 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 479.089970][ T7016] FAULT_INJECTION: forcing a failure. [ 479.089970][ T7016] name failslab, interval 1, probability 0, space 0, times 0 [ 479.090503][ T7014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 479.112830][ T7014] Call Trace: [ 479.115941][ T7014] [ 479.118713][ T7014] dump_stack_lvl+0x151/0x1b7 [ 479.123227][ T7014] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 479.128521][ T7014] ? vfs_write+0x952/0xed0 [ 479.132785][ T7014] ? __kasan_slab_free+0x11/0x20 [ 479.137551][ T7014] dump_stack+0x15/0x1e [ 479.141550][ T7014] should_fail_ex+0x3d0/0x520 [ 479.146056][ T7014] should_fail+0xb/0x10 [ 479.150064][ T7014] should_fail_usercopy+0x1a/0x20 [ 479.154903][ T7014] _copy_from_user+0x1e/0xc0 [ 479.159332][ T7014] __sys_bpf+0x23b/0x7f0 [ 479.163414][ T7014] ? bpf_link_show_fdinfo+0x2d0/0x2d0 [ 479.168625][ T7014] ? __ia32_sys_read+0x90/0x90 [ 479.173227][ T7014] ? debug_smp_processor_id+0x17/0x20 [ 479.178426][ T7014] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 479.184415][ T7014] __x64_sys_bpf+0x7c/0x90 [ 479.188672][ T7014] x64_sys_call+0x87f/0x9a0 [ 479.193007][ T7014] do_syscall_64+0x3b/0xb0 [ 479.197260][ T7014] ? clear_bhb_loop+0x55/0xb0 [ 479.201775][ T7014] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 479.207502][ T7014] RIP: 0033:0x7f202e17e819 [ 479.211763][ T7014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.231199][ T7014] RSP: 002b:00007f202ef4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 479.239442][ T7014] RAX: ffffffffffffffda RBX: 00007f202e335fa0 RCX: 00007f202e17e819 [ 479.247251][ T7014] RDX: 000000000000002c RSI: 0000000020000080 RDI: 000000000000000a [ 479.255063][ T7014] RBP: 00007f202ef4d090 R08: 0000000000000000 R09: 0000000000000000 [ 479.262876][ T7014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 479.270690][ T7014] R13: 0000000000000000 R14: 00007f202e335fa0 R15: 00007ffc22c0ccf8 [ 479.278503][ T7014] [ 479.281363][ T7016] CPU: 0 PID: 7016 Comm: syz.3.1897 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 479.290998][ T7016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 479.300891][ T7016] Call Trace: [ 479.304018][ T7016] [ 479.306794][ T7016] dump_stack_lvl+0x151/0x1b7 [ 479.311312][ T7016] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 479.316599][ T7016] ? __kasan_check_write+0x14/0x20 [ 479.321550][ T7016] ? mutex_unlock+0xb2/0x260 [ 479.325980][ T7016] dump_stack+0x15/0x1e [ 479.329963][ T7016] should_fail_ex+0x3d0/0x520 [ 479.334480][ T7016] __should_failslab+0xaf/0xf0 [ 479.339096][ T7016] ? __se_sys_memfd_create+0xf2/0x3e0 [ 479.344282][ T7016] should_failslab+0x9/0x20 [ 479.348623][ T7016] __kmem_cache_alloc_node+0x3d/0x2a0 [ 479.353919][ T7016] ? __se_sys_memfd_create+0xf2/0x3e0 [ 479.359127][ T7016] __kmalloc+0xa3/0x1e0 [ 479.363120][ T7016] __se_sys_memfd_create+0xf2/0x3e0 [ 479.368159][ T7016] __x64_sys_memfd_create+0x5b/0x70 [ 479.373186][ T7016] x64_sys_call+0x871/0x9a0 [ 479.377526][ T7016] do_syscall_64+0x3b/0xb0 [ 479.381777][ T7016] ? clear_bhb_loop+0x55/0xb0 [ 479.386296][ T7016] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 479.392019][ T7016] RIP: 0033:0x7f235b97e819 [ 479.396273][ T7016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.415717][ T7016] RSP: 002b:00007f235c777e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f [ 479.423958][ T7016] RAX: ffffffffffffffda RBX: 00000000000002b2 RCX: 00007f235b97e819 [ 479.431776][ T7016] RDX: 00007f235c777ef0 RSI: 0000000000000000 RDI: 00007f235b9f1fca [ 479.439581][ T7016] RBP: 0000000020000800 R08: 00007f235c777bb7 R09: 00007f235c777e40 [ 479.447395][ T7016] R10: 000000000000000a R11: 0000000000000202 R12: 00000000200000c0 [ 479.455209][ T7016] R13: 00007f235c777ef0 R14: 00007f235c777eb0 R15: 0000000020000040 [ 479.463024][ T7016] [ 479.486963][ T7018] loop2: detected capacity change from 0 to 128 [ 479.522382][ T4008] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 479.615422][ T28] audit: type=1400 audit(1732233596.923:734): avc: denied { connect } for pid=7027 comm="syz.1.1901" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 479.658670][ T28] audit: type=1326 audit(1732233596.963:735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7017 comm="syz.2.1898" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f202e17e819 code=0x0 [ 479.750725][ T7032] FAULT_INJECTION: forcing a failure. [ 479.750725][ T7032] name failslab, interval 1, probability 0, space 0, times 0 [ 479.763845][ T4988] usb 4-1: new high-speed USB device number 75 using dummy_hcd [ 479.773195][ T7032] CPU: 1 PID: 7032 Comm: syz.1.1903 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 479.782931][ T7032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 479.792821][ T7032] Call Trace: [ 479.795941][ T7032] [ 479.798719][ T7032] dump_stack_lvl+0x151/0x1b7 [ 479.803231][ T7032] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 479.808706][ T7032] dump_stack+0x15/0x1e [ 479.812709][ T7032] should_fail_ex+0x3d0/0x520 [ 479.817225][ T7032] __should_failslab+0xaf/0xf0 [ 479.821818][ T7032] ? qdisc_alloc+0x7a/0x780 [ 479.826163][ T7032] should_failslab+0x9/0x20 [ 479.830499][ T7032] __kmem_cache_alloc_node+0x3d/0x2a0 [ 479.835712][ T7032] ? sock_do_ioctl+0x26b/0x450 [ 479.840308][ T7032] ? qdisc_alloc+0x7a/0x780 [ 479.844652][ T7032] __kmalloc_node+0xa3/0x1e0 [ 479.849106][ T7032] qdisc_alloc+0x7a/0x780 [ 479.853243][ T7032] ? pfifo_fast_init+0x3db/0x7a0 [ 479.858010][ T7032] ? try_module_get+0x12a/0x290 [ 479.862701][ T7032] qdisc_create_dflt+0x6b/0x3e0 [ 479.867390][ T7032] mq_init+0x2c8/0x6b0 [ 479.871298][ T7032] ? trace_net_dev_xmit_timeout+0x140/0x140 [ 479.877021][ T7032] ? __kasan_check_write+0x14/0x20 [ 479.881967][ T7032] ? qdisc_alloc+0x5a0/0x780 [ 479.886485][ T7032] ? tun_device_event+0x3e5/0xf80 [ 479.891345][ T7032] qdisc_create_dflt+0x144/0x3e0 [ 479.896113][ T7032] ? _raw_spin_lock+0xa4/0x1b0 [ 479.900716][ T7032] dev_activate+0x159/0x1130 [ 479.905145][ T7032] ? __local_bh_enable_ip+0x58/0x80 [ 479.910175][ T7032] ? _raw_spin_unlock_bh+0x50/0x60 [ 479.915565][ T7032] ? dev_set_rx_mode+0x249/0x2d0 [ 479.915601][ T7032] __dev_open+0x3c7/0x4e0 [ 479.915629][ T7032] ? dev_open+0x260/0x260 [ 479.915657][ T7032] ? _raw_spin_unlock_bh+0x50/0x60 [ 479.915677][ T7032] ? dev_set_rx_mode+0x249/0x2d0 [ 479.915704][ T7032] ? __kasan_check_read+0x11/0x20 [ 479.915724][ T7032] __dev_change_flags+0x1db/0x6e0 [ 479.915748][ T7032] ? avc_denied+0x1b0/0x1b0 [ 479.915774][ T7032] ? dev_get_flags+0x1e0/0x1e0 [ 479.915796][ T7032] ? kstrtouint+0xf6/0x180 [ 479.915825][ T7032] dev_change_flags+0x8c/0x1a0 [ 479.915852][ T7032] dev_ifsioc+0x177/0x1150 [ 479.915884][ T7032] ? dev_ioctl+0xe60/0xe60 [ 479.915913][ T7032] ? __kasan_check_write+0x14/0x20 [ 479.915934][ T7032] ? mutex_lock+0xb1/0x1e0 [ 479.915964][ T7032] ? bit_wait_io_timeout+0x120/0x120 [ 479.915998][ T7032] dev_ioctl+0x543/0xe60 [ 479.916031][ T7032] sock_do_ioctl+0x26b/0x450 [ 479.916050][ T7032] ? has_cap_mac_admin+0x3c0/0x3c0 [ 479.916079][ T7032] ? sock_show_fdinfo+0xa0/0xa0 [ 479.916103][ T7032] ? selinux_file_ioctl+0x3cc/0x540 [ 479.916125][ T7032] sock_ioctl+0x455/0x740 [ 479.916144][ T7032] ? sock_poll+0x400/0x400 [ 479.916175][ T7032] ? __fget_files+0x2cb/0x330 [ 479.916207][ T7032] ? security_file_ioctl+0x84/0xb0 [ 479.916228][ T7032] ? sock_poll+0x400/0x400 [ 479.916260][ T7032] __se_sys_ioctl+0x114/0x190 [ 479.916289][ T7032] __x64_sys_ioctl+0x7b/0x90 [ 479.916317][ T7032] x64_sys_call+0x98/0x9a0 [ 479.916341][ T7032] do_syscall_64+0x3b/0xb0 [ 479.916363][ T7032] ? clear_bhb_loop+0x55/0xb0 [ 479.916390][ T7032] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 479.916416][ T7032] RIP: 0033:0x7f2f72f7e819 [ 479.916434][ T7032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.916454][ T7032] RSP: 002b:00007f2f73dff038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 479.916478][ T7032] RAX: ffffffffffffffda RBX: 00007f2f73135fa0 RCX: 00007f2f72f7e819 [ 479.916495][ T7032] RDX: 0000000020002280 RSI: 0000000000008914 RDI: 000000000000000a [ 479.916510][ T7032] RBP: 00007f2f73dff090 R08: 0000000000000000 R09: 0000000000000000 [ 479.916524][ T7032] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 479.916537][ T7032] R13: 0000000000000000 R14: 00007f2f73135fa0 R15: 00007ffc37c4d1a8 [ 479.916559][ T7032] [ 480.140293][ T7032] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue [ 480.492209][ T4988] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 480.511150][ T4988] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 480.589017][ T28] audit: type=1400 audit(1732233597.893:736): avc: denied { mount } for pid=7056 comm="syz.0.1909" name="/" dev="pstore" ino=13081 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 480.629307][ T7053] loop2: detected capacity change from 0 to 40427 [ 480.635757][ T4988] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 480.644621][ T28] audit: type=1400 audit(1732233597.933:737): avc: denied { remount } for pid=7056 comm="syz.0.1909" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 480.651772][ T4988] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 480.666464][ T28] audit: type=1400 audit(1732233597.943:738): avc: denied { unmount } for pid=289 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:pstore_t tclass=filesystem permissive=1 [ 480.673591][ T7053] F2FS-fs (loop2): Fix alignment : done, start(4096) end(16896) block(12288) [ 480.706946][ T4988] usb 4-1: SerialNumber: syz [ 480.724788][ T7058] loop5: detected capacity change from 0 to 1024 [ 480.767747][ T7053] F2FS-fs (loop2): Found nat_bits in checkpoint [ 480.776795][ T4008] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 480.879071][ T7068] kernel profiling enabled (shift: 17) [ 480.951161][ T7053] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 481.165055][ T4988] usb 4-1: 0:2 : does not exist [ 481.169952][ T4988] usb 4-1: unit 255 not found! [ 481.177239][ T4988] usb 4-1: USB disconnect, device number 75 [ 481.203773][ T7053] SELinux: Context system_u:object_r:vhost_device_t:s0 is not valid (left unmapped). [ 481.215223][ T28] audit: type=1400 audit(1732233598.523:739): avc: denied { relabelto } for pid=7052 comm="syz.2.1907" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=10 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:vhost_device_t:s0" [ 481.807313][ T28] audit: type=1400 audit(1732233599.113:740): avc: denied { write } for pid=7052 comm="syz.2.1907" name="snapshot" dev="devtmpfs" ino=91 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1 [ 481.830215][ T7053] random: crng reseeded on system resumption [ 482.216625][ T294] syz-executor: attempt to access beyond end of device [ 482.216625][ T294] loop2: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 482.821974][ T24] usb 1-1: new high-speed USB device number 71 using dummy_hcd [ 482.851946][ T4988] usb 2-1: new high-speed USB device number 92 using dummy_hcd [ 482.941959][ T2633] usb 4-1: new high-speed USB device number 76 using dummy_hcd [ 483.182012][ T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 483.192073][ T2633] usb 4-1: Using ep0 maxpacket: 16 [ 483.197061][ T24] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 483.212038][ T4988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 483.222805][ T4988] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 483.282003][ T24] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 483.291008][ T24] usb 1-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 483.298838][ T24] usb 1-1: Product: syz [ 483.303411][ T24] usb 1-1: config 0 descriptor?? [ 483.312044][ T2633] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 8 [ 483.320910][ T4988] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 483.330684][ T4988] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 483.338457][ T4988] usb 2-1: Product: syz [ 483.342973][ T24] usbhid 1-1:0.0: couldn't find an input interrupt endpoint [ 483.351475][ T4988] usb 2-1: config 0 descriptor?? [ 483.472032][ T2633] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00 [ 483.481063][ T2633] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 483.488977][ T2633] usb 4-1: Product: syz [ 483.492982][ T2633] usb 4-1: Manufacturer: syz [ 483.497382][ T2633] usb 4-1: SerialNumber: syz [ 483.502432][ T2633] usb 4-1: config 0 descriptor?? [ 483.781757][ T7109] loop2: detected capacity change from 0 to 40427 [ 483.788570][ T7109] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 483.796208][ T7109] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 483.806343][ T7109] F2FS-fs (loop2): Found nat_bits in checkpoint [ 483.832839][ T4988] konepure 0003:1E7D:2DB4.0081: unknown main item tag 0x0 [ 483.840565][ T4988] konepure 0003:1E7D:2DB4.0081: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0 [ 483.845905][ T7109] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 483.857848][ T7109] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 483.877234][ T7109] FAULT_INJECTION: forcing a failure. [ 483.877234][ T7109] name failslab, interval 1, probability 0, space 0, times 0 [ 483.889678][ T7109] CPU: 1 PID: 7109 Comm: syz.2.1923 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 483.899269][ T7109] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 483.909323][ T7109] Call Trace: [ 483.912446][ T7109] [ 483.915357][ T7109] dump_stack_lvl+0x151/0x1b7 [ 483.919863][ T7109] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 483.925161][ T7109] dump_stack+0x15/0x1e [ 483.929144][ T7109] should_fail_ex+0x3d0/0x520 [ 483.933661][ T7109] ? getname_flags+0xba/0x520 [ 483.938172][ T7109] __should_failslab+0xaf/0xf0 [ 483.942777][ T7109] should_failslab+0x9/0x20 [ 483.947110][ T7109] kmem_cache_alloc+0x3b/0x320 [ 483.951711][ T7109] ? vfs_write+0x952/0xed0 [ 483.955963][ T7109] ? __kasan_slab_free+0x11/0x20 [ 483.960737][ T7109] getname_flags+0xba/0x520 [ 483.965082][ T7109] getname+0x19/0x20 [ 483.968815][ T7109] do_sys_openat2+0xe0/0x870 [ 483.973237][ T7109] ? bit_wait_io_timeout+0x120/0x120 [ 483.978355][ T7109] ? __mutex_lock_slowpath+0x10/0x10 [ 483.983589][ T7109] ? do_sys_open+0x220/0x220 [ 483.988102][ T7109] ? fput+0x15b/0x1b0 [ 483.991924][ T7109] ? ksys_write+0x260/0x2c0 [ 483.996260][ T7109] __x64_sys_openat+0x243/0x290 [ 484.000948][ T7109] ? __ia32_sys_open+0x270/0x270 [ 484.005719][ T7109] ? debug_smp_processor_id+0x17/0x20 [ 484.010925][ T7109] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 484.016832][ T7109] ? exit_to_user_mode_prepare+0x39/0xa0 [ 484.022300][ T7109] x64_sys_call+0x6bf/0x9a0 [ 484.026639][ T7109] do_syscall_64+0x3b/0xb0 [ 484.030888][ T7109] ? clear_bhb_loop+0x55/0xb0 [ 484.035407][ T7109] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 484.041134][ T7109] RIP: 0033:0x7f202e17e819 [ 484.045385][ T7109] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 484.064825][ T7109] RSP: 002b:00007f202ef4d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 484.073160][ T7109] RAX: ffffffffffffffda RBX: 00007f202e335fa0 RCX: 00007f202e17e819 [ 484.080970][ T7109] RDX: 0000000000020242 RSI: 0000000020000380 RDI: ffffffffffffff9c [ 484.088782][ T7109] RBP: 00007f202ef4d090 R08: 0000000000000000 R09: 0000000000000000 [ 484.096591][ T7109] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 484.104403][ T7109] R13: 0000000000000000 R14: 00007f202e335fa0 R15: 00007ffc22c0ccf8 [ 484.112220][ T7109] [ 484.116931][ T1828] usb 2-1: USB disconnect, device number 92 [ 484.378008][ T7121] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1924'. [ 484.511929][ T964] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 484.628819][ T7126] loop5: detected capacity change from 0 to 256 [ 485.272783][ T7138] FAULT_INJECTION: forcing a failure. [ 485.272783][ T7138] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 485.285936][ T7138] CPU: 1 PID: 7138 Comm: syz.2.1928 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 485.295570][ T7138] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 485.305460][ T7138] Call Trace: [ 485.308581][ T7138] [ 485.311360][ T7138] dump_stack_lvl+0x151/0x1b7 [ 485.315872][ T7138] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 485.321293][ T7138] ? __kasan_check_write+0x14/0x20 [ 485.326232][ T7138] ? _raw_spin_lock_bh+0xa4/0x1b0 [ 485.331093][ T7138] dump_stack+0x15/0x1e [ 485.335099][ T7138] should_fail_ex+0x3d0/0x520 [ 485.339600][ T7138] should_fail+0xb/0x10 [ 485.343599][ T7138] should_fail_usercopy+0x1a/0x20 [ 485.348451][ T7138] _copy_to_user+0x1e/0x90 [ 485.352703][ T7138] simple_read_from_buffer+0xc7/0x150 [ 485.357912][ T7138] proc_fail_nth_read+0x1a3/0x210 [ 485.362776][ T7138] ? proc_fault_inject_write+0x390/0x390 [ 485.368246][ T7138] ? fsnotify_perm+0x269/0x5b0 [ 485.372843][ T7138] ? security_file_permission+0x86/0xb0 [ 485.378219][ T7138] ? proc_fault_inject_write+0x390/0x390 [ 485.383689][ T7138] vfs_read+0x26c/0xae0 [ 485.387685][ T7138] ? kernel_read+0x1f0/0x1f0 [ 485.392108][ T7138] ? mutex_lock+0xb1/0x1e0 [ 485.396363][ T7138] ? bit_wait_io_timeout+0x120/0x120 [ 485.401487][ T7138] ? __fdget_pos+0x2e2/0x390 [ 485.405910][ T7138] ? ksys_read+0x77/0x2c0 [ 485.410074][ T7138] ksys_read+0x199/0x2c0 [ 485.414154][ T7138] ? vfs_write+0xed0/0xed0 [ 485.418409][ T7138] ? debug_smp_processor_id+0x17/0x20 [ 485.423612][ T7138] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 485.429517][ T7138] __x64_sys_read+0x7b/0x90 [ 485.433856][ T7138] x64_sys_call+0x28/0x9a0 [ 485.438108][ T7138] do_syscall_64+0x3b/0xb0 [ 485.442365][ T7138] ? clear_bhb_loop+0x55/0xb0 [ 485.446969][ T7138] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 485.452695][ T7138] RIP: 0033:0x7f202e17d25c [ 485.456944][ T7138] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48 [ 485.476482][ T7138] RSP: 002b:00007f202ef4d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 485.484835][ T7138] RAX: ffffffffffffffda RBX: 00007f202e335fa0 RCX: 00007f202e17d25c [ 485.492759][ T7138] RDX: 000000000000000f RSI: 00007f202ef4d0a0 RDI: 0000000000000009 [ 485.500569][ T7138] RBP: 00007f202ef4d090 R08: 0000000000000000 R09: 0000000000000000 [ 485.508378][ T7138] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 485.516194][ T7138] R13: 0000000000000000 R14: 00007f202e335fa0 R15: 00007ffc22c0ccf8 [ 485.524013][ T7138] [ 485.537847][ T2633] usb 1-1: USB disconnect, device number 71 [ 485.658940][ T1828] usb 4-1: USB disconnect, device number 76 [ 485.717692][ T7148] loop3: detected capacity change from 0 to 256 [ 485.731297][ T7148] FAT-fs (loop3): Directory bread(block 64) failed [ 485.737834][ T7148] FAT-fs (loop3): Directory bread(block 65) failed [ 485.744402][ T7148] FAT-fs (loop3): Directory bread(block 66) failed [ 485.750739][ T7148] FAT-fs (loop3): Directory bread(block 67) failed [ 485.757231][ T7148] FAT-fs (loop3): Directory bread(block 68) failed [ 486.089811][ T7148] FAT-fs (loop3): Directory bread(block 69) failed [ 486.190800][ T7148] FAT-fs (loop3): Directory bread(block 70) failed [ 486.212671][ T7154] loop2: detected capacity change from 0 to 1024 [ 486.245622][ T7148] FAT-fs (loop3): Directory bread(block 71) failed [ 486.252176][ T7148] FAT-fs (loop3): Directory bread(block 72) failed [ 486.258636][ T7148] FAT-fs (loop3): Directory bread(block 73) failed [ 486.310640][ T7148] syz.3.1932: attempt to access beyond end of device [ 486.310640][ T7148] loop3: rw=2049, sector=1280, nr_sectors = 8 limit=256 [ 486.324360][ T7148] syz.3.1932: attempt to access beyond end of device [ 486.324360][ T7148] loop3: rw=2049, sector=1320, nr_sectors = 8 limit=256 [ 486.334295][ T7154] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 486.347674][ T410] kworker/u4:4: attempt to access beyond end of device [ 486.347674][ T410] loop3: rw=1, sector=1224, nr_sectors = 56 limit=256 [ 486.623432][ T7164] netlink: 277 bytes leftover after parsing attributes in process `syz.5.1934'. [ 487.286594][ T964] Bluetooth: hci0: sending frame failed (-49) [ 487.292659][ T5467] Bluetooth: hci0: Opcode 0x1003 failed: -49 [ 487.388029][ T7173] xt_bpf: check failed: parse error [ 487.395298][ T294] EXT4-fs (loop2): unmounting filesystem. [ 488.424690][ T7181] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1940'. [ 488.639795][ T7199] loop3: detected capacity change from 0 to 256 [ 489.211217][ T7204] device pim6reg1 entered promiscuous mode [ 493.443309][ T2633] usb 1-1: new high-speed USB device number 72 using dummy_hcd [ 493.666585][ T7218] loop3: detected capacity change from 0 to 1024 [ 493.758352][ T7218] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback. [ 494.039380][ T7224] loop2: detected capacity change from 0 to 512 [ 494.046928][ T7224] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002] [ 494.055047][ T7224] System zones: 1-12 [ 494.059460][ T7224] EXT4-fs (loop2): orphan cleanup on readonly fs [ 494.061030][ T28] audit: type=1400 audit(1732233611.363:741): avc: denied { mounton } for pid=7217 comm="syz.3.1949" path="/345/file0/file0/file0" dev="loop3" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 494.089663][ T7224] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1950: bg 0: block 328: padding at end of block bitmap is not set [ 494.091961][ T6] usb 6-1: new high-speed USB device number 58 using dummy_hcd [ 494.104730][ T7224] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6172: Corrupt filesystem [ 494.113805][ T7222] device vlan2 entered promiscuous mode [ 494.120401][ T7224] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1950: invalid indirect mapped block 65280 (level 0) [ 494.126077][ T7222] device ip6gretap0 entered promiscuous mode [ 494.139051][ T28] audit: type=1400 audit(1732233611.393:742): avc: denied { mount } for pid=7217 comm="syz.3.1949" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1 [ 494.160719][ T7224] EXT4-fs error (device loop2): ext4_clear_blocks:883: inode #13: comm syz.2.1950: attempt to clear invalid blocks 33619980 len 1 [ 494.180163][ T7224] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1950: invalid indirect mapped block 1819239214 (level 0) [ 494.194273][ T7224] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1950: invalid indirect mapped block 1819239214 (level 1) [ 494.208781][ T7224] EXT4-fs (loop2): 1 orphan inode deleted [ 494.214416][ T7224] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none. [ 494.381929][ T6] usb 6-1: Using ep0 maxpacket: 32 [ 494.388844][ T7232] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1952'. [ 494.397755][ T7232] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1952'. [ 494.440350][ T28] audit: type=1400 audit(1732233611.743:743): avc: denied { getopt } for pid=7231 comm="syz.1.1952" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 494.507039][ T296] EXT4-fs (loop3): unmounting filesystem. [ 494.521967][ T6] usb 6-1: config 0 has an invalid interface number: 67 but max is 0 [ 494.538916][ T6] usb 6-1: config 0 has no interface number 0 [ 494.553395][ T7238] xt_bpf: check failed: parse error [ 494.710775][ T6] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 495.096084][ T6] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 495.105011][ T6] usb 6-1: Product: syz [ 495.112151][ T6] usb 6-1: Manufacturer: syz [ 495.113358][ T294] EXT4-fs (loop2): unmounting filesystem. [ 495.123748][ T6] usb 6-1: SerialNumber: syz [ 495.282092][ T2633] usb 1-1: new full-speed USB device number 73 using dummy_hcd [ 495.313294][ T6] usb 6-1: config 0 descriptor?? [ 495.352381][ T6] smsc95xx v2.0.0 [ 495.663393][ T7264] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1960'. [ 495.664971][ T7265] netlink: 277 bytes leftover after parsing attributes in process `syz.3.1961'. [ 495.691986][ T2633] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 495.705924][ T2633] usb 1-1: New USB device found, idVendor=05ac, idProduct=027d, bcdDevice= 0.00 [ 495.725088][ T2633] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 495.745749][ T2633] usb 1-1: config 0 descriptor?? [ 496.011956][ T6] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 496.022633][ T6] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 496.041948][ T6] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 496.052732][ T6] smsc95xx: probe of 6-1:0.67 failed with error -71 [ 496.060299][ T6] usb 6-1: USB disconnect, device number 58 [ 496.252840][ T2633] apple 0003:05AC:027D.0082: unknown main item tag 0x1 [ 496.260136][ T2633] apple 0003:05AC:027D.0082: hidraw0: USB HID vff.ff Device [HID 05ac:027d] on usb-dummy_hcd.0-1/input0 [ 496.359822][ T7269] loop3: detected capacity change from 0 to 1024 [ 496.393611][ T7269] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 496.898528][ T24] usb 1-1: USB disconnect, device number 73 [ 497.151917][ T964] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 497.151965][ T5467] Bluetooth: hci0: command 0x1003 tx timeout [ 497.264441][ T296] EXT4-fs (loop3): unmounting filesystem. [ 497.280430][ T7287] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1967'. [ 497.309587][ T7291] syz.3.1966[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 497.309641][ T7291] syz.3.1966[7291] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 497.323217][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.341652][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.349474][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.356714][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.363939][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.371214][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.378442][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.385653][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.392882][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.400448][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.407724][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.414883][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.422116][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.429272][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.436518][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.443821][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.451114][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.458388][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.465556][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.472877][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.480027][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.487266][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.494491][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.501635][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.509061][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.516300][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.523443][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.530621][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.537894][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.549796][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.557326][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.561932][ T2633] usb 3-1: new high-speed USB device number 90 using dummy_hcd [ 497.564553][ T6] hid-generic 0000:04AD:0000.0083: unknown main item tag 0x0 [ 497.580083][ T6] hid-generic 0000:04AD:0000.0083: hidraw0: HID v0.00 Device [syz0] on syz0 [ 498.150937][ T28] audit: type=1326 audit(1732233615.453:744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.152034][ T2633] usb 3-1: config index 0 descriptor too short (expected 769, got 36) [ 498.175248][ T28] audit: type=1326 audit(1732233615.453:745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.182860][ T2633] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 498.205840][ T28] audit: type=1326 audit(1732233615.493:746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.215776][ T2633] usb 3-1: config 0 has no interfaces? [ 498.238403][ T28] audit: type=1326 audit(1732233615.493:747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.244123][ T2633] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00 [ 498.267025][ T28] audit: type=1326 audit(1732233615.493:748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.276326][ T2633] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 498.299242][ T28] audit: type=1326 audit(1732233615.523:749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.308188][ T2633] usb 3-1: config 0 descriptor?? [ 498.333601][ T28] audit: type=1326 audit(1732233615.523:750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7311 comm="syz.5.1974" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f1a37e819 code=0x7ffc0000 [ 498.619924][ T7314] binder: 7311:7314 ioctl c0306201 0 returned -14 [ 498.705346][ T7314] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=25 sclass=netlink_tcpdiag_socket pid=7314 comm=syz.5.1974 [ 499.293919][ T28] kauditd_printk_skb: 32 callbacks suppressed [ 499.293938][ T28] audit: type=1400 audit(1732233615.943:783): avc: denied { create } for pid=7311 comm="syz.5.1974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 499.354165][ T28] audit: type=1400 audit(1732233616.013:784): avc: denied { write } for pid=7311 comm="syz.5.1974" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 500.557636][ T7339] loop5: detected capacity change from 0 to 512 [ 500.583945][ T7339] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback. [ 500.593088][ T7339] ext4 filesystem being mounted at /363/file1 supports timestamps until 2038 (0x7fffffff) [ 500.691935][ T6] usb 1-1: new high-speed USB device number 74 using dummy_hcd [ 500.842035][ T498] usb 2-1: new high-speed USB device number 93 using dummy_hcd [ 500.932426][ T4988] usb 3-1: USB disconnect, device number 90 [ 501.020802][ T7350] device syzkaller0 entered promiscuous mode [ 501.232041][ T498] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.243322][ T498] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.262043][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 501.273201][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 501.283020][ T6] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 501.297325][ T6] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 501.306544][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 501.322178][ T6] usb 1-1: config 0 descriptor?? [ 501.332051][ T498] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 501.341226][ T498] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 501.349210][ T498] usb 2-1: Product: syz [ 501.358132][ T498] usb 2-1: config 0 descriptor?? [ 501.424567][ T1503] EXT4-fs (loop5): unmounting filesystem. [ 501.832994][ T6] plantronics 0003:047F:FFFF.0084: No inputs registered, leaving [ 501.842103][ T6] plantronics 0003:047F:FFFF.0084: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 501.922888][ T498] konepure 0003:1E7D:2DB4.0085: item fetching failed at offset 10/11 [ 501.931010][ T498] konepure 0003:1E7D:2DB4.0085: parse failed [ 501.937086][ T498] konepure: probe of 0003:1E7D:2DB4.0085 failed with error -22 [ 502.102546][ T498] usb 1-1: USB disconnect, device number 74 [ 502.124105][ T560] usb 2-1: USB disconnect, device number 93 [ 502.351904][ T5467] Bluetooth: hci0: Opcode 0x1003 failed: -110 [ 502.505022][ T7372] loop5: detected capacity change from 0 to 128 [ 502.511796][ T7372] EXT4-fs (loop5): Test dummy encryption mode enabled [ 502.519892][ T7372] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none. [ 502.528488][ T7372] ext4 filesystem being mounted at /366/mnt supports timestamps until 2038 (0x7fffffff) [ 502.748345][ T7378] FAULT_INJECTION: forcing a failure. [ 502.748345][ T7378] name failslab, interval 1, probability 0, space 0, times 0 [ 502.760884][ T7378] CPU: 0 PID: 7378 Comm: syz.5.1990 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 502.770590][ T7378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 502.780465][ T7378] Call Trace: [ 502.783563][ T7378] [ 502.786342][ T7378] dump_stack_lvl+0x151/0x1b7 [ 502.790858][ T7378] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 502.796154][ T7378] dump_stack+0x15/0x1e [ 502.800139][ T7378] should_fail_ex+0x3d0/0x520 [ 502.804655][ T7378] ? security_inode_alloc+0x29/0x120 [ 502.809782][ T7378] __should_failslab+0xaf/0xf0 [ 502.814384][ T7378] should_failslab+0x9/0x20 [ 502.818716][ T7378] kmem_cache_alloc+0x3b/0x320 [ 502.823410][ T7378] security_inode_alloc+0x29/0x120 [ 502.828350][ T7378] inode_init_always+0x720/0x970 [ 502.833129][ T7378] ? ext4_group_desc_free+0x110/0x110 [ 502.838330][ T7378] new_inode_pseudo+0x98/0x1d0 [ 502.842932][ T7378] new_inode+0x28/0x1c0 [ 502.846924][ T7378] ? avc_denied+0x1b0/0x1b0 [ 502.851266][ T7378] __ext4_new_inode+0x2a6/0x40a0 [ 502.856129][ T7378] ? memset+0x35/0x40 [ 502.859945][ T7378] ? __dquot_initialize+0x244/0xde0 [ 502.864990][ T7378] ? ext4_has_group_desc_csum+0x1f0/0x1f0 [ 502.870531][ T7378] ? dquot_initialize+0x20/0x20 [ 502.875220][ T7378] ? may_create+0x65a/0x900 [ 502.879649][ T7378] ext4_mkdir+0x421/0xce0 [ 502.883813][ T7378] ? ext4_symlink+0xc10/0xc10 [ 502.888325][ T7378] ? selinux_inode_mkdir+0x22/0x30 [ 502.893267][ T7378] ? security_inode_mkdir+0xbc/0x100 [ 502.898396][ T7378] vfs_mkdir+0x398/0x570 [ 502.902472][ T7378] do_mkdirat+0x1eb/0x450 [ 502.906637][ T7378] ? vfs_mkdir+0x570/0x570 [ 502.910962][ T7378] ? getname_flags+0x1fd/0x520 [ 502.915492][ T7378] __x64_sys_mkdirat+0x89/0xa0 [ 502.920090][ T7378] x64_sys_call+0x6c6/0x9a0 [ 502.924431][ T7378] do_syscall_64+0x3b/0xb0 [ 502.928770][ T7378] ? clear_bhb_loop+0x55/0xb0 [ 502.933285][ T7378] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 502.939019][ T7378] RIP: 0033:0x7f8f1a37e819 [ 502.943260][ T7378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 502.962892][ T7378] RSP: 002b:00007f8f1b0fa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102 [ 502.971131][ T7378] RAX: ffffffffffffffda RBX: 00007f8f1a536160 RCX: 00007f8f1a37e819 [ 502.978945][ T7378] RDX: 0000000000000000 RSI: 0000000020000280 RDI: ffffffffffffff9c [ 502.986753][ T7378] RBP: 00007f8f1b0fa090 R08: 0000000000000000 R09: 0000000000000000 [ 502.994565][ T7378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 503.002384][ T7378] R13: 0000000000000000 R14: 00007f8f1a536160 R15: 00007ffe2be3e658 [ 503.010200][ T7378] [ 503.790351][ T6] usb 4-1: new high-speed USB device number 77 using dummy_hcd [ 503.851194][ T1503] EXT4-fs (loop5): unmounting filesystem. [ 503.944629][ T7391] loop5: detected capacity change from 0 to 128 [ 504.350808][ T7394] netlink: 277 bytes leftover after parsing attributes in process `syz.2.1994'. [ 504.471987][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 504.482920][ T6] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 504.581994][ T6] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 504.590914][ T6] usb 4-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 504.598739][ T6] usb 4-1: Product: syz [ 504.603294][ T6] usb 4-1: config 0 descriptor?? [ 504.672030][ T498] usb 6-1: new high-speed USB device number 59 using dummy_hcd [ 505.150345][ T7415] FAULT_INJECTION: forcing a failure. [ 505.150345][ T7415] name failslab, interval 1, probability 0, space 0, times 0 [ 505.162931][ T7415] CPU: 0 PID: 7415 Comm: syz.0.2000 Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 505.172558][ T7415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 505.182451][ T7415] Call Trace: [ 505.185573][ T7415] [ 505.188351][ T7415] dump_stack_lvl+0x151/0x1b7 [ 505.192867][ T7415] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 505.198160][ T7415] dump_stack+0x15/0x1e [ 505.202154][ T7415] should_fail_ex+0x3d0/0x520 [ 505.206676][ T7415] __should_failslab+0xaf/0xf0 [ 505.211353][ T7415] ? sidtab_sid2str_get+0x12b/0x2a0 [ 505.216395][ T7415] should_failslab+0x9/0x20 [ 505.220725][ T7415] __kmem_cache_alloc_node+0x3d/0x2a0 [ 505.225934][ T7415] ? do_syscall_64+0x3b/0xb0 [ 505.230360][ T7415] ? entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 505.236262][ T7415] ? sidtab_sid2str_get+0x12b/0x2a0 [ 505.241294][ T7415] __kmalloc_node_track_caller+0xa2/0x1e0 [ 505.246850][ T7415] kmemdup+0x29/0x60 [ 505.250582][ T7415] sidtab_sid2str_get+0x12b/0x2a0 [ 505.255445][ T7415] security_sid_to_context_core+0x2b5/0x490 [ 505.261170][ T7415] security_sid_to_context_force+0x36/0x40 [ 505.266810][ T7415] selinux_inode_init_security+0x6e6/0xad0 [ 505.272454][ T7415] ? __kasan_slab_alloc+0x6c/0x80 [ 505.277362][ T7415] ? selinux_inode_free_security+0x210/0x210 [ 505.283129][ T7415] ? debug_smp_processor_id+0x17/0x20 [ 505.288371][ T7415] ? get_random_u32+0x30d/0x650 [ 505.293027][ T7415] security_inode_init_security+0x15b/0x390 [ 505.298749][ T7415] ? shmem_tmpfile+0x120/0x120 [ 505.303352][ T7415] ? security_dentry_create_files_as+0xc0/0xc0 [ 505.309343][ T7415] ? simple_acl_create+0x29e/0x2c0 [ 505.314305][ T7415] shmem_mknod+0xb8/0x1d0 [ 505.318454][ T7415] shmem_create+0x2c/0x40 [ 505.322620][ T7415] ? shmem_fallocate+0xf20/0xf20 [ 505.327394][ T7415] path_openat+0x12ee/0x2d60 [ 505.331831][ T7415] ? do_filp_open+0x480/0x480 [ 505.336334][ T7415] do_filp_open+0x230/0x480 [ 505.340670][ T7415] ? vfs_tmpfile+0x480/0x480 [ 505.345106][ T7415] ? alloc_fd+0x4fe/0x5a0 [ 505.349354][ T7415] do_sys_openat2+0x151/0x870 [ 505.353863][ T7415] ? bit_wait_io_timeout+0x120/0x120 [ 505.358993][ T7415] ? __mutex_lock_slowpath+0x10/0x10 [ 505.364106][ T7415] ? do_sys_open+0x220/0x220 [ 505.368539][ T7415] ? fput+0x15b/0x1b0 [ 505.372352][ T7415] ? ksys_write+0x260/0x2c0 [ 505.376690][ T7415] ? __this_cpu_preempt_check+0x13/0x20 [ 505.382072][ T7415] __x64_sys_open+0x221/0x270 [ 505.387646][ T7415] ? do_sys_openat2+0x870/0x870 [ 505.392326][ T7415] ? debug_smp_processor_id+0x17/0x20 [ 505.397532][ T7415] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 505.403438][ T7415] ? exit_to_user_mode_prepare+0x39/0xa0 [ 505.409038][ T7415] x64_sys_call+0x36/0x9a0 [ 505.413292][ T7415] do_syscall_64+0x3b/0xb0 [ 505.417544][ T7415] ? clear_bhb_loop+0x55/0xb0 [ 505.422084][ T7415] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 505.427778][ T7415] RIP: 0033:0x7fe0cfb7e819 [ 505.432031][ T7415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 505.451486][ T7415] RSP: 002b:00007fe0d094e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 505.459983][ T7415] RAX: ffffffffffffffda RBX: 00007fe0cfd36160 RCX: 00007fe0cfb7e819 [ 505.467790][ T7415] RDX: 0000000000000000 RSI: 000000000014937e RDI: 0000000020000140 [ 505.475604][ T7415] RBP: 00007fe0d094e090 R08: 0000000000000000 R09: 0000000000000000 [ 505.483420][ T7415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 505.491312][ T7415] R13: 0000000000000000 R14: 00007fe0cfd36160 R15: 00007ffd859d7408 [ 505.499132][ T7415] [ 505.782630][ T6] konepure 0003:1E7D:2DB4.0086: item fetching failed at offset 10/11 [ 505.790747][ T6] konepure 0003:1E7D:2DB4.0086: parse failed [ 505.796731][ T6] konepure: probe of 0003:1E7D:2DB4.0086 failed with error -22 [ 505.804197][ T19] usb 2-1: new high-speed USB device number 94 using dummy_hcd [ 505.812118][ T498] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 26 [ 505.981999][ T28] audit: type=1400 audit(1732233623.193:785): avc: denied { nlmsg_read } for pid=7420 comm="syz.0.2004" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 506.042160][ T498] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 506.052753][ T498] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 506.060878][ T498] usb 6-1: SerialNumber: syz [ 506.422008][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 506.432787][ T19] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 506.532110][ T19] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 506.541538][ T19] usb 2-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 506.549886][ T19] usb 2-1: Product: syz [ 506.568129][ T19] usb 2-1: config 0 descriptor?? [ 506.701896][ T7428] loop2: detected capacity change from 0 to 40427 [ 506.708837][ T7428] F2FS-fs (loop2): Invalid SB checksum offset: 0 [ 506.715374][ T7428] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock [ 506.725818][ T7428] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437) [ 506.922084][ T7428] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0 [ 506.929623][ T7428] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 506.972929][ T7439] netlink: 176 bytes leftover after parsing attributes in process `syz.5.1997'. [ 507.165799][ T4988] usb 4-1: USB disconnect, device number 77 [ 507.204914][ T28] audit: type=1400 audit(1732233624.513:786): avc: denied { setopt } for pid=7427 comm="syz.2.2005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 507.345950][ T7428] syz.2.2005: attempt to access beyond end of device [ 507.345950][ T7428] loop2: rw=10241, sector=53248, nr_sectors = 8 limit=40427 [ 507.593948][ T294] syz-executor: attempt to access beyond end of device [ 507.593948][ T294] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 507.703037][ T7444] loop2: detected capacity change from 0 to 512 [ 507.717953][ T7444] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities [ 507.813127][ T19] konepure 0003:1E7D:2DB4.0087: item fetching failed at offset 10/11 [ 507.821444][ T19] konepure 0003:1E7D:2DB4.0087: parse failed [ 507.827352][ T19] konepure: probe of 0003:1E7D:2DB4.0087 failed with error -22 [ 507.899061][ T4988] usb 4-1: new high-speed USB device number 78 using dummy_hcd [ 508.023988][ T2633] usb 2-1: USB disconnect, device number 94 [ 508.191991][ T4988] usb 4-1: Using ep0 maxpacket: 32 [ 508.242471][ T498] cdc_ether: probe of 6-1:1.0 failed with error -71 [ 508.292433][ T498] usb 6-1: USB disconnect, device number 59 [ 508.321968][ T4988] usb 4-1: config 0 has an invalid interface number: 67 but max is 0 [ 508.332193][ T4988] usb 4-1: config 0 has no interface number 0 [ 508.401937][ T19] usb 1-1: new high-speed USB device number 75 using dummy_hcd [ 508.418720][ T7452] netlink: 277 bytes leftover after parsing attributes in process `syz.5.2010'. [ 508.502113][ T4988] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57 [ 508.511181][ T4988] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 508.519069][ T4988] usb 4-1: Product: syz [ 508.523051][ T4988] usb 4-1: Manufacturer: syz [ 508.527503][ T4988] usb 4-1: SerialNumber: syz [ 508.532807][ T4988] usb 4-1: config 0 descriptor?? [ 508.594575][ T4988] smsc95xx v2.0.0 [ 508.812020][ T19] usb 1-1: config index 0 descriptor too short (expected 45, got 36) [ 508.820039][ T19] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 508.831029][ T19] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 508.844361][ T19] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 508.853292][ T19] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 508.861692][ T19] usb 1-1: config 0 descriptor?? [ 509.252210][ T4988] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71 [ 509.263347][ T4988] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD [ 509.307905][ T4988] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71 [ 509.319203][ T4988] smsc95xx: probe of 4-1:0.67 failed with error -71 [ 509.364678][ T4988] usb 4-1: USB disconnect, device number 78 [ 509.480636][ T19] plantronics 0003:047F:FFFF.0088: unknown main item tag 0xd [ 509.489609][ T19] plantronics 0003:047F:FFFF.0088: No inputs registered, leaving [ 509.571752][ T19] plantronics 0003:047F:FFFF.0088: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 509.587044][ T7472] loop2: detected capacity change from 0 to 1024 [ 509.596821][ T7472] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 509.613647][ T294] EXT4-fs (loop2): unmounting filesystem. [ 509.673531][ T7477] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2015'. [ 510.126662][ T7485] loop5: detected capacity change from 0 to 16 [ 510.776736][ T7485] erofs: (device loop5): z_erofs_parse_cfgs: algorithm 1 isn't enabled on this kernel [ 510.793815][ T7487] loop3: detected capacity change from 0 to 128 [ 510.827480][ T7487] EXT4-fs (loop3): Test dummy encryption mode enabled [ 510.850723][ T7487] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 510.890577][ T7492] loop5: detected capacity change from 0 to 256 [ 510.897883][ T7492] exfat: Unknown parameter 'i»ù}' [ 511.109426][ T7487] ext4 filesystem being mounted at /355/mnt supports timestamps until 2038 (0x7fffffff) [ 511.135107][ T24] usb 1-1: USB disconnect, device number 75 [ 512.211950][ T6] usb 6-1: new high-speed USB device number 60 using dummy_hcd [ 512.292942][ T296] EXT4-fs (loop3): unmounting filesystem. [ 512.801971][ T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 512.812852][ T6] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 512.912004][ T6] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2db4, bcdDevice= 0.00 [ 512.921025][ T6] usb 6-1: New USB device strings: Mfr=0, Product=9, SerialNumber=0 [ 512.928826][ T6] usb 6-1: Product: syz [ 512.933459][ T6] usb 6-1: config 0 descriptor?? [ 513.110872][ T7533] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2031'. [ 513.127221][ T7532] IPv6: NLM_F_CREATE should be specified when creating new route [ 513.608430][ T6] konepure 0003:1E7D:2DB4.0089: item fetching failed at offset 10/11 [ 513.660323][ T6] konepure 0003:1E7D:2DB4.0089: parse failed [ 513.662523][ T7538] loop3: detected capacity change from 0 to 256 [ 513.685851][ T6] konepure: probe of 0003:1E7D:2DB4.0089 failed with error -22 [ 513.736009][ T319] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 513.741676][ T7538] loop3: detected capacity change from 0 to 256 [ 513.768454][ T319] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 513.776161][ T7538] exfat: Deprecated parameter 'utf8' [ 513.805090][ T24] usb 6-1: USB disconnect, device number 60 [ 513.830905][ T319] Buffer I/O error on dev loop3, logical block 0, async page read [ 513.845756][ T291] ------------[ cut here ]------------ [ 513.851066][ T291] WARNING: CPU: 1 PID: 291 at fs/inode.c:332 drop_nlink+0xc1/0x110 [ 513.858831][ T291] Modules linked in: [ 513.862532][ T291] CPU: 1 PID: 291 Comm: syz-executor Not tainted 6.1.112-syzkaller-00026-g51bee181735e #0 [ 513.872277][ T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 513.882143][ T291] RIP: 0010:drop_nlink+0xc1/0x110 [ 513.886976][ T291] Code: 1e 48 8d bb b8 04 00 00 be 08 00 00 00 e8 b7 e2 ef ff f0 48 ff 83 b8 04 00 00 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 ef 74 a8 ff <0f> 0b eb 88 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 62 ff ff ff 4c [ 513.906525][ T291] RSP: 0018:ffffc9000dabfbf0 EFLAGS: 00010293 [ 513.908865][ T7538] exfat: Deprecated parameter 'namecase' [ 513.912448][ T291] RAX: ffffffff81cd30c1 RBX: 0000000000000000 RCX: ffff88810f095100 [ 513.917937][ T7538] exfat: Deprecated parameter 'utf8' [ 513.925734][ T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 513.938666][ T291] RBP: ffffc9000dabfc18 R08: ffffffff81cd3044 R09: 0000000000000003 [ 513.941609][ T7538] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 513.946482][ T291] R10: ffffffffffffffff R11: dffffc0000000001 R12: dffffc0000000000 [ 513.966248][ T291] R13: 1ffff110225c2dc5 R14: ffff888112e16de0 R15: ffff888112e16e28 [ 513.974131][ T291] FS: 00005555789d0500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 513.983036][ T291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 513.989478][ T291] CR2: 00005555789f34e8 CR3: 000000012de5b000 CR4: 00000000003526a0 [ 513.997315][ T291] Call Trace: [ 514.000411][ T291] [ 514.003232][ T291] ? show_regs+0x58/0x60 [ 514.007268][ T291] ? __warn+0x160/0x3d0 [ 514.011259][ T291] ? drop_nlink+0xc1/0x110 [ 514.015560][ T291] ? report_bug+0x4d5/0x7d0 [ 514.019855][ T291] ? drop_nlink+0xc1/0x110 [ 514.024295][ T291] ? handle_bug+0x41/0x70 [ 514.028600][ T291] ? exc_invalid_op+0x1b/0x50 [ 514.033146][ T291] ? asm_exc_invalid_op+0x1b/0x20 [ 514.037977][ T291] ? drop_nlink+0x44/0x110 [ 514.042243][ T291] ? drop_nlink+0xc1/0x110 [ 514.046469][ T291] ? drop_nlink+0xc1/0x110 [ 514.050723][ T291] shmem_rmdir+0x59/0x90 [ 514.054835][ T291] vfs_rmdir+0x398/0x500 [ 514.058887][ T291] incfs_kill_sb+0x113/0x230 [ 514.063363][ T291] deactivate_locked_super+0xad/0x110 [ 514.068517][ T291] deactivate_super+0xbe/0xf0 [ 514.073158][ T291] cleanup_mnt+0x485/0x510 [ 514.077638][ T291] ? user_path_at_empty+0x14e/0x1a0 [ 514.082722][ T291] __cleanup_mnt+0x19/0x20 [ 514.086929][ T291] task_work_run+0x24d/0x2e0 [ 514.091698][ T291] ? task_work_cancel+0x2e0/0x2e0 [ 514.096844][ T291] ? __x64_sys_umount+0x122/0x170 [ 514.101724][ T291] exit_to_user_mode_loop+0x94/0xa0 [ 514.106781][ T291] exit_to_user_mode_prepare+0x5a/0xa0 [ 514.112097][ T291] syscall_exit_to_user_mode+0x26/0x130 [ 514.117429][ T291] do_syscall_64+0x47/0xb0 [ 514.121681][ T291] ? clear_bhb_loop+0x55/0xb0 [ 514.126258][ T291] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 514.132038][ T291] RIP: 0033:0x7f2f72f7fb47 [ 514.136263][ T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 514.155978][ T291] RSP: 002b:00007ffc37c4c448 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 514.164280][ T291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2f72f7fb47 [ 514.172105][ T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc37c4c500 [ 514.179862][ T291] RBP: 00007ffc37c4c500 R08: 0000000000000000 R09: 0000000000000000 [ 514.187778][ T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc37c4d580 [ 514.195638][ T291] R13: 00007f2f72ff15fc R14: 000000000007d21b R15: 00007ffc37c4d5c0 [ 514.203522][ T291] [ 514.206349][ T291] ---[ end trace 0000000000000000 ]--- [ 514.214528][ T291] ================================================================== [ 514.222413][ T291] BUG: KASAN: null-ptr-deref in ihold+0x20/0x60 [ 514.228484][ T291] Write of size 4 at addr 0000000000000170 by task syz-executor/291 [ 514.236301][ T291] [ 514.238554][ T291] CPU: 0 PID: 291 Comm: syz-executor Tainted: G W 6.1.112-syzkaller-00026-g51bee181735e #0 [ 514.249762][ T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 514.259645][ T291] Call Trace: [ 514.262766][ T291] [ 514.265552][ T291] dump_stack_lvl+0x151/0x1b7 [ 514.270061][ T291] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 514.275352][ T291] ? _printk+0xd1/0x111 [ 514.279344][ T291] print_report+0xe1/0x4e0 [ 514.283611][ T291] ? __virt_addr_valid+0x59/0x2f0 [ 514.288548][ T291] ? kasan_addr_to_slab+0xd/0x80 [ 514.293317][ T291] ? ihold+0x20/0x60 [ 514.297049][ T291] kasan_report+0x13c/0x170 [ 514.301388][ T291] ? ihold+0x20/0x60 [ 514.305123][ T291] kasan_check_range+0x294/0x2a0 [ 514.309892][ T291] __kasan_check_write+0x14/0x20 [ 514.314671][ T291] ihold+0x20/0x60 [ 514.318225][ T291] vfs_rmdir+0x268/0x500 [ 514.322308][ T291] incfs_kill_sb+0x113/0x230 [ 514.326730][ T291] deactivate_locked_super+0xad/0x110 [ 514.331939][ T291] deactivate_super+0xbe/0xf0 [ 514.336452][ T291] cleanup_mnt+0x485/0x510 [ 514.340701][ T291] ? user_path_at_empty+0x14e/0x1a0 [ 514.345748][ T291] __cleanup_mnt+0x19/0x20 [ 514.349994][ T291] task_work_run+0x24d/0x2e0 [ 514.354423][ T291] ? task_work_cancel+0x2e0/0x2e0 [ 514.359285][ T291] ? __x64_sys_umount+0x122/0x170 [ 514.364143][ T291] exit_to_user_mode_loop+0x94/0xa0 [ 514.369176][ T291] exit_to_user_mode_prepare+0x5a/0xa0 [ 514.374467][ T291] syscall_exit_to_user_mode+0x26/0x130 [ 514.379845][ T291] do_syscall_64+0x47/0xb0 [ 514.384099][ T291] ? clear_bhb_loop+0x55/0xb0 [ 514.388613][ T291] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 514.394436][ T291] RIP: 0033:0x7f2f72f7fb47 [ 514.398678][ T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 514.418119][ T291] RSP: 002b:00007ffc37c4c448 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 514.426375][ T291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2f72f7fb47 [ 514.434176][ T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc37c4c500 [ 514.441987][ T291] RBP: 00007ffc37c4c500 R08: 0000000000000000 R09: 0000000000000000 [ 514.449808][ T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc37c4d580 [ 514.457611][ T291] R13: 00007f2f72ff15fc R14: 000000000007d21b R15: 00007ffc37c4d5c0 [ 514.465432][ T291] [ 514.468285][ T291] ================================================================== [ 514.477170][ T7548] netlink: 277 bytes leftover after parsing attributes in process `syz.0.2038'. [ 514.488148][ T291] Disabling lock debugging due to kernel taint [ 514.494293][ T291] BUG: kernel NULL pointer dereference, address: 0000000000000170 [ 514.501906][ T291] #PF: supervisor write access in kernel mode [ 514.507806][ T291] #PF: error_code(0x0002) - not-present page [ 514.513626][ T291] PGD 132674067 P4D 132674067 PUD 0 [ 514.518745][ T291] Oops: 0002 [#1] PREEMPT SMP KASAN [ 514.523777][ T291] CPU: 1 PID: 291 Comm: syz-executor Tainted: G B W 6.1.112-syzkaller-00026-g51bee181735e #0 [ 514.534975][ T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 514.544869][ T291] RIP: 0010:ihold+0x25/0x60 [ 514.549217][ T291] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 c1 6c a8 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 60 da ef ff bb 01 00 00 00 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 44 70 a8 [ 514.568656][ T291] RSP: 0018:ffffc9000dabfc30 EFLAGS: 00010246 [ 514.574550][ T291] RAX: ffff88810f095100 RBX: 0000000000000001 RCX: ffff88810f095100 [ 514.582365][ T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 514.590175][ T291] RBP: ffffc9000dabfc40 R08: ffffffff8144a2c3 R09: fffffbfff0f6e0fd [ 514.597983][ T291] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11023d913dc [ 514.605793][ T291] R13: ffff888118b93880 R14: 0000000000000000 R15: 1ffff11023172716 [ 514.613608][ T291] FS: 00005555789d0500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 514.622376][ T291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 514.628797][ T291] CR2: 0000000000000170 CR3: 000000012de5b000 CR4: 00000000003526a0 [ 514.636610][ T291] Call Trace: [ 514.639740][ T291] [ 514.642511][ T291] ? __die_body+0x62/0xb0 [ 514.646684][ T291] ? __die+0x7e/0x90 [ 514.650410][ T291] ? page_fault_oops+0x7f9/0xa90 [ 514.655179][ T291] ? vprintk_default+0x26/0x30 [ 514.659781][ T291] ? kernelmode_fixup_or_oops+0xd0/0xd0 [ 514.665160][ T291] ? add_taint+0x44/0xe0 [ 514.669240][ T291] ? panic+0x667/0x667 [ 514.673149][ T291] ? preempt_schedule_thunk+0x16/0x18 [ 514.678365][ T291] ? exc_page_fault+0x529/0x6d0 [ 514.683040][ T291] ? asm_exc_page_fault+0x27/0x30 [ 514.687908][ T291] ? add_taint+0x93/0xe0 [ 514.691980][ T291] ? ihold+0x25/0x60 [ 514.695712][ T291] vfs_rmdir+0x268/0x500 [ 514.699792][ T291] incfs_kill_sb+0x113/0x230 [ 514.704218][ T291] deactivate_locked_super+0xad/0x110 [ 514.709424][ T291] deactivate_super+0xbe/0xf0 [ 514.713941][ T291] cleanup_mnt+0x485/0x510 [ 514.718191][ T291] ? user_path_at_empty+0x14e/0x1a0 [ 514.723225][ T291] __cleanup_mnt+0x19/0x20 [ 514.727476][ T291] task_work_run+0x24d/0x2e0 [ 514.731992][ T291] ? task_work_cancel+0x2e0/0x2e0 [ 514.736850][ T291] ? __x64_sys_umount+0x122/0x170 [ 514.741716][ T291] exit_to_user_mode_loop+0x94/0xa0 [ 514.746748][ T291] exit_to_user_mode_prepare+0x5a/0xa0 [ 514.752040][ T291] syscall_exit_to_user_mode+0x26/0x130 [ 514.757428][ T291] do_syscall_64+0x47/0xb0 [ 514.761671][ T291] ? clear_bhb_loop+0x55/0xb0 [ 514.766277][ T291] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 514.772003][ T291] RIP: 0033:0x7f2f72f7fb47 [ 514.776257][ T291] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 [ 514.795696][ T291] RSP: 002b:00007ffc37c4c448 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 514.803939][ T291] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f2f72f7fb47 [ 514.811753][ T291] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc37c4c500 [ 514.819564][ T291] RBP: 00007ffc37c4c500 R08: 0000000000000000 R09: 0000000000000000 [ 514.827549][ T291] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc37c4d580 [ 514.835358][ T291] R13: 00007f2f72ff15fc R14: 000000000007d21b R15: 00007ffc37c4d5c0 [ 514.843181][ T291] [ 514.846035][ T291] Modules linked in: [ 514.849779][ T291] CR2: 0000000000000170 [ 514.853763][ T291] ---[ end trace 0000000000000000 ]--- [ 514.859053][ T291] RIP: 0010:ihold+0x25/0x60 [ 514.863395][ T291] Code: 00 00 00 00 00 55 48 89 e5 41 56 53 49 89 fe e8 c1 6c a8 ff 49 8d be 70 01 00 00 be 04 00 00 00 e8 60 da ef ff bb 01 00 00 00 41 0f c1 9e 70 01 00 00 ff c3 bf 02 00 00 00 89 de e8 44 70 a8 [ 514.882836][ T291] RSP: 0018:ffffc9000dabfc30 EFLAGS: 00010246 [ 514.888735][ T291] RAX: ffff88810f095100 RBX: 0000000000000001 RCX: ffff88810f095100 [ 514.896547][ T291] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 514.904361][ T291] RBP: ffffc9000dabfc40 R08: ffffffff8144a2c3 R09: fffffbfff0f6e0fd [ 514.912170][ T291] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11023d913dc [ 514.919981][ T291] R13: ffff888118b93880 R14: 0000000000000000 R15: 1ffff11023172716 [ 514.927797][ T291] FS: 00005555789d0500(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 514.936565][ T291] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 514.943069][ T291] CR2: 0000000000000170 CR3: 000000012de5b000 CR4: 00000000003526a0 [ 514.950893][ T291] Kernel panic - not syncing: Fatal exception [ 514.957078][ T291] Kernel Offset: disabled [ 514.961207][ T291] Rebooting in 86400 seconds..