last executing test programs: 11.694312751s ago: executing program 2 (id=6730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) alarm(0x80000fe) alarm(0x0) 9.154456327s ago: executing program 4 (id=6815): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x1, 0x1a8, [], 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000ddbb59600000000000000000000000000f5ff0000000000000000000000000000feffffff00002000000000000000000000000000000000000200000000dfff0000000000000000180000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001500000000000000100073397a5f74756e00001000000000000079615330000000000000000000000000b76fb8645f736c61e4df8dd63f4316ed73697430000000002000000000000000aaaaaaaaaa0000000000feff0080c20000000000000000000000e8000000e8000000180100006c696d6974004000000000800000000002000000000000000000000000000000200000000000000000f9ff210000009400000000000000003830"]}, 0x1b2) ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f00000000c0)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x6]}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00'}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 9.035441887s ago: executing program 4 (id=6819): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x10, 0xffffffffffffffff, 0x0) socket$xdp(0x2c, 0x3, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x2000000000000006) 9.035249377s ago: executing program 0 (id=6820): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NBD_CMD_DISCONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0) 8.943282724s ago: executing program 4 (id=6824): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000002000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) timerfd_gettime(0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x800, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x380000, @loopback}, 0x1c) connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) r6 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="30e2ff012abd7000fedbdf2500000000fdba1ae4f9ddd53edfb8ad13ed3ddfa6aed92957848d8cb60344fc357b77cbb7fd5769a8a9ee753c4e06535140f965af65d461c0ca59bd54dac428975a7248af7ccecfd99dcf7cdc9cc586b18618c0b8f30002273ed581964818d03a453be68a1c75a5ccf65460074c6a43bf9970bb9e92f5de0493ffa08721264267e165481d2fcf91e1701aacb99d87fe5a1cce6220860a5e9c736bbf8aed40b7a4e1eb8002"], 0x14}}, 0x4000) sendmmsg(r4, &(0x7f0000007fc0), 0x2d, 0x0) getsockopt$inet_opts(r4, 0x0, 0xd, &(0x7f0000000400)=""/86, &(0x7f0000000000)=0x56) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) 8.942561814s ago: executing program 2 (id=6730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) alarm(0x80000fe) alarm(0x0) 8.942328995s ago: executing program 0 (id=6826): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x0, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$xdp(0x2c, 0x3, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10) r7 = openat$selinux_user(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0) write$selinux_user(r7, &(0x7f0000000340)={'system_u:object_r:kmsg_device_t:s0', 0x20, 'user_u\x00'}, 0x2a) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='kmem_cache_free\x00', r8}, 0x10) r9 = socket(0x10, 0x3, 0x9) sendmsg$NL80211_CMD_UPDATE_CONNECT_PARAMS(r9, &(0x7f0000000180)={&(0x7f0000000000), 0xc, 0x0}, 0x0) syz_genetlink_get_family_id$SEG6(&(0x7f0000000580), 0xffffffffffffffff) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x3c1, 0x12, 0x3a8, 0x0, 0x111, 0x4b4, 0x0, 0x700, 0x2d8, 0x278, 0x278, 0x2d8, 0x278, 0x3, 0x0, {[{{@ipv6={@mcast2, @empty, [], [], 'vlan0\x00', 'team_slave_0\x00', {}, {}, 0x88}, 0x0, 0x128, 0x190, 0x0, {}, [@common=@inet=@multiport={{0x50}}, @common=@unspec=@connmark={{0x30}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private1, [], [], 'geneve1\x00', 'erspan0\x00'}, 0x0, 0xe0, 0x148, 0x0, {}, [@common=@unspec=@statistic={{0x38}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x408) setsockopt$IPT_SO_SET_REPLACE(r9, 0x0, 0x40, &(0x7f0000000a40)=@security={'security\x00', 0xe, 0x4, 0x2d0, 0xffffffff, 0x168, 0xd0, 0x168, 0xffffffff, 0xffffffff, 0x238, 0x238, 0x238, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x0, [0x0, 0x0, 0x1]}}}}, {{@ip={@loopback, @multicast1, 0x0, 0x0, 'macsec0\x00', 'bridge_slave_0\x00'}, 0x0, 0x70, 0x98}, @common=@unspec=@CLASSIFY={0x28}}, {{@ip={@loopback, @private, 0x0, 0x0, 'sit0\x00', 'pim6reg1\x00'}, 0x0, 0x70, 0xd0}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@local, [0xff, 0xff000000]}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x330) 6.530968661s ago: executing program 3 (id=6830): syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 32) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48) (rerun: 32) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r1}, 0x10) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) (async) futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0) (async) futex(&(0x7f000000cffc), 0xa, 0x40001, 0x0, 0x0, 0x1) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r2, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r3}, 0x10) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r6 = dup(r5) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r4, @ANYBLOB=',wfdno=', @ANYRESHEX=r6]) 6.500505963s ago: executing program 0 (id=6831): socket$key(0xf, 0x3, 0x2) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) socket$unix(0x1, 0x2, 0x0) signalfd(0xffffffffffffffff, &(0x7f00007aeff8), 0x8) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb], 0x0, 0x200}) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)) ioctl$KVM_RUN(r2, 0x801c581f, 0x0) 6.486709004s ago: executing program 2 (id=6730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) alarm(0x80000fe) alarm(0x0) 4.631315045s ago: executing program 0 (id=6832): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000200)='btrfs_qgroup_account_extent\x00', r0}, 0x50) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15) r3 = dup(r2) write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="9802"], 0x298) write$FUSE_DIRENTPLUS(r3, &(0x7f0000000580)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) mount$incfs(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0) 4.621193216s ago: executing program 3 (id=6834): r0 = socket$netlink(0x10, 0x3, 0xf) bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc) (async) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0x1}, 0x24}}, 0x0) (async) signalfd(0xffffffffffffffff, 0x0, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_mount_image$vfat(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x100040, 0x0, 0x1, 0x0, &(0x7f0000000000)) mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000001480)=ANY=[@ANYBLOB='huge=always']) (async, rerun: 64) chdir(&(0x7f0000000140)='./file0\x00') (async, rerun: 64) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r2}, 0x10) (async, rerun: 32) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0) (rerun: 32) write$binfmt_script(r3, &(0x7f0000000000), 0x208e24b) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r3, 0x0) r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1e7d, 0x2c2e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0) syz_usb_control_io(r4, 0x0, 0x0) (async) syz_usb_control_io$hid(r4, &(0x7f0000000240)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\"\n'], 0x0}, 0x0) bpf$BPF_MAP_FREEZE(0x16, 0x0, 0x0) 4.620109526s ago: executing program 4 (id=6835): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0) fstat(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000000540)=ANY=[@ANYRES32=r2, @ANYBLOB="297c00f9c21980234eab918ac814309e197710e2d610b50fc9faea1f120ff000000000000000000000000000b1ee850ec06b3d89115f89010000000000000008f2e09a", @ANYRES32=r1, @ANYRES16=r1, @ANYRESDEC=r2, @ANYBLOB="5d89e7f5ae235b3811fba8decf2b4bb7fe0fac57f981e4b693da3fb8d287ed3907380c372c58a72b23c7d425333cc64cbcc94797dce0b3b8c01cc49a50b174ba4ddd5af70bc618f171e871cc0a64eb6c5dece5d1b4ac40507673dde64359ad207e61f888d5970927486f9dd02d0db9d1492fc496e9b9e04d50dd85f94ab68d8fcdb204903f01ff93204cc4823f34e4874345777951b0af0d024c721187a93cabea1ce932d550724d733d389982b8a231575ff2db878168424a7bf3d6d66ba9f01005eec07304826949af824bf6be05e0df735aabc9bf914cd1d58c0cc4bff14262324d9229cc587b80ad6f4461bf6caeaa59da1541b2297645a59b16caf14257723220f3a89b50113ad1007e1d89a18bd9c20bd19d4c6921e42bfca1105faa27978d9575a0a1fa6ec537c2c276526115f16e7b5d37cc67541b19b7f3c39e1eba80861872ad726c57ff7f8d0c1eea3253a9358d5a11473533d4ff6c6a2b409405a28c95bf34466bab3a3d8ef8726dcebf32427599644db825612de642444f7231bc7cd265a916babf0fe35d5282503f03401bee44cd14e31359ecddb71c57aac9d6245fa6098d4c5f53d0929b9fd40dee456e58dc4512afb9028d4c6047c2c12fb4eff20e5203583c1f5c84e037e68fd9573c98f9653768ff2f01b5e65066bd16bd90a10d82188d37927a6151f6fc4528a540937909837e07cec45691027708fdba69c06becbd7fdefb0f4a878f595e0ff14a7db81ea9e34e65c34c629f84c375d47be49e392c3dea92d9d06aaceb12d20a88b21d07f7751901d0abc34a540fde1e87f08dd461460e0e896a03f19ec7dc2898d03bd1eca8cfbebac1e317fbc990dc902b3c7d6c7f462e7cde3b9676f892154fe48e4018fdfe867af5608060a6d5f73e7aa2f10b78dbed36521a7e0b9c2ffb0313ae465dcf7adcd37eae04f70a8ce09a13fa0ae50655fccab9e71b08c308b5bcf513534addc2d231b7d5f54df58b503df72e744e39f728a05d796e00930b5f7986dbc73250a819a555ce96c4755d8b5bccd8fb64ca884bf483f41b35ee005b3509f3bd32268f83058be9fa32a82f448f7369c97bd0f144075dd949a5a8605cad4447ec55ffc959eee521f239496f15e00af0bca0122cfde70e4220a565a3e82f27ae5dca790ebf1fe595299e2e7504571adce95f73f5c670140d82b703b938f89d313ffed88bb4a99f35f533f63a0e498b78d722fee3a0be39de6cb986a353e862c888e78e63722b1eef9a419e8f20aac584303a86c236483d6bb3e1759744739cb16e596093f4a42915b89dc61cb51375c120b2b5cefa69e09d98374ab4c26df424414018da546835e427af0e66944a7b295abef518ff612a2942c30c27cec6d65b7b2c749a240fe2a2c9e0324f8731de2ff282f2608c77f7d81fd6c7b5787aa099edde78237528aba04cc5fec525bbdb13800991795f15a12bbd0821ed9e9d6cb97b7934d37f9167a59b0bd55d504fbc974b45911e26ddce1d088213a1acadd96f27259f422db2ce5fa9ddbb22338a3ca9c7eb010b892170dc916ec7d3b598d1235f676741b91c0217848bb4bd23f86489eebfdcd39aff312f8e5443e7848b01a922bb7063a6ed20d863302e5b1f37869bf4c6d1203c4295cbdaad13a817d3c8cc7ca5538892e20b88c0c3c0931f34007113b5676e1d5fa81ab38079efb5864f47adc9817488bb4cf89862c72744eda97290c086475633a3cb5b1f4223b578d8bc4157bc7c93f5c2aa8ae89804664868c867f40761d1772961ae65102e529ae0248dc1fdce340a25fccf2a63a8508c74aa7ff33374ee2f10c7a90fcdb4811acf2e5d5ecc64ab17ea9678b293712a95cbe007b4705d74dc0ad5a62e1634d6d62b83c99cedaac37bac65e17ddf9efd7886d4d4f1aeeb37b1a7e99497de17573d7dfadbed7a8410150a6b0e399d0c6329029a9f2f58ac4817f54cbc2deb106b684050dfee8936c180202468d8c458c88f7cbe4935e76e4bb430417dc8d3168a46e5e4656dd4903f22d7be690822180032afb12bef9b19f8a7ef8d3fc37cf88cbc663f6feb411c18bc959d4ea9ba883840ff2669abac2232c29ab9b11e061a0fa6b532591f24f97275223e0cf9af63ce7bfd09f6c81af3c4d061768cff80dc7703fad721c788fc06fa8ce2fe7582c642c85b00d7438ff73714a7be331ade251644b0b6ea98cd88dc23143876b77662fefd432aec5376cbc5d5412c5a85da613800f1460d7c4f956c567fd4b6d87d9d65b5061d06bbfc7921bb54cb3ba93358199d1273b34c142314e252f3af935c03d23350fe036d67da9ab140c77330263ba9cfe37d13d403d73db0bc9157918a3b6027ff8c96700daf14909d28a67b7a7006a1ffa3e3e87815201913d91f39ea07a1c6f0adcf67795eb2b0fe692c31dcd8b0d1560e1893305436fabe7318f481a0f1f04655ff4cbfdc1b49eb23f291913f143aea21e1da0f5210539afde9df7925529641a9f82a3f603b0740fdeb20a1c736964779ae4950add5d05821394c939f1177740e8c8936a55bae1540637864374c910f09ca59b718b3840c3f20fb412212c0b6417771df24bc80ef6f58b9db2cdbd7b98582a9cf0ac18880cb15f38940aaa0c9583a15dd200c95b82e39c706d03746d993de038a308446b824f59f5284e48e489267e7c0025324a9fb037c47dd1ea262ae5ccfd112f18448b87a06a251d174b0ea32843177b4488663bf6ec561118babc828831bd12bc0f57fa6861a77e98c76d39492d4afc7c802a870fd5042441ec0cc9a4aec8a73bc1b0da2ca3d3f02b26bf53e713f796c2c467aa10404ec08324125438882815c3b6d53fcb6ea59cf90f83357c9485a07409418c5bdf6046c387ba717cdbb7f8313c6aa060e38a1f9e54773694a634855c45e98e5b6451f5c77b7e4f9cda54e61f04c64e91e019d774bb879b5767ce9db4d3ebd5e271651c8c8f210609b6a5299debefc69071ca9a7d8e1b04d9c9d94da22fe0ccb96d00043a578ea1fc211e41b9978b7a3bb8d49989347b1d66efbc2452b05ec3ed3c468c89544332a346f9d26675d20b379df45db62cc4e02d39b96e832b1a23e5468da52c2bbbd67821a9dce341c3d3b3d0b2b1617a8b18424fd3c8d7f8b3129dadf3415fb002a20a9b5e8921abcb13bcc012276951cc4390124863cb3848e3dc906e70fe5307fc941497d2a29bd9e0c2b3f651407bed79651379611fa6414cf7626f0fbce33dc1ccfdf68731b19b451b0c497cb5de54b0e902b6e30817cf3dbe3e6e9724ff460069a9e9a431338778c6756370fa3ccb630b9a9c1974c143ef57b5d15d7616d9a53c4c98c3d764b279cd84c69e70971eb3ba0fca65adadcaa1d0acf5340ee5290f99e4a7264334437585e36e177b8b3047456686d9331d9db3008f2d9daa89c110a8e87ae46516b25e77ff5d7287fd7bba40a592c1d16d6b5da8ea5ba1d95e74ef8d1dd5c1e68fec796c794137b1b1af5d345a3273386625604420d4371efab87b50f55818345a381d17b5ec4c25d8e6711e0ab090c3c15bf2e82aa1fc5d84479940a14150b846cff95df1ad75bbfd06304fbb8fec5b08c7d0cd18d51f0bfd0e65ab122625707790b9aeaee0f7d71a1c86ef07fa73176c38ab1a2f309b58c298095fb1a9f2b4b8e1fbd1923e89cde4532d246130ac78a8ed97b91545e6950c8103eb33a06fc05a011f5dfd42ca5d095c4649b1fd0cdd28e11e592dcb9a163b189b8f72080b92084e2b956acc8398861bcda5de79f37c2cc2aed9e7e92582e9cadd21aa4c95ee095c3f931a56a2493225187867762fc840fc94cfed1be9f1b9037570f5cf30adc133fbdf6384c93fe4535eb9566b87f1c74c95d66c7d8b8f3063ab8e529bfc0ac3e0611918ba6d7b8a082f5b0d19bad8831e25596e427590690b89c817ed270695cc8390dc885819127464c30a1fc48bd27aa53feb96c9a167d37e51e988632e2edc7ba18fda3699971550b58eeb0e2e339a3e5791e030b7d9bc27124d812c1ed28fe56b3c46a9fd2516381b9815652afdacbe8c40032cdcd5e0f741bc33e3484299a05bbf6686527285f61754a4b00611970881bd0cffbd9adb294440493ebe786e0c2a92aa81687aebf1ae465500135135fc59f3f1f182ee8685678f82ab37039589143d58e3625e4cd667cdb3c16731e8b3e57467ccc912e75165113b5d848acaba29967b9c81106cbd754b5b6cde787304a8c4a783be68e3fd33508caebc354cd2893473e906cf87a902153bdf09a876e0e046a664f73c9ab107c5f17ec18ae19624b6d0ca730c235c2f6ad9ce8471f3657dec8e51a69e02018298dc0644684bd71e8113488b50c507c8946cc0d9538f20ac85b6e931420266461d972f685640a1e443de0609ae5ada31d2ee54ed7ac578000d38a42e34be56e96cf8ddbbfaf70ab039b5bf29d30620a2d1989eec002356c920ce728360e821084d8a1537a6db35a762b4d419da11ca314eb3509af713882b6b3e034400744ba3483909b9054d179e988dcfe5e61baae6a83bfb54149b5eae5a23edfff352281a182d841b684136b1284eb4d625692113521e0876759913e7e53091c799bbfc2f7d46ed651ca4086f75583009da2689cbad5408cb8ed416ba726a06d2d1aca9435eab19d865d819fb36f8ffa72c5513188df5b9cfbe2fb1833090d2837681a441fe9b879fb87dd2d8f2b5be4609ecbb67ee10cdcd910e22439c1ca278ef0c536a54806784b9b4a83966f3227349716d635fc86fb2868b9a0026c97e7f152822e21f09e4faba0e5654986541b6a2a97150f92174b036a036e647036726fd41681a3b34c6bdc88bc4e6a357681998b19dafe34ba848c1d532d797a37cbdd5f13407c26ad2232adc7eb472053b285a489fd3c8bd640765c3d95791b56a95c6dd5d672a8b743dedc4f70e14e0866075e9698cbec82395a270c2f3be27fc5fa14ebd716c80dc70e481c3b68266a90cb39b5a42747d6a4eab190e0c6176eb1e905f8e194e588b0c6107f8541355dc551fb81466f710024bb119bd9e5303b2128e7dba2443db7a349a7849480ecd21f2e02406ffad5b69f012cd26a78076741739f7101be48cdd031a638766b775137200981e6896239a100b9aa4eeefdbea6f1dfa793364de99fa941cb050e0f14c8a9261578dbbed9e66fe1f7c42d2fa1bdfb8a42c1a2cff75ed0c1dbec8098f8eb7fc0509fc76fc1e2a3ce9284a9d8c98aa1bfef7bb4702a40e9963c976b59dbd1b18a02316e627484cf892ec8bed26336fe6a121fcdca6795efe6074031d50df3d9bf7702f0fb9678461449e17dc8763e748a6e1b706d3ffda60e81835b89231d6716b8ffc24bd2bd3846cbd2ef495baa980ff3ea27b8e366f8bb2a7968a315cc13a3b46265549acafa7bfb652880145cfa747c22c947b2b7a9cf7cad5dd17d9e78bbf911c424c51ffddbe603e889094bbaeec5384369ac086941b3c9bffc0704e4db3c2cd6ffd585be7312df9d0ce57e52ea9db6d13affbffe82595dbd7ef7306b42112f7291eae482a55afe0e1b374b30c46b34619337d46d4c0f86f08813015cc740c0a2afacd06eb2e515ad4bc086db45f6f6e8cee80d7ded5229f3dc00fd21b89624773b6c52a8a3373e040240cc2433b824210db21f24b5ee784f13edcd60968021b1e4156afff2556bb067487dc8f0401bb63d6773000262b317f3490fc98e646d4f2af2cc1af93cfafd9254017c7a573525706e056b003213f342fbe04e210d3076fef859c33551a494be4c7139e87a260a1d9879a649ecdcb330e6", @ANYRES8, @ANYRESDEC=r1], 0x2, 0x1e7, &(0x7f00000001c0)="$eJzsmb+LE0EUx78zu9mchwg2FjYWHniit9ndqFxzRQRLQYiilsGsIbpJJFkhCQgGGxtLC8HWxtLCwsrCv8BWCxUEC1PaCSMzO7s7JpsQf2BE3wdu7jszb+fNe7DfYgOCIP5bPrz/8u7B2d2LJwHsxxbKev2TlcdwI/7to9snHu6de/zszZNX3QN3XsyexwAIsXp+B8DLmoUYzE5Wvn96y7iC1rgEjuNaXwaDm8ivQpFMQjBc1TE3DN3bp0UUutd6UfN6Owo9OfhyCORQNfPLS00nDE0AG+p2QjBjfzAa32xEUdifFSWR5pnb+lGxrH/qfjWOPaTdE0I268r9exM5172BB571zweHr3UVDHWtd1GG67p5S4z6D9v5+dYq9a9XPFXi4M6fSpq+I39D7f+wKP2Wc9jsinyhs5VD09QDzZiPa6/954UyLgBzW683o+j8L5zsFDQqE7k/SWc/ZviTDTvzj0rcuVUZjMY77U6jFbbCbhBUz3inPO90UFFGlIxL/G9D+dOmcX5pQazDHAwbcdz3h0Dc97N5kIyG49af9z6rZ7jyP47to2qqPFWVXS7OwfQfV/+l2raKI+8urIkgCIIgCIIgCIIgCIIgCKKYI2BIfgkTTH8QLSK4oL5QfgsAAP//g4hmcg==") r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0) lseek(r3, 0x10000, 0x0) getdents64(r3, 0x0, 0x0) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000080)={&(0x7f00000003c0)="11c62c246c129f6d6109a53b306911d810dd1c5a7434669b77e2153c9d1fbf7ed924db4f52cf1a1e5124ed21e9e72881b4d4fdbe55481253f41fdd5949eceb9868ceadf3fae2b358a4cf955e77a980390cff9b85b0f78438d0df0d01e9e0266ad12b7ade3013c39c8b", &(0x7f0000000000)=""/40, &(0x7f0000001680)="4870f2095ad28dce42d38ac217d74a900e46dd7c812e079261ba58b158e18929b5e7c5a34c4d6671c23fb12e1b7e0f8887b084102612d3cd142df4ddf1dd4a386406e8ca063017d21bacf9351499e4aa7fbe85c1922661d4dafcf36f902e2df6aaaa15df8ad9ca4888299e465ac1e12763f500bb3b91c693c123317e960a8d8a73690a747fdc89a7ff577e9307c4b7ce9c0887f158cb065d2e25d2d2c024b7acb93a16eed5ec3dc8128df9ebbdac9faf52a926f627c7b46d672ac8018857720d9385aa9e33fe3a0d6644c4d96c10bc294d838724bed690f06887125f01630a100fab8ad10ca4afb8bcbad4fc9449b14b22db4c0c20451bb9dfab6422a276e4d18f6d6ff913086c4292d5372b9cb3fde38ade1474f4c3d08331b8b4b970b8c55bbeecd97f0460a2d2335e97721b37ada274b32592b21e0c942cef184564b616a853dd59efb8eb1c32e0202e13c5eb7b6e5ef46feb2383230646e94dcaaee6ba82456e41c1a864d8335c7d4a48b54fe4c19ebe31c3203173105829950f8a26deec05b6c4a41398c0469a1d8593b0e6854ed4c11bbba7592d06b3077c4116ddc8b8c1fa431a5f53b095ce6304716ffa3b92fd3f5cfe2dcb49a7d330868ba36f8318cb42f80e91cb99c06ae6c37d47d4242c5acc6301722aeda639e57b444d1027ca385f7dc8fdae210f218d3b2fca704a7422d5d7af3e1f441d19c5600f2cfe5a895b00f7a78055abb630c2c0a0c0c13663aab449be4be3238b93b7c2591584db7f985edcd2ca3cd6247751960d025ca35dc38c99cd7ae613fa7702f4f5e9c4b7e7af744faa43a9a245640bfd1a2f45dc817a7f57371fccaeb8be3c7656de64d5c3df51fecabeb15166d9d0ac65a1f876c8c922ebc3f0aff73aedb52ea22a3e7999a963617e1187a236500957b08e9aaf659c89c7ebb7e666d4748ffb7770fa1ee954bc8c22ebbe2c48b3ad3c90dafb88487746bcd541c1278b91c1d2949f9df0e53d121fe7d8f713d2d07176e04c8596e60eccfd34a0575e5ae39b645a87d55f97956440e2ddfbd1edfeb779820905dec3d3bf51d593040c4f34f360fb53821d03af38c4ad9b7ce857aa12b11ebcccadad3282f61f6e34c313e0f9c349f833cfc9e855527dbd86f189d057902f6ad2ad280320829aa95a2c3eac89b097710d6db3084e5ea672299fd0b44bff883e9a10dac2fc8070f05e6382f0c82e9f9014166beee9786b408c0e418ef6681309db475fa1f3c5f28e8f34821e8e891d1d665335b5a3a2ef2392822a9884274ad9d7e1ee4dcef5149c1e1ccf26684fbb67a5420342f57880d6d31947f4a2a3c062ec697ddec3a8afa50fc472320077ea77957ecdb7b808643a1af48408dc0a88e4835e8ea36ed640184c076cfb668101062b719b9dd27110cd609ef978692f14410d233359b120e83c0b0285f47af89060d2bd9fbe16dab1294499dab33964cff68e151a430c37f278e523bb87309e548d3fe479ef2b9188ea08f52df9a4760b1d1c5f29954c56c4a7aa2c2a6f4b9cde3f919ce58880e87f49cb6a4dcce7b97b08bb829089e0fd9cc5b746b995145a2c8699246cdab9a301c59b149444b168ef61c677c02038a8c44e6317a1f850507d97e55be0be7dc68f2f64b3acd3b59b8c79c1c417c14e711cd6378cfa2d8c79110f91bf90629d7939bd3f6480da23837f014326bc829a2d984c858cd7836bf8812438b048cedc8e6661f7759e42df6519e3ee5e48f0a27bf8143154e13a377f34c65d1d08f205ece8c7bb8357755217109bb6900d2564bd28f73335128973e0a00e60f677f0e5d40ca76954b532300bd38be81b34e57aec1c7350cf2b9c86ce036de674522d62f310e98cb7f42cfe11ebd92325f345ec5f31df4963d9c95efefee07db3f58ed62f34c079972ae1e9cea5e31d5470a5da557c83551b9f412ce30cfe26bf31c94d8e9918ad0ef1cb463216f8344657eed1d9113689aff48d08fa612230905f1672b6654a3fede7f98980ba50440e5e00401870ea5ca26036844c0d9ae774cd6520f5e446760741452c15b8ac1f6b818ce30d699721c2544809c3149317af15a6fa056d245bc61aceeb7e025d6c98523c94ce1cf5967a942cccfc8280372313eb92929f8a975cec666281590ca84b6bd6e8198906e38aa9c0c50e7eb5ddb9d3029ee593fc107a29b42c34438c78ddd43b98957a1b6cdb86b5aa1b826809b5d3ededdf263667d5d707a60eb287cc7517c004a20c5cf1f8b35aaeff18164abfc3c5b6fc2c927e43db43f872400b03b10da6aebe6c3fc2fe8ba4d9792e78a0bd1387808b7ec01d2fced8a5fcd99b1341023d0040077e3c699622699bc056ddae35827f59c31a2cb6a9980414187d815926ac6c375d1077695d329567c04ced2a96dfe8c0613b54aa6f48ef0055c81c77fead62bcba9b8c2f9c56a0599b51d18c463b2fe4d305abb50606b1f824db0ad8cf4e4ebe54d13bfdbf6b1e6916e7b84c56cf0324fd81a9434d49c8597644454ee5625daf69d617918978df7490eacb39ae085021d7c96a6465cd434410c1dc9a3b6e3036321988e8fd95adae587b3cc1acb1c9fef671900b1d661ac3fe70c752a57569e6f3588a49100e87dbd510a4d4671caded6ac8e0496e0671be9bcea658e52882dff35fc790cc4f239881a0027ba1f27bba65d5937831bcafac051694d5a28d739cfecf9049cc54a7a969c00f656e6531112a9336319594335575e47cd0f321e2b1390d7d057f079702f4953176e8fcdba0f7d7a7a14b46003b4adda15dd070356544b756f4eb9b2cfcfe7b884d404c3bfcd568aa7efae389b751d097297a1714411a5cb5a0420f01121a546b6aee4204b40993be23f648ecd9b95bf6174c96e8730e59240a79d296d5f35db912b3055742f5dfdd59d7b68e9820b0554cc69115bab8f88bbfad6f9058d72871f14036749e5a8ddfa2b6e813af0bc5148efd407fe6f48deb2537ea639d443594da3d380808718bb477af7290e0e77d5c0fab503637f34e53890a3415f07379887a5b830d16db04daf145f9836724f97ed7b63987f5d6d1b01a2ddbd732150fcc67c2906c9ad366a5685172625a313636272673083d6e1b8cea8b43934b6bbfa43f95aa1e0e44b7515949787ad70ef8463e1d97bb47e0bad6334624c02fb4eb9bb4e451fcb42662e725cc9197059811bc8b8a418c437b11d140a0647e490d2e7ecdacfa71d85c46125f39462319909bae91175b7961c480fd1c558cafac25a7868cf735574aaf6303935268d2eb9e10d5b7c016c112dd820e7aaf770f29eaf23c9b88f675e8c064ad92c65e67b433e200413f8ff4c86f968b9f0ed5512997c4116a5e00647d679ed0396e0043d9e28983793c9be771de891c3ef08fe620cab2b60a18fc710d005eb2b9564e7825b14f13c3e88bba3f2f63ecd786f2a7dce361ba2b8880387e6667dcce81489fd6a3dc6172dc2b765ff35eafb576d84e376ad60a9e44d46072064e65fbf0fd022e1a11188968188a126e0c471ea96c10fb781173e7309852201c733207eff6d1c54548c03d4158eefa83b6abb379743b01c6a7772bf0bb52b6d6b14267d5d4b9f32e89ff72ef8eacaae6da4c9266d04918afc112968ef2fc71396c22486256c8f98ac60456fd2c9a9b010657ef2e7e65d067275d1603fc12977b8800095d382f61fa811bb7b39c3790457605f0a1c77181099e4def844343fd5c2eb982e7faae0b848ddc5e01467473d78ba8490b04d637379b9c377e94dddc50bbe2f3f57e2807d120ff7c9c2db62a068b1e5f28e7a6504d234154f95c2914cd0f06a3c09aa2b3a2f7efb86b08662d0c528c14b8e4e6e30b37b79faae533e8eba8d55f2707b935b5c7e6b6ee7a0b54c05ad86f2f05ed75a8a28b730c752f651748fe8d172dd435f5f6e92921b88e28f2cc8e60e2c729e7d512af83ceadf3c160291ffd26dcce6c37fdcf9d9ff8f9c0d2639cceab682025b3d2c9941d0d9df0623733950ae1a75810f5ff302e4939dc2c0fa0696d23857ce5257ae9a8f9e0c1fde82b2480c684fde224b2e8578f3f8da94cc9a16edc823c90794fc7b2257494d758d53e37c5e1011db730644bfea5087e5a4a0f0e97a6d3b20a1ad493589123d6db1ffab2def075470d525c4e40a6bb5f5f35916b05a812fa0dbc87721216778fb41ee5be8f9cd9334e6580e3ee2499ab58ae147811c43a78b4614db9d085cecbdc8bfa15fbbdc86d8fb0f33a9157127107e6c5ef0e2783e76cd2feb260880bb372132fbda82a9fc5bb6674fec6b55fc90320847fbf09b796b02172aa5a36f48fcf9b0fa8819dccc436848caf450de62010de95d674133942429b1372ff6b000f375e8cccad973b36cb5b31ada7200bfdaa55dc021bdd206a83dd2fc8806a56505f16905f3fe9cbc4a663bb4296f36477a99ca498bbc84aa55950a3a4aa46163fecb49e7528d0b0c68feb3e555ed05b6e23ea3c0e81dd90c3304ebf57476fde75a0a2ad66d791309ab76117002ef492292eca4d7818af589da423565960d721435f6893ca9a66a29315c57024aaa25ced94a5bfad2f11a578813ee9c427ec81c765db960f271d48c7541262942d445c5a732697ffec33f5630ac72e88186ea8cd53fbdc441716f8a4e6e96e2b688a8f96d2d13b1663f878c3060f60d028db826ecfa7e01f2273acae85698d7a108842471be453f38f65a9037bd62e71e32df88ff56f069d8fa9c90028f88a8e7d532b5ae7a78e91ba233fddc23f68a7dc0d3754fb376d09d750d31753acffe756a85c23dfbff9578926bede732a31693558548e96a6c2816727ff4774f7ef9c9d6b1879dcba6007964d84838f23094bf34f3292a1b9f51db6d9ed85c2607c0890249cee160a10d1ec53765615a10a10e1eff17b55524b14fc15917d4f8d7ae698ee806e0d01d66f4dd7f61be3dd7795993f79b4c3d2dc858e312e5da9e589e769306adb1275ea2db6fbcf53e229a6bb25501b37796ed975ef627a02b666156e2ed3cd0703e566e1ec291006606e5c8042e01943b4b790cbb23d2cc62886f34ef5c187db1de41ff2e35ceb6010d3225e00df531fd315fa4fb157d339b46f10c0c8f59e0076bb5f14c4129135d326aaea1688079e6d166536bc59e8fb43373d2f5c3cd63b747fb72c138ee68438c556591e4b372cbeee687af555eaf562ffd976771c78656c2c7c3694a06a41e3876aef079e7a50d868870d9fd18450dec1d1b06cff4cdde87ebc10fad6447063f228fc72e774fb04a66a4fbab8181cb9d1e3a10446679b17faeb07dc47baebcdf331252cae2e6c22ab76fe3ffe9e85072132d665f4ad9d9fffe15d631ef45fab683cd05748a60b7ec0dcc1bee79586b5f92ad5afb87a4902c7e7f12448ff1f250cbf764650172d6f96b001488fbd25cbd09206239eceaee87464bfdc57b5ad04114b1a3a7689ecb6b3f4460f2b24407273684fa35d39c7466a14e682a7bbdd00e3f7292e71c3f2fb52ff762bbdb6781e41521375a61fd970a92cc92e351cee0ba407660adfaaa6e3559ed9a0c03d6cedc64067e16193521011e2f8e09e5965cb9171bda46fac6ed572c90ce05ea1923a6d15e74333f861f766fa4130deae478f4668aebda453471455889361ceed971d62da7fa4cf0a53bbfdfdf37679968b46ea3a19f959d4fe42d97b522fdc8f2ee3bd8fcf9044280a2783b20d4cc4812ea9106d262598864f57951d973750a4b7bf2870cdf4f336bc158e91c814353daa27bf0a0bc5a133cf9c4ddbe406b6c54faca0f35864c6be242e4605fed93eaba00242662b", &(0x7f0000002680)="9180c5faf3f10bb45e928df9b54ba5529c62a0e1aa42df7f0669192e8ea0be94b3351fe00448fca97244155225fcfc78c6d86234ec9f3bc417e67ac294f38fead4900074df065afb4575fef2fd2792bbc88b024782358b204e400f254047358066680b61944fb3d70dd5dc513ab34370222934878e1e729374b8e4582c6f4ad166785c9cb79b19daf27ecd76c4ea94e0c8c7cb829c224852265d74bcf8cbdcfbc8422478f248606ef98b2061b13672be412bbf1010f2991e73b54dac976d0a950073ae9051ded01460ef7ac0d92572756ecd13a5176e7bc108a9e824e3b469ef3b627fdd4b802c51f67c0b600f522c3c4ac98754b82bc1a29342ddc51f079332e1d0a54545fc77c4b2c13518cc1ff33af29061235d11e66a60c6cf5e50fdf1b0d05c3e629f91d766350093eede461a08977a1c10054c481bcf7f048b9875142ae85c88647c7b5c618fe87881e533c13dd349f4c05137bb070057c0192d74b17e727c7f4956ad59cc93c1a95fc89d80fcc6d07df1e33b0b91d8f1cc0580ab77366c7429aab24cd5eab2b60af8cdd28f23420fa525cbecb808e596853380a4943bc31d66a4225c5fb43fed9ddb9e5a5e2f0cda251c5991a1c63a8afdde0521e2e193b4f5cbf16e942b58e0cb34efcb666c8c676df0c1308c17a3a757297e7e79ba8ac456a707e65b13de6b8367c9b2bfbdab38607253c517b898e1b6245a68272b7f2445da8394bbef8550d2ad56642f9e5a6483b291097ea66ec22e5b3e64a6429287adf95aaeb69d2988379d534434adc65eee0676d4cf828ef40a9fb37f7aeaa5e4550117bb1297c870725cf05f3439582f62863ebb26fd63d24ea4c7828652be9843e7b15deb1a9a8e507564d2c64de1125d2a8b352d5f36acf0370087323432e6b1823ae0e57dd5ed43f2027d243d0ecfa9154aed10edd02c789feb5dbd63b34284842b26e7fd7de489835b125f5dc6c665e8daae7daef54f13dd22d4dac597173cb96c0c68af9b17dc37914991040ac83b83ea630108e43d39f7a4399dcce5e904248bdb0b7f95701d1c13135e41825546f3c94f38827152277c33a6ae88ffd0b152bbb4341044b942685bcd2768563e3555cc1cb22ea5d3fd6a1b61f9301209f5d590611ede95e8830881b0da1410a52dc567d66fbf4711ad1a51bc336f10463c3987a326c5fe99551af2e0bcc5b42c390e2cd85da5d9a636916484911509fe74a883b57fd9be99eb1bc3babc78e320bba1f998c74ce06aeda073568396aa1f74fdbc639c6260c99bce7e1b90c9ae4ff7b6ce82fcb5fcd979dc6716a70c9a97332591a74ea0d549ae5ed3ad9a90ada803d5bbe72ee8543efdb6f70c91d1d9460fbc96337a106f9eafdc7ba3d0a19515091ff5779e41a1681c5ce3087ffd793472eecfc04db3beee3506ca335cdfdc8a0fcf1043e3f0161ba39ec1a84e215fe8fa694f2904786f0e2ec6d692d5bb6224ed0ae45d7b6e9b4197488a3daebb1d4b0926c361480b0f7007ed3581cd85987ff9b6061d79c186ed110287fa6b64d8664d34abc3e94e2acb7977cd117adfa870b98fff9e5bbfa6b5beaf83190b3be9f907bca2e8c8e3f6ab538cf59423ec7a8cb106b2015ced9cedf5297f6afc4f009119164fb036f1d4180740e4a70449f59826ebd28be62a576b694f4ef90535ae04500e72e119c4266e366a3b9c4f003bfd1d71e0b8a4b27224ee75e059005929f090b432a701c876a4b46288bd5a72e436719bf2c493b0bc60d6af63add8038847974400daf4732ee45a1ed907468dcd234abddce0ad1ee0378e216487971022600f3bf6f84061d59f9effb1200515e7c4d1d517ccd7f9c782ec519ab1576cd39ede59174d0d1685777928911b42b98358cff48ac5692c484868ac26d24db26f9ca48492119d0e32a40a2516e53bedba1f591684e4455ba15248ad1d7c9979af59c3744433af9f78e91e197caa82627a1f4ed4d955166eb6f4156fedeec435f56f624168d0e0f1d61ff676da5a7e0cf52d5681ecbf707d03823259fd1817159031d2ad8ef951e4c3ac855b300abeba62e7127de7d087f36b5cff9aefcdb258feb0a5a1275f91634c5e3fb2309dd2e379e4928a4dfaf3e233634527b90c54049259342dff8e27f37a582f55caf47786527ffe65c7fd90f14da8c1c2358014e0240048db642b8082688e9561cefe1744b82536cb2224e0959fd256950b43f2de5bf781680892dd4798775e68f56b53ed81ddbed3d1b58eae7ea2d35c311019bcedf6479eb4d879281b7d4f33e083b22a3d7e6bb5c77502b329d642cbcd64069bd6b588a940885cb569d0181f3ff238fc9e9c64a8d2bfa14ae00f31a8572b669fad83451235216026dfbee14bf0bb745db5ee26685fe19167dfe8227d7046bf577342620244d60d9a487df9006a77f7bf8649c1d14ceab8f89a815c08753b45a8b369a3b465b0b37d9fbfe9f52e12b92ce5afb657a3834d2d514188bf1c2cecd37593fbe13a83ecc8fa3aa329cfbd56499cb84506b9e5b87e5fe3a77d4ed029258aa38d7047e1c2b65f8313fc5e848150de4272299408ddf3a7560476bbcf58403548da687224ed57395435df5365b5d715cc93732c9c429aa76f27c215cd6edb341821bfaec628bc93d8c1ad64779ee6df37b3237f61f65a5fa99eb3ba7794d48a4cb961ae08d6d753c8d5f3ecd279ee60a78a9f76188224375621b2d0965e0c9b7df57bf5dfd627c15a38c3c49ae4e9f87c78d0d89e4da86e476a081e3e6ee4f95973b879fcf0c40bea0d3863ac337977cd59e6e68931afec912a167d03f1a61949bd0504fc8930e1b89bd8b3f89ec0c7023d7d0a7c1e6971b52ed6e3f348ae9c47f11f288475244d48b7631a9a39e100cb14e8a1aa00ef4a2d93a142e6d2e67a6f65d4ff0ac97b2ae43fd7870c8a8b0c9d207540ced42d135e1e03ca10dd7f0083e49a89266c2a51e60834138eb3d125c7d32763660720ba7f7ceeeba76a483149f992015490bdf2d7c4f1b68c53c15a327ee8bc3fb77665549bf62e7858c3e72813174effe45fe8f50b6db2d2bc4cfac018dc868e9e76aaa95de036dfb1d5e5e1109331535f1b9b96be171d2483e0e95950c731838e54ca95b66ad3de56d1e0401b2ca851c66926bd7a4a8bd068ac62650f3b2e7cb01a9a4db5da9d6a48092fff76996e433e9b7f04b06908b5ff90437df190c4a6466a401260f20319974c430d15739e6aa2fd2753001e925850fd9dc2b05001baeb550c6fc628a9d9f2ad2363ce58beaf45496d432dfd1939a6582f3b40b2beb70264fd86edb413cdb43ef5b0518625f44b74ecfc534c16833dc22fb7db871ed653bd6bdaa624610061286521a90dab4f2f015a5ea94bac41f007007650b377b9d2efa19a5412c2dfb2de64e8a3c5ca7ef516f97951f97aafc937055a51a8202cf38bb6ed6bc73c0a12f295d4298b0173e5d7cae089b146ecb6c7a178543d2f74ed078ac258d4e48cffb7f90b19ff8d5940212d8b421be272c5360994639b8d9eab2612c47135c220a5f3f81cc7bd43045304e26f41a2ad1658a8b1ba9fecb1f06776f2a1b781ff67c19b0d39f9e66f9ace08c478d5248ce80390c9bcdded11ec131045925b1e5d003c4957107b2a4df17ef73f1aa829d4dc53697a7c49b5e2f05e31db975aaa010ae0bfa2ed4045ae48e8e31c985fa1adb28d7b40332d5c02435dbd291ad237405e32d90a20d7040b94faa106233dc0bf9ae162f479094ab8ac3f7a2feeffeb327f286a76664a4fbd4135fdd4e171db1f4c6bbe7b855de3949eab0875177c1b0a572fc9bbe9f5dace8d574572be217f55efdc38ba68fc8cf10893a05747cf7458b034e7119b0b5691bf32dfde4eb40f61384d5aea78f4d53e44cfa576c88171943b35ad5f1dabb29b72fe941c1e3123077f6c9fb310f94d4ce17bfeae405077815fec3e8ac14dd03f110b030cb1b8d4a58248abf55e002a6afdef989d7be3a902e3b9e3d0e5e8853ed85539cebfdce7efc6ac9fae664ba9a6fe0b1844f5f545931ce68268f016b7f8218cdd368b016260019a233d947d05ecf5b328f67c8b63ba44fed18855a6ccc6a54185112a396590905cd09cbb71d8bef7e90710cc4be699b24805c5c2d2c8f9fef5acbe5cec1825d9d857a6b7180807bfa53384c19685a9d48a616ecd0c83d8e0129805c964929f471a5e81977113b1214ac21f18e3827fb61741596376a7dc210aeefe00927bb648b8355d614e831063afd379326177ef1317b2428d3ebe54345ac91fc7c2fc205d723b07b0c5ccdf8efdb48187e56d2d1a710274dc9bfac031b946de37f1976438268db7dfff7c452d1896c565869d61a53a41b60e5d8d84aa1f1d23e097c51cc81ac37734807624eaff68fe3ff49f0794b9a5bc76248faefa02ee888597a25cecc5973c07ddc7a85f977f7fed0c00ca219ca75c367bed9fbafe78a1cca1184bbed5c78d6543b7b8d9b686176c499765cddab4e017e5bfc93cee2921b9f520c3ec1cc2820e77b5b9582fd1441807ed2305997b45e7fcc751f0a3c2cce4624337374fcb949b290fc7369e3cb3d701a4f1d221257f589b7da8abc350e55cd9a31d61190bbb62ae2f531b9b39ddfeebc5fbdeb32e9ba8b10cc4456183b5eb0e81c35bd19238a071d25d003dd0e19ce2cc534f272d24fc8b935936d37073a3063b5d0a522b6b70698d0254d2118dadac494899203729c235903c780cf7e57a75e7d6afff24b9aae49cd2544f95e6a5512b00517579e123e71be8227f1b872f63fc1e74346cb6b5c370712af8b02ed9fd1901482a4f598ad81dd8b462a43037c2b18312cd91055c61e5eb8e539cf48476a4fb05a2a6ac76eb81900e128545f453385d126c891a2cc18cbdd455331e16fe893da96f85b398c66fd64536665c457b68efbe28d60fc2ece9bd04199a3f57471d883608d8213a67f0b408bbaf66ed3d91354ea2bde1f130597591b3d41d314372566566decd8e2aa82d49c85995c917109ed3365ae5b4b1b9cb6a78e5444b71b8554ebc4060442449b270984299452e82136eaea8c496103cb5a4f9f389562686f2744bac8fe11845af0c43d0112029639200ce7e99784645f4eb4c862a47f164faed6142b1f76938d02d1d6f5ca8a17288728c7c29a6f0c6a9e6d600a26d9d91169076a84952af83a22a71d7e81f71625228d6e22e59061e4af14b280ab6d52357bd53839f63eae58f0aac777c8b49926c15c919da2cec0f6c8f7710c53a945bcd16b829ff3fbb7086c0c2deb9b6b95a750241ac8d90606fcf6ec5b554684545898c66850d8bb08ba4bb7cbb66e06f93db5dfd963e64f220c96a8ed31baf84a25f100283d5c6b1fa9563bad48d1252065f7228e9ec4543e4005d1a0c719db73a16374f7b41e27c02a96f2d44c9a78ea9efa51950dc8953eb7f50ac4c1a9aea205435942e015f13b8e878f5df4f62fa43e70b7f070f3e116c614a4520cefde62442462f69264a840a8b556e017239c8b5bfcc809ae322cac6380efdff0b3f74f5c1b09fb179b53a4afd7d564aa4a9a8fb9b69bbe119b3e0b2d8743bfe849469b9fb725fffa464e9439656e830a37f9eabd257e20d2e84ffbd39dfa0921cceb64ae4e18eaa3dc148d532ebabfe402837b2cf01836edec2af2c9a7f71f1b8b7d0baa3a0529b3665ad39243113f6ed161ac957571d6ce26e719b1af757703fdd856a997d03aa0d29e6832fdcf0d3c86fe8e2b5cc9a1daf97536ecfeb97d9ea8b9c8fafcff7db82b3b41a2937c47652ec05a6f93f0e5f3e2dcc3906c2096c9c11c516dff87d3b", 0x1, r0}, 0x38) fcntl$setsig(r3, 0xa, 0x3d) mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0) 4.572850959s ago: executing program 1 (id=6836): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fdffffff850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0) close_range(r1, 0xffffffffffffffff, 0x1100) 4.526963633s ago: executing program 3 (id=6837): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000400000000dfffff1918120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r1}, 0x10) mkdir(&(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) pipe(&(0x7f0000000040)) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000001dc0)={{0x12, 0x1, 0x0, 0x4e, 0x2a, 0xa6, 0x10, 0x582, 0x87d1, 0xf8e7, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xff, 0x56, 0x65, 0x0, [], [{{0x9, 0x5, 0x2, 0x3}}]}}]}}]}}, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) r5 = dup(r4) ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f00000005c0)=ANY=[@ANYBLOB="0100df86578698060000b600004000"/24]) ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r5, 0x4068aea3, &(0x7f0000007180)={0xa3, 0x0, &(0x7f00000069c0)}) r6 = socket$packet(0x11, 0x3, 0x300) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) r7 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r8 = openat$cgroup_int(r7, &(0x7f0000000100)='cpuset.mems\x00', 0x2, 0x0) write$cgroup_subtree(r8, &(0x7f0000000700)=ANY=[@ANYBLOB='1-0:', @ANYBLOB='N'], 0x31) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000001e00)={'wg2\x00', 0x0}) r10 = socket$netlink(0x10, 0x3, 0x0) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000010000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000000c0)='netlink_extack\x00', r11}, 0x10) sendmsg$netlink(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="200000005e00250e"], 0x20}], 0x1}, 0x0) r12 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet6_SIOCADDRT(r12, 0x890b, &(0x7f0000000040)={@loopback, @empty, @rand_addr=' \x01\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r9}) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$wireguard(&(0x7f0000000300), 0xffffffffffffffff) 4.526727703s ago: executing program 0 (id=6838): socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x6, 0x8, 0xb}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) sendmmsg$unix(r1, &(0x7f0000004080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="14000000000000000100000001000000", @ANYRES32=r0], 0x18}}], 0x1, 0x0) r4 = dup3(r1, r0, 0x0) connect$unix(r4, &(0x7f0000000100)=@abs={0x1, 0x0, 0x7000000}, 0x6e) 4.446625599s ago: executing program 1 (id=6839): tkill(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r6) write$cgroup_pid(r4, &(0x7f0000000040), 0x12) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80) r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000000)={'\x00', 0x5}) ioctl$TUNSETPERSIST(r8, 0x400454dc, 0x20001100) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000400)='tlb_flush\x00', r7}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f00000017c0)=ANY=[@ANYBLOB="b702000009000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2e6405000000000065060400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000002c3f2cc2b7956244cef7baf48e6d2885a09a87507ebfc75b5b0f4e4309ebcdac5f7a860c008cbdd3b4c3b7f28754860c9c781f6410457253e89ad528d985636a86ec0f68f59cd1159a2c2e85d726859a919cc9548a349980d1ccdce27f94bc074c27f81078545c146a0857153b7b8f00034debae58a4ab415b0d7ff0575cc272cd3d7e8d974927676468ff2d86e0ffac94792ed9cf6b40b3cf252a47c05ae8a70d57cc3e067d1867b54d24e20000000000000020009ebf84d3b042d6e432cd080e3b57239f0127473e6ba922aff649609d40b47ec331ccba3cf96f9483ff19a6471bf5abc742d9cbcfb964b11b31034694a6aad86cf08a6c7b2235dc99de9aa3e6b77c7a2877261ed32da90864987f30926c9013eec3b86836ae50447aa5a79f40c235000000453302712c3d8fc4e2b61adb0695e800000000d4f4e91f0000002c33df424d1bafe5725c8a404724f8a4f1cda7997b65954f74097579b91da309b887af2485c2d9ab09b506000000000000000bf7b2ff4602aec1eea200000064881c5630521a08e051374cf05c921a06fb7818000000009dc8d95e0e5b365d10e1004dae58b3b5b89709b0ff47b200000000004000cbef88811dc8c1b27ac7d9a6bb70f60eb9c01dd2fc79b85e4d961498f3a80131d21d856177a2189f45d011ef1da5c6d57bb8fd387ccea9c3899a914e47e82f040000009d81003f927355408f87264797d3fa970949793b94329d580500d1f91c0d22587e05a61e3d8576ca168e88d7a9af95b04a37c27bfffab9abbb31fa8c0080258cfa6d3f166e695f3c56490aeef464d9965d70a50f1282619344f223548e75fa39643adac1322c87ca253ff2fb1882760d6feab16bacdf83c11816dbe959ebc5ec479c8319f73e2249eab0486b110702a481d3b51976a52303056e800b4ae5acc2df636a65eb1d672bf2000000cda8462cc9b16624998be65683321e970000000009b8e20762c1bf4a3eb6769f2b23e842bacd9c685edea0ffa3e975424f8ede49e61a4de808a38ba3512d64dc71867df4eee3f1ff791cf7c9862f98b45852e4b2f78721b978a2df2f2a29a387c6f0576b36038f819286eca99a6a434811cf2a117d775fe986a49fb82cf5f15972d5ab18f1045384501adabb20f7b0e15ff47f1744e2341b59034959a1289ba6e243668e6735305707e3de7652bfc5b60c76deff43a1d6fd6a4180ab723735abbeffe7f2ec3a0bb86f9eddfc0f3d1d503d7a54b49e1ae6c5aa620d27e91aa0aa0ed6fcacfc91fbb4c256409e54daefbb107c381fa729ff5f3907d93430da178d685d7730f5e129438a5214f722096d29863301b0b811f69145d3fbd78a9059e454474f92e65828b018174a9f4738b8c71fbdeac26ab95e02f9a847182766964976b1fccdb9f35721e43e33883cf16ed1343fb7429eb395123b0a4262b7023c22039b9002589a378ed4c6267965af78b861bd025312538cec97966b8973d4e299d9802264d06e40ae118e1d242d1128dcedeb44030df12ef68f78215d65f96eb55db8cbcb060008000d988374f85451a694ffe38a1d03916ff1eec72b31c98d42e1a1bda1290de1a499a5a385b31112a48ba3e6d6849914c1788a7aca37177cc341fff44fec5c5e0abae01c439a1b0311e074e81ae9993b5b3459553e4ece78d4c1501c70f5d81e0725d5b273755c0000000000000000aa4234ff82182952a76233d18e7d49638aeb04e7a9e9e7eafb7c255372795d2d192a0a33cab0f5bf2e93e0544fcdf2df2bc6ce96e5a11993d54f97a23754ac828674dbb93c0ad345715be4a13678b01edf76d8a923655800a2c88cce004505ab45d8f5f88aa887bbce5c18970428516f6099bdbb2cd7a2356397f1a0a23e662e2a6c4834400cbaa41c3c574e6e6aefb7a68da5ec1ae49f968bbe0e0bf9878516f553639f5b4828e92019b61f5874be1c7cdd9482df50bc24a8a1fa10d291390eb84e26a2e8dbeaa45604b05a116c1210a7540bf81005044273f5a8ffc538db289350eb248e483bd8920efcf30a798c2b636243e0a37262ca47dfeefa753ba528f7ba77e825051ce69b4475d7d714ba0c636e6ae9f710411d30ef424aeaabe057c7df6ff8f767bcd9012e1047c686f5ccb76ab3a5df53cbc22ba7ea8f6a8e220bb4d83de1e4dc19d6c1be841503850803bc2c2d5e0e34270a7f1cca0c6c53a8e5f891f7a793a70da62d6d88fbb90d220acc687931b42d6be83ab870da3c0a567f5e65ec0457f4ad2a4ec0b671b36388afd5520a8483a4b11f7d02a41b315f0f9e59f47668d68a74838d6976e12fd45200014041dffacbf60892ec8bd7560686f137a806d3dfaba900b47cac62f828342fff009adb5b2251461a1b9d6ba625b8fe04e69a1a4be2696f0000000086e172932e03000000000000005942e1b9d6dc28ab8e19e1111dd893e801015642faf21eef40d6e7de3ef62c4bc5ff17e7aeb2841098f845d1cc9ec4eee79c298fb0ba939b13707044e2e9cc0d350438c1c8c6bb9a38c6ac5ca0d9cf1f3d6915f25cb26edfc28b3079b97df32601240e454db103fb0c4a14c16837394d2b3673a3f160d3a7b83ecd0509ce9eba0c7bf7843799b1b56a234f9eaab8a3f14f1472bb6aaeb8ac9ee4054605558ab31f339f6a4caf2ee2fd01f34dca3300000000000000000000000000000000f59f8e6e00000000c44130098d833a24000000000095e6f945ba9a941cef5e70b8c152321e24b5b29bcf374dcf5a29a35d76e6e2bf8df95462690a4fc9ec8129e92b6ebb4b40a992a75d3c5954d0bfc87db24d856359079b29b3c374d081c300b2cfaa596d24e800ef8e2201f2fb7a9946f89f9f31f7cbd603fd7f8898c70b5c65f2e28f22e1a79a6af3a54861b07f124642e98389557affbdede09b5566a4a1ee73b20846810030a754acddcdafe3ceeeebc0b5f2fedfe7d198e3067f3dbac9441a9ab8409cbbb7e15b9ae3944097de34de2001c8533a3766e6e4c4c4702ccb932a27a3962814cd6aa8fc684beeaa3932efae3a9052be8eec1e95f6ad8d41dd34829503ba4b66e27154cb6e34aa13450522df1723130b6fb9bec59ae347c93f00e40e293c98d849a33f773c743728992f40faccd5c23130a1c6bfd6fc661bca1598137ddd1090ded672f5a48a40cab3f640c8241a364cbde0f188eec7da7bccafbd5bf28a46f0eecc6b550471b0b0770c6a5a411c0e0b19e15a461e7c6833ba936e214b013f2819ec6572a43b5cd32b11d7e4f8dcf8f7820a17b7b2ee6178a03351dd25091e46bfd82a3979b9cad109fd6217cd52aa81bdabd50826a674bd16b8f7e6aed12a305366599f5f029a7b24558c02750500002f1c19d16a6f391906000000cc0bbbfb8c698ecc137d96711100e0108d3bd2afed0b279ebf0527552a9331e646c424b14ffbb815622bfd2f635855bed1b164d0a56bd104be069854111c5b26ec3c652b5f0a6b9676dae987ec23456ba05a4dfb15321ef6b76e7e547a688c67ab531cfc784c9f940d9fb0464a6cce635e14b80dc5c1c64e75e6bd5355d84f8df272f18f58c570e7afd83ee77f157c146aa747b728969aeb4aba1d8f9de14275bf4a53e95235ae13768ab3fb8ab6ea50e884c2ea98e6400bf0c5ae2887cd1da0e57ccfdf5eca2b455247efcc13102846c0a85f20c80007c0ce6efce627b95b8ad3003385de97101678fb2163ecea6e70a77a6fbc089e31a5ccece932229b8f79faa6863d6857c3d9a9710f9f8ad16eeb8342278f311cbc226498028234d21466892983378fe64acbb44f694cd78e43c74aa75505cb1c91b189f8f89f233a05f5cd4e173a373178557843dd705268f74a9e5429945503195aefd6706b584d8408c9652b3fe68500747f7ee8375fa559c3ad195d3795df1a8364cd13acc3256ee4634c73eeb6954d0fcf09ab84df0b8900e0c6fea2ccb600ae7a4b128cae19df160e7c207b89132d1d5bdc9ffc79f0549b82df521817651d5fead5128205b92ccdccc69407ab556217af277af911dbd456dfc43dd061b6c91485dcc208cf0b3d0bf851de413f5de5ec015e296914afab6411109355e027ce04990d9aae251b9deb11b7db45b9f15b7b55d8fdbedd9e6cf891205694f02be8b9ea8ecd41308a0e1b93ae3435bfa88b440b1f701b4d0fc49c82193f27f8023b630ea97edbf3bf421a0a1a2b4ac7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r7}, 0x90) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001500)=ANY=[@ANYBLOB="1c0000005e0021a5553f8c6b23cbff070000f3437b00001e3b"], 0x1c}}, 0x0) 4.427428271s ago: executing program 2 (id=6730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) alarm(0x80000fe) alarm(0x0) 2.392438997s ago: executing program 0 (id=6840): r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) r2 = userfaultfd(0x0) socket$inet6(0x10, 0x0, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_async', 0x40a02, 0x0) write$tcp_mem(r3, &(0x7f0000000440)={0x0, 0x20, 0x20bf}, 0x48) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040)=0x63f8, 0x4) bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10) r4 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0) r5 = syz_pidfd_open(r4, 0x0) r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='schedstat\x00') read$FUSE(r6, &(0x7f0000004300)={0x2020}, 0x2020) ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, &(0x7f0000000180)) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a38000000000a01010000000000000000050000000900010073797a30000000000c00044000000000000000040c0004400000000000000005bc000000030a01030000000000000000050000000900010073797a300000000008000540000000004c0008800c00014000000000000000010c00024000000000000000000c00024000000000000016cc0c21014000000000000100010c00024000000000000000140c00014000000000000000090900030073797a32000000000b00070066696c746572000030000480080002406b10a61d14000307a665616d5f736c6176655f3000000000080002404e73b858080001", @ANYRESHEX=r5, @ANYRES16=r2, @ANYRES8=r1], 0x130}}, 0x0) r8 = creat(&(0x7f0000000300)='./bus\x00', 0x8) write$binfmt_elf32(r8, &(0x7f00000008c0)=ANY=[], 0x4b0) r9 = socket(0x28, 0x5, 0x0) bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10) listen(0xffffffffffffffff, 0x0) connect$vsock_stream(r9, &(0x7f0000000080), 0x10) sendmmsg(r9, &(0x7f0000000100)=[{{0x0, 0x3, &(0x7f00000000c0)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x8080) r10 = accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x1000) recvfrom$unix(r10, &(0x7f00000002c0)=""/241, 0x1ffd4, 0x2, 0x0, 0x0) close(r8) open(&(0x7f0000000000)='./bus\x00', 0x16d43e, 0x8b) fsetxattr$security_selinux(r1, &(0x7f0000002100), &(0x7f00000020c0)='system_u:object_r:logrotate_exec_t:s0\x00', 0x26, 0x3) 2.385853147s ago: executing program 1 (id=6841): mkdir(&(0x7f0000000340)='./file0\x00', 0x0) r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000005c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10) pipe2$9p(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) r4 = dup(r3) mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18) write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) utimes(&(0x7f0000000340)='./file0\x00', 0x0) 2.353818319s ago: executing program 4 (id=6842): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1010410, &(0x7f0000000040)={[{@jqfmt_vfsv1}, {@noquota}]}, 0x9, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvzdp17aatIMh8KghaGUvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5+dFla9KlXZMI/XzgNOfce5tzvjn3nnuSe0kC2LPG0z+ZiMMR8VESMVpfnomIpJobiDhZ2+7O2mo+TUmsr7/5R1Jdf3ttNd94rqT+eLBeeDYifnw/4khmc73l5ZW5XLFYWKyXJyvzFybLyytHz8/nZguzhYXjU9PTx068cOL47sX61y8rh258/Noz35z8570nrn34UxIn41B9XXMcu2W89upGxGD6Et7j1d2urM+SfjeAHcnUjvBqOhyjsa+aa2O4ly0DALrl3YhYBwD2mMT5HwD2mMbnALfXVvON1N9PJHrr5isRcaAWf+P6Zm3NQP2a3YEYjIiR28k9V0aSiBjbhfrHI+KL797+Kk3RpeuQAK1cvhIRZ8fGN4//yaZ7FrbruQ62Gb+vbPyD3vk+nf+82Gr+l9mY/0SL+c9Qi2N3Jx58/Geu70I1baXzv5eb7m270xR/3di+eumR6pxvMDl3vlhIx7ZHI2IiBofS8tQWdUzc+vdWu3XN878/P3nny7T+9PHuFpnrA0P3/s9MrpJ7mJib3bwS8eRAq/iTjf5P2sx/T3dYx+svffB5u3Vp/Gm8jbQ5/u5avxrxdMv+v3tHW7Ll/YmT1d1hsrFTtPDtr5+NtKu/uf/TlNbfeC/QC2n/j2wd/1jSfL9meft1/Hx19Id26x4cf+v9f3/yVjW/v77sUq5SWZyK2J+8sXn5sbv/2yg3tk/jn3iq9fG/1f6fvic822H8Azd+/3rn8XdXGv/Mtvp/+5lrd+b2tau/s/6fruYm6ks6Gf86beDDvHYAAAAAAAAAAAAAAAAAAAAAAAAA0KlMRByKJJPdyGcy2WztN7wfj5FMsVSuHDlXWlqYiepvZY/FYKbxVZejTd+HOlX/PvxG+dh95ecj4rGI+HRouFrO5kvFmX4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9v8/n/qt6F+tw4A6JoD/W4AANBzzv8AsPds7/w/3LV2AAC94/0/AOw9zv8AsPc4/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBlp0+dStP632ur+bQ8c3F5aa508ehMoTyXnV/KZ/OlxQvZ2VJptljI5kvzbZ/ocu2hWCpdmI6FpUuTlUK5MlleXjkzX1paqJw5P5+bLZwpDPYsMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZS5XLBYWZWRkZDYyzaPEcP8GKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uf8CAAD//53qKtg=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000100)) r5 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) (fail_nth: 1) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r5, 0x0, 0x10) 2.286975245s ago: executing program 1 (id=6843): syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x480, &(0x7f00000000c0), 0x1, 0x765, &(0x7f0000000800)="$eJzs3c1rHOUfAPDvbJKmv7Q/E0HQegoIGijdmBpbBQ8VDyJYKOjZdtlsQ80mW7Kb0oSAFhG8CCoeBL307Eu9efXlqv+FB2mpmhYrHiQyu7PpNtltN22SRffzgWmf55nZPPPdZ2aeZ/cZdgLoW+PpP7mIQxHxQRIxmpUnETFUTw1GnGhsd2tttZguSayvv/ZbUt/m5tpqMVpekzqQZR6LiO/fjTic21pvdXllrlAulxaz/GRt/vxkdXnlyLn5wmxptrRwbGp6+ujxZ48f27lY//hp5eC1D19+6qsTf73z6JX3f0jiRBzM1rXGsVPGYzx7T4bSt/AOL+10ZT2W9HoHuC/pqTnQOMvjUIzGQD0FAPyXvRUR6wBAn0n0/wDQZ5rfA9xcWy02l95+I7G3rr8YEfsb8TfnNxtrBrM5u/31edCRm0k2M9KYzEwiYmwH6h+PiM++eeOLdIldmocEaOftSxFxZmx86/U/2XLPwnY93cU245vyrn+wd75Nxz/PtRv/5TbGP3HH+KdhuM25ez/uff7nru5ANR2l478XWu5tu9USf2ZsIMv9vz7mG0rOniuX0mvbQxExEUPDaX7qLnVM3Pj7Rqd1reO/3z968/O0/vT/21vkrg4O3/mamUKt8CAxt7p+KeLxwXbxJxvtn7Rp/7TsVJd1vPL8e592WpfGn8bbXLbGv7vWL0c82bb9b9/Rltz1/sTJ+uEw2Two2vj6509G2pUf2dT+6ZLW3/wssBfS9h+5e/xjSev9mtXt1/Hj5dHvOq27d/ztj/99yev19L6s7GKhVlucitiXvLq1/Ojt1zbzze3T+CeeaH/+bz7+11v2If1MeKbL+Aev/frl/ce/u9L4Z7bV/ttPXLk1N9Cp/u7af7qemshKurn+dbuDD/LeAQAAAAAAAAAAAAAAAAAAAAAAAEC3chFxMJJcfiOdy+XzjWd4PxIjuXKlWjt8trK0MBP1Z2WPxVCu+VOXoy2/hzqV/R5+M390U/6ZiHg4Ij4e/l89ny9WyjO9Dh4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMgc6PP8/9ctwr/cOANg1+3u9AwDAntP/A0D/0f8DQP/R/wNA/9H/A0D/0f8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwy06dPJku63+urRbT/MyF5aW5yoUjM6XqXH5+qZgvVhbP52crldlyKV+szN/r75UrlfPTsbB0cbJWqtYmq8srp+crSwu10+fmC7Ol06WhPYkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALanurwyVyiXS4sSEhISG4leX5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/h3+CQAA///Q6StZ") r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020100008500000043"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r2}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) write$binfmt_script(r0, &(0x7f00000012c0)={'#! ', './bus', [], 0xa, "28579141b1ca43a4d10c850a09e6b2935c9654d3ac05b66cd645e4876a704c8e42870626b2cdc7209d020c641a60ea041effd53ae1185d11a8844e097c524f3ba246effcec7fb8b67df6e2faafc1d202f1ac6af20a99c12055f3b859046f4db6d797109dc2549dcd520d6709edb954a48881b772ab4ba4f24c6595bb858b3d5ca881f3f4a4edc56e37acf48d993010db074d5a3cac5f411ea6916ec721f445eb15f22b43e2038033e071cef4a94af0f8ca0eed981fbe953a2f5c1e58ab92502671811f423bcbcccaa0b02e986ddd1a3110"}, 0xda) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0) r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0) r4 = eventfd(0x0) ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000240)={0xc025, 0x1}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000380)=""/138, 0x0}) bind$inet6(0xffffffffffffffff, &(0x7f00000004c0)={0xa, 0x4c27, 0x1, @private1, 0x72c1}, 0x1c) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x4000, &(0x7f0000001200)={[{@commit={'commit', 0x3d, 0x8}}, {@errors_continue}, {@stripe={'stripe', 0x3d, 0x3}}, {@commit={'commit', 0x3d, 0x5}}, {@orlov}, {@data_err_abort}, {@nouid32}, {@data_err_abort}]}, 0xd, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=") syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0xfe, 0x0, &(0x7f0000000000)) chdir(&(0x7f00000003c0)='./bus\x00') r5 = open(&(0x7f0000000480)='.\x00', 0x0, 0xe0) mkdirat(r5, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r6, &(0x7f0000001fc0)=""/184, 0xb8) unshare(0x22020600) syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f00000002c0)='./file0\x00', 0xe, &(0x7f0000000500)={[{@sb={'sb', 0x3d, 0x13}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@usrjquota}, {@lazytime}, {@block_validity}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV") close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r3, &(0x7f0000000440)={0x20000000}) ioctl$VHOST_SET_VRING_KICK(r3, 0x4008af20, &(0x7f0000000040)={0x0, r4}) ioctl$VHOST_SET_VRING_ADDR(r3, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0}) 2.245194328s ago: executing program 3 (id=6844): syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x1010410, &(0x7f0000000040)={[{@jqfmt_vfsv1}, {@noquota}]}, 0x9, 0x76a, &(0x7f0000000fc0)="$eJzs3d9rW1UcAPDvzdp17aatIMh8KghaGUvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5+dFla9KlXZMI/XzgNOfce5tzvjn3nnuSe0kC2LPG0z+ZiMMR8VESMVpfnomIpJobiDhZ2+7O2mo+TUmsr7/5R1Jdf3ttNd94rqT+eLBeeDYifnw/4khmc73l5ZW5XLFYWKyXJyvzFybLyytHz8/nZguzhYXjU9PTx068cOL47sX61y8rh258/Noz35z8570nrn34UxIn41B9XXMcu2W89upGxGD6Et7j1d2urM+SfjeAHcnUjvBqOhyjsa+aa2O4ly0DALrl3YhYBwD2mMT5HwD2mMbnALfXVvON1N9PJHrr5isRcaAWf+P6Zm3NQP2a3YEYjIiR28k9V0aSiBjbhfrHI+KL797+Kk3RpeuQAK1cvhIRZ8fGN4//yaZ7FrbruQ62Gb+vbPyD3vk+nf+82Gr+l9mY/0SL+c9Qi2N3Jx58/Geu70I1baXzv5eb7m270xR/3di+eumR6pxvMDl3vlhIx7ZHI2IiBofS8tQWdUzc+vdWu3XN878/P3nny7T+9PHuFpnrA0P3/s9MrpJ7mJib3bwS8eRAq/iTjf5P2sx/T3dYx+svffB5u3Vp/Gm8jbQ5/u5avxrxdMv+v3tHW7Ll/YmT1d1hsrFTtPDtr5+NtKu/uf/TlNbfeC/QC2n/j2wd/1jSfL9meft1/Hx19Id26x4cf+v9f3/yVjW/v77sUq5SWZyK2J+8sXn5sbv/2yg3tk/jn3iq9fG/1f6fvic822H8Azd+/3rn8XdXGv/Mtvp/+5lrd+b2tau/s/6fruYm6ks6Gf86beDDvHYAAAAAAAAAAAAAAAAAAAAAAAAA0KlMRByKJJPdyGcy2WztN7wfj5FMsVSuHDlXWlqYiepvZY/FYKbxVZejTd+HOlX/PvxG+dh95ecj4rGI+HRouFrO5kvFmX4HDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1B9v8/n/qt6F+tw4A6JoD/W4AANBzzv8AsPds7/w/3LV2AAC94/0/AOw9zv8AsPc4/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBlp0+dStP632ur+bQ8c3F5aa508ehMoTyXnV/KZ/OlxQvZ2VJptljI5kvzbZ/ocu2hWCpdmI6FpUuTlUK5MlleXjkzX1paqJw5P5+bLZwpDPYsMgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoXHl5ZS5XLBYWZWRkZDYyzaPEcP8GKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uf8CAAD//53qKtg=") prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_procfs(r0, &(0x7f0000000300)='net/vlan/vlan0\x00') sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_getattr(r0, &(0x7f00000001c0)={0x38}, 0xffffffffffffffec, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb4, 0x7f}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0xa, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @generic={0x61, 0x0, 0x0, 0x88}, @initr0, @exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0xe8, &(0x7f0000000340)=""/232}, 0x80) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x0, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000100)) r7 = getpid() sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x6) ptrace$ARCH_SET_CPUID(0x1e, r7, 0x1, 0x1012) r8 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_LINKINFO_SET(r8, 0x0, 0x10) openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000440)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0) 2.230233579s ago: executing program 2 (id=6730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) alarm(0x80000fe) alarm(0x0) 177.886346ms ago: executing program 1 (id=6845): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000004000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000005600)='sys_enter\x00', r0}, 0x10) getrusage(0xfeff, &(0x7f0000000540)) 143.336899ms ago: executing program 3 (id=6846): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x7, &(0x7f0000000400)=ANY=[@ANYBLOB="180000000000000000000000fcffffff18110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00', r1}, 0x10) syz_emit_ethernet(0x76, &(0x7f0000000540)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd602e5cea00403c0020010000000000000000000000000002ff0200000000000000000000000000010004000000000000c910000000000000000001"], 0x0) 143.114809ms ago: executing program 4 (id=6847): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000002000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sys_enter\x00', r0}, 0x10) timerfd_gettime(0xffffffffffffffff, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0), 0x48) r4 = socket$inet_udp(0x2, 0x2, 0x0) r5 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000080)={@loopback, 0x800, 0x0, 0x3, 0x1}, 0x20) setsockopt$inet6_int(r5, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4) connect$inet6(r5, &(0x7f0000000200)={0xa, 0x0, 0x380000, @loopback}, 0x1c) connect$inet(r4, &(0x7f0000000040)={0x2, 0x0, @multicast2}, 0x10) r6 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="30e2ff012abd7000fedbdf2500000000fdba1ae4f9ddd53edfb8ad13ed3ddfa6aed92957848d8cb60344fc357b77cbb7fd5769a8a9ee753c4e06535140f965af65d461c0ca59bd54dac428975a7248af7ccecfd99dcf7cdc9cc586b18618c0b8f30002273ed581964818d03a453be68a1c75a5ccf65460074c6a43bf9970bb9e92f5de0493ffa08721264267e165481d2fcf91e1701aacb99d87fe5a1cce6220860a5e9c736bbf8aed40b7a4e1eb8002"], 0x14}}, 0x4000) sendmmsg(r4, &(0x7f0000007fc0), 0x2d, 0x0) getsockopt$inet_opts(r4, 0x0, 0xd, &(0x7f0000000400)=""/86, &(0x7f0000000000)=0x56) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0) 142.745819ms ago: executing program 3 (id=6848): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) syz_usb_connect$printer(0x5, 0x2d, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b000101000000090400000007010000090501020000000000d47cefff4698450a1193e66e06a77327b96dfdaaeb8bc23f66fa19de5e6fa1957c25cbed8d8b3addfd9d0cd1039c66bedfb43852caea8685b1eb065427d885044a8f04a3"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async) r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x203, 0x88401) ioctl$USBDEVFS_DROP_PRIVILEGES(r1, 0x4004551e, &(0x7f0000000000)) (async) ioctl$USBDEVFS_RESETEP(r1, 0xc0105502, &(0x7f0000000580)={0x1, 0x1}) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r2}, 0x10) (async) r3 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x20, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x2}, @IFLA_GRE_ERSPAN_DIR={0x5}, @IFLA_GRE_ERSPAN_HWID={0x6}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x50}}, 0x0) unshare(0x40000600) (async) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000240)=[{&(0x7f0000000080)="390000001300034700bb5be1c3fbfeff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1) (async) r5 = socket$netlink(0x10, 0x3, 0x0) writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000002000000000", 0x39}], 0x1) (async) bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe}, 0x48) 75.267354ms ago: executing program 1 (id=6849): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='uid_map\x00') r5 = socket$netlink(0x10, 0x3, 0x0) r6 = socket(0x10, 0x803, 0x0) sendmsg$BATADV_CMD_GET_MESH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r7, @ANYBLOB="03000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0) 0s ago: executing program 2 (id=6730): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x7}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b708000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mkdirat(0xffffffffffffff9c, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20) alarm(0x80000fe) alarm(0x0) kernel console output (not intermixed with test programs): 1698.725976][ C0] RSP: 002b:00007f1bf977b048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1698.735591][ C0] RAX: ffffffffffffffda RBX: 00007f1bfa6a9038 RCX: 00007f1bfa51abd9 [ 1698.743529][ C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1698.752274][ C0] RBP: 00007f1bfa589aa1 R08: 0000000000000000 R09: 0000000000000000 [ 1698.760208][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1698.768094][ C0] R13: 000000000000006e R14: 00007f1bfa6a9038 R15: 00007ffd0f693f68 [ 1698.775972][ C0] [ 1698.778950][ C0] ---[ end trace 3a6792d9f4c2225b ]--- [ 1698.913921][T22502] FAULT_INJECTION: forcing a failure. [ 1698.913921][T22502] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1698.926981][T22502] CPU: 1 PID: 22502 Comm: syz.1.6547 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1698.938250][T22502] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1698.948265][T22502] Call Trace: [ 1698.951509][T22502] [ 1698.954283][T22502] dump_stack_lvl+0x151/0x1b7 [ 1698.958788][T22502] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1698.964286][T22502] dump_stack+0x15/0x17 [ 1698.968616][T22502] should_fail+0x3c6/0x510 [ 1698.972860][T22502] should_fail_usercopy+0x1a/0x20 [ 1698.977717][T22502] _copy_to_user+0x20/0x90 [ 1698.981968][T22502] simple_read_from_buffer+0xc7/0x150 [ 1698.987209][T22502] proc_fail_nth_read+0x1a3/0x210 [ 1698.992191][T22502] ? proc_fault_inject_write+0x390/0x390 [ 1698.997737][T22502] ? fsnotify_perm+0x470/0x5d0 [ 1699.002349][T22502] ? security_file_permission+0x86/0xb0 [ 1699.007722][T22502] ? proc_fault_inject_write+0x390/0x390 [ 1699.013194][T22502] vfs_read+0x27d/0xd40 [ 1699.017193][T22502] ? kernel_read+0x1f0/0x1f0 [ 1699.021614][T22502] ? __kasan_check_write+0x14/0x20 [ 1699.026558][T22502] ? mutex_lock+0xb6/0x1e0 [ 1699.030813][T22502] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 1699.036423][T22502] ? wait_for_completion_killable_timeout+0x10/0x10 [ 1699.042941][T22502] ? __fget_files+0x1c3/0x380 [ 1699.047698][T22502] ? __fdget_pos+0x1b5/0x3a0 [ 1699.052229][T22502] ? __fdget_pos+0x2e7/0x3a0 [ 1699.056742][T22502] ? ksys_read+0x77/0x2c0 [ 1699.060918][T22502] ksys_read+0x199/0x2c0 [ 1699.064994][T22502] ? vfs_write+0x1110/0x1110 [ 1699.069419][T22502] ? __kasan_check_read+0x11/0x20 [ 1699.074286][T22502] __x64_sys_read+0x7b/0x90 [ 1699.078620][T22502] do_syscall_64+0x3d/0xb0 [ 1699.082895][T22502] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1699.088763][T22502] RIP: 0033:0x7f009048d6bc [ 1699.093153][T22502] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 1699.112804][T22502] RSP: 002b:00007f008f6ce040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 1699.121235][T22502] RAX: ffffffffffffffda RBX: 00007f009061d110 RCX: 00007f009048d6bc [ 1699.129465][T22502] RDX: 000000000000000f RSI: 00007f008f6ce0b0 RDI: 0000000000000007 [ 1699.137269][T22502] RBP: 00007f008f6ce0a0 R08: 0000000000000000 R09: fffffffffffffdfd [ 1699.145089][T22502] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 1699.153069][T22502] R13: 000000000000006e R14: 00007f009061d110 R15: 00007fff6b2bd368 [ 1699.161506][T22502] [ 1700.463483][T22335] usb 4-1: new high-speed USB device number 110 using dummy_hcd [ 1700.948693][T22499] loop2: detected capacity change from 0 to 40427 [ 1701.102443][T22499] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12 [ 1701.133248][T22499] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock [ 1701.178236][T22335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1701.240576][T22335] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1701.261240][T22499] F2FS-fs (loop2): invalid crc value [ 1701.733272][T22335] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1701.744965][T22335] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1701.772484][T22499] F2FS-fs (loop2): Failed to start F2FS issue_checkpoint_thread (-12) [ 1701.794690][T22335] usb 4-1: config 0 descriptor?? [ 1701.897027][T22335] usb 4-1: can't set config #0, error -71 [ 1701.906444][T22335] usb 4-1: USB disconnect, device number 110 [ 1702.279112][T22537] 9pnet: Could not find request transport: fd0x0000000000000003 [ 1702.741023][ T313] usb 1-1: new high-speed USB device number 3 using dummy_hcd [ 1702.760602][ T30] audit: type=1400 audit(1720370464.624:20444): avc: denied { connect } for pid=22542 comm="syz.4.6563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1702.820108][ T30] audit: type=1400 audit(1720370464.684:20445): avc: denied { getopt } for pid=22542 comm="syz.4.6563" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1703.057508][ C0] ------------[ cut here ]------------ [ 1703.062928][ C0] WARNING: CPU: 0 PID: 22535 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1703.072467][ C0] Modules linked in: [ 1703.076234][ C0] CPU: 0 PID: 22535 Comm: syz.3.6559 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1703.087469][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1703.097356][ C0] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1703.102967][ C0] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1703.122548][ C0] RSP: 0018:ffffc90000007ba8 EFLAGS: 00010246 [ 1703.128745][ C0] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff88810a1f93c0 [ 1703.136720][ C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1703.144838][ C0] RBP: ffffc90000007bf0 R08: ffffffff84368a84 R09: ffffed102177441b [ 1703.152715][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba1f80 [ 1703.160767][ C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110217743f2 [ 1703.168682][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1703.177423][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1703.184350][ C0] CR2: 0000000000000000 CR3: 0000000121288000 CR4: 00000000003506b0 [ 1703.192236][ C0] Call Trace: [ 1703.195387][ C0] [ 1703.198135][ C0] ? show_regs+0x58/0x60 [ 1703.202274][ C0] ? __warn+0x160/0x2f0 [ 1703.206263][ C0] ? inet_sock_destruct+0x678/0x770 [ 1703.211371][ C0] ? report_bug+0x3d9/0x5b0 [ 1703.215798][ C0] ? inet_sock_destruct+0x678/0x770 [ 1703.220885][ C0] ? handle_bug+0x41/0x70 [ 1703.225105][ C0] ? exc_invalid_op+0x1b/0x50 [ 1703.229670][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 1703.234620][ C0] ? inet_sock_destruct+0x574/0x770 [ 1703.239776][ C0] ? inet_sock_destruct+0x678/0x770 [ 1703.244873][ C0] ? inet_sock_destruct+0x678/0x770 [ 1703.249957][ C0] ? inet_sock_destruct+0x678/0x770 [ 1703.255054][ C0] inet6_sock_destruct+0x1d/0x20 [ 1703.259875][ C0] ? ipv6_mod_enabled+0x30/0x30 [ 1703.264631][ C0] __sk_destruct+0x56/0x5b0 [ 1703.269022][ C0] ? sk_destruct+0xd0/0xd0 [ 1703.273333][ C0] rcu_do_batch+0x57a/0xc10 [ 1703.277832][ C0] ? local_bh_enable+0x20/0x20 [ 1703.282494][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1703.288200][ C0] ? note_gp_changes+0x159/0x260 [ 1703.293064][ C0] ? __run_timers+0x996/0xa10 [ 1703.297727][ C0] rcu_core+0x517/0x1020 [ 1703.301875][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1703.307026][ C0] ? hrtimer_interrupt+0x867/0xaa0 [ 1703.312039][ C0] rcu_core_si+0x9/0x10 [ 1703.316025][ C0] __do_softirq+0x26d/0x5bf [ 1703.320418][ C0] __irq_exit_rcu+0x50/0xf0 [ 1703.324874][ C0] irq_exit_rcu+0x9/0x10 [ 1703.329019][ C0] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1703.334550][ C0] [ 1703.337388][ C0] [ 1703.340100][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1703.346017][ C0] RIP: 0010:shmem_undo_range+0x3b3/0x1560 [ 1703.351644][ C0] Code: 3b 12 00 49 8b 36 49 89 f7 49 c1 e7 2f 49 c1 ff 3f 81 e6 00 00 01 00 31 ff e8 b9 05 d0 ff 41 81 e7 ff 01 00 00 80 7c 24 34 00 <0f> 84 ac 00 00 00 48 89 5c 24 28 49 8d 5e 08 48 89 d8 48 c1 e8 03 [ 1703.371365][ C0] RSP: 0018:ffffc90000dff300 EFLAGS: 00000246 [ 1703.377421][ C0] RAX: 0000000000000000 RBX: 000000000000012e RCX: ffff88810a1f93c0 [ 1703.385440][ C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1703.393328][ C0] RBP: ffffc90000dff590 R08: ffffffff81a03627 R09: fffff94000955b19 [ 1703.401246][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000003 [ 1703.409161][ C0] R13: dffffc0000000000 R14: ffffea0004aad8c0 R15: 0000000000000000 [ 1703.417085][ C0] ? shmem_undo_range+0x3a7/0x1560 [ 1703.422117][ C0] ? shmem_truncate_range+0xb0/0xb0 [ 1703.427184][ C0] ? is_bpf_text_address+0x172/0x190 [ 1703.432444][ C0] ? arch_stack_walk+0xf3/0x140 [ 1703.437260][ C0] shmem_evict_inode+0x215/0x9d0 [ 1703.442133][ C0] ? _raw_spin_unlock+0x4d/0x70 [ 1703.446852][ C0] ? inode_wait_for_writeback+0x21f/0x280 [ 1703.452480][ C0] ? shmem_free_in_core_inode+0xc0/0xc0 [ 1703.457901][ C0] ? bit_waitqueue+0x30/0x30 [ 1703.462306][ C0] ? __kasan_check_write+0x14/0x20 [ 1703.467305][ C0] ? _raw_spin_lock+0xa4/0x1b0 [ 1703.467381][ C0] ? _raw_spin_trylock_bh+0x190/0x190 [ 1703.467438][ C0] ? shmem_free_in_core_inode+0xc0/0xc0 [ 1703.467488][ C0] evict+0x2a3/0x630 [ 1703.467546][ C0] iput+0x63b/0x7e0 [ 1703.467603][ C0] dentry_unlink_inode+0x34f/0x440 [ 1703.467659][ C0] __dentry_kill+0x447/0x660 [ 1703.467708][ C0] ? lockref_put_return+0xc9/0xe0 [ 1703.467758][ C0] dentry_kill+0xc0/0x2a0 [ 1703.467806][ C0] dput+0x45/0x80 [ 1703.467851][ C0] __fput+0x662/0x910 [ 1703.467910][ C0] ____fput+0x15/0x20 [ 1703.467959][ C0] task_work_run+0x129/0x190 [ 1703.468012][ C0] do_exit+0xc48/0x2ca0 [ 1703.468069][ C0] ? put_task_struct+0x80/0x80 [ 1703.468127][ C0] ? __kasan_check_write+0x14/0x20 [ 1703.468179][ C0] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 1703.468235][ C0] ? _raw_spin_lock_irqsave+0x210/0x210 [ 1703.468307][ C0] do_group_exit+0x141/0x310 [ 1703.468362][ C0] get_signal+0x7a3/0x1630 [ 1703.468424][ C0] arch_do_signal_or_restart+0xbd/0x1680 [ 1703.468474][ C0] ? fput+0x1a/0x20 [ 1703.468530][ C0] ? __sys_sendmmsg+0x4a9/0x530 [ 1703.468588][ C0] ? __ia32_sys_sendmsg+0x90/0x90 [ 1703.468640][ C0] ? get_sigframe_size+0x10/0x10 [ 1703.468686][ C0] ? __se_sys_futex+0x37b/0x3e0 [ 1703.468751][ C0] ? fpu_flush_thread+0xf0/0xf0 [ 1703.468810][ C0] exit_to_user_mode_loop+0xa0/0xe0 [ 1703.468864][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 1703.468918][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 1703.468980][ C0] do_syscall_64+0x49/0xb0 [ 1703.469030][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1703.469081][ C0] RIP: 0033:0x7f087cb34bd9 [ 1703.469117][ C0] Code: Unable to access opcode bytes at RIP 0x7f087cb34baf. [ 1703.469144][ C0] RSP: 002b:00007f087bd950f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1703.469195][ C0] RAX: fffffffffffffe00 RBX: 00007f087ccc3040 RCX: 00007f087cb34bd9 [ 1703.469233][ C0] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f087ccc3040 [ 1703.469267][ C0] RBP: 00007f087ccc3038 R08: 00007f087bd956c0 R09: 00007f087bd956c0 [ 1703.469315][ C0] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f087ccc3044 [ 1703.469351][ C0] R13: 000000000000006e R14: 00007fffbb9657e0 R15: 00007fffbb9658c8 [ 1703.469400][ C0] [ 1703.469417][ C0] ---[ end trace 3a6792d9f4c2225c ]--- [ 1703.547163][ T313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1703.547258][ T313] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1703.547357][ T313] usb 1-1: New USB device found, idVendor=5543, idProduct=0005, bcdDevice= 0.00 [ 1703.547426][ T313] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1703.549207][ T313] usb 1-1: config 0 descriptor?? [ 1704.060673][T22540] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6561'. [ 1704.398029][T22568] loop4: detected capacity change from 0 to 256 [ 1704.414058][ T313] uclogic 0003:5543:0005.0030: unknown main item tag 0x0 [ 1704.423448][ T313] uclogic 0003:5543:0005.0030: No inputs registered, leaving [ 1704.425906][T22569] loop2: detected capacity change from 0 to 512 [ 1704.438309][ T313] uclogic 0003:5543:0005.0030: hidraw0: USB HID v0.00 Device [HID 5543:0005] on usb-dummy_hcd.0-1/input0 [ 1704.456245][ T313] usb 1-1: USB disconnect, device number 3 [ 1704.494828][T22575] 9pnet: Insufficient options for proto=fd [ 1704.533008][T22568] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1fb9359e, utbl_chksum : 0xe619d30d) [ 1704.562987][ T30] audit: type=1326 audit(1720370466.424:20446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22566 comm="syz.4.6567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1704.618458][ T30] audit: type=1326 audit(1720370466.454:20447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22566 comm="syz.4.6567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=268 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1704.647965][ T30] audit: type=1326 audit(1720370466.454:20448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22566 comm="syz.4.6567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1704.696969][T22569] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback. [ 1704.708786][T22569] ext4 filesystem being mounted at /153/file0 supports timestamps until 2038 (0x7fffffff) [ 1704.723600][T22569] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback. [ 1705.587103][ T30] audit: type=1326 audit(1720370467.444:20449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22601 comm="syz.1.6578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009048ebd9 code=0x7ffc0000 [ 1705.677349][ C1] ------------[ cut here ]------------ [ 1705.682710][ C1] WARNING: CPU: 1 PID: 22587 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1705.692164][ C1] Modules linked in: [ 1705.695935][ C1] CPU: 1 PID: 22587 Comm: syz.4.6575 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1705.700916][ T30] audit: type=1326 audit(1720370467.444:20450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22601 comm="syz.1.6578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f009048ebd9 code=0x7ffc0000 [ 1705.707226][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1705.741352][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1705.747147][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1705.766765][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1705.772718][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff88810e0d2780 [ 1705.780627][ C1] RDX: 0000000000000101 RSI: 0000000000000100 RDI: 0000000000000000 [ 1705.788682][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed10230a417b [ 1705.796472][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118520a80 [ 1705.804569][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4152 [ 1705.812589][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1705.822163][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1705.828764][ C1] CR2: 00007f1bfa6aaa6c CR3: 000000000680f000 CR4: 00000000003506a0 [ 1705.836545][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1705.845556][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1705.847911][ T30] audit: type=1326 audit(1720370467.444:20451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22601 comm="syz.1.6578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009048ebd9 code=0x7ffc0000 [ 1705.853606][ C1] Call Trace: [ 1705.880272][ C1] [ 1705.883042][ C1] ? show_regs+0x58/0x60 [ 1705.887214][ C1] ? __warn+0x160/0x2f0 [ 1705.891471][ C1] ? inet_sock_destruct+0x678/0x770 [ 1705.896504][ C1] ? report_bug+0x3d9/0x5b0 [ 1705.900903][ C1] ? inet_sock_destruct+0x678/0x770 [ 1705.906110][ C1] ? handle_bug+0x41/0x70 [ 1705.910354][ C1] ? exc_invalid_op+0x1b/0x50 [ 1705.914923][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1705.919859][ C1] ? inet_sock_destruct+0x574/0x770 [ 1705.924950][ C1] ? inet_sock_destruct+0x678/0x770 [ 1705.930051][ C1] ? inet_sock_destruct+0x678/0x770 [ 1705.931445][ T30] audit: type=1326 audit(1720370467.444:20452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22601 comm="syz.1.6578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f009048ebd9 code=0x7ffc0000 [ 1705.935137][ C1] ? inet_sock_destruct+0x678/0x770 [ 1705.964227][ C1] inet6_sock_destruct+0x1d/0x20 [ 1705.969203][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1705.973971][ C1] __sk_destruct+0x56/0x5b0 [ 1705.978381][ C1] ? sk_destruct+0xd0/0xd0 [ 1705.982694][ C1] rcu_do_batch+0x57a/0xc10 [ 1705.987081][ C1] ? local_bh_enable+0x20/0x20 [ 1705.991734][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1705.997098][ C1] ? __hrtimer_run_queues+0x46b/0xad0 [ 1706.002355][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 1706.006874][ T30] audit: type=1326 audit(1720370467.444:20453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22601 comm="syz.1.6578" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f009048ebd9 code=0x7ffc0000 [ 1706.007110][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1706.037557][ C1] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1706.042645][ C1] rcu_core+0x517/0x1020 [ 1706.047200][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1706.052300][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1706.057918][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1706.063188][ C1] rcu_core_si+0x9/0x10 [ 1706.067253][ C1] __do_softirq+0x26d/0x5bf [ 1706.071751][ C1] __irq_exit_rcu+0x50/0xf0 [ 1706.076075][ C1] irq_exit_rcu+0x9/0x10 [ 1706.080406][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1706.085946][ C1] [ 1706.088807][ C1] [ 1706.091499][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1706.097410][ C1] RIP: 0010:_raw_spin_unlock_irq+0x49/0x70 [ 1706.103106][ C1] Code: 08 00 74 0c 48 c7 c7 d8 54 8d 86 e8 b1 45 e9 fc 48 83 3d 31 29 c4 01 00 74 2a 48 89 df e8 e3 bb 8b fc 66 90 fb bf 01 00 00 00 02 ff 82 fc 65 8b 05 c3 41 39 7b 85 c0 74 03 5b 5d c3 e8 c3 55 [ 1706.123348][ C1] RSP: 0018:ffffc90000b27290 EFLAGS: 00000246 [ 1706.129400][ C1] RAX: 0000000000000001 RBX: ffff88811e375ce8 RCX: dffffc0000000000 [ 1706.137331][ C1] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000001 [ 1706.145289][ C1] RBP: ffffc90000b27298 R08: ffffffff828a4a50 R09: ffffed1025951fd8 [ 1706.153196][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1706.161486][ C1] R13: dffffc0000000000 R14: ffff88811e375ce0 R15: ffffea0004b39380 [ 1706.169433][ C1] ? xas_init_marks+0x250/0x2d0 [ 1706.174178][ C1] delete_from_page_cache+0xc1/0xf0 [ 1706.179325][ C1] truncate_inode_page+0x5d/0x70 [ 1706.184157][ C1] shmem_undo_range+0x477/0x1560 [ 1706.189222][ C1] ? shmem_truncate_range+0xb0/0xb0 [ 1706.194313][ C1] ? is_bpf_text_address+0x172/0x190 [ 1706.199546][ C1] ? arch_stack_walk+0xf3/0x140 [ 1706.204326][ C1] shmem_evict_inode+0x215/0x9d0 [ 1706.209317][ C1] ? _raw_spin_unlock+0x4d/0x70 [ 1706.214051][ C1] ? inode_wait_for_writeback+0x21f/0x280 [ 1706.219741][ C1] ? shmem_free_in_core_inode+0xc0/0xc0 [ 1706.225303][ C1] ? bit_waitqueue+0x30/0x30 [ 1706.229799][ C1] ? __kasan_check_write+0x14/0x20 [ 1706.234791][ C1] ? _raw_spin_lock+0xa4/0x1b0 [ 1706.239516][ C1] ? _raw_spin_trylock_bh+0x190/0x190 [ 1706.245185][ C1] ? shmem_free_in_core_inode+0xc0/0xc0 [ 1706.250677][ C1] evict+0x2a3/0x630 [ 1706.254492][ C1] iput+0x63b/0x7e0 [ 1706.258705][ C1] dentry_unlink_inode+0x34f/0x440 [ 1706.264577][ C1] __dentry_kill+0x447/0x660 [ 1706.269080][ C1] ? lockref_put_return+0xc9/0xe0 [ 1706.274018][ C1] dentry_kill+0xc0/0x2a0 [ 1706.278243][ C1] dput+0x45/0x80 [ 1706.281766][ C1] __fput+0x662/0x910 [ 1706.285676][ C1] ____fput+0x15/0x20 [ 1706.289572][ C1] task_work_run+0x129/0x190 [ 1706.294200][ C1] do_exit+0xc48/0x2ca0 [ 1706.298404][ C1] ? put_task_struct+0x80/0x80 [ 1706.303072][ C1] ? __sched_text_start+0x8/0x8 [ 1706.307883][ C1] ? __kasan_check_write+0x14/0x20 [ 1706.313125][ C1] ? _raw_spin_lock_irq+0xa5/0x1b0 [ 1706.318756][ C1] ? _raw_spin_lock_irqsave+0x210/0x210 [ 1706.324767][ C1] do_group_exit+0x141/0x310 [ 1706.329795][ C1] get_signal+0x7a3/0x1630 [ 1706.334647][ C1] arch_do_signal_or_restart+0xbd/0x1680 [ 1706.340650][ C1] ? enqueue_hrtimer+0xca/0x240 [ 1706.345828][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1706.352160][ C1] ? hrtimer_start_range_ns+0xa57/0xb80 [ 1706.358105][ C1] ? _raw_spin_unlock_irq+0x4e/0x70 [ 1706.363251][ C1] ? get_sigframe_size+0x10/0x10 [ 1706.368155][ C1] ? __se_sys_futex+0x37b/0x3e0 [ 1706.372927][ C1] ? fpu_flush_thread+0xf0/0xf0 [ 1706.377707][ C1] exit_to_user_mode_loop+0xa0/0xe0 [ 1706.382804][ C1] exit_to_user_mode_prepare+0x5a/0xa0 [ 1706.388183][ C1] syscall_exit_to_user_mode+0x26/0x160 [ 1706.393633][ C1] do_syscall_64+0x49/0xb0 [ 1706.398020][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1706.403812][ C1] RIP: 0033:0x7fd2764c7bd9 [ 1706.408142][ C1] Code: Unable to access opcode bytes at RIP 0x7fd2764c7baf. [ 1706.415398][ C1] RSP: 002b:00007fd2757490f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1706.423851][ C1] RAX: fffffffffffffe00 RBX: 00007fd276655f68 RCX: 00007fd2764c7bd9 [ 1706.431936][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007fd276655f68 [ 1706.440013][ C1] RBP: 00007fd276655f60 R08: 00007fd2757496c0 R09: 00007fd2757496c0 [ 1706.448077][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fd276655f6c [ 1706.455933][ C1] R13: 000000000000000b R14: 00007ffed90a9ad0 R15: 00007ffed90a9bb8 [ 1706.463849][ C1] [ 1706.466733][ C1] ---[ end trace 3a6792d9f4c2225d ]--- [ 1706.514562][T22616] 9pnet: Insufficient options for proto=fd [ 1706.635539][T22627] loop3: detected capacity change from 0 to 256 [ 1709.878004][T22654] input: syz0 as /devices/virtual/input/input15 [ 1710.007468][ C1] ------------[ cut here ]------------ [ 1710.014121][ C1] WARNING: CPU: 1 PID: 22622 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1710.023944][ C1] Modules linked in: [ 1710.028609][ C1] CPU: 1 PID: 22622 Comm: syz.3.6580 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1710.040467][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1710.050852][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1710.056669][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1710.076428][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1710.082857][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff88812ac72780 [ 1710.091679][ C1] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1710.100207][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed10230a417b [ 1710.109293][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118520a80 [ 1710.117792][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4152 [ 1710.126327][ C1] FS: 00007f087bd956c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1710.135268][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1710.141739][ C1] CR2: 00000000203f3030 CR3: 000000012449c000 CR4: 00000000003506a0 [ 1710.149544][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1710.157549][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1710.166956][ C1] Call Trace: [ 1710.170107][ C1] [ 1710.172820][ C1] ? show_regs+0x58/0x60 [ 1710.177203][ C1] ? __warn+0x160/0x2f0 [ 1710.181179][ C1] ? inet_sock_destruct+0x678/0x770 [ 1710.186187][ C1] ? report_bug+0x3d9/0x5b0 [ 1710.190785][ C1] ? inet_sock_destruct+0x678/0x770 [ 1710.195898][ C1] ? handle_bug+0x41/0x70 [ 1710.200198][ C1] ? exc_invalid_op+0x1b/0x50 [ 1710.204794][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1710.210539][ C1] ? inet_sock_destruct+0x574/0x770 [ 1710.215705][ C1] ? inet_sock_destruct+0x678/0x770 [ 1710.221833][ C1] ? inet_sock_destruct+0x678/0x770 [ 1710.227091][ C1] ? inet_sock_destruct+0x678/0x770 [ 1710.232503][ C1] inet6_sock_destruct+0x1d/0x20 [ 1710.237415][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1710.242303][ C1] __sk_destruct+0x56/0x5b0 [ 1710.246833][ C1] ? sk_destruct+0xd0/0xd0 [ 1710.251208][ C1] rcu_do_batch+0x57a/0xc10 [ 1710.256590][ C1] ? local_bh_enable+0x20/0x20 [ 1710.261508][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1710.267300][ C1] ? note_gp_changes+0x159/0x260 [ 1710.272317][ C1] ? __run_timers+0x996/0xa10 [ 1710.276943][ C1] rcu_core+0x517/0x1020 [ 1710.283783][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1710.289161][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1710.297163][ C1] rcu_core_si+0x9/0x10 [ 1710.301464][ C1] __do_softirq+0x26d/0x5bf [ 1710.306928][ C1] __irq_exit_rcu+0x50/0xf0 [ 1710.311460][ C1] irq_exit_rcu+0x9/0x10 [ 1710.315635][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1710.321549][ C1] [ 1710.325007][ C1] [ 1710.327863][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1710.333809][ C1] RIP: 0010:kasan_check_range+0x82/0x2a0 [ 1710.339635][ C1] Code: 00 00 00 00 fc ff df 4f 8d 34 1a 4d 89 f5 4d 29 cd 49 83 fd 10 7f 26 4d 85 ed 0f 84 44 01 00 00 49 f7 d2 4d 01 e2 41 80 39 00 <0f> 85 d2 01 00 00 49 ff c1 49 ff c2 75 ee e9 27 01 00 00 45 89 cf [ 1710.359394][ C1] RSP: 0018:ffffc90000ebfa20 EFLAGS: 00000246 [ 1710.365370][ C1] RAX: ffffffff83dceb01 RBX: 000000000001ffff RCX: ffffffff83dceb74 [ 1710.375848][ C1] RDX: 0000000000000001 RSI: 0000000000000080 RDI: ffffc90000ebfb40 [ 1710.383916][ C1] RBP: ffffc90000ebfa48 R08: dffffc0000000000 R09: fffff520001d7f70 [ 1710.391983][ C1] R10: fffffffffffffff8 R11: dffffc0000000001 R12: 1ffff920001d7f68 [ 1710.400092][ C1] R13: 0000000000000010 R14: fffff520001d7f78 R15: 0000000000000080 [ 1710.408350][ C1] ? ___sys_recvmsg+0x51/0x690 [ 1710.413807][ C1] ? ___sys_recvmsg+0xc4/0x690 [ 1710.418576][ C1] memset+0x23/0x40 [ 1710.422335][ C1] ___sys_recvmsg+0xc4/0x690 [ 1710.426896][ C1] ? __sys_recvmsg+0x260/0x260 [ 1710.431662][ C1] ? preempt_schedule_irq+0xe7/0x140 [ 1710.436981][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1710.443108][ C1] ? do_recvmmsg+0x403/0x8b0 [ 1710.447733][ C1] ? do_recvmmsg+0x5cb/0x8b0 [ 1710.452310][ C1] do_recvmmsg+0x36b/0x8b0 [ 1710.456682][ C1] ? __sys_recvmmsg+0x270/0x270 [ 1710.462004][ C1] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1710.467780][ C1] ? irqentry_exit+0x12/0x40 [ 1710.472334][ C1] __x64_sys_recvmmsg+0x195/0x240 [ 1710.477554][ C1] ? do_recvmmsg+0x8b0/0x8b0 [ 1710.482113][ C1] do_syscall_64+0x3d/0xb0 [ 1710.487334][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1710.493335][ C1] RIP: 0033:0x7f087cb34bd9 [ 1710.497715][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1710.518295][ C1] RSP: 002b:00007f087bd95048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1710.527274][ C1] RAX: ffffffffffffffda RBX: 00007f087ccc3038 RCX: 00007f087cb34bd9 [ 1710.535763][ C1] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1710.543938][ C1] RBP: 00007f087cba3aa1 R08: 0000000000000000 R09: 0000000000000000 [ 1710.552104][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1710.560210][ C1] R13: 000000000000006e R14: 00007f087ccc3038 R15: 00007fffbb9658c8 [ 1710.568492][ C1] [ 1710.572158][ C1] ---[ end trace 3a6792d9f4c2225e ]--- [ 1711.676996][ T313] usb 5-1: new high-speed USB device number 123 using dummy_hcd [ 1711.936997][ T313] usb 5-1: Using ep0 maxpacket: 16 [ 1712.077000][ T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1712.112253][ T313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1713.106798][ T313] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2 [ 1713.120086][ T313] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00 [ 1713.331591][ T313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1713.346182][ T313] usb 5-1: config 0 descriptor?? [ 1713.748696][T22703] loop2: detected capacity change from 0 to 256 [ 1713.823094][ T313] koneplus 0003:1E7D:2E22.0031: item fetching failed at offset 0/2 [ 1713.847611][ T313] koneplus 0003:1E7D:2E22.0031: parse failed [ 1713.860130][ T313] koneplus: probe of 0003:1E7D:2E22.0031 failed with error -22 [ 1713.897511][ C1] ------------[ cut here ]------------ [ 1713.902868][ C1] WARNING: CPU: 1 PID: 22702 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1713.912604][ C1] Modules linked in: [ 1713.916374][ C1] CPU: 1 PID: 22702 Comm: syz.2.6605 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1713.927845][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1713.937718][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1713.943452][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1713.962984][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1713.968981][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff8881127993c0 [ 1713.976797][ C1] RDX: 0000000000000101 RSI: 0000000000000100 RDI: 0000000000000000 [ 1713.984665][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed10230a495b [ 1713.992540][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118524980 [ 1714.000349][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4932 [ 1714.008309][ C1] FS: 00007f3a68e526c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1714.017210][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1714.023565][ C1] CR2: 0000000020062030 CR3: 000000010a0e5000 CR4: 00000000003506a0 [ 1714.031450][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1714.039273][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1714.047209][ C1] Call Trace: [ 1714.050292][ C1] [ 1714.052977][ C1] ? show_regs+0x58/0x60 [ 1714.057131][ C1] ? __warn+0x160/0x2f0 [ 1714.061170][ C1] ? inet_sock_destruct+0x678/0x770 [ 1714.066212][ C1] ? report_bug+0x3d9/0x5b0 [ 1714.070595][ C1] ? inet_sock_destruct+0x678/0x770 [ 1714.075688][ C1] ? handle_bug+0x41/0x70 [ 1714.079915][ C1] ? exc_invalid_op+0x1b/0x50 [ 1714.084491][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1714.089413][ C1] ? inet_sock_destruct+0x574/0x770 [ 1714.094501][ C1] ? inet_sock_destruct+0x678/0x770 [ 1714.099627][ C1] ? inet_sock_destruct+0x678/0x770 [ 1714.104728][ C1] ? inet_sock_destruct+0x678/0x770 [ 1714.109812][ C1] inet6_sock_destruct+0x1d/0x20 [ 1714.114745][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1714.119565][ C1] __sk_destruct+0x56/0x5b0 [ 1714.123987][ C1] ? sk_destruct+0xd0/0xd0 [ 1714.128294][ C1] rcu_do_batch+0x57a/0xc10 [ 1714.132718][ C1] ? local_bh_enable+0x20/0x20 [ 1714.137358][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1714.143056][ C1] rcu_core+0x517/0x1020 [ 1714.147720][ C1] ? clockevents_program_event+0x22f/0x300 [ 1714.153677][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1714.158880][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1714.163883][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1714.168983][ C1] rcu_core_si+0x9/0x10 [ 1714.173040][ C1] __do_softirq+0x26d/0x5bf [ 1714.177443][ C1] __irq_exit_rcu+0x50/0xf0 [ 1714.181837][ C1] irq_exit_rcu+0x9/0x10 [ 1714.185912][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1714.191539][ C1] [ 1714.194256][ C1] [ 1714.197063][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1714.202842][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x57/0x80 [ 1714.209170][ C1] Code: 8d 86 e8 2c 46 e9 fc 48 83 3d ac 29 c4 01 00 74 35 48 89 df e8 5e bc 8b fc 66 90 41 f7 c6 00 02 00 00 74 01 fb bf 01 00 00 00 74 ff 82 fc 65 8b 05 35 42 39 7b 85 c0 74 05 5b 41 5e 5d c3 e8 [ 1714.228728][ C1] RSP: 0018:ffffc90000b575c0 EFLAGS: 00000206 [ 1714.234682][ C1] RAX: 0000000000000001 RBX: ffff88811632aae4 RCX: dffffc0000000000 [ 1714.242539][ C1] RDX: ffffc9000173d000 RSI: 0000000000000246 RDI: 0000000000000001 [ 1714.250367][ C1] RBP: ffffc90000b575d0 R08: ffffffff83e27eb9 R09: ffffed10230f2e96 [ 1714.258174][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1714.265928][ C1] R13: ffff88811632aae4 R14: 0000000000000246 R15: ffff8881187973c0 [ 1714.273824][ C1] ? __skb_try_recv_from_queue+0x599/0x750 [ 1714.279631][ C1] __skb_try_recv_datagram+0x1c7/0x6a0 [ 1714.285000][ C1] ? sock_load_diag_module+0x130/0x130 [ 1714.290333][ C1] ? __skb_try_recv_from_queue+0x750/0x750 [ 1714.296034][ C1] ? consume_skb+0x117/0x250 [ 1714.300806][ C1] __unix_dgram_recvmsg+0x3bf/0x1260 [ 1714.306038][ C1] ? unix_unhash+0x10/0x10 [ 1714.310344][ C1] unix_dgram_recvmsg+0xc4/0xe0 [ 1714.315107][ C1] ? unix_dgram_sendmsg+0x2090/0x2090 [ 1714.320374][ C1] ____sys_recvmsg+0x286/0x530 [ 1714.325041][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 1714.329950][ C1] ? import_iovec+0xe5/0x120 [ 1714.334452][ C1] ___sys_recvmsg+0x1ec/0x690 [ 1714.339005][ C1] ? __sys_recvmsg+0x260/0x260 [ 1714.343571][ C1] ? do_handle_mm_fault+0x17e1/0x23a0 [ 1714.348839][ C1] ? __fdget+0x1bc/0x240 [ 1714.352990][ C1] ? do_recvmmsg+0x160/0x8b0 [ 1714.357451][ C1] do_recvmmsg+0x36b/0x8b0 [ 1714.361771][ C1] ? __sys_recvmmsg+0x270/0x270 [ 1714.366465][ C1] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1714.371980][ C1] ? irqentry_exit+0x12/0x40 [ 1714.376477][ C1] __x64_sys_recvmmsg+0x195/0x240 [ 1714.381424][ C1] ? do_recvmmsg+0x8b0/0x8b0 [ 1714.385924][ C1] do_syscall_64+0x3d/0xb0 [ 1714.390233][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1714.396031][ C1] RIP: 0033:0x7f3a69bf1bd9 [ 1714.400334][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1714.420129][ C1] RSP: 002b:00007f3a68e52048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1714.428917][ C1] RAX: ffffffffffffffda RBX: 00007f3a69d80038 RCX: 00007f3a69bf1bd9 [ 1714.437002][ C1] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1714.444883][ C1] RBP: 00007f3a69c60aa1 R08: 0000000000000000 R09: 0000000000000000 [ 1714.452748][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1714.460555][ C1] R13: 000000000000006e R14: 00007f3a69d80038 R15: 00007ffdc4e56c48 [ 1714.468478][ C1] [ 1714.471278][ C1] ---[ end trace 3a6792d9f4c2225f ]--- [ 1714.892470][T22718] loop0: detected capacity change from 0 to 512 [ 1715.056587][ T6] usb 5-1: USB disconnect, device number 123 [ 1716.207138][T22729] FAULT_INJECTION: forcing a failure. [ 1716.207138][T22729] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 1716.420043][T22729] CPU: 1 PID: 22729 Comm: syz.0.6614 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1716.431414][T22729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1716.441299][T22729] Call Trace: [ 1716.444435][T22729] [ 1716.447213][T22729] dump_stack_lvl+0x151/0x1b7 [ 1716.451727][T22729] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1716.457187][T22729] ? __kasan_check_write+0x14/0x20 [ 1716.462141][T22729] dump_stack+0x15/0x17 [ 1716.466131][T22729] should_fail+0x3c6/0x510 [ 1716.470394][T22729] should_fail_usercopy+0x1a/0x20 [ 1716.475253][T22729] _copy_from_user+0x20/0xd0 [ 1716.479800][T22729] get_timespec64+0x93/0x270 [ 1716.484317][T22729] ? _copy_from_user+0x96/0xd0 [ 1716.488919][T22729] ? timespec64_add_safe+0x220/0x220 [ 1716.494036][T22729] ? restore_altstack+0x274/0x400 [ 1716.498918][T22729] __se_sys_futex+0x1d5/0x3e0 [ 1716.503531][T22729] ? __x64_sys_futex+0x100/0x100 [ 1716.508307][T22729] ? debug_smp_processor_id+0x17/0x20 [ 1716.513619][T22729] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1716.519522][T22729] __x64_sys_futex+0xe5/0x100 [ 1716.524035][T22729] do_syscall_64+0x3d/0xb0 [ 1716.528321][T22729] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1716.534137][T22729] RIP: 0033:0x7f1bfa51abd9 [ 1716.538392][T22729] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1716.557922][T22729] RSP: 002b:00007f1bf979c048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1716.566352][T22729] RAX: ffffffffffffffda RBX: 00007f1bfa6a8f60 RCX: 00007f1bfa51abd9 [ 1716.574166][T22729] RDX: 0000000000000004 RSI: 000080000000000b RDI: 000000002000cffc [ 1716.581981][T22729] RBP: 00007f1bf979c0a0 R08: 0000000020048000 R09: 0000000000000000 [ 1716.589797][T22729] R10: 000000002000b000 R11: 0000000000000246 R12: 0000000000000002 [ 1716.597600][T22729] R13: 000000000000000b R14: 00007f1bfa6a8f60 R15: 00007ffd0f693f68 [ 1716.605435][T22729] [ 1716.934573][ T30] kauditd_printk_skb: 51 callbacks suppressed [ 1716.934610][ T30] audit: type=1400 audit(1720370478.794:20505): avc: denied { bind } for pid=22740 comm="syz.3.6619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 1717.190285][ T30] audit: type=1400 audit(1720370479.054:20506): avc: denied { getopt } for pid=22740 comm="syz.3.6619" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1 [ 1717.576921][ T6] usb 2-1: new high-speed USB device number 116 using dummy_hcd [ 1717.659633][ C1] ------------[ cut here ]------------ [ 1717.665020][ C1] WARNING: CPU: 1 PID: 25 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1717.674615][ C1] Modules linked in: [ 1717.678456][ C1] CPU: 1 PID: 25 Comm: ksoftirqd/1 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1717.689651][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1717.699661][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1717.705427][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1717.725301][ C1] RSP: 0018:ffffc900001a7a48 EFLAGS: 00010246 [ 1717.731731][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff88810033e2c0 [ 1717.739813][ C1] RDX: 0000000080000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1717.747749][ C1] RBP: ffffc900001a7a90 R08: ffffffff84368a84 R09: ffffed10230a495b [ 1717.755784][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118524980 [ 1717.763795][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4932 [ 1717.771968][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1717.780964][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1717.787514][ C1] CR2: 0000000020001000 CR3: 000000000680f000 CR4: 00000000003506a0 [ 1717.795413][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1717.803341][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1717.811304][ C1] Call Trace: [ 1717.814464][ C1] [ 1717.817307][ C1] ? show_regs+0x58/0x60 [ 1717.821459][ C1] ? __warn+0x160/0x2f0 [ 1717.825440][ C1] ? inet_sock_destruct+0x678/0x770 [ 1717.830583][ C1] ? report_bug+0x3d9/0x5b0 [ 1717.835129][ C1] ? inet_sock_destruct+0x678/0x770 [ 1717.840369][ C1] ? handle_bug+0x41/0x70 [ 1717.844716][ C1] ? exc_invalid_op+0x1b/0x50 [ 1717.849813][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1717.854741][ C1] ? inet_sock_destruct+0x574/0x770 [ 1717.856853][ T6] usb 2-1: Using ep0 maxpacket: 32 [ 1717.859858][ C1] ? inet_sock_destruct+0x678/0x770 [ 1717.870069][ C1] ? inet_sock_destruct+0x678/0x770 [ 1717.875310][ C1] ? inet_sock_destruct+0x678/0x770 [ 1717.880509][ C1] inet6_sock_destruct+0x1d/0x20 [ 1717.885354][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1717.890120][ C1] __sk_destruct+0x56/0x5b0 [ 1717.894534][ C1] ? sk_destruct+0xd0/0xd0 [ 1717.898841][ C1] rcu_do_batch+0x57a/0xc10 [ 1717.903275][ C1] ? local_bh_enable+0x20/0x20 [ 1717.908022][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1717.913393][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 1717.918137][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1717.923856][ C1] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1717.929089][ C1] rcu_core+0x517/0x1020 [ 1717.933397][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1717.938668][ C1] ? rcu_softirq_qs+0xd7/0x310 [ 1717.943424][ C1] ? rcu_get_gp_kthreads_prio+0x10/0x10 [ 1717.949042][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1717.954223][ C1] rcu_core_si+0x9/0x10 [ 1717.958453][ C1] __do_softirq+0x26d/0x5bf [ 1717.962955][ C1] ? ksoftirqd_should_run+0x20/0x20 [ 1717.968294][ C1] run_ksoftirqd+0x23/0x30 [ 1717.972718][ C1] smpboot_thread_fn+0x466/0x8d0 [ 1717.977699][ C1] kthread+0x421/0x510 [ 1717.981763][ C1] ? cpu_report_death+0x1a0/0x1a0 [ 1717.986845][ C1] ? kthread_blkcg+0xd0/0xd0 [ 1717.991426][ C1] ret_from_fork+0x1f/0x30 [ 1717.995831][ C1] [ 1717.998879][ C1] ---[ end trace 3a6792d9f4c22260 ]--- [ 1718.377401][ T6] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1718.447848][ T6] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2 [ 1718.562308][ T6] usb 2-1: New USB device found, idVendor=0421, idProduct=00a0, bcdDevice=c8.e1 [ 1718.636501][ T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1719.707263][ T6] usb 2-1: config 0 descriptor?? [ 1719.747991][ T6] usb 2-1: bad CDC descriptors [ 1719.834564][T22778] loop3: detected capacity change from 0 to 256 [ 1720.100354][T22784] loop4: detected capacity change from 0 to 512 [ 1720.469156][T22757] bridge0: port 2(bridge_slave_1) entered disabled state [ 1720.476473][T22757] bridge0: port 2(bridge_slave_1) entered blocking state [ 1720.483509][T22757] bridge0: port 2(bridge_slave_1) entered forwarding state [ 1722.285155][ T30] audit: type=1400 audit(1720370484.144:20507): avc: denied { listen } for pid=22803 comm="syz.3.6635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1722.336259][ T30] audit: type=1400 audit(1720370484.184:20508): avc: denied { accept } for pid=22803 comm="syz.3.6635" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 1722.434494][T22815] 9pnet: Insufficient options for proto=fd [ 1722.561179][T22335] usb 2-1: USB disconnect, device number 116 [ 1722.967346][ C0] ------------[ cut here ]------------ [ 1722.972781][ C0] WARNING: CPU: 0 PID: 21659 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1722.982431][ C0] Modules linked in: [ 1722.986215][ C0] CPU: 0 PID: 21659 Comm: syz-executor Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1722.997616][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1723.007536][ C0] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1723.013281][ C0] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1723.032798][ C0] RSP: 0000:ffffc90000007ba8 EFLAGS: 00010246 [ 1723.038823][ C0] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff888114bb93c0 [ 1723.046696][ C0] RDX: 0000000080000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1723.054619][ C0] RBP: ffffc90000007bf0 R08: ffffffff84368a84 R09: ffffed1021774bfb [ 1723.062515][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba5e80 [ 1723.070533][ C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff11021774bd2 [ 1723.078343][ C0] FS: 0000555555fce500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1723.087110][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1723.093487][ C0] CR2: 00007f1bf389c000 CR3: 000000012473e000 CR4: 00000000003506b0 [ 1723.101383][ C0] Call Trace: [ 1723.104428][ C0] [ 1723.107160][ C0] ? show_regs+0x58/0x60 [ 1723.111199][ C0] ? __warn+0x160/0x2f0 [ 1723.115188][ C0] ? inet_sock_destruct+0x678/0x770 [ 1723.120574][ C0] ? report_bug+0x3d9/0x5b0 [ 1723.124986][ C0] ? inet_sock_destruct+0x678/0x770 [ 1723.130062][ C0] ? handle_bug+0x41/0x70 [ 1723.134318][ C0] ? exc_invalid_op+0x1b/0x50 [ 1723.139012][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 1723.144514][ C0] ? inet_sock_destruct+0x574/0x770 [ 1723.149932][ C0] ? inet_sock_destruct+0x678/0x770 [ 1723.155035][ C0] ? inet_sock_destruct+0x678/0x770 [ 1723.160467][ C0] ? inet_sock_destruct+0x678/0x770 [ 1723.165583][ C0] inet6_sock_destruct+0x1d/0x20 [ 1723.170433][ C0] ? ipv6_mod_enabled+0x30/0x30 [ 1723.175197][ C0] __sk_destruct+0x56/0x5b0 [ 1723.179741][ C0] ? sk_destruct+0xd0/0xd0 [ 1723.184050][ C0] rcu_do_batch+0x57a/0xc10 [ 1723.188693][ C0] ? local_bh_enable+0x20/0x20 [ 1723.193348][ C0] ? _raw_spin_lock_irqsave+0x1a0/0x210 [ 1723.198805][ C0] ? __next_timer_interrupt+0x1fb/0x260 [ 1723.204243][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 1723.208978][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1723.214572][ C0] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1723.219616][ C0] rcu_core+0x517/0x1020 [ 1723.223782][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1723.228877][ C0] ? hrtimer_interrupt+0x867/0xaa0 [ 1723.233877][ C0] rcu_core_si+0x9/0x10 [ 1723.237937][ C0] __do_softirq+0x26d/0x5bf [ 1723.242328][ C0] __irq_exit_rcu+0x50/0xf0 [ 1723.246671][ C0] irq_exit_rcu+0x9/0x10 [ 1723.250870][ C0] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1723.256342][ C0] [ 1723.259207][ C0] [ 1723.262006][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1723.267874][ C0] RIP: 0010:get_sigframe+0xbf/0x4b0 [ 1723.273106][ C0] Code: 80 3c 20 00 74 08 48 89 df e8 ed 65 86 00 4c 89 7c 24 50 48 8b 03 48 89 44 24 20 65 4c 8b 2d 08 62 d6 7e 49 8d 9d 88 08 00 00 <48> 89 d8 48 c1 e8 03 42 0f b6 04 20 84 c0 0f 85 6f 03 00 00 4c 8d [ 1723.292613][ C0] RSP: 0000:ffffc90000a47b80 EFLAGS: 00000246 [ 1723.298634][ C0] RAX: 00007ffed90a9e78 RBX: ffff888114bb9c48 RCX: 1ffff92000148f7c [ 1723.306493][ C0] RDX: 00000000000001b8 RSI: ffffc90000a47f58 RDI: ffffc90000a47de0 [ 1723.314356][ C0] RBP: ffffc90000a47c90 R08: dffffc0000000000 R09: ffffed1022977279 [ 1723.322190][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1723.330080][ C0] R13: ffff888114bb93c0 R14: ffffc90000a47de0 R15: ffffc90000a47da0 [ 1723.337898][ C0] ? memcpy+0x56/0x70 [ 1723.341822][ C0] ? _raw_spin_unlock_irq+0x4e/0x70 [ 1723.346883][ C0] ? get_signal+0x1587/0x1630 [ 1723.351479][ C0] ? restore_sigcontext+0x710/0x710 [ 1723.356512][ C0] arch_do_signal_or_restart+0x2ad/0x1680 [ 1723.362093][ C0] ? hrtimer_nanosleep+0x107/0x3f0 [ 1723.367041][ C0] ? hrtimer_nanosleep+0x1f7/0x3f0 [ 1723.371960][ C0] ? nanosleep_copyout+0x120/0x120 [ 1723.376929][ C0] ? __remove_hrtimer+0x4d0/0x4d0 [ 1723.381765][ C0] ? get_sigframe_size+0x10/0x10 [ 1723.386538][ C0] ? timespec64_add_safe+0x220/0x220 [ 1723.391726][ C0] ? __se_sys_clock_nanosleep+0x323/0x3b0 [ 1723.397376][ C0] ? __x64_sys_clock_nanosleep+0xb0/0xb0 [ 1723.402818][ C0] exit_to_user_mode_loop+0xa0/0xe0 [ 1723.407886][ C0] exit_to_user_mode_prepare+0x5a/0xa0 [ 1723.413243][ C0] syscall_exit_to_user_mode+0x26/0x160 [ 1723.418668][ C0] do_syscall_64+0x49/0xb0 [ 1723.422983][ C0] ? sysvec_apic_timer_interrupt+0x55/0xc0 [ 1723.428688][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1723.434491][ C0] RIP: 0033:0x7fd2764f9b83 [ 1723.438770][ C0] Code: 1f 84 00 00 00 00 00 83 ff 03 74 7b 83 ff 02 b8 fa ff ff ff 49 89 ca 0f 44 f8 80 3d be d9 12 00 00 74 14 b8 e6 00 00 00 0f 05 d8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 ec 28 48 89 54 24 10 [ 1723.458226][ C0] RSP: 002b:00007ffed90a9e78 EFLAGS: 00000202 ORIG_RAX: 00000000000000e6 [ 1723.466578][ C0] RAX: fffffffffffffffc RBX: 00000000000000bc RCX: 00007fd2764f9b83 [ 1723.474438][ C0] RDX: 00007ffed90a9e90 RSI: 0000000000000000 RDI: 0000000000000000 [ 1723.482260][ C0] RBP: 00007ffed90a9f1c R08: 00007ffed911a080 R09: 00007ffed911a0b0 [ 1723.490157][ C0] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000032 [ 1723.497957][ C0] R13: 00000000001a49d4 R14: 00000000001a4680 R15: 000000000000001a [ 1723.505746][ C0] [ 1723.508655][ C0] ---[ end trace 3a6792d9f4c22261 ]--- [ 1723.915072][T22830] loop4: detected capacity change from 0 to 512 [ 1723.949628][ T30] audit: type=1400 audit(1720370485.814:20509): avc: denied { accept } for pid=22832 comm="syz.1.6643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=udp_socket permissive=1 [ 1724.004893][ T30] audit: type=1400 audit(1720370485.834:20510): avc: denied { create } for pid=22832 comm="syz.1.6643" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 1724.086855][ T30] audit: type=1400 audit(1720370485.834:20511): avc: denied { ioctl } for pid=22832 comm="syz.1.6643" path="socket:[102818]" dev="sockfs" ino=102818 ioctlcmd=0x943e scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1 [ 1724.635150][T22843] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 1724.666632][T22843] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 1724.831151][T22796] loop0: detected capacity change from 0 to 131072 [ 1724.918026][ T30] audit: type=1400 audit(1720370486.784:20512): avc: denied { accept } for pid=22844 comm="syz.4.6647" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1 [ 1725.388281][T22335] usb 5-1: new high-speed USB device number 124 using dummy_hcd [ 1725.736082][T22863] incfs: Can't find or create .index dir in ./file0 [ 1725.743034][T22863] incfs: mount failed -14 [ 1725.917038][T22875] FAULT_INJECTION: forcing a failure. [ 1725.917038][T22875] name failslab, interval 1, probability 0, space 0, times 0 [ 1725.930107][T22875] CPU: 0 PID: 22875 Comm: syz.1.6655 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1725.941406][T22875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1725.951300][T22875] Call Trace: [ 1725.954426][T22875] [ 1725.957194][T22875] dump_stack_lvl+0x151/0x1b7 [ 1725.961724][T22875] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1725.967311][T22875] dump_stack+0x15/0x17 [ 1725.971298][T22875] should_fail+0x3c6/0x510 [ 1725.975658][T22875] __should_failslab+0xa4/0xe0 [ 1725.980349][T22875] should_failslab+0x9/0x20 [ 1725.984709][T22875] slab_pre_alloc_hook+0x37/0xd0 [ 1725.989461][T22875] ? pfkey_sendmsg+0xc52/0xfb0 [ 1725.994063][T22875] __kmalloc_track_caller+0x6c/0x260 [ 1725.999181][T22875] ? pfkey_sendmsg+0xc52/0xfb0 [ 1726.003816][T22875] ? pfkey_sendmsg+0xc52/0xfb0 [ 1726.008386][T22875] __alloc_skb+0x10c/0x550 [ 1726.012643][T22875] pfkey_sendmsg+0xc52/0xfb0 [ 1726.017234][T22875] ? avc_has_perm_noaudit+0x430/0x430 [ 1726.022460][T22875] ? pfkey_release+0x340/0x340 [ 1726.027039][T22875] ? selinux_socket_sendmsg+0x243/0x340 [ 1726.032448][T22875] ? check_stack_object+0x114/0x130 [ 1726.037478][T22875] ? security_socket_sendmsg+0x82/0xb0 [ 1726.042759][T22875] ? pfkey_release+0x340/0x340 [ 1726.047447][T22875] ____sys_sendmsg+0x59e/0x8f0 [ 1726.052050][T22875] ? __sys_sendmsg_sock+0x40/0x40 [ 1726.056907][T22875] ? import_iovec+0xe5/0x120 [ 1726.061344][T22875] ___sys_sendmsg+0x252/0x2e0 [ 1726.065859][T22875] ? __sys_sendmsg+0x260/0x260 [ 1726.070453][T22875] ? __kasan_check_write+0x14/0x20 [ 1726.075395][T22875] ? proc_fail_nth_write+0x20b/0x290 [ 1726.080534][T22875] ? __fdget+0x1bc/0x240 [ 1726.084597][T22875] __sys_sendmmsg+0x2bf/0x530 [ 1726.089111][T22875] ? __ia32_sys_sendmsg+0x90/0x90 [ 1726.094063][T22875] ? mutex_unlock+0xb2/0x260 [ 1726.098511][T22875] ? __kasan_check_write+0x14/0x20 [ 1726.103445][T22875] ? debug_smp_processor_id+0x17/0x20 [ 1726.108638][T22875] ? fpregs_assert_state_consistent+0xb6/0xe0 [ 1726.114690][T22875] __x64_sys_sendmmsg+0xa0/0xb0 [ 1726.119886][T22875] do_syscall_64+0x3d/0xb0 [ 1726.124335][T22875] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1726.130029][T22875] RIP: 0033:0x7f009048ebd9 [ 1726.134366][T22875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1726.155909][T22875] RSP: 002b:00007f008f710048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 1726.164118][T22875] RAX: ffffffffffffffda RBX: 00007f009061cf60 RCX: 00007f009048ebd9 [ 1726.171931][T22875] RDX: 00000000000002c8 RSI: 00000000200000c0 RDI: 0000000000000006 [ 1726.179748][T22875] RBP: 00007f008f7100a0 R08: 0000000000000000 R09: 0000000000000000 [ 1726.188308][T22875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 1726.196130][T22875] R13: 000000000000000b R14: 00007f009061cf60 R15: 00007fff6b2bd368 [ 1726.204122][T22875] [ 1726.871154][T22884] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev ?, type ?) errno=-22 [ 1727.013718][T22884] SELinux: security_context_str_to_sid(sysadm_u) failed for (dev incremental-fs, type incremental-fs) errno=-22 [ 1727.017398][ C1] ------------[ cut here ]------------ [ 1727.030765][ C1] WARNING: CPU: 1 PID: 22886 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1727.040309][ C1] Modules linked in: [ 1727.044099][ C1] CPU: 1 PID: 22886 Comm: syz.1.6656 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1727.055348][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1727.065350][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1727.071150][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1727.090703][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1727.096680][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff88810f75e2c0 [ 1727.104625][ C1] RDX: 0000000080000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1727.112467][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed10230a417b [ 1727.120829][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118520a80 [ 1727.128899][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4152 [ 1727.136810][ C1] FS: 00007f008f6ef6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1727.145642][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1727.152351][ C1] CR2: 00007f008f6eefa8 CR3: 0000000115065000 CR4: 00000000003506a0 [ 1727.160302][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1727.168320][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1727.176312][ C1] Call Trace: [ 1727.180102][ C1] [ 1727.182842][ C1] ? show_regs+0x58/0x60 [ 1727.187197][ C1] ? __warn+0x160/0x2f0 [ 1727.191347][ C1] ? inet_sock_destruct+0x678/0x770 [ 1727.196357][ C1] ? report_bug+0x3d9/0x5b0 [ 1727.200977][ C1] ? inet_sock_destruct+0x678/0x770 [ 1727.206084][ C1] ? handle_bug+0x41/0x70 [ 1727.210326][ C1] ? exc_invalid_op+0x1b/0x50 [ 1727.215002][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1727.219947][ C1] ? inet_sock_destruct+0x574/0x770 [ 1727.225133][ C1] ? inet_sock_destruct+0x678/0x770 [ 1727.230682][ C1] ? inet_sock_destruct+0x678/0x770 [ 1727.236400][ C1] ? inet_sock_destruct+0x678/0x770 [ 1727.241494][ C1] inet6_sock_destruct+0x1d/0x20 [ 1727.246328][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1727.251120][ C1] __sk_destruct+0x56/0x5b0 [ 1727.255550][ C1] ? sk_destruct+0xd0/0xd0 [ 1727.260020][ C1] rcu_do_batch+0x57a/0xc10 [ 1727.264448][ C1] ? local_bh_enable+0x20/0x20 [ 1727.269268][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1727.274974][ C1] ? note_gp_changes+0x159/0x260 [ 1727.280087][ C1] rcu_core+0x517/0x1020 [ 1727.284280][ C1] ? clockevents_program_event+0x22f/0x300 [ 1727.290045][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1727.295193][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1727.300321][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1727.305413][ C1] rcu_core_si+0x9/0x10 [ 1727.309511][ C1] __do_softirq+0x26d/0x5bf [ 1727.313921][ C1] __irq_exit_rcu+0x50/0xf0 [ 1727.318408][ C1] irq_exit_rcu+0x9/0x10 [ 1727.322686][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1727.328237][ C1] [ 1727.331037][ C1] [ 1727.333813][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1727.339704][ C1] RIP: 0010:__sanitizer_cov_trace_pc+0x42/0x60 [ 1727.345765][ C1] Code: c2 00 01 ff 00 74 11 f7 c2 00 01 00 00 74 35 83 b9 5c 0b 00 00 00 74 2c 8b 91 38 0b 00 00 83 fa 02 75 21 48 8b 91 40 0b 00 00 <48> 8b 32 48 8d 7e 01 8b 89 3c 0b 00 00 48 39 cf 73 08 48 89 44 f2 [ 1727.365320][ C1] RSP: 0018:ffffc90000b775d0 EFLAGS: 00000246 [ 1727.371364][ C1] RAX: ffffffff83e28102 RBX: ffff8881169e39c0 RCX: ffff88810f75e2c0 [ 1727.379445][ C1] RDX: ffffc90002355000 RSI: ffff8881169e3a90 RDI: ffff8881169e39c0 [ 1727.387408][ C1] RBP: ffffc90000b775d0 R08: ffffc90000b77850 R09: ffffc90000b77800 [ 1727.395285][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff9200016ef04 [ 1727.403187][ C1] R13: 1ffff9200016eecc R14: dffffc0000000000 R15: ffff8881169e3a90 [ 1727.411127][ C1] ? __skb_try_recv_datagram+0x92/0x6a0 [ 1727.416878][ C1] __skb_try_recv_datagram+0x92/0x6a0 [ 1727.422174][ C1] ? __kasan_check_write+0x14/0x20 [ 1727.427332][ C1] ? mutex_lock+0xb6/0x1e0 [ 1727.431764][ C1] ? __skb_try_recv_from_queue+0x750/0x750 [ 1727.437822][ C1] ? consume_skb+0x117/0x250 [ 1727.442299][ C1] __unix_dgram_recvmsg+0x3bf/0x1260 [ 1727.447621][ C1] ? debug_smp_processor_id+0x17/0x20 [ 1727.452960][ C1] ? unix_unhash+0x10/0x10 [ 1727.457336][ C1] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1727.463386][ C1] ? unix_dgram_recvmsg+0xb2/0xe0 [ 1727.468310][ C1] ? __unix_dgram_recvmsg+0x6/0x1260 [ 1727.473484][ C1] unix_dgram_recvmsg+0xc4/0xe0 [ 1727.478834][ C1] ? unix_dgram_sendmsg+0x2090/0x2090 [ 1727.484099][ C1] ____sys_recvmsg+0x286/0x530 [ 1727.489151][ C1] ? __sys_recvmsg_sock+0x50/0x50 [ 1727.494182][ C1] ? import_iovec+0xe5/0x120 [ 1727.498693][ C1] ___sys_recvmsg+0x1ec/0x690 [ 1727.503324][ C1] ? __sys_recvmsg+0x260/0x260 [ 1727.507957][ C1] ? do_handle_mm_fault+0x17e1/0x23a0 [ 1727.513255][ C1] ? asm_sysvec_call_function_single+0x1b/0x20 [ 1727.519289][ C1] ? do_recvmmsg+0x5cb/0x8b0 [ 1727.523812][ C1] do_recvmmsg+0x36b/0x8b0 [ 1727.528119][ C1] ? __sys_recvmmsg+0x270/0x270 [ 1727.532909][ C1] ? exit_to_user_mode_prepare+0x39/0xa0 [ 1727.538382][ C1] ? irqentry_exit+0x12/0x40 [ 1727.542918][ C1] __x64_sys_recvmmsg+0x195/0x240 [ 1727.547981][ C1] ? do_recvmmsg+0x8b0/0x8b0 [ 1727.552521][ C1] do_syscall_64+0x3d/0xb0 [ 1727.556812][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1727.562614][ C1] RIP: 0033:0x7f009048ebd9 [ 1727.566916][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1727.586679][ C1] RSP: 002b:00007f008f6ef048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1727.595046][ C1] RAX: ffffffffffffffda RBX: 00007f009061d038 RCX: 00007f009048ebd9 [ 1727.602930][ C1] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000004 [ 1727.610824][ C1] RBP: 00007f00904fdaa1 R08: 0000000000000000 R09: 0000000000000000 [ 1727.618644][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1727.626423][ C1] R13: 000000000000006e R14: 00007f009061d038 R15: 00007fff6b2bd368 [ 1727.634300][ C1] [ 1727.637235][ C1] ---[ end trace 3a6792d9f4c22262 ]--- [ 1727.644928][T22335] usb 5-1: config 1 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1727.693449][T22335] usb 5-1: config 1 interface 0 has no altsetting 0 [ 1730.197037][T22335] usb 5-1: string descriptor 0 read error: -71 [ 1730.203314][T22335] usb 5-1: New USB device found, idVendor=056a, idProduct=010f, bcdDevice= 0.40 [ 1730.316690][ T30] audit: type=1400 audit(1720370492.174:20513): avc: denied { map } for pid=22897 comm="syz.4.6663" path="/dev/binderfs/binder0" dev="binder" ino=16 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 1730.342738][T22904] binder: 22897:22904 ioctl c0306201 20000140 returned -14 [ 1730.380623][ T30] audit: type=1400 audit(1720370492.214:20514): avc: denied { call } for pid=22897 comm="syz.4.6663" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 1730.399934][T22335] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1730.422630][T22905] loop2: detected capacity change from 0 to 256 [ 1730.437049][T22335] usb 5-1: can't set config #1, error -71 [ 1730.445917][T22335] usb 5-1: USB disconnect, device number 124 [ 1731.344972][T22931] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3832186367 (7664372734 ns) > initial count (4194304 ns). Using initial count to start timer. [ 1734.157467][ C1] ------------[ cut here ]------------ [ 1734.163024][ C1] WARNING: CPU: 1 PID: 22953 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1734.172556][ C1] Modules linked in: [ 1734.176354][ C1] CPU: 1 PID: 22953 Comm: syz.0.6672 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1734.187770][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1734.197778][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1734.203534][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1734.223028][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1734.229217][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff888111ad8000 [ 1734.237008][ C1] RDX: 0000000080000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1734.244881][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed1021774bfb [ 1734.252739][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba5e80 [ 1734.260550][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff11021774bd2 [ 1734.268336][ C1] FS: 00007f1bf979c6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1734.277459][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1734.283869][ C1] CR2: 00007f009114e6b8 CR3: 0000000117cca000 CR4: 00000000003506a0 [ 1734.291707][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1734.299519][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1734.307330][ C1] Call Trace: [ 1734.310416][ C1] [ 1734.313106][ C1] ? show_regs+0x58/0x60 [ 1734.317209][ C1] ? __warn+0x160/0x2f0 [ 1734.321184][ C1] ? inet_sock_destruct+0x678/0x770 [ 1734.326230][ C1] ? report_bug+0x3d9/0x5b0 [ 1734.331703][ C1] ? inet_sock_destruct+0x678/0x770 [ 1734.337112][ C1] ? handle_bug+0x41/0x70 [ 1734.341463][ C1] ? exc_invalid_op+0x1b/0x50 [ 1734.346527][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1734.351532][ C1] ? inet_sock_destruct+0x574/0x770 [ 1734.356647][ C1] ? inet_sock_destruct+0x678/0x770 [ 1734.361833][ C1] ? inet_sock_destruct+0x678/0x770 [ 1734.366887][ C1] ? inet_sock_destruct+0x678/0x770 [ 1734.372073][ C1] inet6_sock_destruct+0x1d/0x20 [ 1734.376866][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1734.381788][ C1] __sk_destruct+0x56/0x5b0 [ 1734.386130][ C1] ? sk_destruct+0xd0/0xd0 [ 1734.390428][ C1] rcu_do_batch+0x57a/0xc10 [ 1734.394850][ C1] ? local_bh_enable+0x20/0x20 [ 1734.399554][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1734.405297][ C1] ? note_gp_changes+0x159/0x260 [ 1734.410310][ C1] rcu_core+0x517/0x1020 [ 1734.414462][ C1] ? clockevents_program_event+0x22f/0x300 [ 1734.420503][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1734.425636][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1734.430674][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1734.435791][ C1] rcu_core_si+0x9/0x10 [ 1734.439978][ C1] __do_softirq+0x26d/0x5bf [ 1734.444390][ C1] __irq_exit_rcu+0x50/0xf0 [ 1734.448796][ C1] irq_exit_rcu+0x9/0x10 [ 1734.453028][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1734.458549][ C1] [ 1734.462229][ C1] [ 1734.464994][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1734.470916][ C1] RIP: 0010:follow_page_mask+0x8af/0x10e0 [ 1734.476572][ C1] Code: 00 00 00 00 00 00 04 4c 8b 64 24 30 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 0d 48 8d bc 24 a0 00 00 00 e8 61 a9 0c 00 <49> 81 c6 80 00 00 00 48 8b 9c 24 a0 00 00 00 4c 21 f3 bf 80 00 00 [ 1734.496525][ C1] RSP: 0018:ffffc90000b77a20 EFLAGS: 00000246 [ 1734.502547][ C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: 0000000000040000 [ 1734.510480][ C1] RDX: ffffc90001d52000 RSI: 000000000003ffff RDI: 0000000000040000 [ 1734.518280][ C1] RBP: ffffc90000b77b30 R08: ffffffff81a5c6e3 R09: ffffed102235b001 [ 1734.526156][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff11022675701 [ 1734.534653][ C1] R13: ffff8881133ab808 R14: 0400000000000000 R15: 1ffff9200016ef58 [ 1734.542767][ C1] ? follow_page_mask+0x7a3/0x10e0 [ 1734.548075][ C1] ? follow_page+0x230/0x230 [ 1734.552724][ C1] __get_user_pages+0x330/0xee0 [ 1734.557707][ C1] ? populate_vma_page_range+0xf0/0xf0 [ 1734.563101][ C1] __mm_populate+0x38d/0x560 [ 1734.567691][ C1] ? userfaultfd_unmap_prep+0x4a0/0x4a0 [ 1734.573160][ C1] ? check_vma_flags+0x2d0/0x2d0 [ 1734.578198][ C1] vm_mmap_pgoff+0x271/0x450 [ 1734.582704][ C1] ? account_locked_vm+0x270/0x270 [ 1734.587791][ C1] ? switch_fpu_return+0x1ed/0x3d0 [ 1734.592815][ C1] ksys_mmap_pgoff+0xed/0x1e0 [ 1734.597363][ C1] __x64_sys_mmap+0x103/0x120 [ 1734.601833][ C1] do_syscall_64+0x3d/0xb0 [ 1734.606085][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1734.611864][ C1] RIP: 0033:0x7f1bfa51abd9 [ 1734.616198][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1734.635696][ C1] RSP: 002b:00007f1bf979c048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1734.645029][ C1] RAX: ffffffffffffffda RBX: 00007f1bfa6a8f60 RCX: 00007f1bfa51abd9 [ 1734.652965][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 1734.661083][ C1] RBP: 00007f1bfa589aa1 R08: ffffffffffffffff R09: 0000000000000000 [ 1734.669017][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 1734.676918][ C1] R13: 000000000000000b R14: 00007f1bfa6a8f60 R15: 00007ffd0f693f68 [ 1734.684716][ C1] [ 1734.687598][ C1] ---[ end trace 3a6792d9f4c22263 ]--- [ 1735.112937][T22965] loop0: detected capacity change from 0 to 512 [ 1735.546944][T18596] usb 2-1: new high-speed USB device number 117 using dummy_hcd [ 1735.576089][ T30] audit: type=1400 audit(1720370497.434:20515): avc: denied { append } for pid=22967 comm="syz.3.6674" name="001" dev="devtmpfs" ino=158 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1 [ 1735.816926][T18596] usb 2-1: Using ep0 maxpacket: 32 [ 1736.317463][T18596] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 1736.352776][T18596] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 1736.786374][T22993] loop3: detected capacity change from 0 to 256 [ 1736.997206][T18596] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1737.010990][T18596] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1737.027287][T18596] usb 2-1: Product: 摃¡扈䂘챢ꚺ剐觓肬㏖ཉꝉ슊␵伭骡퍥螰倠夑䉁탯㎿桶䦾㋳燀깞鿨薖暎䓕㹨㐢煋凚璼检棤 [ 1737.059379][T18596] usb 2-1: Manufacturer: 嬈塛䮜烠㪆ꄬî䎧䌧赓⭚Ⰽ쾸틒⣺奙໽蓅ꦄ勤ⱊ嗓숀벨韡㏟蚰囄ל픇됼섖멲縕㱉급綽뤙밺ퟝ땐ᚭ✇◡∌䡉荜ਉ챸׷垎۳靝㐴廀앥뿝⮾铛赠먚쒆 [ 1737.207054][T18596] usb 2-1: can't set config #1, error -71 [ 1737.216931][T13240] usb 5-1: new high-speed USB device number 125 using dummy_hcd [ 1737.217597][T18596] usb 2-1: USB disconnect, device number 117 [ 1737.779442][T22992] loop4: detected capacity change from 0 to 512 [ 1737.937480][T22992] EXT4-fs error (device loop4): ext4_orphan_get:1397: inode #15: comm syz.4.6681: casefold flag without casefold feature [ 1738.163751][T22992] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: inode #2: comm syz.4.6681: missing EA_INODE flag [ 1738.187557][T22992] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz.4.6681: error while reading EA inode 2 err=-117 [ 1738.227592][ C0] ------------[ cut here ]------------ [ 1738.232985][ C0] WARNING: CPU: 0 PID: 21542 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1738.242710][ C0] Modules linked in: [ 1738.246484][ C0] CPU: 0 PID: 21542 Comm: syz-executor Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1738.257894][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1738.267867][ C0] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1738.273580][ C0] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1738.293330][ C0] RSP: 0018:ffffc90000007ba8 EFLAGS: 00010246 [ 1738.299383][ C0] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff888110514f00 [ 1738.307296][ C0] RDX: 0000000080000101 RSI: 0000000000000100 RDI: 0000000000000000 [ 1738.315167][ C0] RBP: ffffc90000007bf0 R08: ffffffff84368a84 R09: ffffed102177480b [ 1738.323175][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba3f00 [ 1738.331125][ C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110217747e2 [ 1738.339204][ C0] FS: 0000555556112500(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1738.348080][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1738.354553][ C0] CR2: 00007fff6b2bbdc8 CR3: 0000000124eca000 CR4: 00000000003506b0 [ 1738.362424][ C0] Call Trace: [ 1738.365506][ C0] [ 1738.368229][ C0] ? show_regs+0x58/0x60 [ 1738.372371][ C0] ? __warn+0x160/0x2f0 [ 1738.376367][ C0] ? inet_sock_destruct+0x678/0x770 [ 1738.381481][ C0] ? report_bug+0x3d9/0x5b0 [ 1738.385897][ C0] ? inet_sock_destruct+0x678/0x770 [ 1738.391119][ C0] ? handle_bug+0x41/0x70 [ 1738.395375][ C0] ? exc_invalid_op+0x1b/0x50 [ 1738.399966][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 1738.404934][ C0] ? inet_sock_destruct+0x574/0x770 [ 1738.409997][ C0] ? inet_sock_destruct+0x678/0x770 [ 1738.415109][ C0] ? inet_sock_destruct+0x678/0x770 [ 1738.420227][ C0] ? inet_sock_destruct+0x678/0x770 [ 1738.425334][ C0] inet6_sock_destruct+0x1d/0x20 [ 1738.430149][ C0] ? ipv6_mod_enabled+0x30/0x30 [ 1738.434785][ C0] __sk_destruct+0x56/0x5b0 [ 1738.439171][ C0] ? sk_destruct+0xd0/0xd0 [ 1738.443509][ C0] rcu_do_batch+0x57a/0xc10 [ 1738.447990][ C0] ? local_bh_enable+0x20/0x20 [ 1738.452744][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1738.458072][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 1738.463022][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1738.468695][ C0] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1738.473706][ C0] rcu_core+0x517/0x1020 [ 1738.477826][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1738.482938][ C0] rcu_core_si+0x9/0x10 [ 1738.486948][ C0] __do_softirq+0x26d/0x5bf [ 1738.491264][ C0] __irq_exit_rcu+0x50/0xf0 [ 1738.495598][ C0] irq_exit_rcu+0x9/0x10 [ 1738.499735][ C0] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1738.505271][ C0] [ 1738.508090][ C0] [ 1738.510822][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1738.516642][ C0] RIP: 0010:retain_dentry+0x143/0x2a0 [ 1738.521975][ C0] Code: 00 00 08 00 0f 84 a9 00 00 00 44 89 ee 83 e6 40 31 ff e8 f0 a3 af ff 44 89 e8 83 e0 40 0f 84 a2 00 00 00 e8 2f a0 af ff b0 01 <5b> 41 5c 41 5d 41 5e 41 5f 5d c3 e8 1d a0 af ff 0f 0b e9 fe fe ff [ 1738.541481][ C0] RSP: 0018:ffffc900009d7d28 EFLAGS: 00000246 [ 1738.547578][ C0] RAX: 0000000000000000 RBX: 0000000000000001 RCX: ffff888110514f00 [ 1738.555450][ C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1738.563319][ C0] RBP: ffffc900009d7d50 R08: ffffffff81c097e3 R09: 0000000000000003 [ 1738.571218][ C0] R10: fffff5200013af8c R11: dffffc0000000001 R12: 1ffff11021f64776 [ 1738.579032][ C0] R13: 0000000000000008 R14: ffff88810fb23bb0 R15: dffffc0000000000 [ 1738.589667][ C0] ? retain_dentry+0x1b3/0x2a0 [ 1738.594384][ C0] ? retain_dentry+0x1bc/0x2a0 [ 1738.599139][ C0] dput+0x39/0x80 [ 1738.602698][ C0] do_unlinkat+0x4a0/0x920 [ 1738.607000][ C0] ? fsnotify_link_count+0x100/0x100 [ 1738.612287][ C0] ? getname_flags+0x1fd/0x520 [ 1738.617022][ C0] __x64_sys_unlink+0x49/0x50 [ 1738.621645][ C0] do_syscall_64+0x3d/0xb0 [ 1738.625893][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1738.631935][ C0] RIP: 0033:0x7f009048e227 [ 1738.636896][ C0] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 57 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1738.657806][ C0] RSP: 002b:00007fff6b2bc578 EFLAGS: 00000206 ORIG_RAX: 0000000000000057 [ 1738.666278][ C0] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f009048e227 [ 1738.674153][ C0] RDX: 00007fff6b2bc5a0 RSI: 00007fff6b2bc630 RDI: 00007fff6b2bc630 [ 1738.682112][ C0] RBP: 00007fff6b2bc630 R08: 0000000000000000 R09: 0000000000000000 [ 1738.690077][ C0] R10: 0000000000000100 R11: 0000000000000206 R12: 00007fff6b2bd700 [ 1738.698028][ C0] R13: 00007f00904fc515 R14: 00000000001a81fc R15: 0000000000000026 [ 1738.706117][ C0] [ 1738.709002][ C0] ---[ end trace 3a6792d9f4c22264 ]--- [ 1738.741144][T23020] loop0: detected capacity change from 0 to 512 [ 1738.802649][T22992] EXT4-fs (loop4): 1 orphan inode deleted [ 1738.813072][T22992] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1738.947632][T22992] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #15: comm syz.4.6681: Siphash requires key [ 1738.964651][T22992] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #15: comm syz.4.6681: Siphash requires key [ 1739.110756][T22992] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #15: comm syz.4.6681: Siphash requires key [ 1739.132638][T23035] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #15: comm syz.4.6681: Siphash requires key [ 1739.168054][T23035] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #15: comm syz.4.6681: Siphash requires key [ 1739.179597][T23035] EXT4-fs warning (device loop4): __ext4fs_dirhash:270: inode #15: comm syz.4.6681: Siphash requires key [ 1739.266918][T13240] usb 5-1: unable to get BOS descriptor or descriptor too short [ 1739.356901][T13240] usb 5-1: unable to read config index 0 descriptor/start: -71 [ 1739.366660][T13240] usb 5-1: can't read configurations, error -71 [ 1739.395283][ T30] audit: type=1400 audit(1720370501.254:20516): avc: denied { ioctl } for pid=23039 comm="syz.1.6695" path="socket:[102256]" dev="sockfs" ino=102256 ioctlcmd=0x8980 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1739.421021][ T30] audit: type=1400 audit(1720370501.254:20517): avc: denied { bind } for pid=23039 comm="syz.1.6695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1739.441419][ T30] audit: type=1400 audit(1720370501.254:20518): avc: denied { listen } for pid=23039 comm="syz.1.6695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1739.466205][ T30] audit: type=1400 audit(1720370501.324:20519): avc: denied { accept } for pid=23039 comm="syz.1.6695" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1 [ 1739.486887][ T317] usb 1-1: new high-speed USB device number 4 using dummy_hcd [ 1739.877008][ T317] usb 1-1: Using ep0 maxpacket: 32 [ 1739.917567][T23053] loop3: detected capacity change from 0 to 128 [ 1740.077088][ T317] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11 [ 1740.089955][ T317] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 1023 [ 1740.257098][ T317] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1740.271612][ T317] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1740.287198][ T317] usb 1-1: Product: 摃¡扈䂘챢ꚺ剐觓肬㏖ཉꝉ슊␵伭骡퍥螰倠夑䉁탯㎿桶䦾㋳燀깞鿨薖暎䓕㹨㐢煋凚璼检棤 [ 1740.320138][ T317] usb 1-1: Manufacturer: 嬈塛䮜烠㪆ꄬî䎧䌧赓⭚Ⰽ쾸틒⣺奙໽蓅ꦄ勤ⱊ嗓숀벨韡㏟蚰囄ל픇됼섖멲縕㱉급綽뤙밺ퟝ땐ᚭ✇◡∌䡉荜ਉ챸׷垎۳靝㐴廀앥뿝⮾铛赠먚쒆 [ 1740.648294][ T317] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found [ 1740.655426][ T317] cdc_ncm 1-1:1.0: bind() failure [ 1740.663339][ T317] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found [ 1740.670910][ T317] cdc_ncm 1-1:1.1: bind() failure [ 1740.679710][ T317] usb 1-1: USB disconnect, device number 4 [ 1741.034675][T23074] loop2: detected capacity change from 0 to 512 [ 1743.167564][ C0] ------------[ cut here ]------------ [ 1743.173006][ C0] WARNING: CPU: 0 PID: 23070 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1743.182647][ C0] Modules linked in: [ 1743.186429][ C0] CPU: 0 PID: 23070 Comm: syz.1.6705 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1743.197662][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1743.207948][ C0] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1743.213686][ C0] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1743.233213][ C0] RSP: 0018:ffffc90000007ba8 EFLAGS: 00010246 [ 1743.239237][ C0] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff8881206d4f00 [ 1743.247161][ C0] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1743.255017][ C0] RBP: ffffc90000007bf0 R08: ffffffff84368a84 R09: ffffed102177480b [ 1743.262884][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba3f00 [ 1743.270802][ C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110217747e2 [ 1743.278727][ C0] FS: 00007f008f6ef6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1743.287614][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1743.294111][ C0] CR2: 00007f087d7f46b8 CR3: 0000000112152000 CR4: 00000000003506b0 [ 1743.301975][ C0] Call Trace: [ 1743.305049][ C0] [ 1743.307959][ C0] ? show_regs+0x58/0x60 [ 1743.312103][ C0] ? __warn+0x160/0x2f0 [ 1743.316087][ C0] ? inet_sock_destruct+0x678/0x770 [ 1743.321188][ C0] ? report_bug+0x3d9/0x5b0 [ 1743.325600][ C0] ? inet_sock_destruct+0x678/0x770 [ 1743.330686][ C0] ? handle_bug+0x41/0x70 [ 1743.334911][ C0] ? exc_invalid_op+0x1b/0x50 [ 1743.339558][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 1743.344517][ C0] ? inet_sock_destruct+0x574/0x770 [ 1743.349708][ C0] ? inet_sock_destruct+0x678/0x770 [ 1743.354811][ C0] ? inet_sock_destruct+0x678/0x770 [ 1743.359919][ C0] ? inet_sock_destruct+0x678/0x770 [ 1743.365029][ C0] inet6_sock_destruct+0x1d/0x20 [ 1743.369958][ C0] ? ipv6_mod_enabled+0x30/0x30 [ 1743.374735][ C0] __sk_destruct+0x56/0x5b0 [ 1743.379116][ C0] ? sk_destruct+0xd0/0xd0 [ 1743.383427][ C0] rcu_do_batch+0x57a/0xc10 [ 1743.387827][ C0] ? local_bh_enable+0x20/0x20 [ 1743.392484][ C0] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1743.397855][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 1743.402617][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1743.408344][ C0] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1743.413388][ C0] rcu_core+0x517/0x1020 [ 1743.417527][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1743.422636][ C0] rcu_core_si+0x9/0x10 [ 1743.426621][ C0] __do_softirq+0x26d/0x5bf [ 1743.431026][ C0] __irq_exit_rcu+0x50/0xf0 [ 1743.435467][ C0] irq_exit_rcu+0x9/0x10 [ 1743.439581][ C0] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1743.445131][ C0] [ 1743.447993][ C0] [ 1743.450799][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1743.456620][ C0] RIP: 0010:unwind_get_return_address+0x6/0x90 [ 1743.462670][ C0] Code: 81 8d 86 80 e1 07 80 c1 03 38 c1 7c af 48 c7 c7 40 81 8d 86 e8 3b 9f 7d 00 eb a1 cc cc cc cc cc cc cc cc cc 55 48 89 e5 41 57 <41> 56 53 48 89 fb 49 be 00 00 00 00 00 fc ff df 48 89 f8 48 c1 e8 [ 1743.482245][ C0] RSP: 0018:ffffc90000dfe868 EFLAGS: 00000202 [ 1743.488151][ C0] RAX: 0000000000dfe801 RBX: ffffc90000dfe880 RCX: 0000000000dfe801 [ 1743.495918][ C0] RDX: 1ffff920001bfd12 RSI: ffffc90000dff810 RDI: ffffc90000dfe880 [ 1743.503787][ C0] RBP: ffffc90000dfe870 R08: ffffc90000dfe968 R09: 0000000000000008 [ 1743.511718][ C0] R10: ffffc90000dfe970 R11: dffffc0000000001 R12: ffff8881206d4f00 [ 1743.519539][ C0] R13: ffffffff815f52c0 R14: ffffc90000dfe960 R15: 0000000000000000 [ 1743.527465][ C0] ? stack_trace_save+0x1c0/0x1c0 [ 1743.532290][ C0] arch_stack_walk+0xf3/0x140 [ 1743.536870][ C0] ? do_handle_mm_fault+0x1ea9/0x23a0 [ 1743.542150][ C0] stack_trace_save+0x113/0x1c0 [ 1743.546906][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 1743.551671][ C0] ? stack_trace_snprint+0xf0/0xf0 [ 1743.556611][ C0] ? __stack_depot_save+0x34/0x470 [ 1743.561636][ C0] save_stack+0xf6/0x1e0 [ 1743.565777][ C0] ? __reset_page_owner+0x190/0x190 [ 1743.570902][ C0] ? post_alloc_hook+0x1a3/0x1b0 [ 1743.575760][ C0] ? prep_new_page+0x1b/0x110 [ 1743.580501][ C0] ? get_page_from_freelist+0x3550/0x35d0 [ 1743.586128][ C0] ? __alloc_pages+0x27e/0x8f0 [ 1743.590802][ C0] ? shmem_alloc_and_acct_page+0x4bd/0xa80 [ 1743.596549][ C0] ? shmem_getpage_gfp+0x1388/0x23c0 [ 1743.601836][ C0] ? shmem_fault+0x1b8/0x6c0 [ 1743.606344][ C0] ? __do_fault+0x273/0x300 [ 1743.610752][ C0] ? handle_pte_fault+0x167b/0x24d0 [ 1743.615857][ C0] ? kvm_sched_clock_read+0x18/0x40 [ 1743.620966][ C0] ? sched_clock+0x9/0x10 [ 1743.625205][ C0] __set_page_owner+0x28/0x2e0 [ 1743.629859][ C0] ? kernel_init_free_pages+0xda/0xf0 [ 1743.635134][ C0] post_alloc_hook+0x1a3/0x1b0 [ 1743.639791][ C0] prep_new_page+0x1b/0x110 [ 1743.644204][ C0] get_page_from_freelist+0x3550/0x35d0 [ 1743.649641][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 1743.654408][ C0] ? __stack_depot_save+0x34/0x470 [ 1743.659411][ C0] ? lruvec_init+0x150/0x150 [ 1743.663929][ C0] ? __kasan_slab_alloc+0xc3/0xe0 [ 1743.668828][ C0] ? shmem_add_to_page_cache+0x7fc/0xe90 [ 1743.674262][ C0] ? __alloc_pages+0x8f0/0x8f0 [ 1743.678903][ C0] ? __alloc_pages_bulk+0xe40/0xe40 [ 1743.684002][ C0] ? debug_smp_processor_id+0x17/0x20 [ 1743.689244][ C0] ? refill_stock+0xb2/0x2c0 [ 1743.693745][ C0] __alloc_pages+0x27e/0x8f0 [ 1743.698197][ C0] ? prep_new_page+0x110/0x110 [ 1743.702926][ C0] ? debug_smp_processor_id+0x17/0x20 [ 1743.708180][ C0] ? try_charge_memcg+0x213/0x1550 [ 1743.713216][ C0] shmem_alloc_and_acct_page+0x4bd/0xa80 [ 1743.718731][ C0] ? shmem_swapin_page+0x1520/0x1520 [ 1743.723945][ C0] ? xas_start+0x32c/0x3f0 [ 1743.728230][ C0] ? xas_load+0x2b7/0x2d0 [ 1743.732466][ C0] ? pagecache_get_page+0xdc2/0xeb0 [ 1743.737539][ C0] ? page_cache_prev_miss+0x410/0x410 [ 1743.742822][ C0] ? _raw_spin_lock_irqsave+0x210/0x210 [ 1743.748362][ C0] ? lru_cache_add+0x279/0x540 [ 1743.753155][ C0] shmem_getpage_gfp+0x1388/0x23c0 [ 1743.758157][ C0] ? shmem_getpage+0xa0/0xa0 [ 1743.762634][ C0] ? filemap_map_pages+0xccd/0x1690 [ 1743.767724][ C0] shmem_fault+0x1b8/0x6c0 [ 1743.772041][ C0] ? shmem_unused_huge_shrink+0xfa0/0xfa0 [ 1743.777631][ C0] ? filemap_read_page+0x330/0x330 [ 1743.782821][ C0] ? finish_fault+0x44d/0x960 [ 1743.787478][ C0] ? do_set_pte+0x7c0/0x7c0 [ 1743.791901][ C0] ? finish_task_switch+0x167/0x7b0 [ 1743.796965][ C0] __do_fault+0x273/0x300 [ 1743.801141][ C0] ? handle_pte_fault+0x1673/0x24d0 [ 1743.806152][ C0] handle_pte_fault+0x167b/0x24d0 [ 1743.811041][ C0] ? __sched_text_start+0x8/0x8 [ 1743.815791][ C0] ? fault_around_bytes_set+0xc0/0xc0 [ 1743.821045][ C0] do_handle_mm_fault+0x1ea9/0x23a0 [ 1743.826044][ C0] ? numa_migrate_prep+0xe0/0xe0 [ 1743.831364][ C0] ? follow_page_mask+0x87/0x10e0 [ 1743.836319][ C0] ? follow_page_mask+0x900/0x10e0 [ 1743.841332][ C0] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1743.847443][ C0] ? follow_page+0x230/0x230 [ 1743.852067][ C0] ? __get_user_pages+0x38a/0xee0 [ 1743.857223][ C0] __get_user_pages+0x379/0xee0 [ 1743.862145][ C0] ? populate_vma_page_range+0xf0/0xf0 [ 1743.867706][ C0] __mm_populate+0x38d/0x560 [ 1743.872419][ C0] ? userfaultfd_unmap_prep+0x4a0/0x4a0 [ 1743.878060][ C0] ? check_vma_flags+0x2d0/0x2d0 [ 1743.883075][ C0] vm_mmap_pgoff+0x271/0x450 [ 1743.887759][ C0] ? account_locked_vm+0x270/0x270 [ 1743.893831][ C0] ? switch_fpu_return+0x1ed/0x3d0 [ 1743.899145][ C0] ksys_mmap_pgoff+0xed/0x1e0 [ 1743.904005][ C0] __x64_sys_mmap+0x103/0x120 [ 1743.908906][ C0] do_syscall_64+0x3d/0xb0 [ 1743.913357][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1743.919427][ C0] RIP: 0033:0x7f009048ebd9 [ 1743.923908][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1743.944119][ C0] RSP: 002b:00007f008f6ef048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 1743.952689][ C0] RAX: ffffffffffffffda RBX: 00007f009061d038 RCX: 00007f009048ebd9 [ 1743.960774][ C0] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 1743.968825][ C0] RBP: 00007f00904fdaa1 R08: ffffffffffffffff R09: 0000000000000000 [ 1743.977014][ C0] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 1743.984974][ C0] R13: 000000000000006e R14: 00007f009061d038 R15: 00007fff6b2bd368 [ 1743.993049][ C0] [ 1743.996040][ C0] ---[ end trace 3a6792d9f4c22265 ]--- [ 1746.543093][T23097] loop2: detected capacity change from 0 to 256 [ 1748.208759][T23115] loop3: detected capacity change from 0 to 256 [ 1748.707105][ T317] usb 3-1: new high-speed USB device number 111 using dummy_hcd [ 1749.057349][ C1] ------------[ cut here ]------------ [ 1749.063150][ C1] WARNING: CPU: 1 PID: 23116 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1749.072709][ C1] Modules linked in: [ 1749.076484][ C1] CPU: 1 PID: 23116 Comm: syz.0.6717 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1749.087739][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1749.097756][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1749.103527][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1749.123195][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1749.129214][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff888115754f00 [ 1749.137144][ C1] RDX: 0000000000000101 RSI: 0000000000000100 RDI: 0000000000000000 [ 1749.145537][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed102177495b [ 1749.153818][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba4980 [ 1749.161914][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff11021774932 [ 1749.169860][ C1] FS: 0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1749.178828][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1749.185865][ C1] CR2: 00000000201c3030 CR3: 00000001250b1000 CR4: 00000000003506a0 [ 1749.194541][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1749.202426][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1749.207166][ T317] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1749.210398][ C1] Call Trace: [ 1749.224302][ C1] [ 1749.227052][ C1] ? show_regs+0x58/0x60 [ 1749.231181][ C1] ? __warn+0x160/0x2f0 [ 1749.232277][ T317] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1749.235166][ C1] ? inet_sock_destruct+0x678/0x770 [ 1749.235247][ C1] ? report_bug+0x3d9/0x5b0 [ 1749.254500][ C1] ? inet_sock_destruct+0x678/0x770 [ 1749.256890][ T317] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00 [ 1749.259669][ C1] ? handle_bug+0x41/0x70 [ 1749.272795][ C1] ? exc_invalid_op+0x1b/0x50 [ 1749.277371][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1749.282283][ C1] ? inet_sock_destruct+0x574/0x770 [ 1749.286855][ T317] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1749.287420][ C1] ? inet_sock_destruct+0x678/0x770 [ 1749.300732][ C1] ? inet_sock_destruct+0x678/0x770 [ 1749.306109][ C1] ? inet_sock_destruct+0x678/0x770 [ 1749.309625][ T317] usb 3-1: config 0 descriptor?? [ 1749.311389][ C1] inet6_sock_destruct+0x1d/0x20 [ 1749.321198][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1749.326102][ C1] __sk_destruct+0x56/0x5b0 [ 1749.330720][ C1] ? sk_destruct+0xd0/0xd0 [ 1749.335060][ C1] rcu_do_batch+0x57a/0xc10 [ 1749.339514][ C1] ? local_bh_enable+0x20/0x20 [ 1749.344204][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1749.349847][ C1] ? __hrtimer_run_queues+0x46b/0xad0 [ 1749.355125][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 1749.359869][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1749.365582][ C1] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1749.370577][ C1] rcu_core+0x517/0x1020 [ 1749.374717][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1749.379804][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1749.384839][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1749.389929][ C1] rcu_core_si+0x9/0x10 [ 1749.393982][ C1] __do_softirq+0x26d/0x5bf [ 1749.398373][ C1] __irq_exit_rcu+0x50/0xf0 [ 1749.402871][ C1] irq_exit_rcu+0x9/0x10 [ 1749.407017][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1749.412543][ C1] [ 1749.415317][ C1] [ 1749.418139][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1749.423913][ C1] RIP: 0010:__sanitizer_cov_trace_const_cmp8+0x7d/0x80 [ 1749.430660][ C1] Code: e1 05 48 8d 41 28 4c 39 c8 77 1e 48 c7 44 11 08 07 00 00 00 48 89 7c 11 10 48 89 74 11 18 4c 89 44 11 20 49 ff c2 4c 89 12 5d 66 90 55 48 89 e5 41 57 41 56 41 54 53 48 8b 46 08 48 83 c0 f8 [ 1749.452513][ C1] RSP: 0018:ffffc90000f8f4b8 EFLAGS: 00000293 [ 1749.458550][ C1] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff888115754f00 [ 1749.466462][ C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000 [ 1749.474310][ C1] RBP: ffffc90000f8f6f0 R08: ffffffff81a6f163 R09: ffffed1022aea9e1 [ 1749.482124][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 1749.489984][ C1] R13: 800000010d95d007 R14: 1ffff110247ff33a R15: 00007f1bf993a000 [ 1749.497961][ C1] ? unmap_page_range+0xb13/0x1ed0 [ 1749.503091][ C1] ? unmap_page_range+0xb13/0x1ed0 [ 1749.508119][ C1] ? mmu_notifier_invalidate_range_end+0xe0/0xe0 [ 1749.514355][ C1] ? __pagevec_lru_add+0xcde/0xd70 [ 1749.519391][ C1] ? uprobe_munmap+0x18d/0x450 [ 1749.524070][ C1] ? lru_cache_add+0x540/0x540 [ 1749.528761][ C1] unmap_vmas+0x389/0x560 [ 1749.533002][ C1] ? unmap_page_range+0x1ed0/0x1ed0 [ 1749.538087][ C1] ? tlb_gather_mmu_fullmm+0x165/0x210 [ 1749.543452][ C1] exit_mmap+0x3e4/0x940 [ 1749.547720][ C1] ? exit_aio+0x25e/0x3c0 [ 1749.552006][ C1] ? vm_brk+0x30/0x30 [ 1749.555805][ C1] ? mutex_unlock+0xb2/0x260 [ 1749.560313][ C1] ? uprobe_clear_state+0x2cd/0x320 [ 1749.565450][ C1] __mmput+0x95/0x310 [ 1749.569503][ C1] mmput+0x5b/0x170 [ 1749.573206][ C1] do_exit+0xb9c/0x2ca0 [ 1749.577335][ C1] ? __sched_text_start+0x8/0x8 [ 1749.582086][ C1] ? preempt_schedule+0xd9/0xe0 [ 1749.586820][ C1] ? put_task_struct+0x80/0x80 [ 1749.591495][ C1] ? preempt_schedule+0xd9/0xe0 [ 1749.596174][ C1] ? schedule_preempt_disabled+0x20/0x20 [ 1749.601715][ C1] ? sysvec_reschedule_ipi+0x7d/0x150 [ 1749.607011][ C1] do_group_exit+0x141/0x310 [ 1749.611513][ C1] get_signal+0x7a3/0x1630 [ 1749.615768][ C1] arch_do_signal_or_restart+0xbd/0x1680 [ 1749.621296][ C1] ? rcu_gp_kthread_wake+0x90/0x90 [ 1749.626339][ C1] ? security_file_free+0xc6/0xe0 [ 1749.631237][ C1] ? kmem_cache_free+0x116/0x2e0 [ 1749.636112][ C1] ? percpu_counter_add_batch+0x13d/0x160 [ 1749.642561][ C1] ? get_sigframe_size+0x10/0x10 [ 1749.647465][ C1] ? __se_sys_futex+0x37b/0x3e0 [ 1749.652717][ C1] ? fpu_flush_thread+0xf0/0xf0 [ 1749.657619][ C1] exit_to_user_mode_loop+0xa0/0xe0 [ 1749.662727][ C1] exit_to_user_mode_prepare+0x5a/0xa0 [ 1749.668096][ C1] syscall_exit_to_user_mode+0x26/0x160 [ 1749.673671][ C1] do_syscall_64+0x49/0xb0 [ 1749.677931][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1749.683745][ C1] RIP: 0033:0x7f1bfa51abd9 [ 1749.688034][ C1] Code: Unable to access opcode bytes at RIP 0x7f1bfa51abaf. [ 1749.695187][ C1] RSP: 002b:00007f1bf979c0f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca [ 1749.703620][ C1] RAX: fffffffffffffe00 RBX: 00007f1bfa6a8f68 RCX: 00007f1bfa51abd9 [ 1749.711556][ C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f1bfa6a8f68 [ 1749.719759][ C1] RBP: 00007f1bfa6a8f60 R08: 00007f1bf979c6c0 R09: 00007f1bf979c6c0 [ 1749.727751][ C1] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f1bfa6a8f6c [ 1749.735511][ C1] R13: 000000000000000b R14: 00007ffd0f693e80 R15: 00007ffd0f693f68 [ 1749.743445][ C1] [ 1749.746348][ C1] ---[ end trace 3a6792d9f4c22266 ]--- [ 1750.577280][ T317] usb 3-1: string descriptor 0 read error: -71 [ 1750.597318][ T317] uclogic 0003:256C:006D.0032: failed retrieving string descriptor #200: -71 [ 1750.622515][ T317] uclogic 0003:256C:006D.0032: failed retrieving pen parameters: -71 [ 1750.924570][ T317] uclogic 0003:256C:006D.0032: failed probing pen v2 parameters: -71 [ 1750.933295][ T317] uclogic 0003:256C:006D.0032: failed probing parameters: -71 [ 1750.942241][ T317] uclogic: probe of 0003:256C:006D.0032 failed with error -71 [ 1750.957185][ T317] usb 3-1: USB disconnect, device number 111 [ 1750.977211][ T30] audit: type=1326 audit(1720370512.844:20520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23146 comm="syz.4.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1753.152585][ T30] audit: type=1326 audit(1720370512.864:20521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23146 comm="syz.4.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd2764c6610 code=0x7ffc0000 [ 1753.189310][ T30] audit: type=1326 audit(1720370512.874:20522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23146 comm="syz.4.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd2764c77db code=0x7ffc0000 [ 1753.278734][ T30] audit: type=1326 audit(1720370512.874:20523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23146 comm="syz.4.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1753.347224][ T30] audit: type=1326 audit(1720370512.884:20524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23146 comm="syz.4.6728" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1753.425133][T23156] loop3: detected capacity change from 0 to 256 [ 1754.433757][T21331] device bridge_slave_1 left promiscuous mode [ 1754.459248][T21331] bridge0: port 2(bridge_slave_1) entered disabled state [ 1754.497467][T21331] device bridge_slave_0 left promiscuous mode [ 1754.503825][T21331] bridge0: port 1(bridge_slave_0) entered disabled state [ 1754.558868][T21331] device veth1_macvtap left promiscuous mode [ 1754.564823][T21331] device veth0_vlan left promiscuous mode [ 1754.629620][T23170] loop4: detected capacity change from 0 to 256 [ 1755.188935][T23180] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 1755.607349][ C0] ------------[ cut here ]------------ [ 1755.612972][ C0] WARNING: CPU: 0 PID: 23182 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1755.622790][ C0] Modules linked in: [ 1755.626557][ C0] CPU: 0 PID: 23182 Comm: syz.1.6729 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1755.637791][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1755.648131][ C0] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1755.653857][ C0] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1755.674030][ C0] RSP: 0018:ffffc90000007ba8 EFLAGS: 00010246 [ 1755.680143][ C0] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff888110438000 [ 1755.688089][ C0] RDX: 0000000080000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1755.695946][ C0] RBP: ffffc90000007bf0 R08: ffffffff84368a84 R09: ffffed10230a46bb [ 1755.703930][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118523480 [ 1755.712041][ C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4692 [ 1755.720085][ C0] FS: 00007f008f6ef6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1755.728981][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1755.736411][ C0] CR2: 0000000000000000 CR3: 000000011a08f000 CR4: 00000000003506b0 [ 1755.745478][ C0] Call Trace: [ 1755.748713][ C0] [ 1755.751344][ C0] ? show_regs+0x58/0x60 [ 1755.755531][ C0] ? __warn+0x160/0x2f0 [ 1755.759700][ C0] ? inet_sock_destruct+0x678/0x770 [ 1755.764795][ C0] ? report_bug+0x3d9/0x5b0 [ 1755.769593][ C0] ? inet_sock_destruct+0x678/0x770 [ 1755.774772][ C0] ? handle_bug+0x41/0x70 [ 1755.778991][ C0] ? exc_invalid_op+0x1b/0x50 [ 1755.783552][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 1755.788497][ C0] ? inet_sock_destruct+0x574/0x770 [ 1755.793577][ C0] ? inet_sock_destruct+0x678/0x770 [ 1755.798872][ C0] ? inet_sock_destruct+0x678/0x770 [ 1755.803966][ C0] ? inet_sock_destruct+0x678/0x770 [ 1755.809184][ C0] inet6_sock_destruct+0x1d/0x20 [ 1755.814008][ C0] ? ipv6_mod_enabled+0x30/0x30 [ 1755.818780][ C0] __sk_destruct+0x56/0x5b0 [ 1755.823513][ C0] ? sk_destruct+0xd0/0xd0 [ 1755.828201][ C0] rcu_do_batch+0x57a/0xc10 [ 1755.833222][ C0] ? local_bh_enable+0x20/0x20 [ 1755.837860][ C0] ? _raw_spin_lock_irqsave+0x1a0/0x210 [ 1755.843361][ C0] ? _raw_spin_lock+0x1b0/0x1b0 [ 1755.848298][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1755.854664][ C0] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1755.859764][ C0] rcu_core+0x517/0x1020 [ 1755.864253][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1755.869794][ C0] rcu_core_si+0x9/0x10 [ 1755.873851][ C0] __do_softirq+0x26d/0x5bf [ 1755.878253][ C0] __irq_exit_rcu+0x50/0xf0 [ 1755.882646][ C0] irq_exit_rcu+0x9/0x10 [ 1755.886716][ C0] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1755.892353][ C0] [ 1755.895065][ C0] [ 1755.897939][ C0] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1755.903812][ C0] RIP: 0010:kasan_check_range+0x7e/0x2a0 [ 1755.909512][ C0] Code: 03 49 bb 01 00 00 00 00 fc ff df 4f 8d 34 1a 4d 89 f5 4d 29 cd 49 83 fd 10 7f 26 4d 85 ed 0f 84 44 01 00 00 49 f7 d2 4d 01 e2 <41> 80 39 00 0f 85 d2 01 00 00 49 ff c1 49 ff c2 75 ee e9 27 01 00 [ 1755.928973][ C0] RSP: 0018:ffffc90000ebfa20 EFLAGS: 00000282 [ 1755.934930][ C0] RAX: ffffffff83dceb01 RBX: 000000000001ffff RCX: ffffffff83dceb74 [ 1755.943926][ C0] RDX: 0000000000000001 RSI: 0000000000000080 RDI: ffffc90000ebfb40 [ 1755.952633][ C0] RBP: ffffc90000ebfa48 R08: dffffc0000000000 R09: fffff520001d7f76 [ 1755.960599][ C0] R10: fffffffffffffffe R11: dffffc0000000001 R12: 1ffff920001d7f68 [ 1755.968507][ C0] R13: 0000000000000010 R14: fffff520001d7f78 R15: 0000000000000080 [ 1755.976277][ C0] ? ___sys_recvmsg+0x51/0x690 [ 1755.980965][ C0] ? ___sys_recvmsg+0xc4/0x690 [ 1755.985642][ C0] memset+0x23/0x40 [ 1755.989322][ C0] ___sys_recvmsg+0xc4/0x690 [ 1755.993848][ C0] ? __sys_recvmsg+0x260/0x260 [ 1755.998515][ C0] ? preempt_schedule_irq+0xe7/0x140 [ 1756.003707][ C0] ? asm_sysvec_call_function_single+0x1b/0x20 [ 1756.009767][ C0] do_recvmmsg+0x36b/0x8b0 [ 1756.014102][ C0] ? __sys_recvmmsg+0x270/0x270 [ 1756.018857][ C0] ? put_pid+0xc3/0x110 [ 1756.022917][ C0] __x64_sys_recvmmsg+0x195/0x240 [ 1756.027988][ C0] ? do_recvmmsg+0x8b0/0x8b0 [ 1756.032466][ C0] ? __kasan_check_read+0x11/0x20 [ 1756.037445][ C0] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 1756.043144][ C0] do_syscall_64+0x3d/0xb0 [ 1756.047481][ C0] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1756.053267][ C0] RIP: 0033:0x7f009048ebd9 [ 1756.057608][ C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1756.077289][ C0] RSP: 002b:00007f008f6ef048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1756.085907][ C0] RAX: ffffffffffffffda RBX: 00007f009061d038 RCX: 00007f009048ebd9 [ 1756.094009][ C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000005 [ 1756.102149][ C0] RBP: 00007f00904fdaa1 R08: 0000000000000000 R09: 0000000000000000 [ 1756.110013][ C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1756.118143][ C0] R13: 000000000000006e R14: 00007f009061d038 R15: 00007fff6b2bd368 [ 1756.126123][ C0] [ 1756.129068][ C0] ---[ end trace 3a6792d9f4c22267 ]--- [ 1757.027319][ T317] usb 4-1: new high-speed USB device number 111 using dummy_hcd [ 1757.237328][ T30] audit: type=1400 audit(1720370519.084:20525): avc: denied { execute_no_trans } for pid=23195 comm="syz.1.6740" path="/92/file1" dev="tmpfs" ino=512 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1 [ 1757.267094][ T317] usb 4-1: Using ep0 maxpacket: 32 [ 1757.397079][ T317] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 1757.429370][ T317] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1757.475877][T23206] loop4: detected capacity change from 0 to 512 [ 1757.512202][ T317] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5 [ 1757.569955][ T317] usb 4-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00 [ 1757.580022][ T317] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1757.590459][ T317] usb 4-1: config 0 descriptor?? [ 1758.827109][ T317] usbhid 4-1:0.0: can't add hid device: -71 [ 1758.833189][ T317] usbhid: probe of 4-1:0.0 failed with error -71 [ 1758.842108][ T317] usb 4-1: USB disconnect, device number 111 [ 1760.258118][ C0] ------------[ cut here ]------------ [ 1760.263470][ C0] WARNING: CPU: 0 PID: 13 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1760.272745][ C0] Modules linked in: [ 1760.276412][ C0] CPU: 0 PID: 13 Comm: ksoftirqd/0 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1760.287494][ C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1760.297372][ C0] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1760.303093][ C0] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1760.306568][T23238] loop4: detected capacity change from 0 to 512 [ 1760.322713][ C0] RSP: 0018:ffffc900000d7a48 EFLAGS: 00010246 [ 1760.322777][ C0] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff88810026bb40 [ 1760.342649][ C0] RDX: 0000000080000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1760.351087][ C0] RBP: ffffc900000d7a90 R08: ffffffff84368a84 R09: ffffed10217746bb [ 1760.358880][ C0] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810bba3480 [ 1760.366668][ C0] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff11021774692 [ 1760.374703][ C0] FS: 0000000000000000(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000 [ 1760.383509][ C0] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1760.390018][ C0] CR2: 000000002013a030 CR3: 000000010edb5000 CR4: 00000000003506b0 [ 1760.397849][ C0] Call Trace: [ 1760.400933][ C0] [ 1760.403731][ C0] ? show_regs+0x58/0x60 [ 1760.407968][ C0] ? __warn+0x160/0x2f0 [ 1760.412024][ C0] ? inet_sock_destruct+0x678/0x770 [ 1760.417202][ C0] ? report_bug+0x3d9/0x5b0 [ 1760.421504][ C0] ? inet_sock_destruct+0x678/0x770 [ 1760.426526][ C0] ? handle_bug+0x41/0x70 [ 1760.431118][ C0] ? exc_invalid_op+0x1b/0x50 [ 1760.435682][ C0] ? asm_exc_invalid_op+0x1b/0x20 [ 1760.440671][ C0] ? inet_sock_destruct+0x574/0x770 [ 1760.445773][ C0] ? inet_sock_destruct+0x678/0x770 [ 1760.451082][ C0] ? inet_sock_destruct+0x678/0x770 [ 1760.456184][ C0] ? inet_sock_destruct+0x678/0x770 [ 1760.461310][ C0] inet6_sock_destruct+0x1d/0x20 [ 1760.466139][ C0] ? ipv6_mod_enabled+0x30/0x30 [ 1760.470890][ C0] __sk_destruct+0x56/0x5b0 [ 1760.475288][ C0] ? sk_destruct+0xd0/0xd0 [ 1760.479635][ C0] rcu_do_batch+0x57a/0xc10 [ 1760.484129][ C0] ? local_bh_enable+0x20/0x20 [ 1760.488878][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1760.495370][ C0] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1760.501045][ C0] ? rcu_report_qs_rnp+0x381/0x390 [ 1760.506049][ C0] rcu_core+0x517/0x1020 [ 1760.510243][ C0] ? rcu_cpu_kthread_park+0x90/0x90 [ 1760.515346][ C0] ? rcu_softirq_qs+0xd7/0x310 [ 1760.520028][ C0] ? rcu_get_gp_kthreads_prio+0x10/0x10 [ 1760.525825][ C0] ? irqtime_account_irq+0x79/0x3c0 [ 1760.531050][ C0] rcu_core_si+0x9/0x10 [ 1760.535550][ C0] __do_softirq+0x26d/0x5bf [ 1760.539953][ C0] ? ksoftirqd_should_run+0x20/0x20 [ 1760.545057][ C0] run_ksoftirqd+0x23/0x30 [ 1760.549372][ C0] smpboot_thread_fn+0x466/0x8d0 [ 1760.554212][ C0] kthread+0x421/0x510 [ 1760.558187][ C0] ? cpu_report_death+0x1a0/0x1a0 [ 1760.563097][ C0] ? kthread_blkcg+0xd0/0xd0 [ 1760.567605][ C0] ret_from_fork+0x1f/0x30 [ 1760.571929][ C0] [ 1760.574767][ C0] ---[ end trace 3a6792d9f4c22268 ]--- [ 1760.652443][T23238] EXT4-fs error (device loop4): __ext4_iget:4892: inode #11: block 1: comm syz.4.6752: invalid block [ 1760.706017][T23238] EXT4-fs error (device loop4): ext4_orphan_get:1402: comm syz.4.6752: couldn't read orphan inode 11 (err -117) [ 1760.739066][T23238] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,minixdf,max_dir_size_kb=0x0000000000000009,data_err=abort,grpquota,noinit_itable,inode_readahead_blks=0x0000000000400000,i_version,acl,,errors=continue. Quota mode: writeback. [ 1760.993000][T20825] usb 4-1: new high-speed USB device number 112 using dummy_hcd [ 1761.387112][T20825] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 1761.397250][T20825] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1761.531625][ T30] audit: type=1326 audit(1720370523.394:20526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23259 comm="syz.4.6758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1761.621137][T20825] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1761.630484][ T30] audit: type=1326 audit(1720370523.444:20527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23259 comm="syz.4.6758" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd2764c7bd9 code=0x7ffc0000 [ 1761.631739][T20825] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1761.705325][T20825] usb 4-1: SerialNumber: syz [ 1763.368250][T23269] loop4: detected capacity change from 0 to 512 [ 1763.588742][T20825] usb 4-1: 0:2 : does not exist [ 1763.616119][T20825] usb 4-1: unit 5 not found! [ 1763.625481][T20825] usb 4-1: USB disconnect, device number 112 [ 1765.477853][ C1] ------------[ cut here ]------------ [ 1765.483207][ C1] WARNING: CPU: 1 PID: 23293 at net/ipv4/af_inet.c:157 inet_sock_destruct+0x678/0x770 [ 1765.492707][ C1] Modules linked in: [ 1765.496472][ C1] CPU: 1 PID: 23293 Comm: syz.0.6766 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1765.508936][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1765.519473][ C1] RIP: 0010:inet_sock_destruct+0x678/0x770 [ 1765.525196][ C1] Code: a8 e8 3c ac 39 fd 0f 0b e9 7d fe ff ff e8 30 ac 39 fd 0f 0b e9 b2 fe ff ff e8 24 ac 39 fd 0f 0b e9 da fe ff ff e8 18 ac 39 fd <0f> 0b e9 02 ff ff ff 89 d9 80 e1 07 fe c1 38 c1 0f 8c 6a fd ff ff [ 1765.544748][ C1] RSP: 0018:ffffc900001d0ba8 EFLAGS: 00010246 [ 1765.551632][ C1] RAX: ffffffff84368b88 RBX: 0000000000000100 RCX: ffff8881170c13c0 [ 1765.559678][ C1] RDX: 0000000000000100 RSI: 0000000000000100 RDI: 0000000000000000 [ 1765.567630][ C1] RBP: ffffc900001d0bf0 R08: ffffffff84368a84 R09: ffffed10230a402b [ 1765.575526][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff888118520000 [ 1765.583430][ C1] R13: dffffc0000000000 R14: dffffc0000000000 R15: 1ffff110230a4002 [ 1765.591379][ C1] FS: 00007f1bf977b6c0(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000 [ 1765.600368][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1765.606885][ C1] CR2: 0000000020028030 CR3: 0000000114e08000 CR4: 00000000003506a0 [ 1765.614773][ C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1765.622825][ C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1765.630792][ C1] Call Trace: [ 1765.633957][ C1] [ 1765.636645][ C1] ? show_regs+0x58/0x60 [ 1765.640887][ C1] ? __warn+0x160/0x2f0 [ 1765.644883][ C1] ? inet_sock_destruct+0x678/0x770 [ 1765.650094][ C1] ? report_bug+0x3d9/0x5b0 [ 1765.655073][ C1] ? inet_sock_destruct+0x678/0x770 [ 1765.660293][ C1] ? handle_bug+0x41/0x70 [ 1765.664518][ C1] ? exc_invalid_op+0x1b/0x50 [ 1765.669115][ C1] ? asm_exc_invalid_op+0x1b/0x20 [ 1765.674967][ C1] ? inet_sock_destruct+0x574/0x770 [ 1765.680090][ C1] ? inet_sock_destruct+0x678/0x770 [ 1765.685880][ C1] ? inet_sock_destruct+0x678/0x770 [ 1765.690984][ C1] ? inet_sock_destruct+0x678/0x770 [ 1765.696893][ C1] inet6_sock_destruct+0x1d/0x20 [ 1765.701726][ C1] ? ipv6_mod_enabled+0x30/0x30 [ 1765.706579][ C1] __sk_destruct+0x56/0x5b0 [ 1765.711397][ C1] ? sk_destruct+0xd0/0xd0 [ 1765.715735][ C1] rcu_do_batch+0x57a/0xc10 [ 1765.720283][ C1] ? local_bh_enable+0x20/0x20 [ 1765.724957][ C1] ? _raw_spin_lock_irqsave+0xf9/0x210 [ 1765.730329][ C1] ? _raw_spin_lock+0x1b0/0x1b0 [ 1765.735102][ C1] ? _raw_spin_unlock_irqrestore+0x5c/0x80 [ 1765.740819][ C1] ? rcu_report_qs_rnp+0x2bf/0x390 [ 1765.745860][ C1] rcu_core+0x517/0x1020 [ 1765.749998][ C1] ? rcu_cpu_kthread_park+0x90/0x90 [ 1765.755286][ C1] ? hrtimer_interrupt+0x867/0xaa0 [ 1765.762643][ C1] ? irqtime_account_irq+0x79/0x3c0 [ 1765.768791][ C1] rcu_core_si+0x9/0x10 [ 1765.773889][ C1] __do_softirq+0x26d/0x5bf [ 1765.779933][ C1] __irq_exit_rcu+0x50/0xf0 [ 1765.784527][ C1] irq_exit_rcu+0x9/0x10 [ 1765.788791][ C1] sysvec_apic_timer_interrupt+0x9a/0xc0 [ 1765.794424][ C1] [ 1765.797233][ C1] [ 1765.799974][ C1] asm_sysvec_apic_timer_interrupt+0x1b/0x20 [ 1765.807257][ C1] RIP: 0010:___sys_recvmsg+0x15d/0x690 [ 1765.815622][ C1] Code: 00 4c 89 ff 31 f6 e8 82 87 d5 fd ba 38 00 00 00 4c 89 ff 48 8b 74 24 10 e8 50 4b 88 fe 48 89 c3 31 ff 48 89 c6 e8 d3 4f 93 fd <48> 85 db 0f 84 af 00 00 00 e8 85 4b 93 fd 41 bf f2 ff ff ff e9 2f [ 1765.835602][ C1] RSP: 0018:ffffc90000eafa80 EFLAGS: 00000297 [ 1765.842132][ C1] RAX: 0000000000000002 RBX: 0000000000000000 RCX: ffff8881170c13c0 [ 1765.850309][ C1] RDX: ffffc90002f5b000 RSI: 0000000000000000 RDI: 0000000000000000 [ 1765.859771][ C1] RBP: ffffc90000eafc70 R08: ffffffff83dcec0d R09: fffff520001d5f63 [ 1765.867757][ C1] R10: 0000000000000000 R11: dffffc0000000001 R12: ffffc90000eafbe0 [ 1765.875651][ C1] R13: dffffc0000000000 R14: 1ffff920001d5f58 R15: ffffc90000eafae0 [ 1765.883575][ C1] ? ___sys_recvmsg+0x15d/0x690 [ 1765.888525][ C1] ? __sys_recvmsg+0x260/0x260 [ 1765.894925][ C1] ? preempt_schedule_irq+0xe7/0x140 [ 1765.900138][ C1] ? asm_sysvec_reschedule_ipi+0x1b/0x20 [ 1765.905746][ C1] ? do_recvmmsg+0x376/0x8b0 [ 1765.910453][ C1] do_recvmmsg+0x36b/0x8b0 [ 1765.914795][ C1] ? native_set_ldt+0x360/0x360 [ 1765.919567][ C1] ? __sys_recvmmsg+0x270/0x270 [ 1765.924341][ C1] ? finish_task_switch+0x167/0x7b0 [ 1765.929558][ C1] __x64_sys_recvmmsg+0x195/0x240 [ 1765.934508][ C1] ? do_recvmmsg+0x8b0/0x8b0 [ 1765.943784][ C1] ? exit_to_user_mode_prepare+0x7e/0xa0 [ 1765.949388][ C1] do_syscall_64+0x3d/0xb0 [ 1765.953718][ C1] entry_SYSCALL_64_after_hwframe+0x61/0xcb [ 1765.959604][ C1] RIP: 0033:0x7f1bfa51abd9 [ 1765.964286][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 1765.984812][ C1] RSP: 002b:00007f1bf977b048 EFLAGS: 00000246 ORIG_RAX: 000000000000012b [ 1765.994674][ C1] RAX: ffffffffffffffda RBX: 00007f1bfa6a9038 RCX: 00007f1bfa51abd9 [ 1766.003740][ C1] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000003 [ 1766.012268][ C1] RBP: 00007f1bfa589aa1 R08: 0000000000000000 R09: 0000000000000000 [ 1766.020248][ C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000 [ 1766.028369][ C1] R13: 000000000000006e R14: 00007f1bfa6a9038 R15: 00007ffd0f693f68 [ 1766.037173][ C1] [ 1766.040149][ C1] ---[ end trace 3a6792d9f4c22269 ]--- [ 1766.306885][T18596] usb 4-1: new high-speed USB device number 113 using dummy_hcd [ 1766.577018][T18596] usb 4-1: device descriptor read/64, error -71 [ 1766.967076][T18596] usb 4-1: device descriptor read/64, error -71 [ 1767.236840][T18596] usb 4-1: new high-speed USB device number 114 using dummy_hcd [ 1767.245081][T23312] binder: 23308:23312 unknown command 0 [ 1767.254651][T23312] binder: 23308:23312 ioctl c0306201 20000080 returned -22 [ 1767.484135][T23321] fuse: Unknown parameter 'rooteode@0000000000000000040000' [ 1768.350874][T18596] usb 4-1: device descriptor read/64, error -71 [ 1768.669074][T23331] loop0: detected capacity change from 0 to 128 [ 1768.750484][T23331] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none. [ 1768.787231][T23331] ext4 filesystem being mounted at /105/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff) [ 1768.824027][T23349] loop3: detected capacity change from 0 to 512 [ 1768.855617][T23349] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2213: inode #15: comm syz.3.6779: corrupted in-inode xattr [ 1768.872375][T23349] EXT4-fs error (device loop3): ext4_orphan_get:1402: comm syz.3.6779: couldn't read orphan inode 15 (err -117) [ 1768.888906][T23349] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouid32,block_validity,,errors=continue. Quota mode: writeback. [ 1768.970663][ T30] audit: type=1400 audit(1720370530.834:20528): avc: denied { link } for pid=23325 comm="syz.0.6773" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 1769.087055][T12434] usb 2-1: new high-speed USB device number 118 using dummy_hcd [ 1769.107196][T13240] usb 5-1: new high-speed USB device number 127 using dummy_hcd [ 1769.447300][T12434] usb 2-1: config 1 has an invalid descriptor of length 187, skipping remainder of the config [ 1769.458101][T12434] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 1769.467561][T13240] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 1769.480717][T13240] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 1769.490580][T13240] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 1769.503544][T13240] usb 5-1: New USB device found, idVendor=0419, idProduct=0001, bcdDevice= 0.00 [ 1769.512752][T13240] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 1769.522308][T13240] usb 5-1: config 0 descriptor?? [ 1769.557399][T12434] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 1769.566477][T12434] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 1769.576073][T12434] usb 2-1: SerialNumber: syz [ 1769.838737][T12434] usb 2-1: 0:2 : does not exist [ 1770.010605][T13240] samsung 0003:0419:0001.0033: hidraw0: USB HID v0.00 Device [HID 0419:0001] on usb-dummy_hcd.4-1/input0 [ 1770.261872][T12434] usb 2-1: USB disconnect, device number 118 [ 1770.932897][T20825] usb 5-1: USB disconnect, device number 127 [ 1771.817048][T18596] usb 1-1: new full-speed USB device number 5 using dummy_hcd [ 1771.945606][T23391] usb usb8: usbfs: process 23391 (syz.1.6792) did not claim interface 0 before use [ 1772.677067][T18596] usb 1-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0 [ 1772.857199][T18596] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 1772.866389][T18596] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1772.874977][T18596] usb 1-1: Product: syz [ 1772.879516][T18596] usb 1-1: Manufacturer: syz [ 1772.884080][T18596] usb 1-1: SerialNumber: syz [ 1772.907242][T23376] raw-gadget.0 gadget: fail, usb_ep_enable returned -22 [ 1772.927917][T18596] cdc_ether: probe of 1-1:1.0 failed with error -22 [ 1773.144952][T18596] usb 1-1: USB disconnect, device number 5 [ 1775.091810][ T30] audit: type=1400 audit(1720370536.954:20529): avc: denied { ioctl } for pid=23431 comm="syz.3.6806" path="/dev/fuse" dev="devtmpfs" ino=91 ioctlcmd=0xe500 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1 [ 1778.172761][T23463] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6817'. [ 1780.841675][T23508] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 1782.650552][T23521] loop4: detected capacity change from 0 to 16 [ 1782.664220][T23516] incfs: Can't find or create .index dir in ./file0 [ 1782.677071][T23516] incfs: mount failed -14 [ 1782.709365][T23521] erofs: (device loop4): mounted with root inode @ nid 36. [ 1782.749203][T23521] attempt to access beyond end of device [ 1782.749203][T23521] loop4: rw=0, want=1049304, limit=16 [ 1782.761033][T23521] attempt to access beyond end of device [ 1782.761033][T23521] loop4: rw=0, want=40, limit=16 [ 1782.786479][T23521] erofs: (device loop4): erofs_readdir: fail to readdir of logical block 16 of nid 36 [ 1782.830371][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8203 @ nid 36 [ 1782.847788][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8202 @ nid 36 [ 1782.857881][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8201 @ nid 36 [ 1782.868309][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8203 @ nid 36 [ 1782.878634][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8202 @ nid 36 [ 1782.890379][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8201 @ nid 36 [ 1782.906997][T23521] erofs: (device loop4): z_erofs_pcluster_readmore: readmore error at page 8200 @ nid 36 [ 1782.931303][T23521] erofs: (device loop4): z_erofs_readpage: failed to read, err [-117] [ 1783.000621][ T317] usb 4-1: new high-speed USB device number 115 using dummy_hcd [ 1783.856968][ T317] usb 4-1: Using ep0 maxpacket: 16 [ 1783.977152][ T317] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7 [ 1783.987957][ T317] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 1784.157179][ T317] usb 4-1: New USB device found, idVendor=0582, idProduct=87d1, bcdDevice=f8.e7 [ 1784.166195][ T317] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 1784.174305][ T317] usb 4-1: Product: syz [ 1784.178445][ T317] usb 4-1: Manufacturer: syz [ 1784.182890][ T317] usb 4-1: SerialNumber: syz [ 1784.189406][ T317] usb 4-1: config 0 descriptor?? [ 1784.529444][ T317] usb 4-1: USB disconnect, device number 115 [ 1784.926139][T23547] loop4: detected capacity change from 0 to 2048 [ 1784.979359][T23547] EXT4-fs (loop4): cluster size (2048) smaller than block size (4096) [ 1785.044810][T23554] loop3: detected capacity change from 0 to 2048 [ 1785.079253][T23554] EXT4-fs (loop3): cluster size (2048) smaller than block size (4096) [ 1785.227333][T20825] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 1785.523756][T23556] FAULT_INJECTION: forcing a failure. [ 1785.523756][T23556] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 1785.538335][T23556] CPU: 1 PID: 23556 Comm: syz.4.6842 Tainted: G W 5.15.150-syzkaller-00330-g9044d25b8ff5 #0 [ 1785.549965][T23556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024 [ 1785.561018][T23556] Call Trace: [ 1785.564133][T23556] [ 1785.566915][T23556] dump_stack_lvl+0x151/0x1b7 [ 1785.571451][T23556] ? io_uring_drop_tctx_refs+0x190/0x190 [ 1785.578048][T23556] dump_stack+0x15/0x17 [ 1785.582131][T23556] should_fail+0x3c6/0x510 [ 1785.586399][T23556] should_fail_alloc_page+0x5a/0x80 [ 1785.591556][T23556] prepare_alloc_pages+0x15c/0x700 [ 1785.596633][T23556] ? irqentry_exit_cond_resched+0x2a/0x30 [ 1785.602322][T23556] ? __alloc_pages_bulk+0xe40/0xe40 [ 1785.607457][T23556] __alloc_pages+0x18c/0x8f0 [ 1785.611888][T23556] ? prep_new_page+0x110/0x110 [ 1785.616594][T23556] ? __kasan_check_read+0x11/0x20 [ 1785.621557][T23556] ? preempt_schedule_irq+0xe7/0x140 [ 1785.626777][T23556] ? __cond_resched+0x20/0x20 [ 1785.631293][T23556] handle_pte_fault+0xea0/0x24d0 [ 1785.636293][T23556] ? fault_around_bytes_set+0xc0/0xc0 [ 1785.641661][T23556] ? do_handle_mm_fault+0x2023/0x23a0 [ 1785.646876][T23556] do_handle_mm_fault+0x1ea9/0x23a0 [ 1785.652023][T23556] ? preempt_schedule_thunk+0x16/0x18 [ 1785.658409][T23556] ? numa_migrate_prep+0xe0/0xe0 [ 1785.663177][T23556] ? rcu_read_unlock_special+0xdb/0x4c0 [ 1785.668552][T23556] ? __rcu_read_unlock+0xd0/0xd0 [ 1785.673439][T23556] ? __rcu_read_unlock+0x7e/0xd0 [ 1785.678217][T23556] ? exc_page_fault+0x222/0x830 [ 1785.683358][T23556] ? access_error+0x246/0x270 [ 1785.687983][T23556] exc_page_fault+0x26f/0x830 [ 1785.692517][T23556] asm_exc_page_fault+0x27/0x30 [ 1785.700279][T23556] RIP: 0033:0x7fd2763942cb [ 1785.704721][T23556] Code: 00 00 00 48 8d 3d 6d 18 19 00 48 89 c1 31 c0 e8 cb 67 ff ff eb d2 66 0f 1f 84 00 00 00 00 00 55 31 c0 53 48 81 ec 68 10 00 00 <48> 89 7c 24 08 48 8d 3d a1 18 19 00 48 89 34 24 48 8b 14 24 48 8b [ 1785.726002][T23556] RSP: 002b:00007fd275705fc0 EFLAGS: 00010206 [ 1785.732953][T23556] RAX: 0000000000000000 RBX: 00007fd276656110 RCX: 0000000000000000 [ 1785.751762][T23556] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000280 [ 1785.763362][T23556] RBP: 00007fd2757070a0 R08: 0000000000000000 R09: 0000000000000000 [ 1785.771322][T23556] R10: 0000000020000280 R11: 0000000000000000 R12: 0000000000000001 [ 1785.779389][T23556] R13: 000000000000006e R14: 00007fd276656110 R15: 00007ffed90a9bb8 [ 1785.787850][T23556] [ 1785.791888][T23556] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF [ 1786.057011][T20825] usb 1-1: device descriptor read/64, error -71 [ 1786.446954][T20825] usb 1-1: device descriptor read/64, error -71 [ 1786.716927][T20825] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 1786.997035][T20825] usb 1-1: device descriptor read/64, error -71 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: tun: ioctl(TUNSETIFF) failed (errno 25: Inappropriate ioctl for device) loop exited with status 67 SYZFAIL: repeatedly failed to execute the program proc=2 req=6730 state=3 status=67 (errno 11: Resource temporarily unavailable) [ 1787.286412][ T30] audit: type=1400 audit(1720370549.144:20530): avc: denied { write } for pid=279 comm="syz-executor" path="pipe:[471]" dev="pipefs" ino=471 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1 [ 1790.136838][ T313] usb 4-1: new high-speed USB device number 116 using dummy_hcd [ 1791.499632][T21331] device bridge_slave_1 left promiscuous mode [ 1791.505863][T21331] bridge0: port 2(bridge_slave_1) entered disabled state [ 1791.514524][T21331] device bridge_slave_0 left promiscuous mode [ 1791.520893][T21331] bridge0: port 1(bridge_slave_0) entered disabled state [ 1791.531257][T21331] device bridge_slave_1 left promiscuous mode [ 1791.537840][T21331] bridge0: port 2(bridge_slave_1) entered disabled state [ 1791.546003][T21331] device bridge_slave_0 left promiscuous mode [ 1791.552366][T21331] bridge0: port 1(bridge_slave_0) entered disabled state [ 1791.561821][T21331] device bridge_slave_1 left promiscuous mode [ 1791.568016][T21331] bridge0: port 2(bridge_slave_1) entered disabled state [ 1791.576226][T21331] device bridge_slave_0 left promiscuous mode [ 1791.582678][T21331] bridge0: port 1(bridge_slave_0) entered disabled state [ 1791.592199][T21331] device bridge_slave_1 left promiscuous mode [ 1791.598653][T21331] bridge0: port 2(bridge_slave_1) entered disabled state [ 1791.607029][T21331] device bridge_slave_0 left promiscuous mode [ 1791.613193][T21331] bridge0: port 1(bridge_slave_0) entered disabled state [ 1791.624796][T21331] device veth1_macvtap left promiscuous mode [ 1791.630886][T21331] device veth0_vlan left promiscuous mode [ 1791.637208][T21331] device veth1_macvtap left promiscuous mode [ 1791.643121][T21331] device veth0_vlan left promiscuous mode [ 1791.649348][T21331] device veth1_macvtap left promiscuous mode [ 1791.655275][T21331] device veth0_vlan left promiscuous mode [ 1791.661757][T21331] device veth1_macvtap left promiscuous mode [ 1791.668041][T21331] device veth0_vlan left promiscuous mode