last executing test programs: 8.799435261s ago: executing program 3 (id=1181): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000a850000000f000000850000009e00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='sched_switch\x00', r3}, 0x10) bpf$MAP_UPDATE_BATCH(0x1b, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x38) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdir(&(0x7f0000000080)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r5, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15) r6 = dup(r5) write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18) getresuid(&(0x7f0000000440), 0x0, &(0x7f00000004c0)=0x0) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',privport,access', @ANYRESDEC=r7]) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) ioctl$F2FS_IOC_GET_COMPRESS_BLOCKS(r8, 0x8008f511, &(0x7f0000000240)) socket$netlink(0x10, 0x3, 0x0) ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local}) writev(r0, &(0x7f0000001700)=[{&(0x7f0000000000)="9d1a13725d2ac496d8524b29015cb6177fb70266cdc1eb7946d14ecd1f78270c68e3f287a9b3e6a3488c9316058279eedbd33508792be7a7593d9ba300e8fa232b1aa6fc7d44445a36ab8bbc3a444413723bb8ae3cfff5b54875408f8466dbae9712e91f093fac4ce3", 0x69}, {&(0x7f0000000100)="3769b1010037e8a9ae43aeb3b548006a10d9c0e698b8c6691fab1c1a020361621d101a1f7e7025966793befc048be74f16a9dacc57eb770f36672b415dc746636a3642063b6d12c7a6aff9b6f49639a73a0fb7c7b211072597e0f0bc8c61a754cb46c24460fd60526ac2dcef7c464378bd5eee2ab75f308755636caf8b9c6c4d1305a9a083df98286683c72d6c0061b801593821b6d721dcddcfe23eaf7269f3633fa93065de979b306529e992133b79f0980c71367bf895bbaed6c9a803f5", 0xbf}, {&(0x7f00000001c0)="118d07e67540da3183027c81dfd4a3f6a429bf83206af569932afac91416f5a740ecff9da01d19b59d727af01d4e6581a615b071f1084ab571e71c29ef0c885e0d97", 0x42}], 0x3) 7.657303275s ago: executing program 3 (id=1190): sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, 0x0, 0x4c040) socket$nl_generic(0x10, 0x3, 0x10) sched_setaffinity(0x0, 0x0, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair$unix(0x1, 0x0, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, 0x0) r1 = syz_usb_connect(0x0, 0x4d, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000735aca105e042107c4900102030109023b00010000000009040000000e010000052406000105240300000d240f0100000000000000000006"], 0x0) syz_usb_control_io(r1, &(0x7f0000000540)={0x2c, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="f90202000000020c"], 0x0, 0x0, 0x0}, 0x0) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x4, 0x4, 0x0, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) syz_usb_control_io$hid(r1, &(0x7f0000000380)={0x24, 0x0, &(0x7f00000001c0)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0) r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000000000000000500060001000000080009000100000005000200d0"], 0x44}}, 0x0) 4.634033151s ago: executing program 3 (id=1207): bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@map, 0xffffffffffffffff, 0x12, 0x8}, 0x20) 4.585101445s ago: executing program 3 (id=1208): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000107d1e502d0000ecff000109022400010000300009040000010300020009210700b90122070009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, &(0x7f0000000380)={0x2c, &(0x7f0000000140)={0x0, 0x0, 0x7, {0x7, 0x0, "4047bcd11c"}}, 0x0, 0x0, 0x0, 0x0}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f0000000280)={0x0, 0x0, 0xf, "6278ae9f69769ad589d78bc2f919bc"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000540)={0x0, 0x8, 0x1, 0x7}, &(0x7f00000005c0)={0x20, 0x0, 0x4, {0x0, 0x1}}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x40, 0xf, 0x2}, &(0x7f0000000740)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000780)={0x40, 0x17, 0x6, @local}, 0x0, &(0x7f0000000800)={0x40, 0x1a, 0x2, 0x4}, 0x0, &(0x7f0000000880)={0x40, 0x1e, 0x1, 0x5}, &(0x7f00000008c0)={0x40, 0x21, 0x1, 0xd8}}) syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000c00)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) 3.614182874s ago: executing program 1 (id=1218): r0 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IPVS_CMD_FLUSH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000100)=ANY=[@ANYBLOB="c4000000", @ANYRES16=r0, @ANYBLOB="01000000000000000000020000002c000280060002004e2000000800090010000000060002004e210000080007000101000006000f000700000008000400ff7fffff1400028008000600020000000800090008000000080004000200000060000180080009005600000007000600666f00000c0007002000000002000000080008000100000008000b0073697000060001"], 0xc4}}, 0x0) 3.606311025s ago: executing program 1 (id=1219): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x19f, &(0x7f0000000100)={[{@noquota}, {@noblock_validity}, {@min_batch_time={'min_batch_time', 0x3d, 0x82f}}, {@grpquota}, {@debug}, {@debug}, {@grpid}]}, 0x80, 0x536, &(0x7f0000000680)="$eJzs3c9rJFkdAPBv9XRn50dmO6sedMF1dVdmFp3uycbdDR7WEURPC+J6H2PSE8J00iHd2Z2EgJm/QBBR0ZNevAj+AYIMePEowoCeFVYU0YweBHVKqrqSyWa6k56xtzs/Ph+oqVevqvr7Xg2vUq/qURXAmfViRNyIiIdpmr4SEdUiv1RMsd2dsu0e7GzNZ1MSafr235JIirzd30qK+aVit/MR8bWvRHwzeTxue2Pz9lyz2Vgrluud5dV6e2Pz2tLy3GJjsbEyMzP9+uwbs6/NXh9KPS9HxJtf+tP3vv3TL7/5y8+++8ebf7maVTsmi/X76/EEskNUPmyDbtUr+bHYle2w9hTBjqtyXsPChV5bpGmaPkyr+3LujqRkAAAclF3AfigiPhURr0Q1zh1+OQsAAACcQOkXJuM/SfcJTQ8TffIBAACAE6SUj4FNSrViLMBklEq1WncM70fiYqnZanc+c6u1vrJw/4eTETEVldKtpWbjejFWeCoqSbY8nacfLb96YHkmIp6LiO9WL+TLtflWc2HcNz8AAADgjLh0oP//z2q3/w8AAACcMlOPZ5XGUQ4AAADgg9Oj/w8AAACcMvr/AAAAcKp99a23sind/f71wjsb67db71xbaLRv15bX52vzrbXV2mKrtZi/s2/5qN9rtlqrn4uV9Tv1TqPdqbc3Nm8ut9ZXOjeX3vcJbAAAAGCEnvvEvd8nEbH9+Qv5lJkYd6GAkSjvpZJi3qP1/+HZ7vy9ERUKGIlzA2zz3jMjKAgwcuVxFwAYm8q4CwCMXXLE+r6Dd35TzD853PIAAADDd+Vj/Z//H/4NgG2fCIATTiOGs+vA8/+0Oq6CACOXP/8fdMCviwU4VSoDjQAETrP/+/n/kdL0iQoEAAAM3WQ+JaVacXtvMkqlWi3icv5ZgEpya6nZuB4Rz0bE76qVZ7Ll6XzP5Mg+AwAAAAAAAAAAAAAAAAAAAAAAAADQlaZJpIe5cehaAAAA4ASIKP05+VX3Xf5Xqi9PHrw/MJH8K/8k8EREvPujt79/Z67TWZvO8v++l9/5QZH/6jjuYAAAAAAH7fbTd/vxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBMD3a25h/sbKX/3tmaH2Xcv34xIqb24udTd005zufz81GJiIv/SKK8b78kIs4NIf723Yj4aK/4SVasvZC94l/44OPHVHEUesW/NIT4cJbdy84/N3q1v1K8mM97t79yxPuWn1b/81/snf/O9Wn/lweM8fz9n9f7xr8b8Xy59/lnN37SJ/5LURoo/je+vrnZb13644gr0Tv+/lj1zvJqvb2xeW1peW6xsdhYmZmZfn32jdnXZq/Xby01G8W/PWN85+O/eHhY/S/2iT91RP1fHqj2Ef+9f2fnw91kpVf8qy/1iP/rnxRbPB6/VPzt+3SRztZf2U1vd9P7vfCz375wWP0XHtW/8iT//1cHrP9QGgoAMDTtjc3bc81mY+0kJCpPs1fWSz8OhZc4folvDfUH0zRNszbVY9W9iBjkd5I4DoclT4z7zAQAAAzbo4v+cZcEAAAAAAAAAAAAAAAAAAAAzq4hvjNsot9r9g7G3N5LJd4MDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG/8LAAD//3uY3uY=") ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xf101}) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x8204) 3.520873802s ago: executing program 1 (id=1220): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)={0x30, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0x4}]}, 0x30}}, 0x0) 3.505412034s ago: executing program 1 (id=1221): r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x0) syz_usb_disconnect(r0) syz_usb_disconnect(0xffffffffffffffff) r1 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0) syz_usb_disconnect(r1) r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000740)={{0x12, 0x1, 0x0, 0xed, 0x3e, 0xc9, 0x8, 0xccd, 0xb3, 0x2dee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xb0, 0x87, 0x1d}}]}}]}}, 0x0) ioctl$EVIOCRMFF(r1, 0x550c, 0x0) syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x7e, 0x9e, 0xb4, 0x0, 0x54c, 0x38, 0x16f5, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x8, 0xc5, 0x38}}]}}]}}, 0x0) ioctl$EVIOCRMFF(r0, 0x550c, 0x0) syz_usb_control_io(r2, 0x0, 0x0) 2.478207287s ago: executing program 2 (id=1238): bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r0, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='percpu_create_chunk\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xa, 0x101, 0x7fff, 0xcc}, 0x48) 2.375017405s ago: executing program 2 (id=1239): mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50) newfstatat(0xffffffffffffff9c, &(0x7f0000001080)='./file0\x00', &(0x7f0000004a40), 0x0) syz_fuse_handle_req(r0, &(0x7f0000004280)="56b4b70b1a8975f54ee556445005e56750c13f758e58cc75528008ded47bc4242957798194cdd4a6595962c6bfb572a5f3e0244898ffc0019bf31b7c178aef4946ae87f1b67e5bc05108d13989adc87fb61a63e1bc59ec05d25cc97452cecc76cd9c886a803434227cd1fdc0b6dd7f06540ac6182a1f63d7959676a9b8b859c8111365062dd2579a45c85d939a0f0cc769d71adc53eee2278e7e98cf297686f53c2bbe89a9f1d41d08815acf789e51ee8db432461cd81c2d93e9860b0608a0ad46dfe3139085787847e6f9644e89682ad74fac2c84dab90c75382f9580f9e3d64e71c503f8e908d93ed3c252e5fda9fc6e3b3818492781b64f6b5fdc45dfa6ffb124b961379fe1d7936f0c72ce510d7cd1c00661ba10b6ddd6b12c02f3e4016da5a734aa236cc234c6812b638362618d8a278dffd3fff020ede34db11434a186769823c942da20b17423d0c02d4d6652a3ab55101b63b6af836a3cebb7f9b5c7ac1396a8599205dcbd56bea9a99be9f8c2b5b7eb12f56dcc8dca4db452b5b2fb14be96c8408445c3e1395a830129569d0b95684d8c2412deec8cfd84c4def194fcd4696e5684bafa4f4bd3112f009c10683e7910a7a34f014cf64310486db31a6d7099c952bf87c21278c85867a5e5fe009d0f22714db5782196f0d96e128856bd41714e0139c2f80c6615f13808846fc12e0ac735ea6de51cc7addddd0a3820686229cb67521865d7e7f0b180043f16a39880b260dbd7df667386102aedf9ccd905f29a80dddec32cc06daa769dc06ab12d7ab084a7691945c8b177286e1b8b2c79f756d58bbd156e9eec1dd84392d95a1fd7852d69322adf96b8852e2ad7bc065ab7709990590595daae8cf19c610689ec8825002507575dc53592256ebf124f3c374cb9e69cc726f0910c69c45aa5db39062ec70185e1b7fcb5720df0729c4b92861fcbe8e564e7bdc586328d5ea8ae60b625c843898c5719bf26e0fc766aacf0a9fa45dcc6ccd349b7faeec87308243488c3e9b5961d5989228111c06df71165a43cf5c9e7fb417e2a8be87bd9f12ed71ec53de3605077a5363f67bffec19b7fb8b4b8090876667697267c2ff8c5d59ba846a48480ab4e5ef3f6b920b285f586ab1037d8541fc65fd7d4999217d01c853177753aea53fc5c56eea35a730fdc773072998d80a7ed081a9674d16a89c76491407e57410c81ce7a31fc7f4344fd13800e250e40c599eb0887d63ba7a87c0cbc71814f6d2fb6c1dda270f20a06aebd97ac92c25aced98928b9f586fb493add3c0a4baa0789aa73a2a6410a4bd13dff034808e7b3fa0487bde3c073431548a1a2a282829868ce23a97d80e7550abb45080fb8cd1f47e315c369c1c9f4381f64dcbcf0b2a8549720fe09b0a0c388c6bbfcc9482e797856b40c23aa675d798d79b2316108a7d4873e03ef6ada0fd6c698457449f7deb09b4ab6653f03cf66ff15905f58080b546caa87e0932f4a66356f65fa052b47922417b75a9b9f1eb22205a91d5eed5175b5b73846e622e9d5128ed333b03733f6b9124d8ff628ca343de63e665d07729d6f9be5f8a0acf1d3ebf130f99396bc19f4717ffa363b95e6dc7dc6e0eafceea7381ffc3274d00880ae6fa73d4f5f139af0246c543f315dbc34286e1c54fbdca0968a005127101228c33134119608bf762896917ae9d3e4a5f0148430b23a119290bd0deb0d97304a70ff113b32db872e437daf9a1ae1eedef7446b0835bf247c0d19a8e8d880dc447556b095a38c79ce45282c68ce0b469fc2cceac4cbcd0f31740c261a131c04a90c14997d19466c8e924cc5357cc882be367cbd0db8d38435ca5b719662b66d7c57a90fd53b1ed4de9e24a576a807386f9bbe324eb09c49a11c4698c81b09963017c6419fe646e892f3e04321c1c01417ac305411161187aa9cef51b44ef4ea65b4f59af670657dd91406c161279972c66e9437d47d13410b77e767391be9c18b6d878efdb93e1bb50610f396c58ca12505e0e71c7839b20ff6461210aeb3413933659b08a9d5a3c9a8b0217522929ad98d5472b269d8154044a2c88dfa2d17e1b97023aa3ff300ab7e9944e327b53fac572d70928ba00b3ef0201f208d24e89c9c8ff1fdcb8f8dfe0536d29e6fd3ca1621b161fc3faa162442e7cf6d7319dc839ec515f2ac7ec714b932efe68d57324c4aaeb61b00b2af3bb23cc9451dd1d33e033e8b76dad71a674b8dc5326056ef8de03365ff88e4736bff9c2e55176c8ffe2a98877b7d2a149f5528694230798223aac9f7a2a78e1a6fd0f7cfadfbd196dab0f1a59d08f4c123f5535591b71e5be97b4555f3fe7cbaea849ce654917100a736d38f3d00c4a666222e4203d93a9be39017a5ecea0bb3d16d3f57dab9af62b3b3d9139854ac306c2243d5093979e77e2071cbf90f1b7212648ea8c221136586cabd4e054826f109b1c49dffc98f14f35f7f510da72e9a39ca7bccb9b42f36ed1cfe6bc0f19e3afb635d745e52ebe01cc50aab45f9a73023890687faae81fc8d4755c3f704ff213ebad362b84157becd9823f6c82dbd1158d2c61dfd7dbea1a34b5ceae8f788e1f2b862d6e4270bb0cb826e47c035ff542880f3769db33c9a64e491c9088b02b2b8942c04fc605d0c51cb145c52488d5b89ab7b427d5f34238e38434711e9141dacbb962c4b767d8fcc576eff5d718c2a8b7f66eab747259ab2938a1b9111d35a580e29128f5bcae19b65692240d94966c2adbaf75e0c706ab3aad2b68b32d39da7b2b061199bcec70ee407ea2aa9dc56cd5b74f823fd23de9c74bb683c5e8df5871826f0cf5c94dad41a0292cc198a3169f119feb8e88a1b827bed7c0b4cc2e4a14abe12914656553bce031be3f9a4ae3141756d2311932414816112541a9c71d8d3ab7ba98c495a89e2b9082dcf1a3f66e182615ce65838773ebccd35bb2e688ff116aa44b2bd6bf8d0bcef768802c7d112d78264090fa84c5a746c1250c3fe5a5e5391e5717d53bc16458d09b3a126f59f639977153de1aa17e10708d110a214bb9b62d0d592816d3dee5e48c4984fcfe885db4a1d49bb930be3e4da348cf4751844994b0e36b37be5f88aa375853e5af43c7f29fbebc90b33ede49f6aeee8bbeb16fd28d88f94147ca2755d1a4d426e9e815e5cea31a8770089a5f31f6aff4c20b106b042580d59e1caae67b819777923ff7a82415c3b11a7aa3f9291bff15398341dd7f3836eab9920da6716ff9451e1a199cb41a8090815e19b6f8f2a10d075177fa69cf91245854d5a22708caed6677c6d9dbdf2cf254730bf5053c124f12a7e822becfa4c98f690ca74645567330bbdd05f74e8ab87f73c7ce014c3fe2a2f8736d550e92c6d5605b965ba80e78760e54d40666d0b9a11da3c9208d4e0e1c8021cdbcfd30a7ace0daa34c6e26874dbd998e08e7635ccca28d656d0a58a0731bf6a0356cd143e0252a41ad989b474698fe14c87a99b970daf0115a6283dd386f939df87073d941f8f402d2cc67794372d945d5cfb1ecc57c4b35e7137fafe04cbcdd4da7afe00e5ffe6178049f57eb30a694dd5dd0ba0e4fc5bc03a137186a2358ed64c22f7a17acaea19dbf7829e0e909329475d36197e4fac0d3ab4a6460242ba349908b6ee10000b444ce6f76c456d3b7cca7b968700ed89b9af6514c7fc574cca3198c6ea27d9fcd8db842a160b28376ab5077cc785739c163748f7b1f21d4f17b5c924798b12207685c2f540a09caa486975feadcf695ad3012c59bb32db8fda8ac1f7ed5419070cac483ac164295e0234084b49369b4365622f72598b861e4a9df96e0689b99e5f5997779ddfb4247313fe196eb26e65f4ddd7e313c7fa7453cadb65b1dc9bb9b4b7cd1ddd3620714e1d68b254762798113dcedb332f99fe69f0dd695cbab60c78f7c106e284e015ea1d950d09e3c9d91ba374bf0ec34c5577848858f1996ea0d145796d66c3225f8ac1152e2b8f5e6a5408c4b26db50cb86bb9db72b3bbf3acc65b7d2344c8609ea5664280b777b6f32aaf4b32181d4b1d7dd5d7d57851af5442d227de37c777da8e266da96e94676c8d98ccd8c34b28002aed24b315e860dab215cc9ad8528ce890c0bed23a5b2682b0a095936a571f4347417bba83fb298bca60b002c037a0784ccd5ae63e1e146a5acdd13a653fe6544afd80a041d90010a7bbca627d175be5923349816643059ab32357c1a6251689745d3f6c70746cd42075c55f43f8153bdbc0d575778c192dc28997aee6df52fb402227e38061205b5ef3a643b60cc87a8ce026aa3385910ddc1e81c937a2eee36bb832d40f5c87e3b3a458e8289ea498dd20202066a09a8447f9834cf360fc01e691ffaa4ebacf8b961a8059e99a4a6a1467d8a7ca776f511efe557b27109534781f654265b65ecd7374a5cae5228799f35ae177b975ac6f8f5544ad816c554d26b01e0e23387e8147841a6be753de524788243e3164956e1567bc139c1a0dc1829977ade33a676bce969702d8d7929c0dc2d702bb7185e33b2f7478ff18836aa9e493440e171aed46dff8e7468e77500a527a4825b5751748f0b27b559a66739a5c58c20c78637b1f7618976143d05ef2e95bed3bdace40d54ccf80921f87efc59cb8c3ca919325da0bc45913103e552f486d701a1ca586be8d6500ce3c2a1217864f2c33ec23f06673951fa9ecc761f66ad2a1877ec17cc18b886baf2312f763b885d2fc01594f3b1417618214d24a1f4f4353207552e0c965f6b3898398b35af2d034618183e748df0438ff072580520e2c6e262f907970e833b48d3278fe1d7cb3d21128157eb508c3aa70a3ccdf0f3cdf499e81a2d3890c378820f40c4a0b23fad7f924115bc9928a01dbfcb8b227c5192e24992e911a1ac9b02023f51071e49750546ac6c7b6620eab4076f21190178d02d97583a88513b8bc326e8ea23e2f059030868f282c148a8acee183f633592f921d33fb131cb50983ef8087179f6ea4dee8656598a0864f90b83297d4bc1f82f6e1dffbeef3ab452999f9658853afe9af4a1a2c4c4189f0e2172922bd466007b5703986d714be353c45bf753cbe36d64315f352e2f286eacc63c55eedb8382efc5e152f1cd9d3c3fe40d50f136d4633c4b541d1b0d46fa8acbf51fd2594809c03b9f28e6005caa93cdaedeb913885e23ccbad13431ec9d05b5232cb561f3e9c1a72acac5d783854b70a6da5b3710ee62d036d0d39ee096621236a5e20b1e3cac54f6876305a1e0eb211713131d28c077fe48266a206c0e5afd3a7bce86b525c51c500d9551dfa0f901895c319c2ae26b13a58f7cb2da07fa01011c0d62a626d37f5c5f4a58fe82826a4dca2058faa0612cd859ecaaab4b7e25b821c94da77715f506e48a1c815ff4ea93c9c41b85064900efccc42ceeb938bb810496fdacef70e64bf32753df304457d7d9dbc1a9e23132dd3b4a54d2d56967f161d68261923121de334282ec1077cebebb4248970fcf98df13a0a279d2dd60e7e2b3f5cdbb74de05ac7903e397077e9ea6415abe3add0efdde3f5d49bea5228a24ee2fb0b266abb8d2ad4cea734807f642a2e0fa510981bccfbe8728f99d7cbddb8c502b56207a2564dd69fe4bdefa5bc1eb81382182c46d350be105f560dba36f1843ffffb2eaf74fcd78a397473e14ba6da641e256d79db7f8e5de1a48034e475d255a1f8c433dd2b80d864289f941c5bccf92539675b0721bd371aea04235d8fcacaa9d82aabfb17b9e57364d70550928e7972c7c5c91636ff03d7c13fc49b4d2d5946523d0692a4515686a7c5fa47b2889fe05e2895f4e85e8ac77dd3270074d0154931414729e6d05a57b04517072ebdd7caf80c77837cd4af7e51c0af83bf71440c67ddd889e02db66cc7c6cf73077fef458b02680da708192e1c87a10ba8aa76b3981d0975b5f7b409d730119ede0d18d14e3b5e0d6f1c5bb9739845dd52e3673ea26fae4be8d4bc358edaaddbf0250b357917487407224648917d40a3e1b239b085d21fd5335589b99b31faa5c72a09223bc7dcc2b81aa05a95c6a6aca2c5180138981a2538f7c7b298afedda97e7e13ccffc3140171a8a3e864c0af23d0db0c4ea89d0d2377bdc46ccfb75548e6157d229bdad129d1d7aca23377fc239fee1d6c38dc6a36b53f91367dad588b510dc7ff78d95fd5dd2f2d526b8d6ba1eddea0d1753ee8a997847b2ee22afca06047b1c5cfec6e6f3908512390bc8349b0835482a487ac02445eaaeccfbfc4bc578c1a89d75d9a4ccae1949f87fd719e3e24de754f0c29a82e5fc1e7499053ec8c2499ac6c6f0be1b02250aa057462e0704263be36b1f92369dde63365e84fa02dc5463382f61e9551072e90c9c59d81a4c01c38259721004455bb6bf7b67a4b88d95e68074b002ca08f1740bc4d34988c3362f8cf754069787c1d5db142bd0dbb26a299a5464150eaa876189638da59f9a9c434372527f17b6ff472e2b0829ab508fc9f0315c209147da3353863267d8cd605300d832a9e92857ee3e0483259c9e1d06443c684532c9359e939cbf4b5b0bb2d4432b6ac17e36371b75bbd4328718022474735a0f48d19232b6117f3e94d0ae544708fadda0d804e9ea3f5c5bc2157afc0ef45eb0bf271caced919749781ebf14e6a3077ef62235c10ff2c689a283c3ab0fe9e4aaf80cac79f19c9a790ede0c7adb0defd78e755ad550b85e74ecdece1f485bee9c67e51c3023e5e2436b46e8bb4010b941170b7c39b0dc0f615709918cc5eb671a191d74783e60870f4f2f402e0489ea65fa7f12c8a41d63b156a094846beb05c323f340356d21f27db342f10c99489f4deacae0153b373e7dcbabd0165b8ce65aa15dff91c46ecee9dce500149b0f0690761a0176644e2cfa92e1f09c1add9aeac48a83ecb4e4b125eab59f569e5e62a03df97bcd4e817657323c4781d0746b82dc0875bd677fae113f37dcedad4445928b24185f2d2c650da0eca3d711f41a98fa1aa3272069019559a4eb3d8ad597ca04b83a8486c31a4c5a549db7a17ba16551e9f75b79e6ade5678c90dafffd737e2240be9a9ca166a07e8afa6879a2f4e368148893e018ecfa7c2127f867c21b12e15194e92b1f31a7bc2def85311ab586ef305475b987f6f343a4f0e57c8785e9ff153be912439e50d298c907f4f54705681f89b220ea4c6ab67ddc78f08b7d3b6101567794f11bf55907a6293cfa31f55d5db3ecb1950f59c9cc6f536fce9dea9ffd14be0c2c13877771cc81894b12d198678e0c3b3898b4bdc8117d936ee33271865f5e01dfb48dd855df39aa0374704bc45a0531db2615f1cf7f8af422f38338db50a3e86fa85962cf00cd1e0965d6d966576be560933edb003fa4af449e03c05208e12ca38e9e3376ab2f7af21ac9943957ce20450e75570c28e0e20c3d1f9c88046c174d1835fd69b1044e5a0dbb50b57275ac1be0fb702cde4171748094bb6cfd72d33c74af0ff71e35ecc673db3afefd817ac269a9c67c42d5293999aca824f2636880119876075000ce60327ef5ac8f2d85acbdad2ede13a515e3cdd67bc2f4da6b7f5e3848849c24d3df27e4207d317a5d7635873b42c3e73af63b4800da9664c8c1f667625a58343ed7e8b6081475521f943b62b6b7a0d00b73b10d51aa3033299eeaee54524d7c6898310625b2bbcc7ff35d68d0c96278824a515e3a2bd9963c7058f1c1c2e5db17da7c95e1386c1411b759843f63e39cdd259adbf1dadcbcb9125a2520cb9d59814a2e638e433ebdc5ddc97854d3cc498ddd9258c31007a54f969c41b19f8ef8554e8e192811456cecc55f586dd9575e4994ec98e06815a0a1122880e71403f0368b0c7bae5e941ddbd5d2cd53fa35a80a8491779374828445940ec3fe6333e351ca9fea95a0806b491665782406e14ffd42df55beb4472bceeb4c3c3728478d4809c635ea0356d5f3577adb596f7d04e6eef10936b4665d9a8e1ef2b42bc7f401ef7c2b7954504febbeb43a0c523fd4bcc3c0e8cc44fd8796bde40efb80bf94c65379192cda5d511d7608a06c30ca3d07e6d393087c2a4fbe9ae8b67076f29e73b33fafbcee188b2c4cc921be301555a9b4c51c92f5f67941253ed0f60be46de8eff7324380e718f551c617ee314930c8657ca0e9eda2409d7a6aa1ce340d774d014dde1c1e15388076ac8e113129821b49d1c7f478b42edb951fc1276da77668ae6bc6ff38d4fa003450048127b8b334d48fcdcdb640c0c069740644fe2aaf9a254e25b1ea43a3ca540a66d0274415ef8fe93b729a0d97b9624b62e2d50b30a90bfd300a3129f347afe7bd68166ab801c89d82a2e8752912670689d378a56aca59c92c083436e11f0438e46ef601f12d9b9c254f6bb8b8cffd572b415c530e35ee41b6945c718234546b13ec0e26d478932af4dc21b5c8d07cae512508559d1c2fcbf41039f787c6f42224f8335d2c95aefc3f895253e14c23b42b7b1665542c926bce310848150e7c87f48897dbf0e199fd48dd73b311b6df401a693badb2c9fa6ba253a5ba2233fae23a6a30ad8fc19e608809f6b552a8d8686e51f60c415d98deb2ff618dc6e5351a5e240b0a849b028a5ca1dcf58e0c5a5a70d01f813afd63381d110b74059e8ae2c9d91048b88c2d7d1135b890923a6695bb055e209a647ea8114cb806fa5c19bab83b393455c495a4de991fd1cb056f30cfd16c06a0440d434be1360551ffe4355a840820b0ef5bd15da18bb97c762ec73648a1da53bbcc8531c6d0d702cf34757c3123ab51501544006bdc88406e8090a33b349b6fde3fc915f832f7a9204a5808c1a30d3c8c0e3802a977979115e4e6d650c0285f1c11da7594d9a23ea0015ec07ebbeb2118ed7a37122e8fded3f28a8275472ba2435ab329233ac5d187bf80ad4b3479b5989d8d741e7df579bd1cb153b15dcf2043014e1c772281e19f72fa269e674cb5f522b570a8f6daceeb230511690979f2749335cddd88f4eae0d37249a21950499f7a03220bb34c117f092bb0fde78895bada0b9a304bf01009e7f5a6ec2fe03be335459d8a01e7e28f7cdae226e3af9d042f5ba3166d1ad2ff5674b1f68a1f3a75d3db110221f7c6ba73eb7959aeb8bbd53d818248e42e83d08095975d8db7cae2a508f8ccd36891641a9757513d53555c4e454f3295cfcfef563df8b9a5ed9d377cc26bfd6e5c091027d42b80660ed795563a4036e059b6954ec955cd51b256fab83729e14d92723bf72c9f1cd1c920105aa30f9483b1c3333f0577919c1ca4356d4f8f4bd903954e3611a6b5a1d196e463929ead1505bc6ddf41aa870e8a64cf3f40d76fca03ce05539e763c04bb784760f1e678f00be84b72188ea845f95a8c71dc1241919aabca20eedc854fcb19440b1c57c7c5d57f0b624496e1ab7749341a621590e59d99e97155479df8703dd4c1e845ff17c7cd17a9daffee31674ba08e8cfd7f0bfb272d5ac744d177c41c9dadf1ec1d772795509d3cc58aa16745e8534fb63ad87769ea653b9af67d271b498bb754b1d2cec5aa1fd3d290869218eb002cde6f0460d53f1f250e65c04631aa7bc7a3a203bf5bee46815933a016fd3367b3dbccef5ccfe45d8411f6a8a46d2280eafdfab94f61a7b1735ec3c8221936555a0eeb1cc42044c3e241ac2d0bfbe4fe8348c2428223e0a63ed249c3dd5da41d653c1644a71ba054b6916aaf6ea676a9b5d5b11208a3cf63131d312826d466c198031508cfdfdbd6f58ed5d4e73cb53f9b004c0662226b4bcd3910fe0564b7d27f3ad5bd3e939cbdb5f5f4b0cbba4a8237d93711c73d0be497f4aee9ad65608932903bd9e5b2f01dbb43086723dcded55c698574f6dbfa9fa4695e21c16497a1cffca06988a79f7c4e3aac1237211ff3ed80012be98050e00c28cad6b90a518e29415699b55d418501fab53f24964747a4434b89d6602cb3d11b9984fbbb05868ccac59ac97acfd9c0da07eb5bec3bb4e9fcc0fa732c5079f5e29fae7287132b79b6d1624ab47c3e08c59b171d7f677ba48da3bbebb37681bc9ce799ca4377a66a80b61e4c934bb5d1be39579a72b3df5e9c1c6ffb3c696aa984e31c05685fadd396234484449bfc0330eefa48372e09d12c87c6cc021ee14d862af2781caa05cee7d9509cb0587cf183dae294e9c849702d50db79ac72de673d047e159bf98b5aa7a43bdfcd90a95ad4f86a62f5c65170ab8146c2302509ab638901c1af4dbbe79dfa201fc1fce87c29b92a3a056fb3f997c275e9940ae3132fe5235c6c3b82097e669fc4d2f1a627a9203b148dcc3ad328581d66cc071b84f02b1d8bc425d344244f47b103baf3f7a3935da19968f772a941ed2f1a170c9e4a7c6f3044408b6b24d437635d928c14eb5fc6cabb12ca7f2a899f27f4d35011994c2e2f0980945a139104912ad39b90215c2dcb75be3e4a0c83767a3ad9cd0e045f4f55ceda67bb2a8c793fe09aed7ba02c888a28e94aabcd4f72a62bf60e5bc6f811147e8c8918bc484be710c50023fab435ed5c1b2d4d902a5c747c57974e3a46b83f39072e858772f7f61a002870d2ec72258b45ae610cb9addfaf30a4c68bfd1e3ec8b75e5585b350269e061a988137703e77eee9bb34a35d428a0cc9228c27be8ef2d7efeecf5400098551c0d807e0b1dda7ef735c418f2ddcd0b6899ad593cea07417fecb0f023ed057eac25f8c574ff9699a813dc9984522aca35e5c56c454c2383a38f41212ca94cf9765464a5db39050382e0b6c4fbdb7b43d9eb4dfc218d01c4a3b0bd5c33efd6879d54bc7d970c5775024d7a69d6864bddea5b729a557e9d1fb4b090fa74df0491499a816f0bb3c9083c3637b24ffa6905a90cf1b4f9f0f9d5362017c309927236afed4f6de16917cfa3016bc7733ff5d92819d0a937e78640385ad04af76efbf3228568792e12af31865caa2f66d345f84a9ac53eff2db8538184584513ef17aab33d4b58645556cd2888adc4c8052447f54a1c274b08de87cbdd095853f0e9b06fe4dfd6ebca8563b481c3eaaceac7b64b9fddd85f54cd733491b007c6ffa6c79115e933ff5c467c587a94c56c56ef5609626e88e19fe4725821e37eab7071e951f881680ff5931eb34cfb688fc5f9eb2aa952c6eb920ccd241ac710b1390a95a6448d51ad6a69d571e6364f32a0b0584fec676e46434ea4b944826ed4e6b1fb0d6484a8747f052c96df54bfcd7680856b2e4248521007c1beee838b2885d381c6f7c2fe1195b2267d38c8b1c578efb737b9820250d2011105443a8c0085ed3f922a3fa385ff337a34d92317a29b1c98c402db5d7e8b0055ad38f571b364ecf4d004ad9dc791bc4cfe3e694f7f76ae78906facdc79ac4e1f5ea45d22833901745a24e55f8610ca816ca4efaf2f9bc6532553994b5aef5af85c1d08e36a0e9ada4d48be94faa8091859456d5ad5c1e2b10409c5bb27dbd7bc51a0d5d9c7c637510f8185e58cc90ed30e1b6c2952d4213e8b7acb0d40ff13120d90324b79181b05f8bb276dd4c600f402e833c9fe8e44733f539dba4bb4abe9b222d66a2c381f5c8e38a1dc5decece6b885ee16c0ffb0f7e0d2c0d9e497f2b8abd80", 0x2000, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0xffffffffffffffff}}}, 0x0, 0x0, 0x0, 0x0, 0x0}) 2.356886327s ago: executing program 2 (id=1240): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) 2.31890314s ago: executing program 2 (id=1241): r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000c80)=@newlink={0x48, 0x10, 0x439, 0x70bd27, 0x0, {0x0, 0x0, 0xe403, 0x0, 0x0, 0x610c3}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @sit={{0x8}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast2}, @IFLA_IPTUN_PROTO={0x5}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x5}]}}}]}, 0x48}}, 0x0) 2.220237748s ago: executing program 2 (id=1242): socket$xdp(0x2c, 0x3, 0x0) socket$xdp(0x2c, 0x3, 0x0) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}) chdir(0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.754170066s ago: executing program 4 (id=1250): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='cpuacct.stat\x00', 0x26e1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) socket(0x1d, 0x2, 0x6) write$P9_RREADLINK(r0, 0x0, 0x0) 1.70633167s ago: executing program 4 (id=1251): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cgroup.kill\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000040)={'ip6_vti0\x00', &(0x7f0000000280)={'syztnl2\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @private1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}) 1.70620254s ago: executing program 4 (id=1252): r0 = socket(0x1d, 0x2, 0x6) sendmsg$NL80211_CMD_SET_WIPHY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 1.70593457s ago: executing program 4 (id=1253): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) chroot(&(0x7f00000000c0)='./file0\x00') syz_fuse_handle_req(r0, &(0x7f0000004140)="d93720db4195e1a34be0ad2f56793935d453c377b35280952f39a19a1c8aacd2cc08dadc1451ecf3ea5602c4fa11e48f06f5c22319277e0ecdb53e2eda975d8b0c0703a4299a9ea93c68dafd02607b4a3fe826919b5010e88399105cacd421aa27d0544308c67ddcc8ff8517d764ffdad87a0dbe21d14a2503d0e96b506de87ea8c0540d52272460cdacaa16211442539f7fe78e5bb111ee23ff07f71a84f64490211f584aebce5979ffc51196826d5688fd197222f5b5b97cff2009a2845c699caa42420e8cea4ea07953369cd8e1f641273236d745f419b4d9922155209b212331da3aa5f73672aa21bb2d574372fa957b3a287d6ebe921bef5b55428bfd6460032889d75a3ee4018353773d52124165020d2eb95dd39e04b2a74886ab6fffd382297d01fb2cb60a978968975d54c66c3912fb40a0e8aa264da07aa9be4f0e01b94446266c4521aa9bbfd034e158a7c7a20a2ba328cc054088bd3f88cc921fecb6e81d83cf43616a7240f76ef1da19cfec4207aa8998417e7dc568719ca154ae9bb38ad2fadddaa995de3a7073c53bcb05a4a13e0ad1d4ffdef949549081819986e07d150e5a000e0fe4d80544732dd3cfe0c9922f4f1773a55c5957e4788eb54d9299456b2c67d353fcd06a8ee6c679013ecbbc9690a22483bd7201c6582d97c1064beadceb37fa5ecbcce3589e1981e0ab13a5a1c9d4433ed3ad5aa23c38e5ec3628c75801d783ac39db125db8d9b6179ec9fa898140c07e30ba85b7e570c5ea1e8cab93586bb5f21918bda1fc4e3966276b736ab987fedca531c81ec0d1b833db24f54751d2d0c28ba9afd26e570cd35a02a4ccdcf9f8ff3a637befb831dee77d4cc084cc17e6eeb813b9c2016672b02e9c6f0364729b0b0c5d821bc4a621a9c95658967c83978042c07a562ca74971bfcdb25109aa90e7c3b8d1ceffd243cfa9cd3bdcb40e3cdadcfcaad0dac169c0187cce25f7de991f6c90ac27ee9bfd2713e88f100b1716f8bd33bd56be5109c20bb36a8f913037bcbe4c3e530d8e87ce0f90f2e0f75d4ece99de86441af8ad7f4f61fcfbcb0f370255e651d99c2f3ba139f6fe73fa43d3084f6930c7f8c436ff5e591d7c117dd7a4b6db5f6ec75484f859ac56e5d721b914b4cc9266ad2797f721f6d2a0ac0c4547136f3959c21f7f13a1cc62a9dc64a9b90afd753b18554cf35c5892b4da6cc12c17ce35ac37cf5b355d325de3b1dd7c4c7777b58e301e33ec1637a99423d1c98e363fbf28c1d4e99c2d2f979cba6f092574a4bad6e231df33a509f74140a3d038fbec7ec9642d618eb8e539f872b3464fb8f79a2975c6744dfa4cf607e2f497f91965c83cf0c77752dd9b4b12876150d916da828640be87402ebd7228518995dc612ed05faa6decbc4ddeae47693ac515f62fc0038ed9942c6f4d9bc4b5f73c4818ee6f08c6b37e8efd647057fbd91e1bdb5b2bc4076fff1b6bcc254d8a6ee92f61a74da856ae11c898a3c44ae3e4d1d375216a46354055c3c41642e687fca57686b592eb9444e89e420bd2bdd7a76a1113f7c7d77244002b26466d2c7d20a27d67649fb174fe42821c23b1938b5e19fa07292bed86eee6f9ff58bcdf23715cac06fc2f9bfef5085279c1ca0200d8c3e2a6f3e0bb77fa3b1007a0995124b94baf563dc27aa79a65bb589a51481311655ce2aabfec217101bc915cb215f16bb380b233e7535b54aef19abbd1c31fc9e3500dd227caa36377a5ef4d9fb085226c5d3798f6462d616751978753efabe90ad79cdc85fc06f4dfab89002fb7f2fa2189cec8fdc0d6d2a83df9aa2a4fd3f1d11944c2bf49c92f73970acb8a673595f88bab87821a5f05971204fbdc3065a167a6631ffd0cfa5f701d7c0332557b1ba18f20b37478d5bd0e6554b6f73944d6ca3f550dfaace341c437003f079dcc0eaac0f764d16307ade63a2125ba686f5028f2e6972c9875abfda0dc3aa0c2116202d0d66798f2410be640a5553d9400dd8510799963dcc296ec29484b61770e4520d752e04da3dbf60ddcdc6a4976b5ce7356accc79dbd0f48ec114ea4f2cb5d53e7d2a1757f6bc7ca65eeeee3f63f36db72af868c117718f41c428444ff494e857198fccfbe89e8cffa5d587ea59208e47e002f16fd8770d950c5a8ec894927b2105c41aa5e92a68829791c2f8a16a3949da8168f173864a20a389f0b20c446aebea7e0cffaf114182513256de11c8866e0f652d0ec2d8e745c6cf76232dbafa7dc9d5337fa87ae61bbefb2a4b9c90403198bfe1b7035169e97eb2ef7bac31801ee32dc415c06062d0c19c70960377ea2a851b2229d8d306c95106477245d758808a993440834687739543a08484a7e23678f141adce3397ceab56e83cc490a6530cc60c84f721aa342f351b08391e795633cf19b7bfe8dc2233234a96c796584bdaba4c7eedda1277aae5c57eda8acfd046a75604dee4a275a6b6abcd63d54f1abe272703c00d79e1ba85f3464fcd58cbfe0d6f8872e3d99c06456fd80e126b3e9e1dc46b1773dcc9eda7acd7dba6f7d703b08307c75a2b2413f443d7e90c1dbafb0d68bb4dc8353cba5e5bb3d1d527baf9bda6d7a21288e7719ed106633435e3a6a85c743c243f38dc4d2365ce16c5d21aa55a30869c5992a5be2ae13d96b2caff60bca18dd5faa6e329dc3f4e9e029963a6ec0edff0d4f9da8c27d7cc987076d50d9e3d88dd6a18ce4de277d8e73efee3aa97413ae2b7a4ef9875f6ffa04872572b65ba828c42fd23614d22809b5be5a91ac0b96839e5e2346e3cb8d448c93a4d98a07dbf6dce164459deb30518bf4b3272e7e4f499d7b253e486878f3d8d9fa7ad404946e9cbe31bfcf43fce405a5f93588a04c656faa32a05e66a5595ed301dde5a126469f0b679708fe58edd86c2eb6b97a03c0b019eddd7f6d88db1e475021b0879c344018a130233a7ca57c448b263cf802cdc09f965fead4f48ba2d4049c6b88f752f112dbcf8882b26f27b15e5971834ec4ab94c936b15b8f74a38cb96344a445aee1ff02467b6cb4c76df8c4b68523028d7f59d30d4dbe984b989ed1870a59b202072252c306b38a0530780dc031c6015702230e744701032d36507d417293fbb21fe75a01ae3128640d1e03138e2680bec75c0af12ddf95300ba3f126e2f8019ca09a67ea5053f30bf724e5670c17851c537201c8bcb248a5e9849e467b26a2a7b0c6cf6f4690b2e72740591e85b0e7cdeb876390338b8cf74946726a0dd8226718b29d8450e2089cfeb21ff37961afb408c24dac407567ce728607d37e9847a4e82ac84a256d1625d812a1c581fe65e66baa741bed0977c1a728370da67908ea6bec47f5845fd1da0862b4eb94e2b724fcc18732bd1973e92301a33aa022fa7c913a7f43f43f15eef223c7b193c129f861232e4683fa0d86a31db99b4239ff85d14b0fb8b87adbfab7383aabe4748aea807e4c3fe37ce6cd536ad283878598455a9ff7d0baa3f27f7a57fac2f47afdc14b4a334cafb21a8380ad141eeda6f3e069359e98c522c97559a1de5ff7d0f71edc4e433a57dd2d7a035485cf4ad4a55bbdd056dfe03a30bc85c7cf47ba8ed4de220fc056cea68ab77e5cc30f6a2de9abfdbdbd88725b8542b593d81e65945bb0b53bf9815fee368520939ba9fb55588c956d07db9770c6e3b325bd2641cdd1e5201d6910b2ae50feffd28d85ca166cf2949d5a335fd9fd7d77906dbfade2ee6884ae8ca66c39a920ad0a309a8ccb2956306458902116074c4541c85ca4b3e3ba968f17feb17d1a2436424578393ff56a0112635180f0af89db2e33e6935507b025779aea9dbd067edecbd49634ebc77c0d6c4dd4c295dc0e8eb1c44406c64a33ea23c6a93c3a2895fc23cb4f773a29efb05d90beb96479888c55639931e024733a4c32dc576d6e52142b38d8a9b9d2fe312f0159ede1d25df20114b7955c3bb78ecc54add0f357670d031931dbb640f4b57c017e97e71a97c571605125faeca107f8beeb58079b90e6a6cabb1677210c5b2d2659d552fa2daa15faa7b17061abfea725b49dd016a078517c285cf47592bbff7cafa16595884f48e11346b1e4588a083d9dceecd146b3ea0a6b87d049f71b1222ed8864c697e2ccfdb9fc3c7f22187e10a91598e479d25d1546e4fc68dbe56ec94d5bc792e246e817d7769f166104853e405b08b246a2022bda6f9c3f739c6d6d2f3a7f870ee183a76978ec00c43d94aefafe468f0f1021fc74770142db7e5967bae852291ab9c3e56f00a1229b12eea414b8b6fb2c9635f0b5d32175f5be4a04fb572368258a4ed72d4d3494637c8d6ee4c6d4bf35c8c494ac4d2da1864786ad0f41d362d1cf07d60dacd9779c3ef8b8b120b27aab34d9805df829db55e6a691740e118cf542b4f6b28c0d860d4aae677e2702dcfd822fe5457c66dc2f8c457715eede8cac7837a936b731c297927c463b463c1d03d502485b41306dd2063780afe9543f96da9c086fffe3910f2314a382dbbee9f72b7e66e90f44b9049f1059a819ec8ca7af8f836704c6d188e94e7f8bebacc682c4c46de1fde391ab0e5ec89e2a488639e70fc1d9cd5e04c4122903d958d3a03419121e3424a23231289634d010f582c440d87e91286abbe95a86481927f2765f6d0f3c2e9ef60b33ad763035055840c64ada2c841adad19b7d5924a2b86da236f15ee50c0914a0a1cfba62317aa2d33de78d08ab6287618bba0e3fe9496a695f059a475d37c6c937e9dfa77215aa3af6f0a862c23e1c9d15921982e8e17c63a1208b9da06c5f0bc72c4bf855600950cf0ea6e77a91b81e6aebe0e35809464599bf916984ecf8268813a3faee2260c3e28545637e463de165dac512e8b784e5163da5471ee710ffec3c496e78d5c5ec941d2616286960f0a7bbc4d4f778309cf5091ba7e05b7a598d7865ee10e1813515dba5e7b4a3e23c1ba33bec878b0b8f3a13e17b59aa07452fe645069c4e2f7b82f106dc1a6093d45abf393f4a68f57f6521662f639d8136914823c393e0cae4bd3784e6b2bda5671fc8ebc68b3dc7aee2d876a48c205a4e7df8ea786f124f6c83baa8b85df819e8ee366eb5507809a1e36fd3f17facb562dfe511b9183b62852312eaf947fe6a61dc168de4602910c6d12ce15e35e3b4125b5f9714ea1c49a1fdfff7a8ead500b288549b30bf2a1f4f198393432498334e65e198f0352b6c181491859f166e64846570dc551b909d1bf8bc15935ba82183c81c6c49210a347a37db3467c32c7d1e3a8aa3c7957ba2c37eb3f27b928f45908cfd22dab3c604dd053ca2425f122e11fc09cea1344d0e850a28240128e501b4425333dbd5dbba9269d62c516b4d3b16783489c7e25b2816a6f167ffeb6f19a8636b18e15926f5ad1ee4a4dd242a7f1a2fdfc7bfbf40b75da981a566d4965f50657e8179e0d3b40185f29a5061ea351e60970cb3d142c28375a5d8dced003a5b01846b4ed6460acdf2cbde7529da68aecd562d3ae10aa1c1e2325f09884df99e0f4246b2f9b879d711ab49757910c54f8fa48439dd47ce70935cd4f3b1ff85a28232b6ccbb51fd5d36a69c4eb5abf9cef8642172399f94cb2daed8d2d6ed279c6e35284e7ac5db840ca12ed7d168454725e19f552aad7de59ab368e4d42238444a8672f937aedc61c2159b6d1d4aada07c6de08ae40a1bae8ca696273f5748a6259ff4bcc39510e11a5f8ba25766c6779f07761c936ac0d0d01f1d4b488c3d2742c1a3029da837cc33dd1780695c5fc1542830006989b3faa62a9c8538ae840c8285cde8a13085cd295f695a0ab6d27b03a16b1904fc62fe25776df3fa792f54f4a5ad98f1f0be45848c81e34d70d4850a4ac3a5a7dbc56fff68eb4212bb1109f6f129c12babef6ef9671901c73da50966fb18d1f0c1575cbf985fd5a5c36f33386a1ce35c2ca4422b3c0522fbcbd873d8f0f80734b4f3e0bd1aa80beb6b1ec9a40a2d39adac14b7de089820c1314ef3b2fc2988778b9cbca0fe0f64cb858a90a6bcf67961644f6bd5825c43c9d4d4b0a8e5c7321346edf5f56558c00550891392055e15a6402220301235ac8593dbbe26f1f5105d50b1199d2fe2d74a78ea8e83fb409716c7d508ac1476d067c5aa77b1f689488e406bb6702648aa1faeecdcce8702f3d66e66c927487cfba756c070065126f225afc58fe54d50923f1c7b14ce478d40f4bf9eccc441c8c931359f97898e6d8fe42a175546ec8c6d52672947e0233c1cccad78d44494361f6c81c530e9bea0e911d30998f0aeddeda8269e1a87e86509a5a4c2ed5f49e8b1bfdae1cfda352dee261ea029f80418e2232616e9f8443fce5d3f82e6bc8b8fc1e65419dc2fd1451e445f6e06ea3d12206ecadf4e45f9bf1340e162be57ea63787580c50a452af6d3b12fe4e2b8aa861e435f7766f35fa272841094149c81a40e7bff1f7177c38787b53b1b4fcf18e50c89ad3049f35f306fe628d4bdbacc07c44f8fc0006023407b4484ad6fbc15094b02a009f50e34efc0e75ab23dcc1b8355f4cd5f693aaf01e6fde20ce36fbd7fac42e00ce6100b0dfa974680dfef60ffa7f905840a2c345410abc5907edbd18d01556e6ce2593c910b282be64b225e6ce5b9b2388d602023959680981f0ee1296ecdf08e57c6a797421997a022e869f8e8a48a91a1bbe30169f608a2e854bd4de33adf2fe67577de2feee46424a679f7666307ab2134bbe9e79a12af724f97dda27d075e00cd59a260ca33be676df34ee96e13d436395edbafe4a83e1246b7b0194bd4c40d74521e52f06572102ecddd71da2bc35057eb66e7278801512f349d9f798ac8c38ba4fd2523d9f2f9586749b64dc8a0e3461cd7b7fb82e575bbba20c359ca2076cd669cb1ef83f082f21868c31fd750a2dac5670317c550a79324db88b68dd0f16e98c4b83710024d059569f5402eae23e8052b5b4b48502e0fc2483a20e38417f57cdb7ae870ce3c8352b1f4c6ffd61ed8e2751f5b93e266617b087c94a68ef704731409f3fd49bf677bdcc0c58e6094a8fd99cce1df278570390c37f51faf6fe93923f62984d5672a2d867f18ca76b964e2f7c259f639ab1122e749dd9c4f9b4470d8b68502f6f40685b74a24323837cf7e32b433c3ccbf064be0e70ffc2e5c2eae587154a7958d6c3f696fe42da49e4292404461908f7a1437b000a7f115cba487a9b426aa6ebdecbf0673e39356f894c0b3417491d0dd266a97b8711d16e6ed053028995e414d602f3296542ed46591c44a5dd1c466a92d8826bc12973e44028d37fb13bbe9ed2947334787c60f48b4f61089e3425fd165eaa1e3a2707891732875018420060afa179687c9e0f3f43b45e81fff95e07a518c9db494d0e4e453b8a35c7a0dd1ae81f4c0fd49f40fc9a6165a01ec00e0a97cd7282fb0c264709fa6e8310372bf06f66fd0f53d7919cba43d59cfcbb9f3b148b73edbdd75acdfe5f5fe2ffe40416c097e18a0fc0619bfbb78066f372d21f5d52fe4753ab29a0edf66b05c5bd3e6a5190f248561919dea3f20185e89f79fea4aaa12a44f14041a0620b23f28d5c535f40bae130843125a879e7f33d6c61cbe55ba51837b3194245237317d8532f94ed06543f5cc55535045b8b514c0d76097f520387e7b182c48c7b0173ac353d48566fafa00e7e5f7962f79645f73150d1921b6d6bcd240898aedb21b4453d63ba838bf90efbc5363beae5ad0609469a5b1c51aeae051fa57b16ad7f7c7a3f018e292ca5fbd9be583cfa9babbbb21caa574d35d8d778b1ae56e627ace9121fe5de64ed6dc684e5ee65c85baf2237953a0ced94eaa01e8c1911f487fb8324089f687040aac05dbb39475b26b1549c3d0a6b2d701fabd478b0d2e22cf720a6c80dc8971b1f0a9f39b4732fc7923a23b736966ee1537199511018723632631d36f6eca17c1192b6ec5cd68fd0de31c256270d668db457bbf57de66cb5054f446cdba23440cf485c5b379639284fb653141e20f8ab14c43f1faa181feae3a09cc6654ccc76e901c9c2fa67eeb17f488db52cde8cd26fba1f20db19c1dd92d9b09d1d2e9c8383aca4029492e5b91039fe624b35212c068120cd33a40b3ee7369bed5a705e0f7b13f0f266ff985a535d99c0a99366ab9767254da39964cd1a5df670bb7cebc06a5054d8a63aa5472f4a1d381cfc3d0e0ca8ee8c6f06974facc76538f6eaad66fc673f2dcc5cc65309fa7c821045813a1cf30d6b0a7e83e65b78f47957f28a7a80f34a14754b3347cd16e1b4d2a596099d1a17c681be6d9e4aa3724ea8a6fd6cf1a7492bedca5b47d22f1fbd710a77146acf6a11b95b36eeb2dd15c76ce7a54817c4181c90799ded1cf8c1168b39f5338822f485fc258ca42e1474927f6fb0ebf46bde59fe4e0b216fcb4015c40af76da02ef309039bc9fad472d5e9088b1f47b4a03e50458392a9d1cf4612690289429bbb60be45d9b658d1e88c2df6383c766b6246760238ff968f344311f6d9c3619763c573b7f27b99cdff92d6090003164ca5e684c60690fb13118f46424e98592b37755d715416c7fc758881f29f87371d086d24c759eb4455b50eff93123b5b150186e5a9e20945d0833a7d1039712736f5b266a7041a2ea20e959ed0a5286352f9a5f96b5b72df30df35c693379304d02200052b491a1dc18239ad5b953ae70c0f33623de25256cbf637bf25e24b21d4c78ba4591481e8424f1a1f329958c5f3ec3cc8ee72a6950dc2c1cfdf2354143e285ca9f82bec1fdf51ccab28ee51035c8dbcef7170843e858d01360266860800571a4fe0936ba82b97c8fcf76f19d49f6f95bc37b23997f8153c22b49d43598af71797547e02050f24fdaa4defe4513aab82f18e2223e2372cfaa95ec24fac636025bfdba5a4fbe25bb4beb596d272d06bc5c19e88e323d4c3afac75ded11b05cf3a0aef570e2700fad7d4b714cc8db83ed5a1c8d398d37bf1a3686ff122b76f06f4ece5413c5da26944e31177e5088e5b4255ff0cd2358b997f511bbc6593b3a6d14b3411a3a22a4e1751c3d0459fadbeae6f0bc399c7e526ba309708fc374e4c3dffbf03355b5147794704a71d6714e2329523dcfbdd6137c87212bc13d9b83d00b11422ba73abee769374762df22f55efde6766ca37c351a07552255a42aba6b9aab9ccb8576da44a7341797af0d86b68d3ab17821e86405e34e49cb73198b78b2536d49f5590ba2cc75ba9d0cb7b7f7c13bce023301a84b67d1afddad8bd1904803f9a4392ae7742bfb35530f0da566a295ba5a0786db745bd4ad5de86120fbc0b453131b4f21bd519aefe216cd7658d80e3a6afdf0f8c28ce0df38a38f0ffb5d7dac8692808be0299423253b91a347aabdf60db0a5c35404ee4148d31ae75e0095b8f07e6471be0c19fb41591cb290342a04ad89f17b3d00af14a0763a71ae376c9f707ee7cf3254e42d2641239d531e7e1c94805df8bc58a8075ce535cc648da9a3e0a9decf6d699173b1f65d25e366b0c8701eb53e0b509ca077bfd142f5a1b2782838bbafcfffb0b8c0d6751de09f68d0b23834ea46370568c9a4fb7630fc1e82dffc56da06090ce3d61aa1dd5807a98dc6aac17518a0cebb0bd0ff4d828743fa9ff0381e730df6c6b0137667a0875f1c4d8c820b0ae44253a5e3047f4a64bbcc64dcb1035b43c2c63a97df5a8cbf3be7ec92ac92e3d8ab7f257ab63eefde2ffe5abbf040d3776bef144c5e372f044fafdaba0540368615c92dfb61a3ff45651835bbd6610f4f6e5b7875d9c74367e913fb2dca9f6c755a070d01a600633f399af71d99aef87871ebdd8c0a27dbbab4961ca83df205c9440658ad3192dc116281e26eb6f236fd701667d5dae9f1c48e66c7396366b48f2557dcfd30ca4a96a7daf292c3a6b3278d910a728bcc39e66dec14969b1742d960307c45bb38fdec8f9c26775cbc7ec671873f4af31eaf9339de30b60fc3613724de2171ae81d86949c534f169b8ee5fe8318a2ec64e3b690da09e0c355225c8205c6adacde1f25c242aa1b456d6b23f0bda02b369bb0c751623fe4d40c6e6999d9e494423481ce01c85dd45ae4f6f6993388bdd32bdf01b9c22215c644ba8b517498ca02dee7f32fde3d8f591896c21cb68c82b90d84694ffbf2fcc875abce3ecbc33d9a6c58807cb0c2f3a5f77f107653c1dca780ee861799498e8165c2be957ba9f6c8bf57549674b389d341e2b99fc7931ea40793d9a17604298220af7254eb8e972cd28ea877d8ed52bab1162de7a66a0e9afd10e649b5554f41df0a7623c3e1744f439f39685de6afc65dd6c37069681afd30e476c09142c8460191526ddde6c651767ac59371a881f757d3cf2bae6d48ea781e89931b9e3ea3f65097b006fe15b61cbefede125e949abf541d670f122eff8be716b2cd662d69ead1dc797d58efe39aab72af7e610452746cff38d63b8eb217b4fc66de320aebac6e02e149f197b1ab53544162c22597ad7499f7bd75d0307ce75ce5f3b606b009c7dae85615bccaadb3cf261549be0cfe29e8faa175403342384b3efb79ecbdd4350ac768ab6d40957dd185fc4509938f9d387c86c06ed93baf9b4f931f53ded6aa431531a64a39e4fbe92b25d2c28f9314a5570b72ec33a0080d3ab68bc9fcb1786ccd5876856fa1310480f8272ee931679195e19ba116ccfe4b82c928698fe6b96b03d5f33b332bf2fb9fdfb82e386a716853d35a4374f092c2ab00e43fb8639fc525a87d41548e2289074345ca780e29c871c1ae27d27abb25dc9f5cc7460fedea216fd36ee28f69b00f7535dbf931d638f4ed710720cd94de10938ac2018888df4d1aee5676d09e4999b92d48a579916d86faebdefb9562e32e4a43857ab90af69ebd6b22ae50a1a99f8f0ffc731b2db79889824b587b75043265fa1dca7b68c2c2df36b774b5103a149bcfd4d1b3cbce3e4f257f981f973693a8120c4d4d1aefad1451c24dc12fdf798c23786c7498c6faa2b46057bd4d4be51d219a373a6153711a490c588c2085befdaa31c17cc1efc08e341e065e27489ec987a994aceffc0d3ed764606e2195bf3553fbab72a0583396f49743c7059371a3083a4fe7dcc553e26a871503990a9b99539ff0cf90866b90b6183e65756c3f5c9387aa83854c8b5335fd6a71b32383c34f22241cd25d538989d19ec7052a41523d7bdd8a834315dab3c27d9b92274fb9148119d458b38eba62d8cf955a326437f7d13ff61142748410a2fbba9341f58ddfdd45cfd77106b1ec6bae9666537705bd79e645f7a735f07865e603ed2583936a4c92377ba099fd6de8cf29b1761846a6bb803fb6ad1830e6d72beb73d89956ceaab9c2e711ac22e5823e341e14d33093d382344f811c105e7e0e0a8d73602edb2e9860235cf5e65a7c4f91d85f8038ea6706f68688576bfb75b4832fad45e4d31a3832e56b83cdacb09f10097028de8931d155b6b68adae12d7c3fb030b9436697ce648d33d0c6ce9d281e11d4c126634f50693b5edee21526b96f69f565668b7cb811151a2d27f44cca69bc36edab2cdf09de88d53246c5bcfd91c2a409f98075e64ff2d716701e28b30f5e3e2834f8cce5b8", 0x2000, &(0x7f00000008c0)={&(0x7f0000000100)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000002140)="fdeefd80d64d0472b1a75015f202dce45a3e90fc5c06dd1c4ba133e2fa8cb56b860d3d470c025e88cf26f75ea850514f2da11943ac169edb40d497f07b0cb16d621dd81e283bdc289a2a4956c39b40bc7a6129d9ab8479888e6b8dd7e6e227f10776dbfffff456fe742125796d8012ba0fdc0af9962cb98a63fac1d236968813427b060d7bce109d523dbbfbe15ef24ecbd3b16d42514bd6ce98e45fd1ec1e0835aed74b49bfd7fac0c8935c8a3d0708c258b75a1cb6211b9d68a501412f0ed0c66c0c3dbd3fa0903414502b982b9ac80834971ddf14052deacaa6e159226a95b84bdbdec03c0e12e8f9da74c4856753bf130edab60c4f49f254b0c951aef2d51b91c8c038eb79fffdd0fde91abc022543fcb8a3cc93bb2dbdfa772fd96f53de5c837d4e5da5b42d4f30c7fbf2015c40aae0bcb02b6cd230212cfad19c9590cb1cc1698d6a5dae96ff1ba51cfdf17315195ea96b76218ccf010b1687ecf9491553e49bc99959c28fa7ef300ccdb60b36b7dcd270f2dcd342a6ab1a8eafde6278a3a41d7df5f11cd01e3c6e680b09f2bd87e1ed21dbee7d5fd448f2d7634397bb6d52487c9fb60e089974ffa173baeb22251e4caf3592a5839a6a7e6f795665bd4961895c0fc4788e1bd0335bee00f8409dc4a97625a1d2fc0e153a4e5c53d98176cdddc15210a0c740b42ea43fe9ab07275a5e7558cabefde897adf60ea501bdbd5b1f44a3d2701b5bff578970d00591b4c083994a1dbd2c2adf44469ddd46e69de45771e06bb6d0725f13f82df4f6c02e36cbd705ed516dae16995cb54a4720e29152b5fdc10dd63859a762f2223b5b1a98ce3dd6b0cf7af0b42d635362fb700317de7fb87a943e775220088ac8dda454e4e1f7d077750e30dbd22b9983219243f523df735064a2689e09c3df012d9019bce8ca9494cd5da5b52dea74bd7755db6000155db71618891d9fb672a400121c962bf400183e9c73264be5849bacf399001e4ba48c9119a5c0e4ebf08b10749a545b1f89c84edc89dda269f276143bbca4d12444363e2439ca111bac4ea1a554283a20139de76f5f2413ff915ef1e1b6ffa6a83430c57fc67cf3373416adc41674b63cfac5ed0e84010098b87ea1cbfdc1fd41d9ebaef2417a0add7137a54e1a34013786e598a09a18406d1a978aae0c09148c1414003966888a5ee21c9d0634f16c08c14c0a002be922f911e5f757ede358072950b0cc4aed9e482055883f6dbcbbab1374a85138ef81fa77dda73a27d2333f9d85a4c53ff8d6c42df6c4cc73ffa54f4c468086cf636fa65870cc4a5283495327422acd784ad12adce8d291b384cb7636e9871823a0a48cb0bcb954f7b760c54dc3a8e58ba433199c8fd164cf6b71102778ce38c5c04f93ca5303b319b7d15011a5996c18f745ad73e4349c1da9c6ac12c295126c2ca1745f44090ff79ca4dad621a680e35fc687ba7c80160002aedc3ad9b45fe944ec6c8d99d3f6259fd1c500735309deb75cee99b1bf3f90a73723e2abe7bc087bc966314ab91b1bf7f6534727add854c8bd8056c69fb1096b7e6d56d211e9d0137f9903e3da5a6254350fda326766ff837293ca1677ac17707ca324e67ddaac8f333b25663c2523c42d9b16ca441ab14ce8afee6e9ed570f3a9382deef252dcd8548b0e7417a75dc5b5a210591db9df77c562c894cbe7e220c02003f6bc1a81a6ae248dd759d5a8920483f1ca27ff6a43a92e558e600e38d9ae313cc3d1d9c05ed0cd9cbd221559f34ae5608c1a36d6cf832e95f8e31d70018166e4df023e2245e2ba6bea390ffc1dbe236329da1f300ce314185f5725a62390a4f314be1aa72f454a23666f19171e4e5368cbf35a1fcd2fdcf89d0e6e4b80bf5a8e4f4fdce681214f65aeed7be361cb7c5a20cf2086199776b5d2ef0d4356180af12e960dfd68c74ede48a855b0af13b39d1b51d765c44bb4b0b0a7f1cf189130d4c840eb67ff1b2b116ce2756e15b1568fd2d8be55b66ca473cab5565a24fcb381ae6adf33f1b90346781cabdf857fbd4c2d2759db663737a8ab7b4b98c9ce77ef1a5949a20270d648c0ebb8ca3b27e971b3c306081feecf7a1517c691643d18f79a1b60eeec3d200cfcc987e06c184bb6e18910d19722fdc461899515ff42962be113ea9a4575db9e614235a0ba54a9a80fac7b89f370bea33d7ced94c794f50deb42fec0d59893d0d2b34edd06e8dd679bfa4abedb48e1daf5cb3f85892e75cb3604b81a6f61fa2ffc5127261cd1d10028bc67d42c2e9433994a0a24aa0dde3eef333c4d288ef6bbbee2e7a9e730ee2b97af7a6cc3f082ca5e5ea9575f8b4e8c527b3b1b5131d84d84a7cd91a0dd92a328d11fa3c4eeb5dcd0ab721ca5399302768ee03a1f1d9eef2ce5d04e507843db2f87bfa8f07210c9e52a26165ef3d5905d17f86c5b003b1a8206dda0ced9a9a9568158cc14963bedbf6d032947df4bcfee8e6f953b5b1336b63b3a8bbf0053e23cb4ccacd69b2c8eabd23a7a8aa44639a83465e926223072db08e75bcaa253f0499af3615fa83e706a49255661da58a0652a2d213818fe96fc13257f994b85bf35eaad426904ee2130e0ec278b3725a13974baa88fa9e59efc0a2433cf6e8f02e66dda889d9df6f2131ac129a782b6b00266dfadb7e7997f6da94728e3cd7108190f6348303ca65512e4880a3a8c2302eab156aab10d13e83a7876c8a5b3f41a7fac9b084b2e29765bf2f24e50fb6ce2f305b8a0c4135363ca4c8fd3e72293b4d19715fad195d271de392926665a6972713c8427703f5058723bdbd52a1191f1e1357cbcb80fb0ebc273d6f531ffae71ea42e958e83fa7a7d034db19da9e6e1ea8ade32602e0ceddeb0d955f887381024d1ce8be66d9e2a4ab56b2bff947f173610110cc215dcbdced27a1b12942916e4a923cf6d236f0fe5c2313617d4a4b0c636b324d0f079213adc3a489bdb2431fdb95d89a808a10eaeab7c15940d7ed062a4a4552ca8d6d4728921f2475659a7016d00720fd793c583549ba7b7d512bc65c7ef0d21e758ad7fb5b3e0fbcd8da5c4b18cf38e1c30c790961c18ef218f4befd347032f392e708b379fdfff61b7e2a1e38c60a6a455e26c783180f1f21fb949e5bdae5cf5947edaed57039e1c66183e70ee43d88c7519153c6e3115755860021eca84717f20aaeb71b923a61789de36c1d51ceed915c3493900477d3c3a2d74309e5ad469d1c7853425080536ea0e5ad89e70344a1cffbc3bb5ce5d7cb4eb1890cc4d93076a3c8cfd16d10b2cfd84f8b596e6bcc5c784de3cbc8708ad2ebe8efa35e518c0d23af6b604c5b40c91a3a9ad2016ea8223d494ee84e6489119580d4a841af36ac19bcbd24324bfd8611963b8f346c75fbff494f0fedeac6c956e30b093167c83ceaa6a15a9f1b56d6f190f18a9f28eb1c0c86ea20dbd75a42981047f85a383ccfe53c5af6884dc617b92e32b7dd00dbd831e413d8adcc6e861e6597f8c064a86038724089acc092d6d1fefa7d0891cc69d8b596f6fd540653ce7a934a56157a2f1d6375dbd01e9d7b5871b278965a542bdb44272de338ee55931d8f07259dfd1707b82685de557240a595dcfbaaaac19a01e7c4e21638a2e722727cc383b9991712ae35ece2c240413ec0ed0e34341881cf1503aaa7972144c1ba840816277a7c483bc1b9c1f96f3944d62ad8fb469134b5f3e3467a27f9afe7c3e77ef9044e76002856e448d7d70b14e29cbd67a7891851c4126fe42c93eefa72984b5c55c940d8ed70f1c0162c5737a0754800049eb83a46cab5bc1c66a2e254fc24d7af2f7d30b9498faa98899d6173a51f92dac24dbad0f41b4fc924b41ee479780aa88d48205a7633fc233209f734359f19bedee4b86dbbfb042911bd9c2e7ceb5026075640d410d405ba2ce1b01993638338d986a827c4366ac336923955a622aa8aed3c348ebe242dda546c7fb255561290e35b3ecf3b3e94fe776dd444f1b7e079030987b0bc351bf8fe036b098061000c81eaa8657418fd3a18c74160ac96554c272230863196e50810bf272dd7d5d604b8d7b0dbcbc63195bd121087e0108642e4aead093634c7cd959994954ccf813da51e71c3e4b2c920a326bc9def6196981e2ce120967f7f97fb6b3d85cc07b628b2428ebbb939614be918402743d49a8c11c268a6a61610fde681dc7c27fe927fd16cc77fa298f334aa1f1e361ce7cfc987db0977f526664d4f354a5974ade57fa38d916f69641ec3ec88ec023e6707e1fac88b5ac85a175a00034e8db81b133b4313dd2af5ecac5ffdc4f2f712ed9cbf07bec3021e4d8330daefc06c0d832286631f2147676bf19b6073d117ab15bbbaf01bcd7e58e7ff27d5486bcfc2f948ade2dcbe1da6ba89224bcd7eff54d7777b3b9f4e1e4045369bb57038f4d943f1aa77026757b415cfd35ea3dcb735fd72d41bc090d761aa1ca3d563a8ed838abb47dce69571eb4d6c6ab5b70c1158d0881a54b7cca6afc6750a61e1e6aaab2496af19ed42e4cb3d17a1dbbd25c28de32e31a4fa7d50757a32d0852dee6a003e1b2bc1c7b64ced213d0aacce44c3fa2002e1f5d1951e63eb6fcb40be01baf3838f58e1d8a01be7d953fa3c4aa8e3a4d003aebf7b7b02612a7b4a1b2429624b3e6ba59a350e550f85777dfce2574ab18fcb42b973cd27ba9f8536fd5f389817a5c85f0dc18eb81e6e17a8e4f9d439e5172cb0ce8379987b648e24a457a707b7c4d3999ea98989795d1110e47277e8ba1320500423b0cff2ab75b604fce71262d80f5001e4c61255ab086d2defc5de1784cddee7ab91257ce2ef2340de55310e478d55305a8fcb16f6a99311a9a899a46403be50639651a707456b6e21c18c7359dc0905fd1d41bfad018dd1a34293400170bdd24974737ab046276002eafc9864e7e70854d64917a60ff0e295b5cf7b8680ffd96ed1ec80b5efd2a4416391937c5ea8ff679579d12d0b12f1fd5cf11c8a1bad84c2f9369b66704e657acf75ea5bf8b6f14e37343bc27664635b4b6c37e5ca7d6702dcb56c20825effd95e7f48440f9caf80f370c0add32f551b95547fe66e503b163984df85bb66de2f5248e7ca96cf3e60f2e3fc99277bad915ae56ebea5ce612a0451e490b8111332ff2f04cd4e6463e14ea6bb9e0b727bf6f3f900fe98160ec5e6e560d8dbe35dee5bd262390a30fe08f3f8916d7e509711f60047c9017e71fed8e8b3151d7fdc7d786b92ed11e69b0f813d0c302a9138ed201663ead417a8531b5d86f648b6fe0a971bd631abe7bf39a029894983a5cb3dba20fa0b3803a7982c37f4334ae5548a83385936ce5de56ee0bd3aed1fa48ab052bc611b96b360cc0e443f46376cf4d7a70816b239349bc6a7c574b2084c0b8b3c5c58198c9cb06e9eacaf6e93fc9252c64bab52108c451d4ec9d6aa2a2f2c439d59a04b25056e449e565b307814ee57d689d70f3e5028db32205d327ff7b08712f718eb79564bb963530d77e4429fd6f4a623da644004708013d65c0eb4f36b7db1bfcf1008d83109084541d508d1b38e0b9fc85ea5d89d7d05537781c0dc312741e98eead9b377a06e5c209223a83e19adc51b63a028fa875246c52601f15365337eb33d15094bdf73e881e72f8e20ff83ee723ad6fc6f6670098f6375a5c3e9ae9fa4109293505f1c0b786dc483216fc8678760685d3764422d9ec65c8efc24279c5df51ec07cc087c47f598ec54c3cc6153d259bb07d0ecef240d40910366ae80a866f0b7e0f3a2275bbda694ff688d4c1400094f187b8b553bf5f7591472141d12c52eafa160acf7fc57cce7090d430d5fef4256c04bd708366426a114b49f213f3bdc3132212cd87ce81e57280fdfd5210a16aa483ee9f1684dc479eea432b8bee57cb43e026ec3359ba0d8e52eac6f5ce6cc088cba1c9b619702a2466080ef10d1899bb11215c8a0ede5ff02f790f0c805e2839a65a9c07849b3fb40324876c6be9c4ca2c4c6be3fed73a34f0826a01cc17a1f757f19b12f3f36225811900828688499be354c649e472c06301954ce8aad50e9a8648f08a89c904d57922b6926905d266362018574b1da3da0768b614ae43902e42b9ccb8ef11927ce6639fb0e955ceefcbdb95c43af7d213a752411ab56e2e441e38c36cf960a5a6091682dff943a72d1dbeace99ea4b300157f7a789f893859dbd344bd9f6a077fc34c354b6cb254f27b48fdb6bbd33741b8535fa44c28588abae787808f1a8d70aedd5516dead51d9432f9d0ea9806e996436ee7e9c7a9ce991aafd965e88e6512bab8b121bd3db052721fcf92f2d5f81fbefdf1d305e4174ed327f8f0a068fe7032791fa85d7aae29dfa6814ebc63a16a9a94761d0abee354b3f23c7f1b3cba6b1a2423911d5efd2005f37dce7fcc415b48db9c8e02c61e619e8a73ecaa54ff28b437fdad38389863bf4a5101cac7243ee27e7d2f5092dccee8866dd7e4c0ef6403ae66a52c34ddc0db6a24d9f1e9fb27b695212eac0513d553ce42428af9c96fd56f2e62a48017fa43b443cd9bde4c716d27e094062a0de9160ec4ab0fa33b0243d1cd86ebe4ab41a6298c4162d3054bb896173700862d1004a3a3e8bc4e36eaca05de51458a668c5dc5d425af96a83f8839e9516739ed991f9835d6d1f12b6baa6071ad08675b3f46129c2132cf976255b8189064140dfc297a5633c993eaacbed03d3dbf4716487bbb94d10ef790fe4007aa29bf07c2dd03d10edf033642459d53436b99ceece5b37737c82ff411d91789810a5d25dba73c916514d12212b1dc37fc7e179e772087673b61d2a957f6b9a4f0039fbbd30e0d7fc29ac5c617567769353bcb9d45a195a6b64b5b881ff79aa3bb381f3bba4cea8c89641014421cc7cebd99b345c34911b85c997e9139e2c493f9cbc39e387c894c5cd06de935deacc64e70f13c9d6ffa9b8376753d53a18db52ca1bffed8c6ee61b87d6a8a916b75b3a4bc93ef72ead960e75365ed88bc0eeba1354429dc4a1884957a3009f739a7a6398d9bea0bc973de2210221202736351ea7a308e05086381ec82d1babbcc25ba7ee3b5b34bb27c04e603773daf7fe2a9250fb347e2c4c0e3b49689d5f28ec3a17584fedc9bf5d6e4bba6d5fccc95a4753d1b15585807858ced10468506cc91c8ab4e480d785dc70c2457eac941c1afde1af2523eed5a488057dbdac1299a7fd95d5d8e3dd5a2a49ebe7f0e6720a1fafd864feaaef209a3c215d18805f33a1bbe44d8871c5bb040684b0920517f8ae8544cc05fc1a751d395a506ee7db9ee1ac24121f45bf1e7c6da5e27978228285d19f59f13ddfb85f6587368475491575fe46a48e69dcfa421034bba6765a25800a6d240b1b7c4c6b91ba3724d2f4d5e2b3d4e55c55c24100e6c5221487c8b5451983a4fb7a9d321c8488921c35d14564520e8d66edbdfab31ffd34f65d6f674624cf18f69e2d350662ffda241ae187985c10a6a8a19c4309a9519642d22158ab8ad02ecceec65bb9e0cbb9d98016876f62612358260979e2a21be2fefddf76c74ba691f5245f9a1d81d3ffdebd575f0a1ed1bca4978875905ed5156c36bbf69a21a031c55411ae973b36dc1a550bcbdf54e59100ed784a570db8a45c599ef0ab39cb891fe62c39851a57d1c2b43035bc2d4c2645ec6e23ec90ef777b0467473930ac5d0edc75a0f67897513edbee89f818245b13c697f912caca3cef0574c2bfb1b2c7974a0daaa20ba675bdea9726a16be3085868500e68f05b52203871211e2150901e3fdd8ad6c6b3cc01a8e5b282aa0093b8c4519cdcd5bbefe5f170ea20b61d2a8c537a2be1cea7d3dda07427c3806f9957eecddacb14d83539fca6a275536f64e946663ecc5200f597e146bbd20f23a9ec6cab5e999b02cedaf9a84cbd8e0a052c38768fb2006b48fdaabaa2d16f39e1ec29e0875a6ce20b72b9b455899c6eccf022c4d484cca73eb3cc5ea830b17aef1e8f146f1ce3f5a43ce71e6612322596e7866df1a226debd0dadc6680c35edaf0af76c09a9485fd67e57d04b329ddd724a33c113abf20ead238d9e0e44ce058441ec37a0e9e1608738b0e50d38d17c230502e631353428e2bd4e38167da3ff3a395d0512b127bb397bd4e346ace637e80573de6d47c341c93afcd652cd423470d6de5d5af87ca82d44242a6a842103f2d0977cb002630b3f652f06e6e9665bab93684ebc3b158a4d4937c6f43130a57bb4d33b386c854cfc082ed189564a38cbbaab8867249275157c5f978cd456b41e248a9ec8e2212e1e03ac3f0d9ecb1b71f3e9322aafb03561a66d1100c7a1873080195ee6ea5a46072654404db19942166e8d66ce7ed662e911d4240a3201e046dee5eacd4fe89ccf24526f8dc974567dbdf0004f93bd08ddbaed238eb3b2c6e3d46a91898b7d473d93d5b6da6903598109d2a9527181077be3df833830e400cbd9539acfdb1fbe7adc437cc5621e627d107e4c3e3eedd8853b5b3fe44f492d1f2166968b2c08f97eedab099f74f80d7dd57397cafe373abccea14310837a9f424d4b7e53d290cee70833ad2383a97d17b867918e7bcca0fb45daf2c6989b2ef2f6a013f1c7e28b4737e15e68601539fde305e1a428c7d86c35794ff0aba6db570b98365e2dd85e77bd62121a36d5e96ce275267a9d9d11141074965fc4bcf5a8c56d1414f9568313021a95d481373ade1e4df32afbc28f7f03ccf7b6a021fe2b5dd5cc33207fcbf9cb5890f71a55abcdb28943836952b676c9cc9e2c1bd47982b63480b250fe060687758ff5fdec94b30db4f2ecf56d88b9f6482a4077d7d04aa4cea62d1e18c0bb474187b4eaaad41e5aedc2b6b2d1c3fb62faaa8ef787b449037e70ef641daae53201c44b1a3df938168d6f40d38cde77d5bef73c3c526b57b0978742bc0ce45e496cb088df88fee12e84eb673532180698ee41e6f4ffcc83199f98c6c3a3ae5e4a7ef0706a97d66850fbb3c418831b061b1a280b4f98fd3e71c17329676a9112680ccb1c32df16b13569f22fdbd605a39be8cc963c3ac8b9045f2528dea9dd7643165b80c61f688911132a502a83a3cd4bc90ec70526b2eeb159855fb047bf97add5564d00d8edb8d7e53cf1c69694485962e4654dce73cf57515126a59770ba2208d93df836456c6be95e2f638660ac7498765796841d15cc6c9bdd463b74ae0e3795dcd9b9ee3ed70b9c24038001d18f6c4cbab6caf0b30445bb129f4ea1e84dd18873024e05723903ce04ad6dfa65d2568f77fee021cda3a716fabe1bca724d8c99613f95d4752a5ae9f8c4c487c83ecda5e06ddf53d834c853c787f4adf44a14b3a304567ddd0166ddd7b39b29e9ba896240b998b6f7cee687e0cd120209b225b99c045c15d3b2098c7161a22660b4ac1c4e96d22263fcb3bdc4c0a9be0ed7490b4f3fb951802195eea1f47fa5235035ddf31cf5125e292504f133b5cadbafa9316edc3e2496f393fdae2788b4f411fdc601f4db30f8500d446ac9250e52aa6b7d1a3a373b56447eccefc4b6ab812fb9689df9eedf0bda80fd5786e79963c6096df78ed0623b62c09696a0d6bb787b05ed35fed8e54c14a43fbda3ce7acd291f6366106197a33c47c9256455c46ab4ecfea3477cd0bba6bab61f02b37481da624c8c6493932e8296940b6846d5c1ba77cc103910e07843d0870811847fcf09c6828f8b41feaec6f67f05994bef0feff4a3ab2bb9a0805c725642f55e805beb7ed57c7eb3d1cd843e275a6cab89d7c8aa61f5ee6fb4c66a394b487e460170cd6534fcd795b350e8e81bf3f7d8b056fc182fff4f0c3c6b1fba5cb144a3ddefa141a5478af35d625addea1d754fbce6f5d7b48107da7d955867bd6518b89b1c01dd19f8e10a8c6561433d1f40cfc8a93a7602b95502f140b669a6aa98a12cef978a3a2fbc6177f01e04d127da29b4e42cd5d0721d41bf1495e82046dd606e694ed253ed0eeb90bc31509505533816d42f0e84b1358430eef48e6d6ebcd50fe7738e29f6d98de93ca404e919a5635fe81a50b9e21181a8609b1d73da47ddf5e3f85054a6ca274fb784dff58b8913560e3c558038597bf402f381081e533a333de17767a5f9302cda842b7603b0f0c453b27bf5d35d9f8175759b38e576371ed664610ba18bc3e4de205432100d050e3f3e7245a1db2b6de8193bb0a3e7a4cdfa6ab0bc3456ccea3ed2fd92104d6e8d977904815fe041ea2c49e1bdb72f77586f0caf74b9de1cad309ee4d81e073f184fc91d2cb0cb036e89191f07fdc8fedda0f346c64173a68312d6a50a9b293dc57d25757d5624cfc0a11523f604dca505638e5d44adb141d7b3a7939647ce91557f6614d347c93fe4e1ca75ba5e2b628bc140ac29bfe970db746cc07e322468563ea1dc2b23e5b898c3bda15c6f003fc726f2874848b373bd0a2031b314b0035571e8e686527eaf73635cc49d995a04e0802ea0bc9099f11e314abca66c7418a5e829df1aaf22caecd2943a4a79b724729fb5fe085a66f1ce040b09a7a02c4bf8d84e307244b26b3c28afa85c44958cd51806c101d1e3dad933df994149efd7b4bcef0e5be7eef64d46b0283f876ececa78164e80ff13b10e6f6a703c2963b94f20196ea5632892e2186aea2d566409afe5b4fd1903467f5457723512ffd57955dab82346154eaf12a3cc32574f3f072d67becbbd084a82311a7eff416c53998cfb3b43de4b872ed7301a64f8afff6aae565c7f0db55256a546240894fb2df40cc63742667ec2dab191de136b16d45158eec9db0be8845ca9b7c88fc93699b523f3fbc3fa6589738752f3407791741f6ca4433cd3953e0f6ca5b4f1caf1d271d8108eb351f115c9e013c0b82a634284ff187652d6f43c0b0790d67d54f0dc160d8cf06fe119dc0f5169217fe4ef7d212ef129a3d73c6c0123c007a533e558eb9b116e86f95b4cd8dcccb5e7b895832314963457b355181ad0d171272cef7833217cf40b22de9f9526840ba355b2618190b382240f31260d71036c9cfb3a5c7249ee58fa9ff52fb3676e9322d9f9a4a273c08b75589ce238eee4a05f42a4bdcc9fa66b3f2b9d4a35af7bfb3bb671e3ac0898aaaffcbc67345e7515f38300ee18ba77738930d8b8c0e0bf652c055dfa0b94ff0cfe84d92445ec8737e9af955499ce7d6347322fb745febedabf93a6dc9e19b1513f70aba661272fe689874622c99ed2b817839dd422f1361a6f4ff5535d3219bdb8723a61f03e4cd43eea4fcc98c2a1f4a275bcadd4cec43232ed542fa33dff1438b7958d991a719ad59395f2d39317d7aff556ece0647f84a43f8de9386cc9b12a17934d6b0a26895c542cad290b3d764f06d52004ec640cbca0e313ead2d77bfd6689cf6d99328db24481fd595adfe4f469c29d623521abc8e190c7328a4faf59cb82cf08e74608d46cc8d0595f63cee65c4693307e9f0de0e6b0738745b5f4ec3f3e4f59a419eb37651a2b33cd21065012244f4a4cc860424ae7099efe6e758d8d76570d1753f4772cdbd64fe64c225214d28936e9b9b98e39ee9c81008c49204f7cb2e95f7cbe1c2be73f689954f5308af7da7d914194df3887b0d120fb52c5", 0x2000, &(0x7f0000000b40)={&(0x7f0000000000)={0x50}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = socket$nl_audit(0x10, 0x3, 0x9) sendmsg$AUDIT_TRIM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x10}, 0x10}}, 0x0) recvmmsg(r1, &(0x7f00000021c0)=[{{&(0x7f0000000240)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, 0x80, 0x0}}], 0x1, 0x0, 0x0) close_range(r2, 0xffffffffffffffff, 0x0) 1.475445719s ago: executing program 0 (id=1256): ioctl$RTC_PIE_ON(0xffffffffffffffff, 0x4024700a) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_clone(0x88200, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$HIDIOCGRDESCSIZE(0xffffffffffffffff, 0x80044801, 0x0) 1.475177169s ago: executing program 3 (id=1257): prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70200001400894fb7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x2d) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xf, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x141141, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, 0x0) r5 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip_tables_targets\x00') read$FUSE(r5, &(0x7f0000008580)={0x2020}, 0xfffffef2) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) sendmsg$TIPC_NL_KEY_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000217000000440006803d00040067636d280400"/41], 0x58}}, 0x0) 1.474869739s ago: executing program 4 (id=1258): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x6) r1 = dup(0xffffffffffffffff) ioctl$KVM_SET_MSRS(r1, 0xc008ae88, &(0x7f00000001c0)=ANY=[@ANYBLOB="01000000052a1900fc"]) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x9, &(0x7f0000000080)) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000b80)) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="020f0000100000000000000000000000030005000000000002000000ffffffff0000000000000000080012000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000fc02000000000000000000000000000003000600000000000200fffce0000001000000000000"], 0x80}}, 0x0) 1.456968401s ago: executing program 0 (id=1259): bpf$MAP_CREATE(0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x8, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) fsetxattr(0xffffffffffffffff, 0x0, &(0x7f00000001c0)='\x00\x00o;\xc8\xdd1\xa4lB&\xa9\xb6\x06\x06\x99\t\xf5\x10\x17\'\xcaV\xab\\rw9+\xba\tl|\xde\x93\xea\x95A}\x89\x82\x8c\nN\x97\xbf\xab\xa4_\xc2\x17\xe7+\xc5\xfe\x16-\xdd\xa7\x00\xfe\xa0\xa2\xbdUw\x01\x80\x92\xea\x15\xc2opg\xee\xbd\t\xba\x9d\x98\x983\xfd\v\xc1\xbd\x1e\xd5h\xc3@\xda\xee\x97\xd5~\xee\xd6$\xc6\x8c\x01l\x1e\xd3\x1f\xe4<\xee\b\xe4\x16\xc3Ku\x84\xcd\x89\xb8\x1bF\xcd\r\xbc\xc0\xbb\xf5Q\x06\xb71>\xcd\xdb\x0f\x8c\x14\xc5\t\x92m/u,^\xe6\xc7V\xca|;j\xc1\xf4$\xe1A\x17\xeb\xf1M\x8c\x82\\\x89\x89\x00\x98\xadr\xd4\x86;\xed+\x899\x8a\xe9\x18\xb4]a\xd2\x15\x93\x84\x8b\x85\xae\'\xf4\xc9\xcb\x8c\'\x88\xff\x02\b\xaf\xe9vc\x9au\xba\xce]\x85\x98>\xa6\xe1\xc0)\xff`\xdepJ\x95E\x98\xa6pu\xbdh\xa2\xe3\x9d\x85\x19El\xf4aO\xb7\xcd\x15', 0xfc, 0x0) socket$netlink(0x10, 0x3, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000080), 0xffffffffffffffff) r7 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$WG_CMD_SET_DEVICE(r7, 0x0, 0x0) r8 = dup(r1) ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0) 1.420046523s ago: executing program 2 (id=1260): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x8, 0x8}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r1}, 0x10) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000380), &(0x7f00000003c0)='%+9llu \x00'}, 0x20) sync() 650.220756ms ago: executing program 3 (id=1261): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10) setsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000000), &(0x7f0000000180)=0x14) 503.178419ms ago: executing program 4 (id=1262): bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) syz_btf_id_by_name$bpf_lsm(0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000000)=[0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000340), &(0x7f0000000380), 0x8, 0xc2, 0x8, 0x0, 0x0}}, 0x10) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = socket(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000080)={0x209d}, 0x10) bpf$MAP_CREATE(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500007249803c00bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d) write(r2, &(0x7f00000000c0)="1800000016005f0214fffffffffffff80700000001000000", 0x18) recvmsg$inet_nvme(r2, &(0x7f0000000b40)={0x0, 0x0, 0x0}, 0x0) 480.99569ms ago: executing program 1 (id=1263): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x800714, &(0x7f0000000400)={[{@minixdf}, {@abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@debug}, {@noinit_itable}, {@errors_continue}, {@usrjquota}, {@orlov}, {@minixdf}, {@resgid}]}, 0xfe, 0x43a, &(0x7f00000008c0)="$eJzs289vFFUcAPDvzLag/GpFREHQKhobf7S0oHLwotHEgyYmesBjbQtBFmpoTYQ0Wo3BoyHxbjya+Bd40otRTyZe9W5IiDYmoKea2Z0pu0u39Mcui8znkwy8t/N23/vum7fz9r1uAKU1lP2TROyIiN8iYqCebS4wVP/v2uL85D+L85NJLC29+WdSK3d1cX6yKFo8b3ueGU4j0k+TvJJms+cvnJ6oVqfP5fnRuTPvjc6ev/DMqTMTJ6dPTp8dP3bs6JGx558bf7YjcWZxXd3/4cyBfa++fen1yeOX3vnpm6y9ew/WzzfG0SlDWeB/LdW0nnu805X12M6GdNLXw4awLpWIyLqrvzb+B6IS1ztvIF75pKeNA7oquzdtbX96YQm4gyXR6xYAvVHc6LPvv8Vxi6Yet4UrL9a/AGVxX8uP+pm+SPMy/V2sfygiji/8+2V2RJfWIQAAGn2XzX+eXmn+l8behnK78j2UwYi4JyJ2R8S9EbEnIu6LqJW9PyIeWGf9rVtDN85/0ssbCmyNsvnfC/neVvP8r5j9xWAlz+2sxd+fnDhVnT6cvyfD0b81y4+tUsf3L//6ebtzjfO/7MjqL+aCeTsu97Us0E1NzE10alJ65eOI/X0rxZ8s7wQkEbEvIvav76V3FYlTT359oF2hm8e/ig7sMy19FfFEvf8XoiX+QrL6/uToXVGdPjxaXBU3+vmXi2+0q39T8XdA1v/bmq//lhIDfyeN+7Wz66/j4u+ftf1Os9Hrf0vyVm3Pekv+2AcTc3PnxiK2JK/V8k2Pj19/bpEvymfxDx9aefzvzp+Txf9gRGQX8cGIeCgiHs7b/khEPBoRh1aJ/8eXHnt34/F3Vxb/1Iqff8vX/2Bz/68/UTn9w7ft6l9b/x+tpYbzR2qffzex1gZu5r0DAACA/4s0InZEko4sp9N0ZKT+N/x7YltanZmde+rEzPtnp+q/ERiM/rRY6RpoWA8dSxbyV6znx/O14uL8kXzd+IvK3bX8yORMdarHsUPZbW8z/jN/VHrdOqDr/F4Lyqt1/Kc9agdw67n/Q3kZ/1Bexj+U10rj/6OWvL0AuDO5/0N5Gf9QXsY/lJfxD6W0md/1S5Q5Eelt0QyJLiV6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQGf8FAAD//yWS7pw=") mkdir(&(0x7f0000000300)='./bus\x00', 0x0) chdir(&(0x7f00000003c0)='./bus\x00') symlink(&(0x7f0000000dc0)='./file0\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1) creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0) 406.191387ms ago: executing program 1 (id=1264): r0 = syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000380)='./file0\x00', 0x800804, &(0x7f0000000640)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c757466383d312c73686f72746e616d653d6c6f7765722c636865636b3d72656c617865642c726f6469722c726f6469722c757466383d302c74696d655f6f66667365743d3078666666666666666666666666666632382c636f6465706167653d3835372c6e6f6e756d7461696c3d302c696f636861727365743d6b6f69382d72752c73686f72746e616d653d77696e39352c73686f72746e616d653d6d697865642c747a3d5554432c00b6638b2365bfce5edff2d3206c0f3ff8c1bfe859ee824ff85d7690d773272154164bea29b754d1a2e184"], 0x1, 0x276, &(0x7f00000003c0)="$eJzs3UFqG1cYB/BvLMmW2oW06KoUPNAuujJ2T2BTXCg1FFq0aLtoTS1DsYTBBkGTEMWrnCAnyHmyCblADpCQXbwwmSDPSFbCyEaJbJnk99vo8d77z/vezCCtZvTPN72DvcPj/ZN7z6NeT2JpMzbjNIlWLMXIgyj17GV5PwBwy51mWbzKciulM2pTktWlay0MALg2k7//i64FALgZv//x5y9bOzvbv6VpPaL3sN9OIv/Mx7f247/oRifWoxlnEdlY3v7p553tqKZDrfiuN+i3h8ne30+K42+9iDjPb0QzWuX5jTQ3kR/027X4olh/sxudXx9HM74qz/9Qko/2cnz/7UT9a9GMp//GYXRjr6htlL+/kaY/Zo9e3/1r2DvMJ4N+e2U8r5hdudELAwAAAAAAAAAAAAAAAAAAAADAJ20tHWu9+/6dytn5+Nq08Tw/7f1Ag4n386ynaZol+fyLfDW+rkZ1kXsHAAAAAAAAAAAAAAAAAACA2+L4/zsHu91u52iujdFj/SVD8Waea63OmopKUVo3iZhtrVqRvHpyZcZdNIb1dI6SaszvEiTjnsbk0Grkaw17GnljouejV6/HeWN0dx3sJnFFql52k8yhkZXcfpWpqeX3exrFDkomNy5ZffnLD6o5a04ZSiKiNj6Zlx+nNt9zeFPfQAAAAAAAAAAAAAAAAAAAwMjFQ78lgycLKAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFuDi//9naAyK8LQ5WWXYqEbRs+AtAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bl4GwAA//95LWni") openat(r0, 0x0, 0x0, 0x184) mkdirat(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r3}, 0x10) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCL_GETKMSGREDIRECT(r4, 0x4b4d, &(0x7f00000000c0)) syz_mount_image$vfat(0x0, &(0x7f0000000100)='./file0\x00', 0x218440, 0x0, 0x1, 0x0, &(0x7f0000000000)) 343.275911ms ago: executing program 0 (id=1265): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6}]}) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400}) ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000010000)={'veth1_to_bond\x00'}) 272.931407ms ago: executing program 0 (id=1266): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0) fcntl$lock(r0, 0x25, &(0x7f0000000000)={0x1}) fcntl$lock(r0, 0x7, &(0x7f00000006c0)) fcntl$lock(r0, 0x25, &(0x7f0000000180)) 126.197229ms ago: executing program 0 (id=1267): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x8a, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@usrjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@noblock_validity}]}, 0x1, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000080)=ANY=[@ANYRES8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1e}, 0x90) bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x0, 0x0, @local}, 0x1c) syz_emit_ethernet(0x4a, &(0x7f0000000140)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2001ce", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0x5}}}}}}}, 0x0) sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 0 (id=1268): syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x8002, &(0x7f00000000c0), 0x7, 0x4a9, &(0x7f0000000b40)="$eJzs3E9sFFUYAPBvtru0gEhFREHUIhobjS0UFA5eMJp40MSIBz02bSFIoYbWRAjRkhg8GhLvxqNXD17Vm/Fk4hUPHkwMCTFcAE9jZnem3e6flrbbLri/X7L0vZk3+963b97s23m7BNCzhrJ/koiHIuJ6ROysZZcWGKr9uXPr8sTdW5cnYj5NT/6TVMvdzvK54rjteWa4FFH6Iml4wprZi5fOjk9PT13I86Nz5z4enb146eUz58ZPT52eOj92/PjRI4ePvTr2yuqDalFfFtftfZ/N7N/71ofX3pkoF9sH8r/1cXTKUAy1akrV852urMt21KWTchcbwqpk53/WXZXq+N8ZfaHzoFekaZr2t989nza60rQFeGAl0e0WAN1RvNFnn3+LxyZNPe4LN0/UPgBlcd/JH7U95SjlZSoNn287aSgiPpj/95vsEcvdh/hzgxoAAPScn04UM8HG+V8p9tSVezhfQxmMiEciYldEPBoRuyPisYhq2ccj4onGCpKIdJn6dzfkm+c/pRvriW8l2fzvtXxta+n8r5j9xWBfntsRUUyYpw7lr8lwVPpPnZmeOrxMHT+/8ftX7fbVz/+yR1Z/MRfM23Gj3HCDbnJ8bnzNATe4eSViX7kx/qScdVyxEpBExN6I2LeK5x2sS5958bv9C5nK0nIrx1+VtlxH68BSRfptxAu1/p+PJf2/WGOy/Prk6EBMTx0azc6CQy3r+PW3q++2q3/F+H/4q/GQN4/9eHK9YS/I+n9b3fkfxfrtYvyDSUSysF47u/o6rv7xZfV5hw4271vr+b8leb+a3pJv+3R8bu7C4YgtydvN28cWjy3yRfks/uGDrcf/rvyY7JV4MiKyk/ipiHg6Ip7J234gIp6NiBahLfjl9ec+arfvHs//DZPFP9ny+rek/xfX69eQ6Dt74PrdNhePe+v/o9XUcL6l9fUvWXKJuNcGduAlBAAAgPteKarf/S+NLKRLpZGR2j2g3bGtND0zO/fSqZlPzk/WfiMwGJVScaerdj+4khT3Pwfr8mMN+SP5feOv+7ZW8yMTM9OT3Q4eetz26phPmsZ/5u++brcO2HB+8gO9a6Xxv+faJjUE2HTe/6F31Y3/+TZF5n1TBv6fvP9D72o1/j9fwzHAgyU1lqGnGf/Qu8rx3kK61NWWAJvN+z/0pPX8rn/lRNrfetdANBeOgY1pxtYWdXUlkc2sulL71rUcVfxvCm3LRGl1T9gfzbv6otMhVyJixcKn93T85E/z78p3uge/35Rx2irRlcsRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAx/0XAAD//8p53a4=") syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200800, &(0x7f0000000680)={[{@nodiscard}, {}, {@acl}, {@nomblk_io_submit}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@jqfmt_vfsv1}, {@nodelalloc}, {@auto_da_alloc}, {@norecovery}]}, 0x5, 0x591, &(0x7f0000000f80)="$eJzs3V1rFFcfAPD/bBKNL89jBJHaiyJ4UYt1Y5LWFyjUXpZWKrT3dknWINm4kt2ISYXqRb3pTZFCKRVKP0Dveyn9Av0UQitIkdBSpJAyu7PJmuzmzdVd3d8PRs+Zmew5Z8/8Z8+ZmWUD6FtH039yEUci4psk4kDTtsHINh6t77f0+OZkuiSxvPzpn0kk2brG/kn2/74s81pE/PpVxIlcff1Q02tXFhZnCqVScS7Lj1Znr41WFhZPXpktTBeni1fHJybOvjs8fu7M6Y619a2Lf3//yf0Ph78+tvTdzw8P3k3ifOzPtjW34xncas4cLfybpYbi/JodxzpQWC9Jul0BdmQgi/M0No/EgRjIoh549X0ZEctAn0rEP/SpxjigMbfv0Dz4pfHog/oEaH37B+vXRmK4Njfau5Q8NTNK57sjHSg/LeOXP+7dTZfY+DrEnk3yANty63ZEnBocXH/+S7Lz386dql083tjaMvrt8we66X46/nm71fgntzL+iRbjn30tYncnNo//3MOnsh2+0ZCO/95rOf5dOXWNDGS5/9XGfEPJ5Sul4qmI+H9EHI+h3Wl+o/s5Z5ceLLfb1jz+S5e0/MZYMKvHw8Hdtcv0K6YK1cKztXrVo9sRr7cc/yYr/Z+06P/0/bi44SuvdtTh4r032u21efufr+WfIt5s2f+r9U/a3p+cGD935vRo7XgYbRwV6/115/Bv7crvdvvT/t+7cftHkub7tZXtl/Hj8JNiu21bPP6fkh7/u5LPauld2bobhWp1bixiV/Lx+vXjq3/byDf2T9t//NjG579Wx386+fp8i+2/c+hO2117of+nttX/2088+OiLH9qVv7X+f6eWOp6tWXP+e7LmUkbNVivYobcRAAAAAAAAekIuIvZHksuvpHO5fL7+fMeh2JsrlSvVE5fL81enovZd2ZEYyjXudB+o3YKtPw8xlj0P23g+YnxNfiIiDkbEtwN7avn8ZLk01e3GAwAAAAAAAAAAAAAAAAAAQI/Y1+b7/6nfB7pdO+C5q/2wwe5u1wLohk1/8r8Tv/QE9KRN4x94ZYl/6F/iH/qX+If+Jf6hf4l/6F+t49/TP9APfP4DAAAAAAAAAAAAAAAAAAAAAAAAAABAR128cCFdlpce35xM81PXF+ZnytdPThUrM/nZ+cn8ZHnuWn66XJ4uFfOT5dnNXq9ULl8bG4/5G6PVYqU6WllYvDRbnr9avXRltjBdvFQceiGtAgAAAAAAAAAAAAAAAAAAgJdLZWFxplAqFedecGIwulDoDhPvR09U43k2sG5Hfz64ftM/EdEL7ZJ4hkSXT0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OS/AAAA//8Umzy+") capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) gettid() socket(0x0, 0x0, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0) sched_setscheduler(0x0, 0x0, &(0x7f0000000080)=0x7) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='virtio_transport_alloc_pkt\x00'}, 0x10) socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x4b, 0x0, 0x0) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) munlock(&(0x7f0000000000/0xe000)=nil, 0xe000) chdir(&(0x7f0000000380)='./file0\x00') rename(0x0, 0x0) r2 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x10, r2, 0x0) fallocate(r2, 0x0, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000000)={@broadcast, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @private}, @address_request={0x14}}}}}, 0x0) kernel console output (not intermixed with test programs): class=file permissive=1 [ 202.494967][ T3862] loop4: detected capacity change from 0 to 40427 [ 202.517708][ T3862] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 202.525326][ T3862] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 202.534206][ T3862] F2FS-fs (loop4): invalid crc value [ 202.536903][ T423] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 202.540833][ T3862] F2FS-fs (loop4): Found nat_bits in checkpoint [ 202.546894][ T3868] loop3: detected capacity change from 1024 to 64 [ 202.558183][ T423] usb 1-1: No valid video chain found. [ 202.571311][ T423] usb 1-1: USB disconnect, device number 23 [ 202.592587][ T3862] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 202.599524][ T3862] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 202.613326][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.627119][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.640740][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.654398][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.668226][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.681781][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.693427][ T24] usb 2-1: USB disconnect, device number 30 [ 202.695384][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.713964][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.727302][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 202.740565][ T2404] EXT4-fs warning (device loop3): ext4_empty_dir:3093: inode #11: lblock 0: comm syz-executor: error -12 reading directory block [ 203.071908][ T367] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 203.091466][ T367] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 203.109731][ T2404] EXT4-fs (loop3): unmounting filesystem. [ 203.116017][ T3869] kmmpd-loop3: attempt to access beyond end of device [ 203.116017][ T3869] loop3: rw=14337, sector=128, nr_sectors = 2 limit=64 [ 203.131539][ T3869] Buffer I/O error on dev loop3, logical block 64, lost sync page write [ 203.511495][ T28] audit: type=1400 audit(1722836138.253:350): avc: denied { mounton } for pid=3892 comm="syz-executor" path="/" dev="sda1" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:root_t tclass=dir permissive=1 [ 203.550746][ T3891] loop0: detected capacity change from 0 to 8192 [ 203.579500][ T3891] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 203.797146][ T3892] bridge0: port 1(bridge_slave_0) entered blocking state [ 203.804083][ T3892] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.811431][ T3892] device bridge_slave_0 entered promiscuous mode [ 203.818394][ T3892] bridge0: port 2(bridge_slave_1) entered blocking state [ 203.825411][ T3892] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.832829][ T3892] device bridge_slave_1 entered promiscuous mode [ 204.214809][ T367] bridge0: port 3(gretap0) entered disabled state [ 204.226448][ T367] device gretap0 left promiscuous mode [ 204.233546][ T367] bridge0: port 3(gretap0) entered disabled state [ 204.255017][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 204.262295][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 204.274014][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 204.284377][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 204.293091][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.300240][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.348780][ T3892] device veth0_vlan entered promiscuous mode [ 204.361870][ T3892] device veth1_macvtap entered promiscuous mode [ 204.389689][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 204.401490][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 204.409759][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 204.417818][ T973] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.424654][ T973] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.432384][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 204.441389][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 204.451365][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 204.529787][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 204.539719][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 204.550075][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 204.560262][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 204.569975][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 204.609156][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 204.617403][ T973] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 204.625746][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 204.633266][ T2001] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 204.645203][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 204.653273][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 204.661796][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 204.669984][ T316] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 204.687629][ T367] device bridge_slave_1 left promiscuous mode [ 204.698648][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.709438][ T367] device bridge_slave_0 left promiscuous mode [ 204.715467][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.723335][ T367] device veth1_macvtap left promiscuous mode [ 204.729380][ T367] device veth0_vlan left promiscuous mode [ 204.756869][ T324] usb 1-1: new high-speed USB device number 24 using dummy_hcd [ 204.876544][ T3927] loop2: detected capacity change from 0 to 40427 [ 204.887425][ T3927] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 204.894984][ T3927] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 204.903760][ T3927] F2FS-fs (loop2): invalid crc value [ 204.908913][ T24] usb 2-1: new high-speed USB device number 31 using dummy_hcd [ 204.910309][ T3927] F2FS-fs (loop2): Found nat_bits in checkpoint [ 204.941383][ T3927] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 204.948426][ T3927] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 205.254918][ T24] usb 2-1: Using ep0 maxpacket: 8 [ 205.367143][ T324] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.378108][ T324] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.387939][ T324] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 205.396980][ T324] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.407011][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 205.417847][ T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 205.421730][ T324] usb 1-1: config 0 descriptor?? [ 205.427618][ T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 205.444968][ T24] usb 2-1: New USB device found, idVendor=1b96, idProduct=0010, bcdDevice= 0.00 [ 205.447072][ T29] INFO: task syz-executor:297 blocked for more than 122 seconds. [ 205.453969][ T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 205.455175][ T24] usb 2-1: config 0 descriptor?? [ 205.463897][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 205.481929][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 205.490433][ T29] task:syz-executor state:D stack:21200 pid:297 ppid:1 flags:0x00004004 [ 205.499527][ T29] Call Trace: [ 205.502657][ T29] [ 205.505450][ T29] __schedule+0xca7/0x1550 [ 205.514635][ T29] ? release_firmware_map_entry+0x191/0x191 [ 205.520915][ T29] schedule+0xc3/0x180 [ 205.525183][ T29] schedule_timeout+0xa9/0x380 [ 205.529912][ T29] ? console_conditional_schedule+0x10/0x10 [ 205.536021][ T29] ? ttwu_do_wakeup+0x40d/0x430 [ 205.544284][ T29] wait_for_common+0x39a/0x640 [ 205.549026][ T29] ? wait_for_completion+0x20/0x20 [ 205.554058][ T29] ? __kmem_cache_free+0x218/0x3b0 [ 205.559155][ T29] ? wake_up_state+0xb/0x10 [ 205.563661][ T29] ? kthread_unpark+0x1a0/0x220 [ 205.568547][ T29] wait_for_completion+0x18/0x20 [ 205.573483][ T29] kthread_stop+0x118/0x420 [ 205.578059][ T29] ext4_stop_mmpd+0x47/0xb0 [ 205.582579][ T29] ext4_put_super+0x8a3/0xd60 [ 205.587298][ T29] ? ext4_drop_inode+0x1a0/0x1a0 [ 205.592256][ T29] generic_shutdown_super+0x14f/0x370 [ 205.597742][ T29] kill_block_super+0x7e/0xe0 [ 205.602427][ T29] deactivate_locked_super+0xad/0x110 [ 205.671359][ T29] deactivate_super+0xbe/0xf0 [ 205.675925][ T29] cleanup_mnt+0x485/0x510 [ 205.680260][ T29] ? user_path_at_empty+0x14e/0x1a0 [ 205.697882][ T29] __cleanup_mnt+0x19/0x20 [ 205.702129][ T29] task_work_run+0x24d/0x2e0 [ 205.706538][ T29] ? task_work_cancel+0x2b0/0x2b0 [ 205.711467][ T29] ? __x64_sys_umount+0x122/0x170 [ 205.716269][ T29] exit_to_user_mode_loop+0x94/0xa0 [ 205.721320][ T29] exit_to_user_mode_prepare+0x5a/0xa0 [ 205.726556][ T29] syscall_exit_to_user_mode+0x26/0x130 [ 205.732006][ T29] do_syscall_64+0x47/0xb0 [ 205.736192][ T29] ? clear_bhb_loop+0x55/0xb0 [ 205.740717][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 205.746431][ T29] RIP: 0033:0x7f0143378d27 [ 205.750694][ T29] RSP: 002b:00007fffdddb4148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 205.758983][ T29] RAX: 0000000000000000 RBX: 00007f01433e578c RCX: 00007f0143378d27 [ 205.766739][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffdddb4200 [ 205.774564][ T29] RBP: 00007fffdddb4200 R08: 0000000000000000 R09: 0000000000000000 [ 205.782387][ T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffdddb5280 [ 205.790186][ T29] R13: 00007f01433e578c R14: 000000000000f3ba R15: 00007fffdddb52c0 [ 205.798002][ T29] [ 205.801909][ T29] INFO: task kmmpd-loop1:963 blocked for more than 123 seconds. [ 205.803298][ T345] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 205.809498][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 205.825187][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 205.825864][ T345] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 205.833688][ T29] task:kmmpd-loop1 state:D stack:27656 pid:963 ppid:2 flags:0x00024000 [ 205.851413][ T29] Call Trace: [ 205.854484][ T29] [ 205.857298][ T29] __schedule+0xca7/0x1550 [ 205.861519][ T29] ? bpf_trace_run3+0x2e0/0x2e0 [ 205.866206][ T29] ? release_firmware_map_entry+0x191/0x191 [ 205.871983][ T29] ? __kasan_check_write+0x14/0x20 [ 205.876901][ T29] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 205.881826][ T29] ? _raw_spin_lock_irqsave+0x210/0x210 [ 205.887236][ T29] schedule+0xc3/0x180 [ 205.891124][ T29] percpu_rwsem_wait+0x382/0x4b0 [ 205.895889][ T29] ? percpu_free_rwsem+0x80/0x80 [ 205.900697][ T29] ? percpu_up_write+0x270/0x270 [ 205.905434][ T29] ? __kasan_check_read+0x11/0x20 [ 205.910334][ T29] __percpu_down_read+0x198/0x480 [ 205.915173][ T29] ? rwsem_down_write_slowpath+0x2270/0x2270 [ 205.921031][ T29] ? update_process_times+0x1b0/0x1b0 [ 205.926185][ T29] write_mmp_block+0x1e7/0x2a0 [ 205.930830][ T29] kmmpd+0x263/0xa10 [ 205.934519][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 205.939922][ T29] ? __kthread_parkme+0x12d/0x180 [ 205.944748][ T29] kthread+0x26d/0x300 [ 205.948676][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 205.954036][ T29] ? kthread_blkcg+0xd0/0xd0 [ 205.958505][ T29] ret_from_fork+0x1f/0x30 [ 205.959592][ T324] holtek_kbd 0003:04D9:A055.003F: unknown main item tag 0x0 [ 205.962717][ T29] [ 205.970949][ T29] NMI backtrace for cpu 1 [ 205.973298][ T324] holtek_kbd 0003:04D9:A055.003F: item fetching failed at offset 3/5 [ 205.976951][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 205.976971][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 205.976980][ T29] Call Trace: [ 205.976984][ T29] [ 205.976989][ T29] dump_stack_lvl+0x151/0x1b7 [ 205.977017][ T29] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 205.977042][ T29] dump_stack+0x15/0x1a [ 205.985598][ T324] holtek_kbd: probe of 0003:04D9:A055.003F failed with error -22 [ 205.994222][ T29] nmi_cpu_backtrace+0x2e4/0x2f0 [ 205.994250][ T29] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 205.994266][ T29] ? sched_show_task+0x3d8/0x620 [ 205.994289][ T29] ? nmi_trigger_cpumask_backtrace+0x114/0x3c0 [ 206.052894][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 206.058791][ T29] nmi_trigger_cpumask_backtrace+0x19b/0x3c0 [ 206.064607][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 206.070512][ T29] arch_trigger_cpumask_backtrace+0x10/0x20 [ 206.076238][ T29] watchdog+0xdb0/0xf20 [ 206.080228][ T29] ? __kasan_check_write+0x14/0x20 [ 206.085180][ T29] ? hungtask_pm_notify+0x50/0x50 [ 206.090037][ T29] ? __kasan_check_read+0x11/0x20 [ 206.094895][ T29] ? __kthread_parkme+0x12d/0x180 [ 206.099757][ T29] kthread+0x26d/0x300 [ 206.103663][ T29] ? hungtask_pm_notify+0x50/0x50 [ 206.108522][ T29] ? kthread_blkcg+0xd0/0xd0 [ 206.112949][ T29] ret_from_fork+0x1f/0x30 [ 206.117219][ T29] [ 206.120246][ T29] Sending NMI from CPU 1 to CPUs 0: [ 206.125285][ C0] NMI backtrace for cpu 0 [ 206.125303][ C0] CPU: 0 PID: 324 Comm: kworker/0:4 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 206.125321][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 206.125333][ C0] Workqueue: usb_hub_wq hub_event [ 206.125355][ C0] RIP: 0010:memcpy_erms+0x6/0x10 [ 206.125375][ C0] Code: cc cc cc cc eb 1e 0f 1f 00 48 89 f8 48 89 d1 48 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 c3 66 0f 1f 44 00 00 48 89 f8 48 89 d1 a4 c3 0f 1f 80 00 00 00 00 48 89 f8 48 83 fa 20 72 7e 40 38 fe [ 206.125389][ C0] RSP: 0018:ffffc9000b29f950 EFLAGS: 00010002 [ 206.125402][ C0] RAX: ffffc900140ac058 RBX: 0000000000000002 RCX: 00000000000efdb8 [ 206.125414][ C0] RDX: 000000000063eda0 RSI: ffffc90013df9ff0 RDI: ffffc900145fb040 [ 206.125426][ C0] RBP: ffffc9000b29f9b0 R08: dffffc0000000000 R09: 0000000000000003 [ 206.125437][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: 000000000063eda0 [ 206.125449][ C0] R13: ffff88812aa39100 R14: ffffc900138ab000 R15: ffff88812aa39104 [ 206.125461][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 206.125475][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.125487][ C0] CR2: 0000001b2d412ff8 CR3: 000000010fb54000 CR4: 00000000003506b0 [ 206.125500][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 206.125510][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 206.125520][ C0] Call Trace: [ 206.125526][ C0] [ 206.125532][ C0] ? show_regs+0x58/0x60 [ 206.125548][ C0] ? nmi_cpu_backtrace+0x285/0x2f0 [ 206.125567][ C0] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 206.125585][ C0] ? memcpy_erms+0x6/0x10 [ 206.125601][ C0] ? memcpy_erms+0x6/0x10 [ 206.125616][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 206.125634][ C0] ? nmi_handle+0xa7/0x280 [ 206.125650][ C0] ? memcpy_erms+0x6/0x10 [ 206.125665][ C0] ? default_do_nmi+0x69/0x160 [ 206.125681][ C0] ? exc_nmi+0xad/0x100 [ 206.125694][ C0] ? end_repeat_nmi+0x16/0x31 [ 206.125714][ C0] ? memcpy_erms+0x6/0x10 [ 206.125730][ C0] ? memcpy_erms+0x6/0x10 [ 206.125745][ C0] ? memcpy_erms+0x6/0x10 [ 206.125761][ C0] [ 206.125766][ C0] [ 206.125771][ C0] ? kcov_remote_stop+0x251/0x350 [ 206.125789][ C0] hub_event+0x45a/0x4830 [ 206.125818][ C0] ? led_work+0x590/0x590 [ 206.125834][ C0] ? kfree+0x7a/0xf0 [ 206.125852][ C0] ? __vunmap+0xaac/0xb60 [ 206.125873][ C0] ? __kasan_check_write+0x14/0x20 [ 206.125888][ C0] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 206.125909][ C0] ? __kasan_check_read+0x11/0x20 [ 206.125923][ C0] ? read_word_at_a_time+0x12/0x20 [ 206.125942][ C0] ? strscpy+0x9c/0x260 [ 206.125960][ C0] process_one_work+0x73d/0xcb0 [ 206.125983][ C0] worker_thread+0xa60/0x1260 [ 206.126007][ C0] kthread+0x26d/0x300 [ 206.126022][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 206.126041][ C0] ? kthread_blkcg+0xd0/0xd0 [ 206.126057][ C0] ret_from_fork+0x1f/0x30 [ 206.126076][ C0] [ 206.129176][ T28] audit: type=1400 audit(1722836140.873:351): avc: denied { sqpoll } for pid=3918 comm="syz.1.898" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1 [ 206.182653][ T324] usb 1-1: USB disconnect, device number 24 [ 206.457238][ T24] usbhid 2-1:0.0: can't add hid device: -71 [ 206.464244][ T24] usbhid: probe of 2-1:0.0 failed with error -71 [ 206.474843][ T24] usb 2-1: USB disconnect, device number 31 [ 207.319973][ T3958] loop2: detected capacity change from 0 to 8192 [ 207.327625][ T3958] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 207.380868][ T28] audit: type=1400 audit(1722836142.113:352): avc: denied { write } for pid=3960 comm="syz.1.908" name="001" dev="devtmpfs" ino=165 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 208.305924][ T28] audit: type=1400 audit(1722836143.043:353): avc: denied { bind } for pid=3973 comm="syz.1.912" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 208.429251][ T28] audit: type=1400 audit(1722836143.043:354): avc: denied { ioctl } for pid=3973 comm="syz.1.912" path="socket:[30131]" dev="sockfs" ino=30131 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 208.477722][ T3983] loop4: detected capacity change from 0 to 8192 [ 208.493133][ T3983] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 208.863458][ T28] audit: type=1400 audit(1722836143.603:355): avc: denied { write } for pid=3984 comm="syz.1.918" path="socket:[30150]" dev="sockfs" ino=30150 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 208.926907][ T6] usb 3-1: new high-speed USB device number 34 using dummy_hcd [ 208.956861][ T1342] usb 1-1: new high-speed USB device number 25 using dummy_hcd [ 209.145982][ T3996] loop3: detected capacity change from 0 to 8192 [ 209.153230][ T3996] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 209.226900][ T1342] usb 1-1: Using ep0 maxpacket: 16 [ 209.796960][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 209.822485][ T6] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 209.841938][ T6] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 209.879098][ T6] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 209.917447][ T6] usb 3-1: config 0 descriptor?? [ 209.947467][ T4005] loop4: detected capacity change from 0 to 2048 [ 209.978570][ T4005] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 210.023286][ T1342] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0 [ 210.081285][ T1342] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0 [ 210.091271][ T1342] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 210.100913][ T1342] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0 [ 210.135055][ T4012] FAULT_INJECTION: forcing a failure. [ 210.135055][ T4012] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 210.147981][ T4012] CPU: 1 PID: 4012 Comm: syz.1.921 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 210.157376][ T4012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 210.167264][ T4012] Call Trace: [ 210.170387][ T4012] [ 210.173168][ T4012] dump_stack_lvl+0x151/0x1b7 [ 210.177681][ T4012] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 210.182973][ T4012] ? __switch_to+0x62c/0x1190 [ 210.187497][ T4012] dump_stack+0x15/0x1a [ 210.191488][ T4012] should_fail_ex+0x3d0/0x520 [ 210.196171][ T4012] should_fail+0xb/0x10 [ 210.200160][ T4012] should_fail_usercopy+0x1a/0x20 [ 210.205024][ T4012] _copy_to_user+0x1e/0x90 [ 210.209276][ T4012] simple_read_from_buffer+0xc7/0x150 [ 210.214483][ T4012] proc_fail_nth_read+0x1a3/0x210 [ 210.219340][ T4012] ? proc_fault_inject_write+0x390/0x390 [ 210.224806][ T4012] ? fsnotify_perm+0x470/0x5d0 [ 210.229410][ T4012] ? security_file_permission+0x86/0xb0 [ 210.234791][ T4012] ? proc_fault_inject_write+0x390/0x390 [ 210.235847][ T4014] loop3: detected capacity change from 0 to 8192 [ 210.240255][ T4012] vfs_read+0x26c/0xad0 [ 210.240278][ T4012] ? push_rt_task+0x46e/0x5c0 [ 210.255014][ T4012] ? kernel_read+0x1f0/0x1f0 [ 210.259437][ T4012] ? mutex_lock+0xb1/0x1e0 [ 210.261606][ T4014] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 210.263972][ T4012] ? bit_wait_io_timeout+0x120/0x120 [ 210.279317][ T4012] ? __fdget_pos+0x2e2/0x390 [ 210.283737][ T4012] ? ksys_read+0x77/0x2c0 [ 210.287909][ T4012] ksys_read+0x199/0x2c0 [ 210.291985][ T4012] ? vfs_write+0xeb0/0xeb0 [ 210.296234][ T4012] ? fpregs_restore_userregs+0x130/0x290 [ 210.301703][ T4012] __x64_sys_read+0x7b/0x90 [ 210.306130][ T4012] x64_sys_call+0x28/0x9a0 [ 210.310390][ T4012] do_syscall_64+0x3b/0xb0 [ 210.314685][ T4012] ? clear_bhb_loop+0x55/0xb0 [ 210.319149][ T4012] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 210.324877][ T4012] RIP: 0033:0x7f18fa17643c [ 210.329130][ T4012] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 210.348758][ T4012] RSP: 002b:00007f18faf2f040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 210.356989][ T4012] RAX: ffffffffffffffda RBX: 00007f18fa306130 RCX: 00007f18fa17643c [ 210.364801][ T4012] RDX: 000000000000000f RSI: 00007f18faf2f0b0 RDI: 000000000000000d [ 210.372614][ T4012] RBP: 00007f18faf2f0a0 R08: 0000000000000000 R09: 0000000000000000 [ 210.380422][ T4012] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001 [ 210.388234][ T4012] R13: 000000000000006e R14: 00007f18fa306130 R15: 00007ffc084d1c38 [ 210.396050][ T4012] [ 210.431882][ T6] holtek_kbd 0003:04D9:A055.0040: unknown main item tag 0x0 [ 210.450156][ T6] holtek_kbd 0003:04D9:A055.0040: item fetching failed at offset 3/5 [ 210.461164][ T6] holtek_kbd: probe of 0003:04D9:A055.0040 failed with error -22 [ 210.487192][ T1342] usb 1-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75 [ 210.496154][ T1342] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5 [ 210.504305][ T1342] usb 1-1: SerialNumber: syz [ 210.548802][ T1342] usb-storage 1-1:1.0: USB Mass Storage device detected [ 210.614321][ T1342] usb-storage 1-1:1.0: Quirks match for vid 04e6 pid 0007: 1 [ 210.697472][ T24] usb 3-1: USB disconnect, device number 34 [ 210.703469][ T1342] scsi host1: usb-storage 1-1:1.0 [ 210.754789][ T3980] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 210.763336][ T3980] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 210.772423][ T28] audit: type=1400 audit(1722836145.513:356): avc: denied { create } for pid=3977 comm="syz.0.914" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=isdn_socket permissive=1 [ 210.793168][ T2919] EXT4-fs (loop4): unmounting filesystem. [ 210.794619][ T6] usb 1-1: USB disconnect, device number 25 [ 211.228134][ T4042] loop3: detected capacity change from 0 to 256 [ 211.239810][ T4042] exfat: Deprecated parameter 'namecase' [ 211.259126][ T4042] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 212.304337][ T4057] loop4: detected capacity change from 0 to 2048 [ 212.356073][ T4054] loop3: detected capacity change from 0 to 8192 [ 212.410471][ T4057] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 212.435326][ T4054] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 212.651296][ T4072] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 212.674893][ T4072] loop2: detected capacity change from 0 to 512 [ 212.687322][ T4072] EXT4-fs: Ignoring removed i_version option [ 212.708059][ T4072] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2810: Unable to expand inode 17. Delete some EAs or run e2fsck. [ 212.721186][ T4072] EXT4-fs (loop2): 1 truncate cleaned up [ 212.726799][ T4072] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback. [ 212.745631][ T28] audit: type=1400 audit(1722836147.483:357): avc: denied { name_bind } for pid=4070 comm="syz.2.937" src=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:reserved_port_t tclass=tcp_socket permissive=1 [ 212.772146][ T2840] EXT4-fs (loop2): unmounting filesystem. [ 213.210275][ T2919] EXT4-fs (loop4): unmounting filesystem. [ 213.587195][ T1342] usb 1-1: new high-speed USB device number 26 using dummy_hcd [ 213.866866][ T6] usb 4-1: new high-speed USB device number 22 using dummy_hcd [ 213.926861][ T1342] usb 1-1: Using ep0 maxpacket: 16 [ 214.046939][ T1342] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 214.169331][ T6] usb 4-1: Using ep0 maxpacket: 16 [ 214.496970][ T1342] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 214.511181][ T1342] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.519332][ T1342] usb 1-1: Product: syz [ 214.523458][ T1342] usb 1-1: Manufacturer: syz [ 214.528011][ T1342] usb 1-1: SerialNumber: syz [ 214.536530][ T1342] usb 1-1: config 0 descriptor?? [ 214.547084][ T6] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 214.747081][ T6] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 214.759631][ T6] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 214.768576][ T6] usb 4-1: Product: syz [ 214.772618][ T6] usb 4-1: Manufacturer: syz [ 214.782525][ T6] usb 4-1: SerialNumber: syz [ 214.790125][ T6] usb 4-1: config 0 descriptor?? [ 215.076939][ T1342] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 215.083216][ T1342] usb 1-1: No valid video chain found. [ 215.089549][ T1342] usb 1-1: USB disconnect, device number 26 [ 215.099143][ T4116] loop4: detected capacity change from 0 to 8192 [ 215.107534][ T4116] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 215.757245][ T6] usb 4-1: Found UVC 0.00 device syz (045e:0721) [ 215.768971][ T6] usb 4-1: No valid video chain found. [ 215.775869][ T6] usb 4-1: USB disconnect, device number 22 [ 215.789500][ T4125] loop0: detected capacity change from 0 to 2048 [ 215.798594][ T4125] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 216.498191][ T4145] loop3: detected capacity change from 0 to 40427 [ 216.504913][ T4145] F2FS-fs (loop3): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 216.512685][ T4145] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 216.521372][ T4145] F2FS-fs (loop3): invalid crc value [ 216.527879][ T4145] F2FS-fs (loop3): Found nat_bits in checkpoint [ 216.553194][ T4145] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 216.560234][ T4145] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 216.639729][ T1894] EXT4-fs (loop0): unmounting filesystem. [ 216.694652][ T4157] 9pnet: Could not find request transport: f0x0000000000000005 [ 217.008367][ T423] usb 1-1: new high-speed USB device number 27 using dummy_hcd [ 217.017914][ T28] audit: type=1400 audit(1722836151.763:358): avc: denied { block_suspend } for pid=4166 comm="syz.1.963" capability=36 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1 [ 217.052277][ T4171] loop4: detected capacity change from 0 to 8192 [ 217.067666][ T4171] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 217.280314][ T423] usb 1-1: Using ep0 maxpacket: 16 [ 217.597180][ T423] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 217.738762][ T4183] loop2: detected capacity change from 0 to 8192 [ 217.745956][ T4183] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 217.796982][ T423] usb 1-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 217.811119][ T423] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 217.819574][ T423] usb 1-1: Product: syz [ 217.823547][ T423] usb 1-1: Manufacturer: syz [ 217.828246][ T423] usb 1-1: SerialNumber: syz [ 217.837084][ T423] usb 1-1: config 0 descriptor?? [ 218.851926][ T4195] incfs: Options parsing error. -22 [ 218.857057][ T4195] incfs: mount failed -22 [ 218.873228][ T4197] loop4: detected capacity change from 0 to 2048 [ 219.087003][ T4197] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 219.331187][ T4207] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4207 comm=syz.3.973 [ 219.357061][ T423] usb 1-1: Found UVC 0.00 device syz (045e:0721) [ 219.363306][ T423] usb 1-1: No valid video chain found. [ 219.370231][ T423] usb 1-1: USB disconnect, device number 27 [ 219.733342][ T4208] fuse: Bad value for 'fd' [ 219.781623][ T2919] EXT4-fs (loop4): unmounting filesystem. [ 219.946901][ T1342] usb 4-1: new high-speed USB device number 23 using dummy_hcd [ 220.086937][ T973] usb 3-1: new high-speed USB device number 35 using dummy_hcd [ 220.187989][ T1342] usb 4-1: Using ep0 maxpacket: 16 [ 220.346917][ T973] usb 3-1: Using ep0 maxpacket: 16 [ 220.352767][ T1342] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 220.364435][ T1342] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 220.377149][ T1342] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 220.507129][ T1342] usb 4-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 220.516055][ T1342] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 220.524514][ T1342] usb 4-1: config 0 descriptor?? [ 220.567490][ T1342] usbhid 4-1:0.0: can't add hid device: -22 [ 220.573286][ T1342] usbhid: probe of 4-1:0.0 failed with error -22 [ 220.579826][ T973] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 220.746964][ T973] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 220.756129][ T973] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 220.766284][ T973] usb 3-1: Product: syz [ 220.771892][ T973] usb 3-1: Manufacturer: syz [ 220.776391][ T973] usb 3-1: SerialNumber: syz [ 220.781442][ T973] usb 3-1: config 0 descriptor?? [ 221.354551][ T4236] loop0: detected capacity change from 0 to 40427 [ 221.361307][ T4236] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 221.369081][ T4236] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 221.380610][ T4236] F2FS-fs (loop0): invalid crc value [ 221.387534][ T4236] F2FS-fs (loop0): Found nat_bits in checkpoint [ 221.422326][ T4236] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 221.429238][ T4236] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 221.536932][ T973] usb 3-1: Found UVC 0.00 device syz (045e:0721) [ 221.543163][ T973] usb 3-1: No valid video chain found. [ 221.549510][ T973] usb 3-1: USB disconnect, device number 35 [ 222.238777][ T43] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 222.249487][ T43] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 222.259089][ T4254] incfs: Options parsing error. -22 [ 222.264163][ T4254] incfs: mount failed -22 [ 222.548911][ T4258] loop0: detected capacity change from 0 to 2048 [ 222.569434][ T4258] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 222.606195][ T4108] usb 4-1: USB disconnect, device number 23 [ 223.094715][ T4263] loop3: detected capacity change from 0 to 40427 [ 223.095310][ T39] usb 5-1: new high-speed USB device number 34 using dummy_hcd [ 223.143926][ T4263] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12 [ 223.153734][ T4263] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock [ 223.177282][ T4263] F2FS-fs (loop3): invalid crc value [ 223.193571][ T4263] F2FS-fs (loop3): Found nat_bits in checkpoint [ 223.223789][ T4263] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0 [ 223.230702][ T4263] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5 [ 223.417344][ T1894] EXT4-fs (loop0): unmounting filesystem. [ 223.456940][ T39] usb 5-1: Using ep0 maxpacket: 16 [ 223.522666][ T4282] fuse: Bad value for 'fd' [ 223.527275][ T4282] syz.3.986: attempt to access beyond end of device [ 223.527275][ T4282] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 223.577037][ T39] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 223.596957][ T316] usb 2-1: new high-speed USB device number 32 using dummy_hcd [ 223.676095][ T345] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 223.685254][ T345] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 223.746964][ T39] usb 5-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 223.755981][ T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 223.764139][ T39] usb 5-1: Product: syz [ 223.768423][ T39] usb 5-1: Manufacturer: syz [ 223.772872][ T39] usb 5-1: SerialNumber: syz [ 223.781582][ T39] usb 5-1: config 0 descriptor?? [ 224.186907][ T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 224.197670][ T316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 224.207397][ T316] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 224.220083][ T316] usb 2-1: New USB device found, idVendor=04d9, idProduct=a070, bcdDevice= 0.00 [ 224.228953][ T316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 224.240076][ T316] usb 2-1: config 0 descriptor?? [ 224.356920][ T39] usb 5-1: Found UVC 0.00 device syz (045e:0721) [ 224.363234][ T39] usb 5-1: No valid video chain found. [ 224.373421][ T39] usb 5-1: USB disconnect, device number 34 [ 224.437760][ T4295] loop0: detected capacity change from 0 to 40427 [ 224.447264][ T4295] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 224.455074][ T4295] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 224.463707][ T4295] F2FS-fs (loop0): invalid crc value [ 224.470142][ T4295] F2FS-fs (loop0): Found nat_bits in checkpoint [ 224.514632][ T4295] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 224.521509][ T4295] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 224.653089][ T4302] netlink: 24 bytes leftover after parsing attributes in process `syz.3.995'. [ 224.964644][ T316] holtek_mouse 0003:04D9:A070.0041: item fetching failed at offset 1/5 [ 224.973657][ T316] holtek_mouse 0003:04D9:A070.0041: hid parse failed: -22 [ 224.980897][ T316] holtek_mouse: probe of 0003:04D9:A070.0041 failed with error -22 [ 224.994795][ T316] usb 2-1: USB disconnect, device number 32 [ 225.010606][ T4312] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4312 comm=syz.4.997 [ 225.068559][ T4320] incfs: Options parsing error. -22 [ 225.073597][ T4320] incfs: mount failed -22 [ 225.186241][ T345] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 225.203799][ T345] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 225.297479][ T6] usb 5-1: new high-speed USB device number 35 using dummy_hcd [ 225.567784][ T6] usb 5-1: Using ep0 maxpacket: 16 [ 225.687072][ T39] usb 1-1: new high-speed USB device number 28 using dummy_hcd [ 225.687135][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 225.717622][ T6] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 225.733771][ T6] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 225.793556][ T6] usb 5-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 225.807984][ T6] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.347018][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 226.368854][ T39] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 226.375736][ T6] usb 5-1: config 0 descriptor?? [ 226.437526][ T6] usbhid 5-1:0.0: can't add hid device: -22 [ 226.443310][ T6] usbhid: probe of 5-1:0.0 failed with error -22 [ 226.451851][ T39] usb 1-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 226.461011][ T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 226.469535][ T39] usb 1-1: config 0 descriptor?? [ 226.476226][ T4337] 9pnet: Could not find request transport: fd0x0000000000000005 [ 226.513486][ T4333] loop2: detected capacity change from 0 to 40427 [ 226.520261][ T4333] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 226.528287][ T4333] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 226.537070][ T4333] F2FS-fs (loop2): invalid crc value [ 226.543477][ T4333] F2FS-fs (loop2): Found nat_bits in checkpoint [ 226.566933][ T29] INFO: task syz-executor:297 blocked for more than 143 seconds. [ 226.569487][ T4333] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 226.574730][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 226.581378][ T4333] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 226.588882][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 226.604645][ T29] task:syz-executor state:D stack:21200 pid:297 ppid:1 flags:0x00004004 [ 226.613812][ T29] Call Trace: [ 226.617036][ T29] [ 226.619695][ T29] __schedule+0xca7/0x1550 [ 226.623951][ T29] ? release_firmware_map_entry+0x191/0x191 [ 226.629730][ T29] schedule+0xc3/0x180 [ 226.633580][ T29] schedule_timeout+0xa9/0x380 [ 226.643078][ T29] ? console_conditional_schedule+0x10/0x10 [ 226.648832][ T29] ? ttwu_do_wakeup+0x40d/0x430 [ 226.653498][ T29] wait_for_common+0x39a/0x640 [ 226.658150][ T29] ? wait_for_completion+0x20/0x20 [ 226.663045][ T29] ? __kmem_cache_free+0x218/0x3b0 [ 226.668399][ T29] ? wake_up_state+0xb/0x10 [ 226.672797][ T29] ? kthread_unpark+0x1a0/0x220 [ 226.677731][ T29] wait_for_completion+0x18/0x20 [ 226.682538][ T29] kthread_stop+0x118/0x420 [ 226.686872][ T29] ext4_stop_mmpd+0x47/0xb0 [ 226.691307][ T29] ext4_put_super+0x8a3/0xd60 [ 226.695776][ T29] ? ext4_drop_inode+0x1a0/0x1a0 [ 226.700562][ T29] generic_shutdown_super+0x14f/0x370 [ 226.705762][ T29] kill_block_super+0x7e/0xe0 [ 226.710302][ T29] deactivate_locked_super+0xad/0x110 [ 226.715472][ T29] deactivate_super+0xbe/0xf0 [ 226.720014][ T29] cleanup_mnt+0x485/0x510 [ 226.724237][ T29] ? user_path_at_empty+0x14e/0x1a0 [ 226.729491][ T29] __cleanup_mnt+0x19/0x20 [ 226.733821][ T29] task_work_run+0x24d/0x2e0 [ 226.738381][ T29] ? task_work_cancel+0x2b0/0x2b0 [ 226.743385][ T29] ? __x64_sys_umount+0x122/0x170 [ 226.752495][ T29] exit_to_user_mode_loop+0x94/0xa0 [ 226.758286][ T29] exit_to_user_mode_prepare+0x5a/0xa0 [ 226.764027][ T29] syscall_exit_to_user_mode+0x26/0x130 [ 226.770532][ T29] do_syscall_64+0x47/0xb0 [ 226.775303][ T29] ? clear_bhb_loop+0x55/0xb0 [ 226.809209][ T4346] fuse: Bad value for 'fd' [ 226.815548][ T4346] syz.2.1002: attempt to access beyond end of device [ 226.815548][ T4346] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 226.833043][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 226.839360][ T29] RIP: 0033:0x7f0143378d27 [ 226.844063][ T29] RSP: 002b:00007fffdddb4148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 226.853116][ T29] RAX: 0000000000000000 RBX: 00007f01433e578c RCX: 00007f0143378d27 [ 226.862025][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffdddb4200 [ 226.872832][ T29] RBP: 00007fffdddb4200 R08: 0000000000000000 R09: 0000000000000000 [ 226.880841][ T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffdddb5280 [ 226.888742][ T29] R13: 00007f01433e578c R14: 000000000000f3ba R15: 00007fffdddb52c0 [ 226.896558][ T29] [ 226.899488][ T29] INFO: task kmmpd-loop1:963 blocked for more than 144 seconds. [ 226.906926][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 226.914015][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 226.922536][ T29] task:kmmpd-loop1 state:D stack:27656 pid:963 ppid:2 flags:0x00024000 [ 226.931566][ T29] Call Trace: [ 226.934695][ T29] [ 226.937455][ T29] __schedule+0xca7/0x1550 [ 226.941712][ T29] ? bpf_trace_run3+0x2e0/0x2e0 [ 226.946392][ T29] ? release_firmware_map_entry+0x191/0x191 [ 226.952154][ T29] ? __kasan_check_write+0x14/0x20 [ 226.955398][ T39] hid-multitouch 0003:1FD2:6007.0042: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.0-1/input0 [ 226.957310][ T29] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 226.973867][ T29] ? _raw_spin_lock_irqsave+0x210/0x210 [ 226.979332][ T29] schedule+0xc3/0x180 [ 226.983174][ T29] percpu_rwsem_wait+0x382/0x4b0 [ 226.988035][ T29] ? percpu_free_rwsem+0x80/0x80 [ 226.992699][ T29] ? percpu_up_write+0x270/0x270 [ 226.997523][ T29] ? __kasan_check_read+0x11/0x20 [ 227.002396][ T29] __percpu_down_read+0x198/0x480 [ 227.007267][ T29] ? rwsem_down_write_slowpath+0x2270/0x2270 [ 227.013081][ T29] ? update_process_times+0x1b0/0x1b0 [ 227.018282][ T29] write_mmp_block+0x1e7/0x2a0 [ 227.022873][ T29] kmmpd+0x263/0xa10 [ 227.026611][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 227.032016][ T29] ? __kthread_parkme+0x12d/0x180 [ 227.036889][ T29] kthread+0x26d/0x300 [ 227.040736][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 227.046104][ T29] ? kthread_blkcg+0xd0/0xd0 [ 227.050602][ T29] ret_from_fork+0x1f/0x30 [ 227.054784][ T29] [ 227.057692][ T29] NMI backtrace for cpu 1 [ 227.061791][ T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 227.071158][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 227.081053][ T29] Call Trace: [ 227.084177][ T29] [ 227.086957][ T29] dump_stack_lvl+0x151/0x1b7 [ 227.091469][ T29] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 227.096763][ T29] dump_stack+0x15/0x1a [ 227.100756][ T29] nmi_cpu_backtrace+0x2e4/0x2f0 [ 227.105530][ T29] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 227.111517][ T29] ? sched_show_task+0x3d8/0x620 [ 227.116290][ T29] ? nmi_trigger_cpumask_backtrace+0x114/0x3c0 [ 227.122281][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 227.128186][ T29] nmi_trigger_cpumask_backtrace+0x19b/0x3c0 [ 227.133999][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 227.139906][ T29] arch_trigger_cpumask_backtrace+0x10/0x20 [ 227.145627][ T29] watchdog+0xdb0/0xf20 [ 227.149620][ T29] ? __kasan_check_write+0x14/0x20 [ 227.154578][ T29] ? hungtask_pm_notify+0x50/0x50 [ 227.157813][ T6] usb 1-1: USB disconnect, device number 28 [ 227.159428][ T29] ? __kasan_check_read+0x11/0x20 [ 227.159449][ T29] ? __kthread_parkme+0x12d/0x180 [ 227.174879][ T29] kthread+0x26d/0x300 [ 227.178782][ T29] ? hungtask_pm_notify+0x50/0x50 [ 227.183642][ T29] ? kthread_blkcg+0xd0/0xd0 [ 227.188067][ T29] ret_from_fork+0x1f/0x30 [ 227.192322][ T29] [ 227.195283][ T29] Sending NMI from CPU 1 to CPUs 0: [ 227.200561][ C0] NMI backtrace for cpu 0 [ 227.200571][ C0] CPU: 0 PID: 316 Comm: kworker/0:3 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 227.200589][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 227.200599][ C0] Workqueue: 0x0 (wg-crypt-wg2) [ 227.200621][ C0] RIP: 0010:__sanitizer_cov_trace_pc+0x0/0x60 [ 227.200642][ C0] Code: 84 00 00 00 00 00 0f 1f 40 00 55 48 89 e5 53 48 89 fb e8 13 00 00 00 48 8b 3d 84 e0 fc 05 48 89 de e8 e4 60 46 00 5b 5d c3 cc <55> 48 89 e5 48 8b 45 08 65 48 8b 0d 00 cb 8c 7e 65 8b 15 01 cb 8c [ 227.200655][ C0] RSP: 0018:ffffc9000b24fd88 EFLAGS: 00000002 [ 227.200668][ C0] RAX: 1ffff1103ee06e01 RBX: ffff88810d4bab60 RCX: dffffc0000000000 [ 227.200681][ C0] RDX: ffff888100985300 RSI: ffff8881f7037680 RDI: ffff88810d4bab00 [ 227.200693][ C0] RBP: ffffc9000b24fdd8 R08: ffffffff814c4e6f R09: 0000000000000003 [ 227.200704][ C0] R10: ffffffffffffffff R11: dffffc0000000001 R12: ffff8881f7037680 [ 227.200716][ C0] R13: ffff888100985300 R14: 1ffff1103ee06ed0 R15: ffff88810d4bab00 [ 227.200728][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 227.200742][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 227.200754][ C0] CR2: 0000001b32710ff8 CR3: 0000000006e0f000 CR4: 00000000003506b0 [ 227.200768][ C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 227.200778][ C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 227.200788][ C0] Call Trace: [ 227.200793][ C0] [ 227.200798][ C0] ? show_regs+0x58/0x60 [ 227.200814][ C0] ? nmi_cpu_backtrace+0x285/0x2f0 [ 227.200833][ C0] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 227.200851][ C0] ? audit_tree_destroy_watch+0x20/0x20 [ 227.200868][ C0] ? audit_tree_destroy_watch+0x20/0x20 [ 227.200884][ C0] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 227.200902][ C0] ? nmi_handle+0xa7/0x280 [ 227.200918][ C0] ? audit_tree_destroy_watch+0x20/0x20 [ 227.200934][ C0] ? default_do_nmi+0x69/0x160 [ 227.200950][ C0] ? exc_nmi+0xad/0x100 [ 227.200965][ C0] ? end_repeat_nmi+0x16/0x31 [ 227.200982][ C0] ? worker_enter_idle+0x6f/0x510 [ 227.201002][ C0] ? audit_tree_destroy_watch+0x20/0x20 [ 227.201019][ C0] ? audit_tree_destroy_watch+0x20/0x20 [ 227.201036][ C0] ? audit_tree_destroy_watch+0x20/0x20 [ 227.201052][ C0] [ 227.201057][ C0] [ 227.201062][ C0] ? worker_enter_idle+0x1bb/0x510 [ 227.201082][ C0] worker_thread+0xec5/0x1260 [ 227.201108][ C0] kthread+0x26d/0x300 [ 227.201123][ C0] ? worker_clr_flags+0x1a0/0x1a0 [ 227.201141][ C0] ? kthread_blkcg+0xd0/0xd0 [ 227.201158][ C0] ret_from_fork+0x1f/0x30 [ 227.201178][ C0] [ 227.487610][ T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 227.498312][ T8] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 227.508025][ T4354] loop3: detected capacity change from 0 to 256 [ 227.514405][ T4354] exfat: Deprecated parameter 'namecase' [ 227.527779][ T4354] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 227.651588][ T4356] loop3: detected capacity change from 0 to 8192 [ 227.658743][ T4356] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 228.430000][ T4369] loop0: detected capacity change from 0 to 8192 [ 228.445805][ T4369] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 228.486347][ T4376] incfs: Options parsing error. -22 [ 228.491546][ T4376] incfs: mount failed -22 [ 228.512068][ T4107] usb 5-1: USB disconnect, device number 35 [ 228.525134][ T4377] loop2: detected capacity change from 0 to 8192 [ 228.627133][ T4377] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 229.757841][ T973] usb 2-1: new high-speed USB device number 33 using dummy_hcd [ 229.975352][ T4395] loop4: detected capacity change from 0 to 40427 [ 229.985672][ T4395] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 229.993650][ T4395] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 230.002751][ T4395] F2FS-fs (loop4): invalid crc value [ 230.009239][ T4395] F2FS-fs (loop4): Found nat_bits in checkpoint [ 230.049464][ T4395] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 230.056372][ T4395] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 230.117041][ T4107] usb 3-1: new high-speed USB device number 36 using dummy_hcd [ 230.154231][ T4409] loop0: detected capacity change from 0 to 8192 [ 230.156926][ T973] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.171426][ T973] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 230.175613][ T4409] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 230.181115][ T973] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 230.202266][ T973] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.271243][ T4411] fuse: Bad value for 'fd' [ 230.278261][ T4411] syz.4.1018: attempt to access beyond end of device [ 230.278261][ T4411] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 230.371047][ T973] usb 2-1: config 0 descriptor?? [ 230.674475][ T43] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 230.683675][ T43] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 230.810840][ T4420] loop4: detected capacity change from 0 to 2048 [ 230.817408][ T4107] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 230.830027][ T4107] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 230.838616][ T4420] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 230.839878][ T4107] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 230.848162][ T4420] ext4 filesystem being mounted at /77/bus supports timestamps until 2038 (0x7fffffff) [ 230.857038][ T4107] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 230.869350][ T973] holtek_kbd 0003:04D9:A055.0043: unknown main item tag 0x0 [ 230.874909][ T4420] EXT4-fs (loop4): unmounting filesystem. [ 230.881443][ T973] holtek_kbd 0003:04D9:A055.0043: item fetching failed at offset 3/5 [ 230.887584][ T4107] usb 3-1: config 0 descriptor?? [ 230.897515][ T973] holtek_kbd: probe of 0003:04D9:A055.0043 failed with error -22 [ 230.999741][ T4425] loop4: detected capacity change from 0 to 8192 [ 231.015381][ T4425] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 231.078881][ T19] usb 2-1: USB disconnect, device number 33 [ 231.109020][ T4429] incfs: Options parsing error. -22 [ 231.114060][ T4429] incfs: mount failed -22 [ 231.699215][ T4107] hid-multitouch 0003:1FD2:6007.0044: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.2-1/input0 [ 231.763621][ T4107] usb 3-1: USB disconnect, device number 36 [ 231.855012][ T4440] loop3: detected capacity change from 0 to 8192 [ 231.887043][ T4440] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 233.523813][ T4478] fuse: Bad value for 'fd' [ 233.776076][ T4486] incfs: Options parsing error. -22 [ 233.781169][ T4486] incfs: mount failed -22 [ 234.145984][ T4495] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4495 comm=syz.4.1046 [ 234.340912][ T4498] loop2: detected capacity change from 0 to 8192 [ 234.381125][ T4498] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 234.418846][ T4500] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4500 comm=syz.3.1048 [ 234.486902][ T39] usb 5-1: new high-speed USB device number 36 using dummy_hcd [ 235.216954][ T973] usb 4-1: new high-speed USB device number 24 using dummy_hcd [ 235.267287][ T39] usb 5-1: Using ep0 maxpacket: 16 [ 235.446959][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.459448][ T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.469179][ T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 235.481963][ T973] usb 4-1: Using ep0 maxpacket: 16 [ 235.684651][ T39] usb 5-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 235.696505][ T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.740349][ T39] usb 5-1: config 0 descriptor?? [ 235.797107][ T973] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 235.808442][ T973] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 235.819820][ T973] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 235.834186][ T973] usb 4-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 235.853374][ T973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 235.862021][ T973] usb 4-1: config 0 descriptor?? [ 236.239024][ T39] wacom 0003:056A:0022.0045: collection stack underflow [ 236.245816][ T39] wacom 0003:056A:0022.0045: item 0 2 0 12 parsing failed [ 236.267217][ T39] wacom 0003:056A:0022.0045: parse failed [ 236.272784][ T39] wacom: probe of 0003:056A:0022.0045 failed with error -22 [ 236.353600][ T973] wacom 0003:056A:0022.0046: collection stack underflow [ 236.367014][ T973] wacom 0003:056A:0022.0046: item 0 2 0 12 parsing failed [ 236.391849][ T973] wacom 0003:056A:0022.0046: parse failed [ 236.444094][ T973] wacom: probe of 0003:056A:0022.0046 failed with error -22 [ 236.515857][ T6] usb 5-1: USB disconnect, device number 36 [ 236.556009][ T316] usb 4-1: USB disconnect, device number 24 [ 236.576237][ T4521] loop0: detected capacity change from 0 to 40427 [ 236.582980][ T4521] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 236.590643][ T4521] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 236.599397][ T4521] F2FS-fs (loop0): invalid crc value [ 236.605849][ T4521] F2FS-fs (loop0): Found nat_bits in checkpoint [ 236.641385][ T4521] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 236.648421][ T4521] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 236.927438][ T4533] fuse: Bad value for 'fd' [ 236.974034][ T4533] syz.0.1053: attempt to access beyond end of device [ 236.974034][ T4533] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 237.191701][ T43] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 237.202563][ T43] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 237.217661][ T4537] loop4: detected capacity change from 0 to 40427 [ 237.236866][ T4537] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 237.351176][ T4537] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 237.475444][ T4537] F2FS-fs (loop4): invalid crc value [ 237.561021][ T4537] F2FS-fs (loop4): Found nat_bits in checkpoint [ 237.843672][ T4537] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 237.850662][ T4537] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 238.255835][ T4566] incfs: Options parsing error. -22 [ 238.260937][ T4566] incfs: mount failed -22 [ 239.331583][ T4584] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4584 comm=syz.3.1068 [ 239.446933][ T973] usb 3-1: new high-speed USB device number 37 using dummy_hcd [ 239.676995][ T423] usb 4-1: new high-speed USB device number 25 using dummy_hcd [ 239.726967][ T973] usb 3-1: Using ep0 maxpacket: 16 [ 239.846928][ T973] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 239.926874][ T423] usb 4-1: Using ep0 maxpacket: 16 [ 240.017157][ T973] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 240.026112][ T973] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 240.075721][ T973] usb 3-1: Product: syz [ 240.129978][ T423] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 240.140738][ T973] usb 3-1: Manufacturer: syz [ 240.145146][ T973] usb 3-1: SerialNumber: syz [ 240.149619][ T423] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 240.167179][ T973] usb 3-1: config 0 descriptor?? [ 240.216900][ T423] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 240.237340][ T423] usb 4-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 240.246171][ T423] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 240.255498][ T423] usb 4-1: config 0 descriptor?? [ 240.507494][ T4598] fuse: Bad value for 'fd' [ 240.706867][ T60] usb 1-1: new high-speed USB device number 29 using dummy_hcd [ 240.757932][ T423] wacom 0003:056A:0022.0047: collection stack underflow [ 240.764773][ T423] wacom 0003:056A:0022.0047: item 0 2 0 12 parsing failed [ 240.771835][ T423] wacom 0003:056A:0022.0047: parse failed [ 240.777421][ T423] wacom: probe of 0003:056A:0022.0047 failed with error -22 [ 240.836956][ T973] usb 3-1: Found UVC 0.00 device syz (045e:0721) [ 240.843523][ T973] usb 3-1: No valid video chain found. [ 240.853422][ T973] usb 3-1: USB disconnect, device number 37 [ 240.946855][ T60] usb 1-1: Using ep0 maxpacket: 16 [ 240.967968][ T6] usb 4-1: USB disconnect, device number 25 [ 241.066989][ T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 241.077800][ T60] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 241.087775][ T60] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0 [ 241.097698][ T60] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0 [ 241.107588][ T60] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0 [ 241.118672][ T60] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 0 [ 241.286972][ T60] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 241.295962][ T60] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 241.303827][ T60] usb 1-1: Product: syz [ 241.308013][ T60] usb 1-1: Manufacturer: syz [ 241.312428][ T60] usb 1-1: SerialNumber: syz [ 241.354177][ T4611] loop2: detected capacity change from 0 to 8192 [ 241.361909][ T4611] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 241.485314][ T4613] loop3: detected capacity change from 0 to 2048 [ 241.617885][ T60] cdc_ncm 1-1:1.0: bind() failure [ 241.668192][ T60] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 241.699870][ T4613] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none. [ 241.714824][ T60] cdc_ncm 1-1:1.1: bind() failure [ 241.833012][ T60] usb 1-1: USB disconnect, device number 29 [ 241.847447][ T4621] incfs: Options parsing error. -22 [ 241.852477][ T4621] incfs: mount failed -22 [ 242.743654][ T28] audit: type=1400 audit(1722836177.483:359): avc: denied { unmount } for pid=1894 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1 [ 242.770185][ T3892] EXT4-fs (loop3): unmounting filesystem. [ 243.363151][ T4634] loop4: detected capacity change from 0 to 40427 [ 243.372410][ T4634] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 243.382278][ T4634] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 243.395741][ T4634] F2FS-fs (loop4): invalid crc value [ 243.561893][ T4634] F2FS-fs (loop4): Found nat_bits in checkpoint [ 243.603272][ T4634] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 243.610437][ T4634] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 243.683137][ T4653] netlink: 'syz.3.1084': attribute type 31 has an invalid length. [ 243.942831][ T43] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 243.958493][ T43] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 244.036873][ T973] usb 4-1: new high-speed USB device number 26 using dummy_hcd [ 244.146952][ T6] usb 1-1: new high-speed USB device number 30 using dummy_hcd [ 244.397037][ T973] usb 4-1: config 0 has no interfaces? [ 244.402511][ T973] usb 4-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 244.411356][ T973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.420391][ T973] usb 4-1: config 0 descriptor?? [ 244.536892][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 244.547661][ T6] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 244.557626][ T6] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 244.566563][ T6] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 244.579534][ T6] usb 1-1: config 0 descriptor?? [ 245.167740][ T6] holtek_kbd 0003:04D9:A055.0048: unknown main item tag 0x0 [ 245.185338][ T6] holtek_kbd 0003:04D9:A055.0048: item fetching failed at offset 3/5 [ 245.189044][ T4681] incfs: Options parsing error. -22 [ 245.198314][ T4681] incfs: mount failed -22 [ 245.198599][ T6] holtek_kbd: probe of 0003:04D9:A055.0048 failed with error -22 [ 245.460297][ T60] usb 1-1: USB disconnect, device number 30 [ 247.025473][ T423] usb 4-1: USB disconnect, device number 26 [ 247.089698][ T4708] loop3: detected capacity change from 0 to 8192 [ 247.109809][ T4708] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 247.601561][ T4706] loop4: detected capacity change from 0 to 40427 [ 247.608669][ T4706] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 247.616387][ T4706] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 247.627243][ T4706] F2FS-fs (loop4): invalid crc value [ 247.644403][ T4706] F2FS-fs (loop4): Found nat_bits in checkpoint [ 247.676955][ T29] INFO: task syz-executor:297 blocked for more than 164 seconds. [ 247.688044][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 247.710957][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 247.719975][ T29] task:syz-executor state:D stack:21200 pid:297 ppid:1 flags:0x00004004 [ 247.729358][ T29] Call Trace: [ 247.732622][ T29] [ 247.735621][ T29] __schedule+0xca7/0x1550 [ 247.740364][ T29] ? release_firmware_map_entry+0x191/0x191 [ 247.746439][ T29] schedule+0xc3/0x180 [ 247.746501][ T4706] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 247.750583][ T29] schedule_timeout+0xa9/0x380 [ 247.760294][ T4706] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 247.762021][ T29] ? console_conditional_schedule+0x10/0x10 [ 247.785571][ T29] ? ttwu_do_wakeup+0x40d/0x430 [ 247.790810][ T29] wait_for_common+0x39a/0x640 [ 247.795790][ T29] ? wait_for_completion+0x20/0x20 [ 247.801203][ T29] ? __kmem_cache_free+0x218/0x3b0 [ 247.806342][ T29] ? wake_up_state+0xb/0x10 [ 247.864180][ T29] ? kthread_unpark+0x1a0/0x220 [ 247.872418][ T29] wait_for_completion+0x18/0x20 [ 247.880638][ T29] kthread_stop+0x118/0x420 [ 247.885011][ T29] ext4_stop_mmpd+0x47/0xb0 [ 247.889659][ T29] ext4_put_super+0x8a3/0xd60 [ 247.897008][ T29] ? ext4_drop_inode+0x1a0/0x1a0 [ 247.931081][ T29] generic_shutdown_super+0x14f/0x370 [ 247.936632][ T29] kill_block_super+0x7e/0xe0 [ 247.941190][ T29] deactivate_locked_super+0xad/0x110 [ 247.946356][ T29] deactivate_super+0xbe/0xf0 [ 247.950860][ T29] cleanup_mnt+0x485/0x510 [ 247.955099][ T29] ? user_path_at_empty+0x14e/0x1a0 [ 247.960161][ T29] __cleanup_mnt+0x19/0x20 [ 247.964386][ T29] task_work_run+0x24d/0x2e0 [ 247.968825][ T29] ? task_work_cancel+0x2b0/0x2b0 [ 247.973672][ T29] ? __x64_sys_umount+0x122/0x170 [ 247.978545][ T29] exit_to_user_mode_loop+0x94/0xa0 [ 247.983647][ T29] exit_to_user_mode_prepare+0x5a/0xa0 [ 247.989047][ T29] syscall_exit_to_user_mode+0x26/0x130 [ 247.994464][ T29] do_syscall_64+0x47/0xb0 [ 247.998731][ T29] ? clear_bhb_loop+0x55/0xb0 [ 248.003175][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 248.009018][ T29] RIP: 0033:0x7f0143378d27 [ 248.013239][ T29] RSP: 002b:00007fffdddb4148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 248.021504][ T29] RAX: 0000000000000000 RBX: 00007f01433e578c RCX: 00007f0143378d27 [ 248.029309][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffdddb4200 [ 248.037134][ T29] RBP: 00007fffdddb4200 R08: 0000000000000000 R09: 0000000000000000 [ 248.044920][ T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffdddb5280 [ 248.052743][ T29] R13: 00007f01433e578c R14: 000000000000f3ba R15: 00007fffdddb52c0 [ 248.060594][ T29] [ 248.065983][ T29] INFO: task kmmpd-loop1:963 blocked for more than 165 seconds. [ 248.074279][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 248.081520][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 248.090045][ T29] task:kmmpd-loop1 state:D stack:27656 pid:963 ppid:2 flags:0x00024000 [ 248.099241][ T29] Call Trace: [ 248.102332][ T29] [ 248.105203][ T29] __schedule+0xca7/0x1550 [ 248.109516][ T29] ? bpf_trace_run3+0x2e0/0x2e0 [ 248.114140][ T29] ? release_firmware_map_entry+0x191/0x191 [ 248.119879][ T29] ? __kasan_check_write+0x14/0x20 [ 248.124835][ T29] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 248.129772][ T29] ? _raw_spin_lock_irqsave+0x210/0x210 [ 248.135141][ T29] schedule+0xc3/0x180 [ 248.139075][ T29] percpu_rwsem_wait+0x382/0x4b0 [ 248.143819][ T29] ? percpu_free_rwsem+0x80/0x80 [ 248.148600][ T29] ? percpu_up_write+0x270/0x270 [ 248.153364][ T29] ? __kasan_check_read+0x11/0x20 [ 248.158671][ T29] __percpu_down_read+0x198/0x480 [ 248.163524][ T29] ? rwsem_down_write_slowpath+0x2270/0x2270 [ 248.169363][ T29] ? update_process_times+0x1b0/0x1b0 [ 248.174996][ T29] write_mmp_block+0x1e7/0x2a0 [ 248.179592][ T29] kmmpd+0x263/0xa10 [ 248.183315][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 248.188711][ T29] ? __kthread_parkme+0x12d/0x180 [ 248.193564][ T29] kthread+0x26d/0x300 [ 248.197477][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 248.202838][ T29] ? kthread_blkcg+0xd0/0xd0 [ 248.207273][ T29] ret_from_fork+0x1f/0x30 [ 248.211519][ T29] [ 248.219488][ T29] NMI backtrace for cpu 0 [ 248.223626][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 248.226049][ T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 248.232993][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 248.233005][ T29] Call Trace: [ 248.233010][ T29] [ 248.233017][ T29] dump_stack_lvl+0x151/0x1b7 [ 248.233043][ T29] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 248.267286][ T29] dump_stack+0x15/0x1a [ 248.271271][ T29] nmi_cpu_backtrace+0x2e4/0x2f0 [ 248.276045][ T29] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 248.282037][ T29] ? irqentry_exit+0x30/0x40 [ 248.286462][ T29] ? nmi_trigger_cpumask_backtrace+0x114/0x3c0 [ 248.292452][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 248.294735][ T10] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 248.298348][ T29] nmi_trigger_cpumask_backtrace+0x19b/0x3c0 [ 248.298371][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 248.318747][ T29] arch_trigger_cpumask_backtrace+0x10/0x20 [ 248.324487][ T29] watchdog+0xdb0/0xf20 [ 248.328467][ T29] ? __kasan_check_write+0x14/0x20 [ 248.333513][ T29] ? hungtask_pm_notify+0x50/0x50 [ 248.338364][ T29] ? __kasan_check_read+0x11/0x20 [ 248.343222][ T29] ? __kthread_parkme+0x12d/0x180 [ 248.348085][ T29] kthread+0x26d/0x300 [ 248.351986][ T29] ? hungtask_pm_notify+0x50/0x50 [ 248.356846][ T29] ? kthread_blkcg+0xd0/0xd0 [ 248.361273][ T29] ret_from_fork+0x1f/0x30 [ 248.365528][ T29] [ 248.368476][ T29] Sending NMI from CPU 0 to CPUs 1: [ 248.373441][ C1] NMI backtrace for cpu 1 [ 248.373453][ C1] CPU: 1 PID: 4732 Comm: syz.3.1104 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 248.373475][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 248.373484][ C1] RIP: 0010:___update_load_sum+0xcf/0x9e0 [ 248.373511][ C1] Code: 23 4d 89 ee 4d 29 e6 0f 88 2a 01 00 00 48 8d bc 24 80 00 00 00 48 89 f0 4d 89 f5 49 c1 ed 0a 48 89 fb 48 c1 eb 03 80 3c 33 00 <74> 15 48 8d bc 24 80 00 00 00 e8 a2 fb 67 00 48 8d bc 24 80 00 00 [ 248.373524][ C1] RSP: 0018:ffffc90010a1f000 EFLAGS: 00000046 [ 248.373539][ C1] RAX: dffffc0000000000 RBX: 1ffff92002143e10 RCX: 1ffff92002143e0c [ 248.373551][ C1] RDX: 1ffff92002143e0c RSI: dffffc0000000000 RDI: ffffc90010a1f080 [ 248.373563][ C1] RBP: ffffc90010a1f0f8 R08: 0000000000000000 R09: ffffed1020066c01 [ 248.373575][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 00000035c9f03000 [ 248.373586][ C1] R13: 0000000000000005 R14: 0000000000001667 R15: 1ffff11021f9f018 [ 248.373597][ C1] FS: 00007fc7f8fa56c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 248.373611][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 248.373622][ C1] CR2: 00007fc7f8f83fa8 CR3: 000000013a241000 CR4: 00000000003506a0 [ 248.373637][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 248.373646][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 248.373656][ C1] Call Trace: [ 248.373661][ C1] [ 248.373667][ C1] ? show_regs+0x58/0x60 [ 248.373683][ C1] ? nmi_cpu_backtrace+0x285/0x2f0 [ 248.373701][ C1] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 248.373720][ C1] ? ___update_load_sum+0xcf/0x9e0 [ 248.373739][ C1] ? ___update_load_sum+0xcf/0x9e0 [ 248.373758][ C1] ? nmi_cpu_backtrace_handler+0xc/0x20 [ 248.373776][ C1] ? nmi_handle+0xa7/0x280 [ 248.373791][ C1] ? ___update_load_sum+0xcf/0x9e0 [ 248.373811][ C1] ? default_do_nmi+0x69/0x160 [ 248.373828][ C1] ? exc_nmi+0xad/0x100 [ 248.373842][ C1] ? end_repeat_nmi+0x16/0x31 [ 248.373861][ C1] ? ___update_load_sum+0xcf/0x9e0 [ 248.373880][ C1] ? ___update_load_sum+0xcf/0x9e0 [ 248.373900][ C1] ? ___update_load_sum+0xcf/0x9e0 [ 248.373920][ C1] [ 248.373925][ C1] [ 248.373932][ C1] ? cpudl_cleanup+0x40/0x40 [ 248.373951][ C1] ? stack_trace_save+0x113/0x1c0 [ 248.373968][ C1] __update_load_avg_se+0xdc/0x3c0 [ 248.373989][ C1] update_load_avg+0xe2/0x1530 [ 248.374008][ C1] ? update_curr+0x5f0/0x5f0 [ 248.374024][ C1] set_next_entity+0x2cc/0x5e0 [ 248.374041][ C1] pick_next_task_fair+0x293/0xc80 [ 248.374058][ C1] ? __update_idle_core+0x310/0x310 [ 248.374075][ C1] ? __kasan_check_read+0x11/0x20 [ 248.374091][ C1] ? update_rt_rq_load_avg+0x25/0x240 [ 248.374111][ C1] ? put_prev_task_rt+0xc8/0x450 [ 248.374131][ C1] __pick_next_task_fair+0xd/0x10 [ 248.374147][ C1] __schedule+0x59b/0x1550 [ 248.374164][ C1] ? avc_denied+0x1b0/0x1b0 [ 248.374185][ C1] ? release_firmware_map_entry+0x191/0x191 [ 248.374205][ C1] schedule+0xc3/0x180 [ 248.374221][ C1] schedule_timeout+0xa9/0x380 [ 248.374240][ C1] ? __kasan_check_write+0x14/0x20 [ 248.374254][ C1] ? skb_set_owner_w+0x24b/0x3c0 [ 248.374269][ C1] ? console_conditional_schedule+0x10/0x10 [ 248.374290][ C1] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 248.374311][ C1] ? prepare_to_wait_exclusive+0x1ac/0x1f0 [ 248.374330][ C1] unix_wait_for_peer+0x24b/0x330 [ 248.374349][ C1] ? unix_find_other+0x8e0/0x8e0 [ 248.374366][ C1] ? wake_bit_function+0x230/0x230 [ 248.374386][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 248.374408][ C1] ? security_unix_may_send+0x7b/0xa0 [ 248.374426][ C1] unix_dgram_sendmsg+0x1348/0x2050 [ 248.374448][ C1] ? unix_dgram_poll+0x710/0x710 [ 248.374472][ C1] ? security_socket_sendmsg+0x82/0xb0 [ 248.374489][ C1] ? unix_dgram_poll+0x710/0x710 [ 248.374507][ C1] ____sys_sendmsg+0x5d3/0x9a0 [ 248.374527][ C1] ? __sys_sendmsg_sock+0x40/0x40 [ 248.374548][ C1] __sys_sendmmsg+0x3b9/0x6f0 [ 248.374568][ C1] ? __ia32_sys_sendmsg+0x90/0x90 [ 248.374589][ C1] ? futex_wait+0x4b7/0x7e0 [ 248.374616][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 248.374637][ C1] ? do_futex+0x55a/0x9a0 [ 248.374657][ C1] ? xfd_validate_state+0x6f/0x170 [ 248.374680][ C1] ? fpregs_restore_userregs+0x130/0x290 [ 248.374697][ C1] __x64_sys_sendmmsg+0xa0/0xb0 [ 248.374716][ C1] x64_sys_call+0x81d/0x9a0 [ 248.374732][ C1] do_syscall_64+0x3b/0xb0 [ 248.374752][ C1] ? clear_bhb_loop+0x55/0xb0 [ 248.374768][ C1] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 248.374783][ C1] RIP: 0033:0x7fc7f81779f9 [ 248.374796][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 248.374808][ C1] RSP: 002b:00007fc7f8fa5048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 248.374824][ C1] RAX: ffffffffffffffda RBX: 00007fc7f8305f80 RCX: 00007fc7f81779f9 [ 248.374836][ C1] RDX: 0000000000000651 RSI: 0000000020000000 RDI: 0000000000000006 [ 248.374846][ C1] RBP: 00007fc7f81e58ee R08: 0000000000000000 R09: 0000000000000000 [ 248.374856][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 248.374866][ C1] R13: 000000000000000b R14: 00007fc7f8305f80 R15: 00007ffdb0b87a28 [ 248.374881][ C1] [ 248.506120][ T4736] loop4: detected capacity change from 0 to 8192 [ 248.510878][ T298] usb 3-1: new high-speed USB device number 38 using dummy_hcd [ 248.545668][ T4736] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 248.886866][ T298] usb 3-1: Using ep0 maxpacket: 16 [ 248.936897][ T6] usb 2-1: new high-speed USB device number 34 using dummy_hcd [ 249.036931][ T298] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 249.192604][ T4748] loop3: detected capacity change from 0 to 8192 [ 249.217150][ T298] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 249.235673][ T4748] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 249.246080][ T298] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 249.261660][ T298] usb 3-1: Product: syz [ 249.265652][ T298] usb 3-1: Manufacturer: syz [ 249.286500][ T298] usb 3-1: SerialNumber: syz [ 249.296941][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 249.311145][ T298] usb 3-1: config 0 descriptor?? [ 249.322564][ T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 249.359487][ T6] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 249.379466][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 249.399790][ T6] usb 2-1: config 0 descriptor?? [ 249.996911][ T298] usb 3-1: Found UVC 0.00 device syz (045e:0721) [ 250.290474][ T6] holtek_kbd 0003:04D9:A055.0049: unknown main item tag 0x0 [ 250.297663][ T298] usb 3-1: No valid video chain found. [ 250.303649][ T6] holtek_kbd 0003:04D9:A055.0049: item fetching failed at offset 3/5 [ 250.311670][ T298] usb 3-1: USB disconnect, device number 38 [ 250.317803][ T6] holtek_kbd: probe of 0003:04D9:A055.0049 failed with error -22 [ 250.318615][ T4755] loop0: detected capacity change from 0 to 40427 [ 250.333530][ T4755] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 250.343549][ T4763] loop3: detected capacity change from 0 to 256 [ 250.348764][ T4755] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 250.352422][ T4763] exfat: Deprecated parameter 'namecase' [ 250.363948][ T4755] F2FS-fs (loop0): invalid crc value [ 250.365419][ T4763] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d) [ 250.370905][ T4755] F2FS-fs (loop0): Found nat_bits in checkpoint [ 250.420896][ T4755] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 250.427832][ T4755] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 250.448723][ T39] usb 2-1: USB disconnect, device number 34 [ 250.706144][ T4773] device veth0_vlan left promiscuous mode [ 252.141593][ T4780] loop4: detected capacity change from 0 to 40427 [ 252.152744][ T4780] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12 [ 252.162173][ T4780] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 252.195405][ T4780] F2FS-fs (loop4): invalid crc value [ 252.222792][ T4780] F2FS-fs (loop4): Found nat_bits in checkpoint [ 252.287022][ T4780] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 252.293940][ T4780] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 252.573660][ T345] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 252.609871][ T345] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 252.957008][ T4108] usb 1-1: new full-speed USB device number 31 using dummy_hcd [ 253.497448][ T4108] usb 1-1: unable to get BOS descriptor or descriptor too short [ 253.546913][ T4108] usb 1-1: not running at top speed; connect to a high speed hub [ 253.627123][ T4108] usb 1-1: config 1 has an invalid descriptor of length 186, skipping remainder of the config [ 253.637877][ T4108] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18 [ 253.723120][ T298] usb 2-1: new high-speed USB device number 35 using dummy_hcd [ 253.727002][ T4108] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 253.739486][ T4108] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 253.747379][ T4108] usb 1-1: SerialNumber: syz [ 253.935912][ T4832] loop2: detected capacity change from 0 to 8192 [ 253.943313][ T4832] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 253.986871][ T298] usb 2-1: Using ep0 maxpacket: 16 [ 253.995196][ T4810] loop0: detected capacity change from 0 to 512 [ 254.027166][ T375] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2 [ 254.028871][ T4834] loop0: detected capacity change from 0 to 512 [ 254.036619][ T375] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2 [ 254.051852][ T375] Buffer I/O error on dev loop0, logical block 0, async page read [ 254.710124][ T298] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 254.827460][ T4840] loop3: detected capacity change from 0 to 8192 [ 254.876601][ T4840] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 254.926942][ T298] usb 2-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 254.936686][ T298] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 254.951609][ T298] usb 2-1: Product: syz [ 254.968007][ T298] usb 2-1: Manufacturer: syz [ 254.973736][ T298] usb 2-1: SerialNumber: syz [ 254.989041][ T4108] usb 1-1: USB disconnect, device number 31 [ 255.005825][ T298] usb 2-1: config 0 descriptor?? [ 255.270973][ T4853] loop0: detected capacity change from 0 to 8192 [ 255.288693][ T4853] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 255.348417][ T4849] loop4: detected capacity change from 0 to 40427 [ 255.356992][ T4849] F2FS-fs (loop4): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 255.365052][ T4849] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock [ 255.380787][ T4849] F2FS-fs (loop4): invalid crc value [ 255.388717][ T4849] F2FS-fs (loop4): Found nat_bits in checkpoint [ 255.427323][ T4849] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0 [ 255.434292][ T4849] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 255.737354][ T4863] loop3: detected capacity change from 0 to 8192 [ 255.759396][ T4866] loop2: detected capacity change from 0 to 8192 [ 255.772499][ T4866] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 255.774450][ T4863] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 256.451285][ T298] usb 2-1: Found UVC 0.00 device syz (045e:0721) [ 256.457578][ T298] usb 2-1: No valid video chain found. [ 256.463463][ T298] usb 2-1: USB disconnect, device number 35 [ 256.602041][ T4874] loop0: detected capacity change from 0 to 40427 [ 256.614927][ T4874] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12 [ 256.656902][ T4874] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 256.678443][ T4874] F2FS-fs (loop0): invalid crc value [ 256.684186][ T4880] loop2: detected capacity change from 0 to 8192 [ 256.691866][ T4880] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 256.787850][ T4874] F2FS-fs (loop0): Found nat_bits in checkpoint [ 257.254756][ T4874] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 257.261868][ T4874] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 257.460255][ T4899] fuse: Bad value for 'fd' [ 257.497114][ T4899] syz.0.1141: attempt to access beyond end of device [ 257.497114][ T4899] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 257.606110][ T4902] loop4: detected capacity change from 0 to 8192 [ 257.615796][ T4902] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 257.627254][ T4107] usb 2-1: new high-speed USB device number 36 using dummy_hcd [ 257.689406][ T8] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix. [ 257.698635][ T8] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix. [ 257.714666][ T8] kworker/u4:0: attempt to access beyond end of device [ 257.714666][ T8] loop0: rw=1, sector=45112, nr_sectors = 16 limit=40427 [ 257.728277][ T298] usb 4-1: new high-speed USB device number 27 using dummy_hcd [ 257.986907][ T316] usb 3-1: new high-speed USB device number 39 using dummy_hcd [ 258.037369][ T4908] loop0: detected capacity change from 0 to 40427 [ 258.044031][ T4908] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 258.051595][ T4908] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 258.060121][ T4908] F2FS-fs (loop0): invalid crc value [ 258.066574][ T4908] F2FS-fs (loop0): Found nat_bits in checkpoint [ 258.090935][ T4908] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 258.097876][ T4908] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 258.171798][ T4916] loop0: detected capacity change from 0 to 8192 [ 258.178279][ T4107] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 258.179048][ T4916] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 258.192948][ T4107] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 258.209133][ T4107] usb 2-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 258.218122][ T4107] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.234172][ T4107] usb 2-1: config 0 descriptor?? [ 258.256982][ T298] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 258.267782][ T316] usb 3-1: Using ep0 maxpacket: 16 [ 258.272809][ T298] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 258.283863][ T298] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 258.292779][ T298] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 258.506736][ T298] usb 4-1: config 0 descriptor?? [ 258.539165][ T4920] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=4920 comm=syz.4.1152 [ 258.586930][ T316] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 258.759421][ T4107] hid-multitouch 0003:1FD2:6007.004A: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.1-1/input0 [ 258.816954][ T316] usb 3-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 258.825843][ T316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 258.833710][ T1544] usb 5-1: new high-speed USB device number 37 using dummy_hcd [ 258.841050][ T316] usb 3-1: Product: syz [ 258.845021][ T316] usb 3-1: Manufacturer: syz [ 258.849468][ T316] usb 3-1: SerialNumber: syz [ 258.854434][ T316] usb 3-1: config 0 descriptor?? [ 258.964304][ T4107] usb 2-1: USB disconnect, device number 36 [ 259.008473][ T298] hid-multitouch 0003:1FD2:6007.004B: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0 [ 259.086875][ T1544] usb 5-1: Using ep0 maxpacket: 16 [ 259.235381][ T1342] usb 4-1: USB disconnect, device number 27 [ 259.387020][ T316] usb 3-1: Found UVC 0.00 device syz (045e:0721) [ 259.393252][ T316] usb 3-1: No valid video chain found. [ 259.399077][ T316] usb 3-1: USB disconnect, device number 39 [ 259.416904][ T1544] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 259.427629][ T1544] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 259.437298][ T1544] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 259.449972][ T1544] usb 5-1: New USB device found, idVendor=056a, idProduct=0022, bcdDevice= 0.00 [ 259.458744][ T1544] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 259.467486][ T1544] usb 5-1: config 0 descriptor?? [ 259.481092][ T4927] 9pnet: Could not find request transport: fd0x0000000000000005 [ 259.488828][ T4927] FAULT_INJECTION: forcing a failure. [ 259.488828][ T4927] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 259.501851][ T4927] CPU: 0 PID: 4927 Comm: syz.1.1154 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 259.511372][ T4927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 259.521614][ T4927] Call Trace: [ 259.524736][ T4927] [ 259.527517][ T4927] dump_stack_lvl+0x151/0x1b7 [ 259.532030][ T4927] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 259.537320][ T4927] ? mntput_no_expire+0xfc/0x6b0 [ 259.542097][ T4927] ? lockref_put_return+0x2c0/0x2c0 [ 259.547131][ T4927] dump_stack+0x15/0x1a [ 259.551120][ T4927] should_fail_ex+0x3d0/0x520 [ 259.555636][ T4927] should_fail+0xb/0x10 [ 259.559635][ T4927] should_fail_usercopy+0x1a/0x20 [ 259.564577][ T4927] _copy_to_user+0x1e/0x90 [ 259.568831][ T4927] __x64_sys_statfs+0x1b8/0x240 [ 259.573515][ T4927] ? fd_statfs+0x80/0x80 [ 259.577598][ T4927] ? ksys_write+0x260/0x2c0 [ 259.581936][ T4927] ? debug_smp_processor_id+0x17/0x20 [ 259.587141][ T4927] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 259.593129][ T4927] ? exit_to_user_mode_prepare+0x39/0xa0 [ 259.598600][ T4927] x64_sys_call+0x3e0/0x9a0 [ 259.602937][ T4927] do_syscall_64+0x3b/0xb0 [ 259.607192][ T4927] ? clear_bhb_loop+0x55/0xb0 [ 259.611706][ T4927] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 259.617431][ T4927] RIP: 0033:0x7f18fa1779f9 [ 259.621691][ T4927] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 259.641233][ T4927] RSP: 002b:00007f18faf71048 EFLAGS: 00000246 ORIG_RAX: 0000000000000089 [ 259.649559][ T4927] RAX: ffffffffffffffda RBX: 00007f18fa305f80 RCX: 00007f18fa1779f9 [ 259.657371][ T4927] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000300 [ 259.665182][ T4927] RBP: 00007f18faf710a0 R08: 0000000000000000 R09: 0000000000000000 [ 259.673520][ T4927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 259.681328][ T4927] R13: 000000000000000b R14: 00007f18fa305f80 R15: 00007ffc084d1c38 [ 259.689149][ T4927] [ 259.720548][ T4929] loop2: detected capacity change from 0 to 8192 [ 259.727988][ T4929] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 260.196866][ T299] usb 4-1: new high-speed USB device number 28 using dummy_hcd [ 260.280007][ T1544] wacom 0003:056A:0022.004C: collection stack underflow [ 260.290038][ T1544] wacom 0003:056A:0022.004C: item 0 2 0 12 parsing failed [ 260.304356][ T1544] wacom 0003:056A:0022.004C: parse failed [ 260.316457][ T1544] wacom: probe of 0003:056A:0022.004C failed with error -22 [ 260.576967][ T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 260.588004][ T299] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 260.597951][ T299] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00 [ 260.604182][ T4948] loop2: detected capacity change from 0 to 8192 [ 260.606856][ T299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 260.607719][ T299] usb 4-1: config 0 descriptor?? [ 260.627045][ T4948] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 261.006894][ T1544] usb 2-1: new high-speed USB device number 37 using dummy_hcd [ 261.063280][ T4952] loop0: detected capacity change from 0 to 40427 [ 261.070061][ T4952] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 261.077972][ T4952] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock [ 261.086608][ T4952] F2FS-fs (loop0): invalid crc value [ 261.093268][ T4952] F2FS-fs (loop0): Found nat_bits in checkpoint [ 261.118163][ T4952] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0 [ 261.125032][ T4952] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 261.209005][ T299] hid-multitouch 0003:1FD2:6007.004D: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0 [ 261.521150][ T298] usb 4-1: USB disconnect, device number 28 [ 261.559004][ T299] usb 5-1: USB disconnect, device number 37 [ 261.586935][ T1544] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 261.587389][ T4963] loop2: detected capacity change from 0 to 8192 [ 261.599994][ T4965] loop4: detected capacity change from 0 to 2048 [ 261.610079][ T1544] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 261.611866][ T4963] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 261.620525][ T1544] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00 [ 261.642244][ T1544] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 261.651077][ T1544] usb 2-1: config 0 descriptor?? [ 261.660673][ T4965] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 261.726903][ T4965] loop4: detected capacity change from 2048 to 63 [ 261.735180][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.735180][ T4965] loop4: rw=2057, sector=456, nr_sectors = 16 limit=63 [ 261.748601][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.748601][ T4965] loop4: rw=2049, sector=456, nr_sectors = 16 limit=63 [ 261.762621][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.762621][ T4965] loop4: rw=2057, sector=476, nr_sectors = 996 limit=63 [ 261.776412][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.776412][ T4965] loop4: rw=2049, sector=476, nr_sectors = 996 limit=63 [ 261.793253][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.793253][ T4965] loop4: rw=2057, sector=456, nr_sectors = 16 limit=63 [ 261.815849][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.815849][ T4965] loop4: rw=2049, sector=456, nr_sectors = 16 limit=63 [ 261.830546][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.830546][ T4965] loop4: rw=2057, sector=476, nr_sectors = 996 limit=63 [ 261.845250][ T4965] syz.4.1164: attempt to access beyond end of device [ 261.845250][ T4965] loop4: rw=2049, sector=476, nr_sectors = 996 limit=63 [ 262.093645][ T4977] loop3: detected capacity change from 0 to 8192 [ 262.100896][ T4977] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 262.210505][ T299] usb 5-1: new high-speed USB device number 38 using dummy_hcd [ 262.576154][ T1544] holtek_kbd 0003:04D9:A055.004E: unknown main item tag 0x0 [ 262.583481][ T1544] holtek_kbd 0003:04D9:A055.004E: item fetching failed at offset 3/5 [ 262.594779][ T1544] holtek_kbd: probe of 0003:04D9:A055.004E failed with error -22 [ 262.604159][ T1544] usb 2-1: USB disconnect, device number 37 [ 262.952294][ T299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 262.973649][ T4991] loop0: detected capacity change from 0 to 2048 [ 262.988686][ T299] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 262.998652][ T299] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 263.007568][ T299] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 263.012664][ T4993] loop3: detected capacity change from 0 to 8192 [ 263.020642][ T299] usb 5-1: config 0 descriptor?? [ 263.023042][ T4991] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none. [ 263.034251][ T4993] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 263.532929][ T4965] syz.4.1164: attempt to access beyond end of device [ 263.532929][ T4965] loop4: rw=2057, sector=456, nr_sectors = 8 limit=63 [ 263.577069][ T4965] syz.4.1164: attempt to access beyond end of device [ 263.577069][ T4965] loop4: rw=2049, sector=456, nr_sectors = 8 limit=63 [ 263.590784][ T4965] syz.4.1164: attempt to access beyond end of device [ 263.590784][ T4965] loop4: rw=2057, sector=468, nr_sectors = 1004 limit=63 [ 263.604531][ T4965] syz.4.1164: attempt to access beyond end of device [ 263.604531][ T4965] loop4: rw=2049, sector=468, nr_sectors = 1004 limit=63 [ 263.647111][ T299] hid (null): bogus close delimiter [ 263.733054][ T5005] loop2: detected capacity change from 0 to 40427 [ 263.739827][ T5005] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(2) root(0) [ 263.747671][ T5005] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 263.757075][ T5005] F2FS-fs (loop2): invalid crc value [ 263.763658][ T5005] F2FS-fs (loop2): Found nat_bits in checkpoint [ 263.828421][ T1894] EXT4-fs (loop0): unmounting filesystem. [ 263.835716][ T5005] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0 [ 263.850853][ T5005] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 263.870628][ T299] usb 5-1: language id specifier not provided by device, defaulting to English [ 263.924622][ T5011] loop0: detected capacity change from 0 to 8192 [ 263.931269][ T5013] 9pnet: Could not find request transport: fd0x0000000000000005 [ 263.939261][ T5013] FAULT_INJECTION: forcing a failure. [ 263.939261][ T5013] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 263.947903][ T5011] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 263.955512][ T5013] CPU: 1 PID: 5013 Comm: syz.3.1175 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 263.972016][ T5013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 263.981909][ T5013] Call Trace: [ 263.985033][ T5013] [ 263.987810][ T5013] dump_stack_lvl+0x151/0x1b7 [ 263.992325][ T5013] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 263.997618][ T5013] dump_stack+0x15/0x1a [ 264.001605][ T5013] should_fail_ex+0x3d0/0x520 [ 264.006120][ T5013] should_fail+0xb/0x10 [ 264.010111][ T5013] should_fail_usercopy+0x1a/0x20 [ 264.014971][ T5013] _copy_to_user+0x1e/0x90 [ 264.019225][ T5013] simple_read_from_buffer+0xc7/0x150 [ 264.024433][ T5013] proc_fail_nth_read+0x1a3/0x210 [ 264.029293][ T5013] ? proc_fault_inject_write+0x390/0x390 [ 264.034759][ T5013] ? fsnotify_perm+0x470/0x5d0 [ 264.039361][ T5013] ? security_file_permission+0x86/0xb0 [ 264.044741][ T5013] ? proc_fault_inject_write+0x390/0x390 [ 264.050211][ T5013] vfs_read+0x26c/0xad0 [ 264.054207][ T5013] ? kernel_read+0x1f0/0x1f0 [ 264.058627][ T5013] ? mutex_lock+0xb1/0x1e0 [ 264.062881][ T5013] ? bit_wait_io_timeout+0x120/0x120 [ 264.068004][ T5013] ? __fdget_pos+0x2e2/0x390 [ 264.072428][ T5013] ? ksys_read+0x77/0x2c0 [ 264.076594][ T5013] ksys_read+0x199/0x2c0 [ 264.080676][ T5013] ? vfs_write+0xeb0/0xeb0 [ 264.084927][ T5013] ? debug_smp_processor_id+0x17/0x20 [ 264.090134][ T5013] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 264.096037][ T5013] __x64_sys_read+0x7b/0x90 [ 264.100376][ T5013] x64_sys_call+0x28/0x9a0 [ 264.104630][ T5013] do_syscall_64+0x3b/0xb0 [ 264.108884][ T5013] ? clear_bhb_loop+0x55/0xb0 [ 264.113397][ T5013] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 264.119132][ T5013] RIP: 0033:0x7fc7f817643c [ 264.123380][ T5013] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8d 02 00 48 [ 264.142827][ T5013] RSP: 002b:00007fc7f8fa5040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 264.151063][ T5013] RAX: ffffffffffffffda RBX: 00007fc7f8305f80 RCX: 00007fc7f817643c [ 264.158875][ T5013] RDX: 000000000000000f RSI: 00007fc7f8fa50b0 RDI: 0000000000000008 [ 264.166783][ T5013] RBP: 00007fc7f8fa50a0 R08: 0000000000000000 R09: 0000000000000000 [ 264.174678][ T5013] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 264.182491][ T5013] R13: 000000000000000b R14: 00007fc7f8305f80 R15: 00007ffdb0b87a28 [ 264.190309][ T5013] [ 264.234917][ T298] kernel write not supported for file bpf-prog (pid: 298 comm: kworker/0:2) [ 266.448666][ T299] uclogic 0003:256C:006D.004F: failed retrieving string descriptor #200: -71 [ 266.475068][ T299] uclogic 0003:256C:006D.004F: failed retrieving pen parameters: -71 [ 266.483415][ T299] uclogic 0003:256C:006D.004F: failed probing pen v2 parameters: -71 [ 266.492191][ T299] uclogic 0003:256C:006D.004F: failed probing parameters: -71 [ 266.499555][ T299] uclogic: probe of 0003:256C:006D.004F failed with error -71 [ 266.509634][ T5038] 9pnet: Could not find request transport: fd0x0000000000000006 [ 266.510646][ T299] usb 5-1: USB disconnect, device number 38 [ 266.533802][ T10] kworker/u4:1: attempt to access beyond end of device [ 266.533802][ T10] loop4: rw=1, sector=448, nr_sectors = 16 limit=63 [ 266.559026][ T10] EXT4-fs warning (device loop4): ext4_end_bio:347: I/O error 10 writing to inode 18 starting block 112) [ 266.588992][ T10] Buffer I/O error on device loop4, logical block 112 [ 266.595676][ T10] Buffer I/O error on device loop4, logical block 113 [ 266.604110][ T10] Buffer I/O error on device loop4, logical block 114 [ 266.610680][ T10] Buffer I/O error on device loop4, logical block 115 [ 266.629483][ T2919] EXT4-fs (loop4): unmounting filesystem. [ 266.807140][ T4967] kmmpd-loop4: attempt to access beyond end of device [ 266.807140][ T4967] loop4: rw=14337, sector=256, nr_sectors = 4 limit=63 [ 266.959169][ T4967] Buffer I/O error on dev loop4, logical block 64, lost sync page write [ 266.967443][ T4967] EXT4-fs error (device loop4): kmmpd:186: comm kmmpd-loop4: Error writing to MMP block [ 266.998382][ T4967] kmmpd-loop4: attempt to access beyond end of device [ 266.998382][ T4967] loop4: rw=14337, sector=256, nr_sectors = 4 limit=63 [ 267.014213][ T4967] Buffer I/O error on dev loop4, logical block 64, lost sync page write [ 267.458005][ T28] audit: type=1400 audit(1722836202.203:360): avc: denied { ioctl } for pid=5056 comm="syz.1.1188" path="socket:[33988]" dev="sockfs" ino=33988 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 268.173231][ T5061] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.180341][ T5061] bridge0: port 1(bridge_slave_0) entered disabled state [ 268.190090][ T5061] device bridge_slave_0 entered promiscuous mode [ 268.198784][ T5061] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.205864][ T5061] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.217719][ T5061] device bridge_slave_1 entered promiscuous mode [ 268.249034][ T24] usb 4-1: new high-speed USB device number 29 using dummy_hcd [ 268.326520][ T5061] bridge0: port 2(bridge_slave_1) entered blocking state [ 268.333510][ T5061] bridge0: port 2(bridge_slave_1) entered forwarding state [ 268.360066][ T298] bridge0: port 2(bridge_slave_1) entered disabled state [ 268.370264][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 268.377511][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 268.386159][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 268.394954][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 268.403045][ T1544] bridge0: port 1(bridge_slave_0) entered blocking state [ 268.409892][ T1544] bridge0: port 1(bridge_slave_0) entered forwarding state [ 269.455973][ T28] audit: type=1400 audit(1722836203.313:361): avc: denied { sys_module } for pid=5074 comm="syz.1.1193" capability=16 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1 [ 269.478487][ T29] INFO: task syz-executor:297 blocked for more than 186 seconds. [ 269.595531][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 269.602697][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 269.611286][ T29] task:syz-executor state:D stack:21200 pid:297 ppid:1 flags:0x00004004 [ 269.620296][ T29] Call Trace: [ 269.623409][ T29] [ 269.626190][ T29] __schedule+0xca7/0x1550 [ 269.630552][ T29] ? release_firmware_map_entry+0x191/0x191 [ 269.636312][ T29] schedule+0xc3/0x180 [ 269.640177][ T29] schedule_timeout+0xa9/0x380 [ 269.644749][ T29] ? console_conditional_schedule+0x10/0x10 [ 269.650534][ T29] ? ttwu_do_wakeup+0x40d/0x430 [ 269.655160][ T29] wait_for_common+0x39a/0x640 [ 269.659804][ T29] ? wait_for_completion+0x20/0x20 [ 269.664705][ T29] ? __kmem_cache_free+0x218/0x3b0 [ 269.669667][ T29] ? wake_up_state+0xb/0x10 [ 269.674004][ T29] ? kthread_unpark+0x1a0/0x220 [ 269.678702][ T29] wait_for_completion+0x18/0x20 [ 269.683455][ T29] kthread_stop+0x118/0x420 [ 269.687809][ T29] ext4_stop_mmpd+0x47/0xb0 [ 269.692133][ T29] ext4_put_super+0x8a3/0xd60 [ 269.696645][ T29] ? ext4_drop_inode+0x1a0/0x1a0 [ 269.701441][ T29] generic_shutdown_super+0x14f/0x370 [ 269.706627][ T29] kill_block_super+0x7e/0xe0 [ 269.711150][ T29] deactivate_locked_super+0xad/0x110 [ 269.716346][ T29] deactivate_super+0xbe/0xf0 [ 269.720873][ T29] cleanup_mnt+0x485/0x510 [ 269.725113][ T29] ? user_path_at_empty+0x14e/0x1a0 [ 269.730159][ T29] __cleanup_mnt+0x19/0x20 [ 269.734399][ T29] task_work_run+0x24d/0x2e0 [ 269.738838][ T29] ? task_work_cancel+0x2b0/0x2b0 [ 269.743686][ T29] ? __x64_sys_umount+0x122/0x170 [ 269.748559][ T29] exit_to_user_mode_loop+0x94/0xa0 [ 269.753581][ T29] exit_to_user_mode_prepare+0x5a/0xa0 [ 269.758915][ T29] syscall_exit_to_user_mode+0x26/0x130 [ 269.764257][ T29] do_syscall_64+0x47/0xb0 [ 269.768520][ T29] ? clear_bhb_loop+0x55/0xb0 [ 269.773022][ T29] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 269.778760][ T29] RIP: 0033:0x7f0143378d27 [ 269.783001][ T29] RSP: 002b:00007fffdddb4148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 269.791262][ T29] RAX: 0000000000000000 RBX: 00007f01433e578c RCX: 00007f0143378d27 [ 269.799072][ T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffdddb4200 [ 269.806887][ T29] RBP: 00007fffdddb4200 R08: 0000000000000000 R09: 0000000000000000 [ 269.814767][ T29] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffdddb5280 [ 269.822604][ T29] R13: 00007f01433e578c R14: 000000000000f3ba R15: 00007fffdddb52c0 [ 269.830406][ T29] [ 269.834135][ T298] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 269.844931][ T29] INFO: task kmmpd-loop1:963 blocked for more than 187 seconds. [ 269.852629][ T298] bridge0: port 2(bridge_slave_1) entered blocking state [ 269.859476][ T298] bridge0: port 2(bridge_slave_1) entered forwarding state [ 269.872612][ T5089] device vlan2 entered promiscuous mode [ 269.878733][ T5089] device veth1_virt_wifi entered promiscuous mode [ 269.885428][ T5089] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready [ 269.892658][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 269.897839][ T29] Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 269.902268][ T5093] overlayfs: missing 'lowerdir' [ 269.904970][ T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 269.918231][ T29] task:kmmpd-loop1 state:D stack:27656 pid:963 ppid:2 flags:0x00024000 [ 269.927189][ T29] Call Trace: [ 269.930281][ T29] [ 269.933053][ T29] __schedule+0xca7/0x1550 [ 269.937362][ T29] ? bpf_trace_run3+0x2e0/0x2e0 [ 269.941998][ T29] ? release_firmware_map_entry+0x191/0x191 [ 269.947748][ T29] ? __kasan_check_write+0x14/0x20 [ 269.952668][ T29] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 269.957714][ T29] ? _raw_spin_lock_irqsave+0x210/0x210 [ 269.963085][ T29] schedule+0xc3/0x180 [ 269.967003][ T29] percpu_rwsem_wait+0x382/0x4b0 [ 269.971763][ T29] ? percpu_free_rwsem+0x80/0x80 [ 269.976538][ T29] ? percpu_up_write+0x270/0x270 [ 269.981332][ T29] ? __kasan_check_read+0x11/0x20 [ 269.986170][ T29] __percpu_down_read+0x198/0x480 [ 269.991044][ T29] ? rwsem_down_write_slowpath+0x2270/0x2270 [ 269.996991][ T29] ? update_process_times+0x1b0/0x1b0 [ 270.002139][ T29] write_mmp_block+0x1e7/0x2a0 [ 270.006741][ T29] kmmpd+0x263/0xa10 [ 270.010500][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 270.015854][ T29] ? __kthread_parkme+0x12d/0x180 [ 270.020731][ T29] kthread+0x26d/0x300 [ 270.024626][ T29] ? write_mmp_block_thawed+0x570/0x570 [ 270.030031][ T29] ? kthread_blkcg+0xd0/0xd0 [ 270.034531][ T29] ret_from_fork+0x1f/0x30 [ 270.038803][ T29] [ 270.042295][ T5089] device veth1_virt_wifi left promiscuous mode [ 270.042615][ T29] NMI backtrace for cpu 0 [ 270.052432][ T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 270.061808][ T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 270.071747][ T29] Call Trace: [ 270.074822][ T29] [ 270.077599][ T29] dump_stack_lvl+0x151/0x1b7 [ 270.082112][ T29] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 270.087407][ T29] dump_stack+0x15/0x1a [ 270.091396][ T29] nmi_cpu_backtrace+0x2e4/0x2f0 [ 270.096259][ T29] ? nmi_trigger_cpumask_backtrace+0x3c0/0x3c0 [ 270.102248][ T29] ? sched_show_task+0x3d8/0x620 [ 270.107032][ T29] ? nmi_trigger_cpumask_backtrace+0x114/0x3c0 [ 270.113011][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 270.119000][ T29] nmi_trigger_cpumask_backtrace+0x19b/0x3c0 [ 270.124813][ T29] ? arch_trigger_cpumask_backtrace+0x20/0x20 [ 270.130716][ T29] arch_trigger_cpumask_backtrace+0x10/0x20 [ 270.136445][ T29] watchdog+0xdb0/0xf20 [ 270.140437][ T29] ? __kasan_check_write+0x14/0x20 [ 270.145394][ T29] ? hungtask_pm_notify+0x50/0x50 [ 270.150252][ T29] ? __kasan_check_read+0x11/0x20 [ 270.155108][ T29] ? __kthread_parkme+0x12d/0x180 [ 270.159966][ T29] kthread+0x26d/0x300 [ 270.163871][ T29] ? hungtask_pm_notify+0x50/0x50 [ 270.168731][ T29] ? kthread_blkcg+0xd0/0xd0 [ 270.173157][ T29] ret_from_fork+0x1f/0x30 [ 270.177411][ T29] [ 270.180911][ T29] Sending NMI from CPU 0 to CPUs 1: [ 270.185935][ C1] NMI backtrace for cpu 1 skipped: idling at acpi_idle_enter+0x416/0x760 [ 270.207168][ T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 270.217325][ T299] usb 1-1: new high-speed USB device number 32 using dummy_hcd [ 270.224831][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 270.232855][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 270.240747][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 270.304844][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 270.313169][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 270.321390][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 270.332419][ T5061] device veth0_vlan entered promiscuous mode [ 270.339663][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 270.351432][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 270.359881][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 270.367722][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 270.391694][ T5112] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.398713][ T5112] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.410123][ T5112] device bridge_slave_1 left promiscuous mode [ 270.416417][ T5112] bridge0: port 2(bridge_slave_1) entered disabled state [ 270.426486][ T5112] device bridge_slave_0 left promiscuous mode [ 270.432882][ T5112] bridge0: port 1(bridge_slave_0) entered disabled state [ 270.440316][ T24] usb 4-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=90.c4 [ 270.449454][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 270.462688][ T24] usb 4-1: Product: syz [ 270.469019][ T24] usb 4-1: Manufacturer: syz [ 270.473641][ T24] usb 4-1: SerialNumber: syz [ 270.481044][ T24] usb 4-1: config 0 descriptor?? [ 270.497138][ T24] usb 4-1: can't set config #0, error -71 [ 270.504583][ T24] usb 4-1: USB disconnect, device number 29 [ 270.547743][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 270.558096][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 270.572935][ T5061] device veth1_macvtap entered promiscuous mode [ 270.602739][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 270.616998][ T299] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 270.628743][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 270.636795][ T299] usb 1-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 5 [ 270.651378][ T423] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 270.659401][ T299] usb 1-1: config 0 interface 0 has no altsetting 0 [ 270.667057][ T299] usb 1-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00 [ 270.676021][ T299] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 270.677152][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 270.704021][ T299] usb 1-1: config 0 descriptor?? [ 270.707765][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 270.938456][ T24] usb 4-1: new high-speed USB device number 30 using dummy_hcd [ 271.317034][ T28] audit: type=1400 audit(1722836206.053:362): avc: denied { create } for pid=5136 comm="syz.1.1214" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sctp_socket permissive=1 [ 271.366916][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 271.506939][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 271.520895][ T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 271.548222][ T5138] loop0: detected capacity change from 0 to 40427 [ 271.555828][ T5138] F2FS-fs (loop0): invalid crc value [ 271.562093][ T5138] F2FS-fs (loop0): Found nat_bits in checkpoint [ 271.595928][ T5138] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 271.666931][ T24] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00 [ 271.678565][ T24] usb 4-1: New USB device strings: Mfr=236, Product=255, SerialNumber=0 [ 271.687111][ T24] usb 4-1: Product: syz [ 271.691169][ T24] usb 4-1: Manufacturer: syz [ 271.730315][ T24] usb 4-1: config 0 descriptor?? [ 271.742515][ T5164] loop4: detected capacity change from 0 to 1024 [ 271.758865][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.758865][ T5165] loop0: rw=10241, sector=45096, nr_sectors = 8 limit=40427 [ 271.777110][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.777110][ T5165] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 271.792213][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.792213][ T5165] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 271.807646][ T5164] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback. [ 271.825917][ T5061] EXT4-fs (loop4): unmounting filesystem. [ 271.831782][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.831782][ T5165] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 271.845966][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.845966][ T5165] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 271.866494][ T5171] netlink: 18 bytes leftover after parsing attributes in process `syz.4.1227'. [ 271.868412][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.868412][ T5165] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 271.893631][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.893631][ T5165] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427 [ 271.899963][ T28] audit: type=1326 audit(1722836206.643:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5172 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 271.909220][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.909220][ T5165] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 271.931521][ T5173] mmap: syz.4.1228 (5173) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 271.956012][ T28] audit: type=1326 audit(1722836206.673:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5172 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=216 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 271.973344][ T5165] syz.0.1194: attempt to access beyond end of device [ 271.973344][ T5165] loop0: rw=2049, sector=45112, nr_sectors = 8 limit=40427 [ 271.985349][ T28] audit: type=1326 audit(1722836206.723:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5172 comm="syz.4.1228" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 272.002132][ T5165] syz.0.1194: attempt to access beyond end of device [ 272.002132][ T5165] loop0: rw=2049, sector=45120, nr_sectors = 8 limit=40427 [ 272.121844][ T28] audit: type=1326 audit(1722836206.863:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.4.1231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 272.145119][ T28] audit: type=1326 audit(1722836206.863:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.4.1231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 272.170986][ T28] audit: type=1326 audit(1722836206.863:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.4.1231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 272.175205][ T5182] loop4: detected capacity change from 0 to 1024 [ 272.194479][ T28] audit: type=1326 audit(1722836206.863:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5179 comm="syz.4.1231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6a4c1779f9 code=0x7ffc0000 [ 272.227968][ T5182] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none. [ 272.256042][ T5182] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz.4.1232: Invalid inode table block 4467569730839904256 in block_group 0 [ 272.270485][ T5182] EXT4-fs error (device loop4): empty_inline_dir:1832: inode #12: comm syz.4.1232: error -117 getting inode 12 block [ 272.271068][ T24] kovaplus 0003:1E7D:2D50.0050: unknown main item tag 0xd [ 272.286676][ T5061] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 16: comm syz-executor: lblock 0 mapped to illegal pblock 16 (length 1) [ 272.295125][ T24] kovaplus 0003:1E7D:2D50.0050: hidraw0: USB HID v0.07 Device [syz syz] on usb-dummy_hcd.3-1/input0 [ 272.304217][ T5061] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -117 reading directory block [ 272.328268][ T5061] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz-executor: Invalid inode table block 4467569730839904256 in block_group 0 [ 272.342590][ T5061] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem [ 272.352094][ T5061] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor: mark_inode_dirty error [ 272.365864][ T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm kworker/u4:1: Invalid inode table block 4467569730839904256 in block_group 0 [ 272.380356][ T10] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm kworker/u4:1: Invalid inode table block 4467569730839904256 in block_group 0 [ 272.395041][ T5061] EXT4-fs (loop4): unmounting filesystem. [ 272.506890][ T316] usb 2-1: new high-speed USB device number 38 using dummy_hcd [ 272.541313][ T5186] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.548252][ T5186] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.555339][ T5186] device bridge_slave_0 entered promiscuous mode [ 272.562349][ T5186] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.569531][ T5186] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.576635][ T5186] device bridge_slave_1 entered promiscuous mode [ 272.643779][ T5186] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.650680][ T5186] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.657782][ T5186] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.664528][ T5186] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.696991][ T24] kovaplus 0003:1E7D:2D50.0050: couldn't init struct kovaplus_device [ 272.705462][ T24] kovaplus 0003:1E7D:2D50.0050: couldn't install mouse [ 272.713005][ T1544] bridge0: port 1(bridge_slave_0) entered disabled state [ 272.713116][ T24] kovaplus: probe of 0003:1E7D:2D50.0050 failed with error -5 [ 272.727293][ T1544] bridge0: port 2(bridge_slave_1) entered disabled state [ 272.746483][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 272.746878][ T316] usb 2-1: Using ep0 maxpacket: 8 [ 272.753792][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 272.766684][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 272.775430][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 272.783874][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 272.790748][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 272.797939][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 272.806067][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 272.814147][ T24] bridge0: port 2(bridge_slave_1) entered blocking state [ 272.821001][ T24] bridge0: port 2(bridge_slave_1) entered forwarding state [ 272.837969][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 272.845676][ T28] kauditd_printk_skb: 1 callbacks suppressed [ 272.845691][ T28] audit: type=1326 audit(1722836207.583:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5204 comm="syz.2.1242" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fddbfd779f9 code=0x0 [ 272.874388][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 272.882956][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 272.890946][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 272.909884][ T5186] device veth0_vlan entered promiscuous mode [ 272.910986][ T2001] usb 4-1: USB disconnect, device number 30 [ 272.921581][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 272.929722][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 272.939678][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 272.947613][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 272.955341][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 272.963345][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 272.973215][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready [ 272.980515][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready [ 272.988190][ T5186] device veth1_macvtap entered promiscuous mode [ 272.997086][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready [ 273.004464][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 273.012562][ T1915] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 273.025671][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 273.033784][ T1544] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 273.041929][ T316] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee [ 273.051456][ T316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 273.059323][ T316] usb 2-1: Product: syz [ 273.063275][ T316] usb 2-1: Manufacturer: syz [ 273.067748][ T316] usb 2-1: SerialNumber: syz [ 273.078560][ T316] usb 2-1: config 0 descriptor?? [ 273.079351][ T1915] usb 1-1: USB disconnect, device number 32 [ 273.108101][ T10] device bridge_slave_1 left promiscuous mode [ 273.114207][ T10] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.121911][ T10] device bridge_slave_0 left promiscuous mode [ 273.128737][ T10] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.136634][ T10] device veth1_macvtap left promiscuous mode [ 273.143157][ T10] device veth0_vlan left promiscuous mode [ 273.231853][ T5214] netlink: 'syz.4.1244': attribute type 27 has an invalid length. [ 273.240477][ T5214] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1244'. [ 273.245258][ T28] audit: type=1400 audit(1722836207.983:372): avc: denied { create } for pid=5217 comm="syz.0.1246" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1 [ 273.288919][ T5214] bridge0: port 2(bridge_slave_1) entered disabled state [ 273.295945][ T5214] bridge0: port 1(bridge_slave_0) entered disabled state [ 273.320452][ T5154] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 273.332098][ T5154] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 273.492283][ T28] audit: type=1400 audit(1722836208.233:373): avc: denied { nlmsg_write } for pid=5231 comm="syz.4.1253" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_audit_socket permissive=1 [ 274.614554][ T1915] usb 2-1: USB disconnect, device number 38 [ 274.949338][ T5278] loop0: detected capacity change from 0 to 512 [ 274.970518][ T5278] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2 [ 274.979079][ T5278] EXT4-fs (loop0): 1 truncate cleaned up [ 274.984575][ T5278] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 275.102722][ T1894] EXT4-fs (loop0): unmounting filesystem. [ 275.116241][ T5283] loop0: detected capacity change from 0 to 512 [ 275.125139][ T5283] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.1268: invalid indirect mapped block 256 (level 2) [ 275.138379][ T5283] ================================================================== [ 275.146249][ T5283] BUG: KASAN: use-after-free in enqueue_timer+0xa6/0x480 [ 275.153105][ T5283] Write of size 8 at addr ffff8881206104c0 by task syz.0.1268/5283 [ 275.160827][ T5283] [ 275.162998][ T5283] CPU: 0 PID: 5283 Comm: syz.0.1268 Not tainted 6.1.90-syzkaller-00127-g6aafd06a463b #0 [ 275.172543][ T5283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 275.182439][ T5283] Call Trace: [ 275.185563][ T5283] [ 275.188342][ T5283] dump_stack_lvl+0x151/0x1b7 [ 275.192862][ T5283] ? nf_tcp_handle_invalid+0x3f1/0x3f1 [ 275.198150][ T5283] ? _printk+0xd1/0x111 [ 275.202147][ T5283] ? __virt_addr_valid+0x242/0x2f0 [ 275.207089][ T5283] print_report+0x158/0x4e0 [ 275.211429][ T5283] ? __virt_addr_valid+0x242/0x2f0 [ 275.216376][ T5283] ? kasan_complete_mode_report_info+0x90/0x1b0 [ 275.222452][ T5283] ? enqueue_timer+0xa6/0x480 [ 275.226962][ T5283] kasan_report+0x13c/0x170 [ 275.231314][ T5283] ? enqueue_timer+0xa6/0x480 [ 275.235818][ T5283] ? __kasan_check_write+0x14/0x20 [ 275.240764][ T5283] __asan_report_store8_noabort+0x17/0x20 [ 275.246320][ T5283] enqueue_timer+0xa6/0x480 [ 275.250680][ T5283] __mod_timer+0x8d3/0xcf0 [ 275.254922][ T5283] ? mod_timer_pending+0x30/0x30 [ 275.259689][ T5283] ? __kasan_check_write+0x14/0x20 [ 275.264635][ T5283] ? _raw_spin_lock+0xa4/0x1b0 [ 275.269236][ T5283] ? _raw_spin_trylock_bh+0x190/0x190 [ 275.274444][ T5283] ? _raw_spin_unlock_irqrestore+0x5b/0x80 [ 275.280088][ T5283] ? __percpu_counter_sum+0x1e7/0x200 [ 275.285296][ T5283] mod_timer+0x1f/0x30 [ 275.289201][ T5283] ext4_update_super+0xa41/0xe50 [ 275.293970][ T5283] ext4_commit_super+0xe3/0x4b0 [ 275.298743][ T5283] ext4_handle_error+0x5e1/0x890 [ 275.303517][ T5283] __ext4_error_inode+0x327/0x5e0 [ 275.308376][ T5283] ? __getblk_gfp+0x76e/0x7d0 [ 275.312890][ T5283] ? ext4_handle_error+0x890/0x890 [ 275.317837][ T5283] ? _raw_write_lock+0xa4/0x170 [ 275.322525][ T5283] ? ext4_inode_block_valid+0x1a7/0x3f0 [ 275.327904][ T5283] ext4_free_branches+0x607/0x660 [ 275.332765][ T5283] ext4_ind_truncate+0x7c0/0xd60 [ 275.337544][ T5283] ? ext4_ind_trans_blocks+0x80/0x80 [ 275.342668][ T5283] ext4_truncate+0x93b/0xfb0 [ 275.347086][ T5283] ? __ext4_mark_inode_dirty+0x7d0/0x7d0 [ 275.352554][ T5283] ext4_process_orphan+0x1d3/0x2f0 [ 275.357505][ T5283] ext4_orphan_cleanup+0xa50/0x11b0 [ 275.362537][ T5283] ? ext4_orphan_del+0xc50/0xc50 [ 275.367316][ T5283] ? errseq_check_and_advance+0x64/0x130 [ 275.372776][ T5283] ext4_fill_super+0x7d46/0x8460 [ 275.377553][ T5283] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 275.383776][ T5283] ? snprintf+0xd6/0x120 [ 275.387853][ T5283] ? set_blocksize+0x1cb/0x360 [ 275.392454][ T5283] ? sb_set_blocksize+0xa8/0xf0 [ 275.397140][ T5283] get_tree_bdev+0x440/0x680 [ 275.401565][ T5283] ? ext4_parse_test_dummy_encryption+0xb0/0xb0 [ 275.407638][ T5283] ext4_get_tree+0x1c/0x20 [ 275.411892][ T5283] vfs_get_tree+0x88/0x290 [ 275.416144][ T5283] do_new_mount+0x2ba/0xb30 [ 275.420487][ T5283] ? do_move_mount_old+0x160/0x160 [ 275.425430][ T5283] ? security_capable+0x87/0xb0 [ 275.430117][ T5283] ? ns_capable+0x89/0xe0 [ 275.434284][ T5283] path_mount+0x671/0x1070 [ 275.438534][ T5283] ? user_path_at_empty+0x14e/0x1a0 [ 275.443571][ T5283] __se_sys_mount+0x2c4/0x3b0 [ 275.448084][ T5283] ? __x64_sys_mount+0xd0/0xd0 [ 275.452784][ T5283] ? debug_smp_processor_id+0x17/0x20 [ 275.457993][ T5283] __x64_sys_mount+0xbf/0xd0 [ 275.462417][ T5283] x64_sys_call+0x49d/0x9a0 [ 275.466759][ T5283] do_syscall_64+0x3b/0xb0 [ 275.471008][ T5283] ? clear_bhb_loop+0x55/0xb0 [ 275.475608][ T5283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 275.481337][ T5283] RIP: 0033:0x7fbfc5b790fa [ 275.485592][ T5283] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 7e 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 275.505033][ T5283] RSP: 002b:00007fbfc687be78 EFLAGS: 00000202 ORIG_RAX: 00000000000000a5 [ 275.513279][ T5283] RAX: ffffffffffffffda RBX: 00007fbfc687bf00 RCX: 00007fbfc5b790fa [ 275.521088][ T5283] RDX: 0000000020000700 RSI: 0000000020000080 RDI: 00007fbfc687bec0 [ 275.528898][ T5283] RBP: 0000000020000700 R08: 00007fbfc687bf00 R09: 0000000000008002 [ 275.536796][ T5283] R10: 0000000000008002 R11: 0000000000000202 R12: 0000000020000080 [ 275.544610][ T5283] R13: 00007fbfc687bec0 R14: 00000000000004a9 R15: 00000000200000c0 [ 275.552431][ T5283] [ 275.555283][ T5283] [ 275.557453][ T5283] Allocated by task 4965: [ 275.561623][ T5283] kasan_set_track+0x4b/0x70 [ 275.566045][ T5283] kasan_save_alloc_info+0x1f/0x30 [ 275.570991][ T5283] __kasan_kmalloc+0x9c/0xb0 [ 275.575420][ T5283] kmalloc_trace+0x44/0xa0 [ 275.579672][ T5283] ext4_fill_super+0x102/0x8460 [ 275.584358][ T5283] get_tree_bdev+0x440/0x680 [ 275.588784][ T5283] ext4_get_tree+0x1c/0x20 [ 275.593038][ T5283] vfs_get_tree+0x88/0x290 [ 275.597295][ T5283] do_new_mount+0x2ba/0xb30 [ 275.601631][ T5283] path_mount+0x671/0x1070 [ 275.605886][ T5283] __se_sys_mount+0x2c4/0x3b0 [ 275.610397][ T5283] __x64_sys_mount+0xbf/0xd0 [ 275.614821][ T5283] x64_sys_call+0x49d/0x9a0 [ 275.619169][ T5283] do_syscall_64+0x3b/0xb0 [ 275.623417][ T5283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 275.629144][ T5283] [ 275.631313][ T5283] Freed by task 2919: [ 275.635135][ T5283] kasan_set_track+0x4b/0x70 [ 275.639564][ T5283] kasan_save_free_info+0x2b/0x40 [ 275.644506][ T5283] ____kasan_slab_free+0x131/0x180 [ 275.649455][ T5283] __kasan_slab_free+0x11/0x20 [ 275.654053][ T5283] __kmem_cache_free+0x218/0x3b0 [ 275.658826][ T5283] kfree+0x7a/0xf0 [ 275.662391][ T5283] ext4_put_super+0x9e5/0xd60 [ 275.666899][ T5283] generic_shutdown_super+0x14f/0x370 [ 275.672107][ T5283] kill_block_super+0x7e/0xe0 [ 275.676619][ T5283] deactivate_locked_super+0xad/0x110 [ 275.681862][ T5283] deactivate_super+0xbe/0xf0 [ 275.686339][ T5283] cleanup_mnt+0x485/0x510 [ 275.690601][ T5283] __cleanup_mnt+0x19/0x20 [ 275.694846][ T5283] task_work_run+0x24d/0x2e0 [ 275.699276][ T5283] do_exit+0xbd5/0x2b80 [ 275.703266][ T5283] do_group_exit+0x21a/0x2d0 [ 275.707692][ T5283] __x64_sys_exit_group+0x3f/0x40 [ 275.712555][ T5283] x64_sys_call+0x610/0x9a0 [ 275.717182][ T5283] do_syscall_64+0x3b/0xb0 [ 275.721520][ T5283] entry_SYSCALL_64_after_hwframe+0x68/0xd2 [ 275.727249][ T5283] [ 275.729418][ T5283] The buggy address belongs to the object at ffff888120610000 [ 275.729418][ T5283] which belongs to the cache kmalloc-4k of size 4096 [ 275.743319][ T5283] The buggy address is located 1216 bytes inside of [ 275.743319][ T5283] 4096-byte region [ffff888120610000, ffff888120611000) [ 275.756585][ T5283] [ 275.758761][ T5283] The buggy address belongs to the physical page: [ 275.765012][ T5283] page:ffffea0004818400 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x120610 [ 275.775077][ T5283] head:ffffea0004818400 order:3 compound_mapcount:0 compound_pincount:0 [ 275.783229][ T5283] flags: 0x4000000000010200(slab|head|zone=1) [ 275.789149][ T5283] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380 [ 275.798018][ T5283] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000 [ 275.806431][ T5283] page dumped because: kasan: bad access detected [ 275.812682][ T5283] page_owner tracks the page as allocated [ 275.818237][ T5283] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 378, tgid 378 (udevd), ts 211137883031, free_ts 210863320965 [ 275.840194][ T5283] post_alloc_hook+0x213/0x220 [ 275.844788][ T5283] prep_new_page+0x1b/0x110 [ 275.849222][ T5283] get_page_from_freelist+0x27ea/0x2870 [ 275.854595][ T5283] __alloc_pages+0x3a1/0x780 [ 275.859195][ T5283] alloc_slab_page+0x6c/0xf0 [ 275.863627][ T5283] new_slab+0x90/0x3e0 [ 275.867527][ T5283] ___slab_alloc+0x6f9/0xb80 [ 275.871951][ T5283] __slab_alloc+0x5d/0xa0 [ 275.876119][ T5283] __kmem_cache_alloc_node+0x1af/0x250 [ 275.881419][ T5283] kmalloc_trace+0x2a/0xa0 [ 275.885666][ T5283] kernfs_iop_get_link+0x65/0x610 [ 275.890526][ T5283] pick_link+0x708/0xe90 [ 275.894719][ T5283] step_into+0xca2/0x1090 [ 275.898863][ T5283] path_openat+0x1752/0x2d60 [ 275.903283][ T5283] do_filp_open+0x230/0x480 [ 275.907623][ T5283] do_sys_openat2+0x151/0x890 [ 275.912147][ T5283] page last free stack trace: [ 275.916650][ T5283] free_unref_page_prepare+0x83d/0x850 [ 275.921945][ T5283] free_unref_page+0xb2/0x5c0 [ 275.926457][ T5283] __free_pages+0x61/0xf0 [ 275.930623][ T5283] __free_slab+0xce/0x1a0 [ 275.934808][ T5283] __unfreeze_partials+0x165/0x1a0 [ 275.939739][ T5283] put_cpu_partial+0xa9/0x100 [ 275.944259][ T5283] __slab_free+0x1c8/0x280 [ 275.948503][ T5283] ___cache_free+0xc6/0xd0 [ 275.952765][ T5283] qlist_free_all+0xc5/0x140 [ 275.957191][ T5283] kasan_quarantine_reduce+0x15a/0x180 [ 275.962483][ T5283] __kasan_slab_alloc+0x24/0x80 [ 275.967165][ T5283] slab_post_alloc_hook+0x53/0x2c0 [ 275.972116][ T5283] kmem_cache_alloc+0x175/0x2c0 [ 275.976799][ T5283] getname_flags+0xba/0x520 [ 275.981141][ T5283] getname+0x19/0x20 [ 275.984869][ T5283] do_sys_openat2+0xe0/0x890 [ 275.989299][ T5283] [ 275.991466][ T5283] Memory state around the buggy address: [ 275.996948][ T5283] ffff888120610380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 276.004841][ T5283] ffff888120610400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 276.012732][ T5283] >ffff888120610480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 276.020627][ T5283] ^ [ 276.026619][ T5283] ffff888120610500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 276.034518][ T5283] ffff888120610580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 276.042415][ T5283] ================================================================== [ 276.050515][ T5283] Disabling lock debugging due to kernel taint [ 276.095581][ T5283] EXT4-fs (loop0): 2 truncates cleaned up [ 276.101244][ T5283] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback. [ 276.178351][ T5286] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 7: comm syz.0.1268: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0 [ 276.197949][ T5286] EXT4-fs error (device loop0): ext4_find_dest_de:2112: inode #12: block 7: comm syz.0.1268: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4278190093, rec_len=255, size=56 fake=0 [ 276.326165][ T1894] EXT4-fs (loop0): unmounting filesystem.