last executing test programs:

10.053827845s ago: executing program 0:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup2(r0, r1)
io_setup(0x3ff, &(0x7f0000000500)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000040)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])

9.932552784s ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x2008002, &(0x7f0000000080), 0x1, 0x53d, &(0x7f0000000a80)="$eJzs3c9vHFcdAPDvjH82TesEeoAKSIBCQFF2400bVb20uYBQVQlRcUAcUmNvLJNdr/GuS20s4f4NIIHECf4EDkgckHriwI0jEgeEVA5IASxQjATSopkdO1t7TZbsepd6Px9pMvPmzcz3vWxm39u3m3kBTKyrEbEXEbMR8VZELBT7k2KJ1zpLdtzD/d3lg/3d5STa7Tf/muT52b7oOifzdHHN+Yj42pcjvpWcjNvc3rm/VKtVN4t0uVXfKDe3d26s1ZdWq6vV9Url9uLtmy/feqkytLpeqf/8wZfWXv/6r375yfd/u/fF72XFuljkdddjmDpVnzmKk5mOiNfPItgYTBXr2TGXgyeTRsRHIuIz+f2/EFP5v04A4DxrtxeivdCdBgDOuzQfA0vSUkSkadEJKHXG8J6LC2mt0Wxdv9fYWl/pjJVdipn03lqtevPy3O+/kx88k2TpxTwvz8/TlWPpWxFxOSJ+OPdUni4tN2or4+nyAMDEe7q7/Y+If8ylaanU16k9vtUDAD405sddAABg5LT/ADB5tP8AMHn6aP+LL/v3zrwsAMBo+PwPAJNH+w8Ak0f7DwAT5atvvJEt7YPi+dcrb29v3W+8fWOl2rxfqm8tl5Ybmxul1UZjNX9mT/1x16s1GhuLL8bWO+VWtdkqN7d37tYbW+utu/lzve9WZ0ZSKwDgv7l85b3fJRGx98pT+RJdczloq+F8S8ddAGBspgY5WQcBPtTM9gWTq68mPO8k/ObMywKMR8+Hec/33PygH/8PQfzOCP6vXPt4/+P/5niG88X4P0yuJxv/f3Xo5QBGz/g/TK52Ozk+5//sURYAcC4N8BO+9veH1QkBxupxk3kP5ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOGcuRsS3I0lL+VzgafZnWipFPBMRl2ImubdWq96MiGfjSkTMzGXpxXEXGgAYUPrnpJj/69rCCxeP584m/5zL1xHx3Z+8+aN3llqtzcVs/9+O9s8dTh9WeXTeAPMKAgBDlrfflWLd9UH+4f7u8uEyyvI8uBP/LqYiXj7Y382XTs50ZDsj5vO+xIW/JzFdnDMfEc9HxNQQ4u+9GxEf61X/JB8buVTMfNodP4rYz4w0fvqB+Gme11lnna+PDqEsMGneuxMRr/W6/9K4mq973//z+TvU4B7c6Vzs8L3voCv+dBFpqkf87J6/2m+MF3/9lRM72wudvHcjnp/uFT85ip+cEv+FPuP/4ROf+sGrp+S1fxpxLXrH745VbtU3ys3tnRtr9aXV6mp1vVK5vXj75su3XqqU8zHq8uFI9Ul/eeX6s6eVLav/hVPiz/es/+zRuZ/rs/4/+9db3/z0o+Tc8fhf+Gzv1/+5nvE7sjbx833GX7rwi1On787ir5xS/8e9/tf7jP/+n3ZW+jwUABiB5vbO/aVarbo50Eb2KXQY1zmxkRWxv4MPu4uDBf1jnEUtnnBj5qz+Vs98Y/qorzjcK38ju+KIq5MOvRYDbTwcVazxvScBo/Hoph93SQAAAAAAAAAAAAAAgNOM4r8ujbuOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnF//CQAA//+zi8zo")
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000280), 0x24, 0x0)
lchown(&(0x7f0000000340)='./bus\x00', r1, 0x0)

9.6337583s ago: executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000200)=ANY=[], 0x1, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
ftruncate(r1, 0x2000009)
sendfile(r0, r1, 0x0, 0x7ffff000)

9.048419271s ago: executing program 0:
prlimit64(0x0, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r5, &(0x7f00000013c0)={&(0x7f0000000100)={0xa, 0x4e24, 0x0, @remote}, 0x1c, 0x0, 0x0, &(0x7f0000001380)=[@hopopts={{0x10, 0x29, 0x3b}}], 0x18}, 0x0)

7.841285749s ago: executing program 0:
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCADDRT(r0, 0x890b, &(0x7f0000000180)={0x0, {0x2, 0x0, @empty}, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x1e}}, {0x2, 0x0, @empty}})

7.824907341s ago: executing program 0:
ptrace(0x10, 0x1)
r0 = inotify_init1(0x0)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000380)={0x0, <r1=>0x0})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r2, 0x0)
ptrace$getenv(0xd, r1, 0x0, &(0x7f0000000000))

4.673868752s ago: executing program 1:
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000280)={@initdev, @local}, &(0x7f0000000440)=0xc)
syz_emit_ethernet(0x2a, &(0x7f0000000a40)={@local, @dev, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @rand_addr=0x64010102, @local}, {0x0, 0x4e23, 0x8}}}}}, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
syz_emit_ethernet(0x76, &(0x7f0000000140)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd602e5cea00403c0020010000000000000000000000000000ff0200000000000000000000000000010004000000000000c9"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x1004, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000a40)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000140)='mm_page_alloc\x00', r1}, 0x10)
syz_usb_connect(0x0, 0x10b, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000b24b4a10e60407007501000005010902240001010000000904000002ccb8280009050b02000000000009058a02"], 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000002340)=ANY=[@ANYBLOB="b702000022000000bfa300000000000007030000007effff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc525d78c07f34e4d5b3185b310efcfa89147a09000000f110026e6d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b0a341a2d7cbdb9cd38bdb2ca8e0500009cb20d03e7564c35a8d36774d5e5003a14817ac61e4dd19699a13477bf7e060e3670ef0e789f65f105006704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d9961b626c57c2691208173656d60a17e3c184b751c51160fbcbbdb5b1e7be6148ba532e60a0ac346dfebd31a080600000002000000ff000000334d83239dd27080e71113610e10d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08ab1e1ad828267d4eadd3957663e88535c133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc190ae2ebf8aad34732181feb215139f15ea7e8cb0bae7c34d5ac5e7c805210600000000000000c3dec04b25dfc17975238345d4f71ab158c36657b7218baa0700f781c0a99bd50499ccc421ace5e845885efb5b9964ecbeba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d0175b989b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca00010000790017b0689a173db9c24db65c1e00015c1d093dab18fd063e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4effcf7462710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2000034837d365e63845f3c1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000000000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edeeeba72205beff7771bcb293747b88486cacec403000000a2919a4bff2ed893f2c814679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289ce2ad779ce71d4dc30cbb2cc4289d2f884d66cddc76eb7f601110ff39057c1f395968e23c262279f4ef00fbdb8c338615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2e152cb2cf06f8edb30177fead735a952ffce676a93110904d5ee2abdab2ef3ff84c4d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007981699b6c0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d2503a3ea376721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e6712824a85eb9ee0a3b68c9e209756623adf685dd715d68ed11e4b4d5502f5124948f8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c1c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f54b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b6c16bd94d2da66059de81abfa15eeeb88b6ae5882ad341032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f553572548104d2ad0e10d3663488e664401030022f0d76d2162635365258af61ae1f46f4a7862f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f32744a8c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7afe8a1f8cde79b7a6c5aafe954b8ba37818e40c14b37c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1db99c2cf2735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c02b53d44bd84bf6770157e96bbb96b5e1f165c87e7ad68a3600b3d357fa9a7d53c281d88ebb175a4dbb82130e6970982947913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980ede51116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c60100f36b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3d0bda50f6c0af58dbd6c031b1a5a7512c5896514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e2a79b55daa1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e6887dd7245bc5d61dc5a114d10ffb22e76678bbfc1e3865d17d128306d1b81884a934cb00000000000000000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee440b293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbc8b8e21589c92446ae65d408c0637ffcc2d44d715ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f51a973a6c545b28211a92000000001501aed8972af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a67385fea04220423f52ad8178b9fd04bdc7e5fee4bd52db996e633792118efdb6b88023e80da74fdf723c7f05e96d738989f2c8b1e6b3a9716b6130a09e2698b12d8ae4d329f305fde3e8dec42eae3c69988ad568543a715755110c8dff124a6ba9ee1dc32ea7d17a35a420133c7df262a30cbff8790d80fd4def27ff1b268014daec1b0d1d2864bf010801f092efac0b349b86631d2a7455a72c0e7f43730b78e9beb255188acb12f3770fcc2223ba034181d9c3acef5b6d9ee77883ca12cfd68a5db88cc945a5c377c4ee2da24351905240b0b1920429109032ddc3cf9bf4ba32f594d45478bca432bdeb1a21fd5b5c2c416ed8eeabade9e2002b4e714dc3d7476fa52fedc0d0e6bed973e3aa468597810c13a8c40d9845bf0080850f309ec4dc5f88ef54bc3272918944178203e706674d8402f8ccd86d33edb1894e46b793641e9bf407b7c8b2b4b555f07467c96828163ce30fd4c24b108df352bc32eae5b1e3adecf6cf8d2bc3549f49c14a553683499b707a422e98082456c0dcf3f7155db062dfad1e92af9708dca9b70a77f4b88c06f8ee7a43df5f5ac21a6ed194102abaa097097f544896db197fa4dc32c420640a48bc6e79c214c21fc2312d4f9f4f489a52f5774d8339c2e03f979c9ee9a23e8f6f7d3aec1100c9949095ed29deabeebc420cfdf909dbecf8acc871b627bb358bd5ab90db253acf496d9b6a3374c86558a38537a821aa092794333ac26edb8b06370d7b0fa2db01c24534b33431132dc386178651682b5446d519dbc4fdcc69cfb60afe6cbd4d3ea2bcfa9d10bf14cb169009d7d7cc02ff1f03941916f046dcd6fa0c0d25c2189c349481633fdd841f8cca89757c2528b8334e76f37b8c43271a2820c33a2e631e4ed3060b7f0ab4e264a022f17647d511e44c3c594bbff7f0047450d74bf891cb2452f4093d3a77c4b7316218e50bedff67f529f78e52a0ac3af2a8414078aaadfe77e14a1647fe521a947a0489ca384989f391d2b005aaa970457a4f3e0c0f488b4228b33b08ff78581bf5d07446992ad520b2e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r3}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r2, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000040)="76389e147583ddd0569ba56a5cfd55", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000240)={0x80}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00'}, 0x10)
r5 = socket(0x200000100000011, 0x803, 0x0)
r6 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r7=>0x0})
sendto$packet(r5, &(0x7f0000000100)="4dcdc7d96a760000000100050000000000060000", 0x34, 0x0, &(0x7f0000000000)={0x11, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.946729521s ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2200010, &(0x7f0000000000)={[{@init_itable_val}, {@debug}]}, 0x1, 0x576, &(0x7f00000007c0)="$eJzs3U9rHOUfAPDvbLL9//s1hVLUgwR6sFK7aRP/VPBQjyLFgt7rkkxDyaZbspvSxILtwV68SBFELIgvwJMXj8U34KsoaKFICXrwEpnNbJLN7iYx3Xa37ucD0z7PzOw+852Z75NndnaZAIbWePZPIeLliPgqieTopmWjkS8cX1tv5cmt6WxKYnX14z+SSPJ5zfWT/P/DeeWliPjli4jThfZ2a0vLc+VKJV3I6xP1+esTtaXlM1fny7PpbHptcmrq/FtTk+++83bPYn390l/ffvTgg/Nfnlz55sdHx+4lcSGO5Ms2x/EUbm+ujMd4vk+KcWHLiud60NggSfq9AezJSJ7nxcj6gKMxkmc98N/3eUSsAkMqkf8wpJrjgOa1fY+ug18Yj99fuwBqj3907bORONC4Njq0krRcGWXXu2M9aD9r4+ff79/Lpujd5xAAO7p9JyLOjo62939J3v/t3dldrLO1Df0fPD8PsvHPG53GP4X18U90GP8c7pC7e7Fz/hcebZR7/9l0Nv57r+P4d/2m1dhIXvtfY8xXTK5craRZ3/b/iDgVxf1Zfbv7OedXHq62zvlpvbR5/JdNWfvNsWC+HY9G97e+eqZcLz9t3E2P70S80nH8m6wf/6TD8c/2x6VdtnEivf9qt2U7x/9srf4Q8VrH479xRyvZ/v7kRON8mGieFe3+vHvi127t7yL+Yg/DbZMd/0Pbxz+WbL5fW+v2Tt1z8/sDf6fdlu31/N+XfNIo78vn3SzX6wsbSXi7Zf7kxmub9eb6WfynTm7f/3U6/w9GxKddI2519/jdrqv2+/zP4p/pevwbe2DL8f/3hYcffvbd3uPPjv+bjdKpfM5u+r/dbuDT7j8AAAAAAAAYJIWIOBJJobReLhRKpbXvdxyPQ4VKtVY/faW6eG0mGr+VHYtioXmn++im70Ocy78P26xPbqlPRcSxiPh65GCjXpquVmb6HTwAAAAAAAAAAAAAAAAAAAAMiMMRBzr9/j/z20i/tw545toe3SDxYWh0f3RLvqQXT3oCBlLvH6sGvCjy/E/6vR3A8+fvPwwv+Q/DS/7D8JL/MLzkPwwv+Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWxaXXlyazqrz9xYWpyr3jgzk9bmSvOL06Xp6sL10my1OltJS9PV+Z3er1KtXj83GYs3J+pprT5RW1q+PF9dvFa/fHW+PJteTovPJSoAAAAAAAAAAAAAAAAAAAB4sdSWlufKlUq6oNBa2DcYmzH4hdHB2AyFHhf63TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIZ/AgAA//8Pszlh")
open(&(0x7f0000000080)='./bus\x00', 0xa942, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000540)={'fscrypt:', @auto=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31]}, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = fcntl$dupfd(r1, 0x0, r1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea13, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

2.615622752s ago: executing program 3:
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x5, &(0x7f0000000000), 0x1, 0x78b, &(0x7f0000000800)="$eJzs3c1rXFUbAPDnTvPRN+37JoUXtCIYEDRQOjE1tgouKi5EsVDQte04mYaaSaZkJqUJAS0quBFUXAi66dqPunPrx1Y3/g2CpaVqWqy40MidzDTTZpJM0mSmNb8fXOace8/MOc+c+3Hu3MvcAHaswYhIImJ/RLyXRPTX5qfzuquproijS+VuLMzn0ymJxcWXfk2qZa4vzOej4T2pPbXM/RHx7dsRBzIr6y3Pzk3kisXCdC0/XJk8M1yenTt4ejI3XhgvTB0eGR09dOSJI4e3Ltbff5jbe+X95x794uifb9538d3vkjgae2vLGuPYKoMxWPtOutOv8BbPbnVlHZZ0ugFsWrK0lcf+6I9d1RQA8G/2ekQsAgA7TOL4DwA7TP13gOsL8/n61NlfJNrr6jMRsXsp/vr1zaUlXbVrdrur10H7rie3XBlJImJgC+ofjIhPvnrls3SKbboOCdDMG+cj4uTA4Mr9f7LinoWNeqyFMoO35e3/oH2+Tsc/TzYb/2Vujn+iyfint8m2uxnrb/+Zy1tQzarS8d/TDfe23WiIv2ZgVy333+qYrzs5dbpYSPdt/4uIoejuTfMja9QxdO2va6staxz//fbBa5+m9aevyyUyl7t6b33PWK6Su5OYG109H/FAV7P4k5v9n6wy/j2+zmf//eOlV9PX55965+PVyqTxp/HWp5Xxb6/FCxGPNO3/5TvakjXvTxyurg7D9ZWiiS9/+qhvX6n5ssb+T6e0/vq5QDuk/d+3Rvz50RhIGu/XLG+8ju8v9H+z2rL142++/vckL1fTPbV553KVyvRIRE/y4sr5h5bfW8/Xy6fxDz3cfPtfa/1PzwlPthh/15VfPt98/NsrjX9s7fX/tv7feOLijYldq9XfWv+PVlNDtTmt7P9abeCdfHcAAAAAAAAAAAAAAAAAAAAAAAAA0KpMROyNJJO9mc5kstme6jO8/x99mWKpXDlwqjQzNRbVZ2UPRHem/leX/Q3/hzpS+z/8ev7QbfnHI2JfRHzY+59qPpsvFcc6HTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1Oxp+vz/pWWXejvdOgBg2+zudAMAgLZb5/j/4As/v9WupgAAbeL8HwB2Hsd/ANh5Nn38n3toaxsCALSN838AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC22fFjx9Jp8Y+F+XyaHzs7OzNROntwrFCeyE7O5LP50vSZ7HipNF4sZPOlyfU+r1gqnRmNqZlzw5VCuTJcnp07MVmamaqcOD2ZGy+cKHS3JSoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Jjy7NxErlgsTEusTGTujma0kIi7oxkS93iif3lOp/dMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPeGfwIAAP//FY8vow==")
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x36, 0x4, 0x0, 0x0, 0xd8, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x4]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1, 0x5}, {@remote, 0x8}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev, 0x20000}, {@remote}, {@multicast2, 0x7}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b3d090987f70e03d038e7ff7fc6e5539b0d650e8b089b3f353b68090890e0878f0e1ac6e7049b3b46959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07420936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x104d}}, 0x1006)

1.639577425s ago: executing program 1:
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x300, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x98, 0xd8, 0x0, {}, [@common=@inet=@set1={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000000), 0x14)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x101c08a, &(0x7f0000000d40)={[{@shortname_mixed}, {@uni_xlateno}, {@fat=@fmask={'fmask', 0x3d, 0x36}}, {@uni_xlate}, {@utf8}, {@fat=@fmask={'fmask', 0x3d, 0xba4}}, {@shortname_lower}, {@uni_xlateno}, {@utf8}, {@rodir}, {@utf8no}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x7}}, {@rodir}, {@fat=@time_offset={'time_offset', 0x3d, 0x4f0}}, {@fat=@dmask={'dmask', 0x3d, 0x4}}, {@rodir}, {@shortname_mixed}]}, 0x6, 0x2ca, &(0x7f00000008c0)="$eJzs3c9rI1UcAPDvtMkkq4fk4EkEB/TgabF79ZIiuyD25JKDetBid0GaIOxCwB8Y97RXLx48+BcIgn+IF/8DQbyJ3lyhMDKTGTJp0zSBJmD38zl9++Z93/u+10c7PeT141fGpydZPHzy1W/R7SaxN4hBPEuiH3tR+yba0TD4NgCA/7NneR5/5zOb5CUR0d1eWQDAFq33+781D3/eSVkAwBbdf/+Ddw+Pju6+l2XduNd+OhkWf9mPn06Gs+eHD+PTGMWDeDN6cRZRvii0o3xbKMJ7eZ5PW1mhH6+Pp5NhkTn+6Jdq/MM/I8r8g+hFv2wqh/ijzn/n6O5BNtPInxZ1vFDNPyjy70QvXqqSq7eVOv/OkvwYpvHGa436b0cvfv0kPotRnJRFzPO/Psiyt/Pv/vnyw6K8ybB+2zlZ2Kl8f4ffFgAAAAAAAAAAAAAAAAAAAAAAbrjb1d05nSjv7ymaqvt39s+KL9qR1fqL9/PM8pN6oOb9QHmeT/P4ob5f569kPt88vxUvt5oXCwIAAAAAAAAAAAAAAAAAAMDz6/HnX5wej0YPHl1LUH/QvxUR/96PuLxz9CMuH2fQaHk1Vk/aqeY8Ho32qnCxT6vZEvt1nyRi5XKKRVzTtlwV3LpQcxX8+NOmA3av7tNePtd1BvXpOj1Olu9hJ+qWbnVIvk8j5n3SWHOu9LJHeaw6fueDdOmj3sZrT18sg+nio7S5CZGsKuyt32c7V7Uk51eRlru6NL1dBY30c2djrfMc3Vn6xZ8Vids6AAAAAAAAAAAAAAAAAABgq+af/l3y8MmKxFsR0dliYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwQ/P//79BMK2S1+icxqPHF2dNd71MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbrj/AgAA//8d0lbQ")
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.throttle.io_serviced\x00', 0x275a, 0x0)
r3 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$UI_SET_SWBIT(r3, 0x541b, 0x0)
r4 = syz_io_uring_setup(0x51ee, &(0x7f0000000240), &(0x7f00000002c0), &(0x7f0000000300))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmmsg$unix(r5, &(0x7f0000000c80)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000000c0)='^', 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$sock_int(r6, 0x1, 0x2a, &(0x7f0000000000), 0x4)
recvmsg(r6, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000240)=""/105, 0x69}], 0x1}, 0x20002)
recvmmsg(r6, &(0x7f0000001140)=[{{0x0, 0x0, 0x0}}], 0x700, 0x2, 0x0)
fsconfig$FSCONFIG_SET_FD(r2, 0x5, &(0x7f0000000100)='allow_utime', 0x0, r1)
sendmmsg(r6, &(0x7f00000002c0)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000040)="d3", 0x1}], 0x1}}], 0x1, 0x0)
dup3(r6, r5, 0x0)
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r4, 0x12, 0x0, 0x0)
fsetxattr$trusted_overlay_upper(r4, &(0x7f00000000c0), &(0x7f0000000300)=ANY=[@ANYBLOB="00fbf204840166bdc556b9dc2aa052cbafda4e0f2671d0e0f3ff4fe62051e540d700c87e4468793d368599e26f8459149c1032d07e6427d9f263d9f86ee8254c2a069f4afb23fa9be6a14dc97d5ce60f4cb52c242161b8d973249beb20f71eef2e7750d1b77bc0ded9d1b97fb669b580530946f0c59ff44969bd2da1559e97716aafdfb2a177ffbcb16009611d12e33ff34a61b01dab8cc36f04596e199058ffbd9e3770b1c4ec712d9423122fb4b710fcc16ef5d6599684177b6f98d40d6d64093a069fe8e2c0aec367e410f19f4bdf98fb0e55a2471993d3b1c182aeef805d19f2086f038f4bb1d43e26065b38f9644eff"], 0xf2, 0x2)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005e002200850000006d00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00', r7}, 0x10)

1.634869835s ago: executing program 2:
unshare(0x22020600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b000000095"], &(0x7f0000000ec0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000002c0)={r0, 0x0, &(0x7f0000000280)=""/34}, 0x20)

1.60464509s ago: executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f00000000c0)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)

1.479804169s ago: executing program 2:
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000300)={[{@commit={'commit', 0x3d, 0x80000000}}]}, 0xfc, 0x57a, &(0x7f0000001180)="$eJzs3d9rW1UcAPDvTdut+6HtYAz1QQp7cDKXrq0/Jvgw8Ul0OND3GdqsjKbLaNKx1oHbg3vxRYYg4kD03Xcfh/+Af8VAB0NGUcSXyE1vumxN0qa/13w+cLdz7r3pOd/c+z05NzchAfSskfSfXMTLEfFNEjHUtK0/so0jy/stPb45mS5J1Gqf/pVEkq1r7J9k/x/JKi9FxG9fRZzOrW63srA4UyiVinNZfbQ6e220srB45spsYbo4Xbw6PjFx7q2J8XffeXvLYn394j/ff3L/w3Nfn1z67peHx+4mcT6OZtua4+hW35Pireb1IzGSPScDcf6Zx4xttLE9KtntDrAhfVmeD0Q6BgxFX5b1LdWGdrJrwDb7Mk1roEcl8h96VGMe0Li238x18PPo0fvLF0Cr4+9ffm8kBuvXRoeXkqeujNLr3eEtaD9t49c/791Nl9jk+xAA3bh1OyLO9vevHv+SbPzbuLPr2OfZNox/sHPup/OfN1rNf3Ir859oMf850iJ3N2Lt/M893IJm2krnf++1nP+u3LQa7stqL9TnfAPJ5SulYjq2vRgRp2LgYFrvcD/n89zSg1q7jc3zv3RJ22/MBbN+POw/+PRjpgrVwqaCbvLodsQrLee/ycrxT1oc//T5uLjONk4U773abtva8W+v2k8Rr7U8/k/uaCWd70+O1s+H0cZZsdrfd0783q793Y4/Pf6HO8c/nDTfr61038aPg/8V223b6Pl/IPmsXj6QrbtRqFbnxiIOJB+vXj/+5LGNemP/NP5TJzuPf63O/0NpYq8z/jvH7zTvOthd/NsrjX+qq+PffeHBR1/80K799R3/N+ulU9ma9Yx/6+3gZp47AAAAAAAA2GtyEXE0klx+pZzL5fPLn+84HodzpXKlevpyef7qVNS/KzscA7nGne6hps9DjGWfh23Ux5+pT0TEsYj4tu9QvZ6fLJemdjt4AAAAAAAAAAAAAAAAAAAA2COORAy2+v5/6o++3e4dsO06/OQ3sM+1z/9sy1b80hOwJ3n9h94l/6F3yX/oXfIfelen/Dc2wP7WKcdrtR3sCLDjvMZD7+om/3++sI0dAQAAAAAAAAAAAAAAAAAAAAAAAAAAgP3h4oUL6VJbenxzMq1PXV+YnylfPzNVrMzkZ+cn85PluWv56XJ5ulTMT5Zn1/p7pXL52th4zN8YrRYr1dHKwuKl2fL81eqlK7OF6eKl4sCORAUAAAAAAAAAAAAAAAAAAADPl8rC4kyhVCrOKfRc4YN/t+Lv9O+VcBS2tLDm0FHbkQEKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACLi/wAAAP//YNs+ZA==")
r0 = open(&(0x7f0000000040)='./file2\x00', 0x181042, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000240)=0x1)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000380), 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000001b80)=ANY=[@ANYBLOB="b702000007000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a10900000008ee2780870014f51c3c975d5aec84222fd3a0ec4be3e563112b0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01ac69398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ef6a8c88e18c2977aab37d9ac4cfc1c7b400000c00000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b27663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b6214912a517810200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3800000000000000009c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb89283a16ff10feea20bdac0000000000000000ca06f256c85591019465f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734837ff47257f164391c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d65a6d072034cecc457776c5fa1f33b0203c07052c6bc314b0ac5c63bc2083c9cda0b7480e0b17854ffcc76176ce266bc698f7921b8afe798a7a5ed33ab0374455ee368fda99a0e681bf9426831b193395cb01a7332a50aac841cb7d48a1768a7640a9820631ba775a3dc4e97f7fda840bcdd3afaa0d7c3c229de4f0f4ac4d04f1a4e52efb0832bb990d86b1b7aae91d5ff852b0df8412a9ba1549fe416517938968f11cd9c9da57ba7773044cc935ab74f333119191e25822240d3e26f74f4263c3d0589c5d8896a7f5821135eb"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe2c, 0x60000000, &(0x7f0000000100)="b9ff03076844268cb89e14f008004be0ffff00124000632f77fbac141416ac1414160e089f034d2f87e5440c0cab845013f2325f1a39010702038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, 0x0, 0x0)
syz_emit_ethernet(0x3e, 0x0, 0x0)
write$P9_RREADDIR(r0, &(0x7f0000000100)={0xb}, 0xb)
sendfile(r0, r0, &(0x7f0000000240), 0x7f03)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='xprt_retransmit\x00', r4}, 0x3)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f0000000400)={[{@nogrpid}, {@nomblk_io_submit}, {@test_dummy_encryption}, {@init_itable}]}, 0x11, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
llistxattr(0x0, 0x0, 0x0)

1.394003413s ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='ext4_request_inode\x00', r1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)

1.354885269s ago: executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x9, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000001000000000000071181d00f0ffffff9500009d277a1816275c0000000000"], &(0x7f0000000180)='syzkaller\x00', 0x4, 0x9d, &(0x7f0000000280)=""/157, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x80)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$TIPC_NL_MON_GET(r1, &(0x7f0000000500)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000005c0)={0x0, 0x88}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x19, 0x4, 0x4, 0x1, 0x0, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r2, &(0x7f0000000000), &(0x7f0000000380)=@udp=r1, 0x2}, 0x20)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r3, &(0x7f0000000080)=ANY=[], 0xff2e)
sendmsg$nl_route_sched(r1, &(0x7f0000000b00)={&(0x7f0000000a00)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000ac0)={&(0x7f0000000bc0), 0x80}, 0x1, 0x0, 0x0, 0x4844}, 0x1)
ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000080)={0x0, 0x0, 0xfffffffe, 0xc4f100c8, 0x6, "526120fa17c0a0ffffffff99511e0d828c2b26"})
ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "0040001e1d113c0000000000000100"})
r4 = syz_open_pts(r3, 0x0)
r5 = dup3(r4, r3, 0x0)
read$FUSE(r5, &(0x7f0000008440)={0x2020, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2020)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r2, &(0x7f0000000080)="de5956f3ba900ccdb80bd6bb60d09c3e7cc53a11", &(0x7f0000000240)=@udp=r5}, 0x20)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000680), r1)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000d40)={&(0x7f0000000c00)={0x114, r7, 0x1, 0x70bd25, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xac, 0x1d}}}}, [@NL80211_ATTR_TDLS_ACTION={0x5, 0x88, 0x1}, @NL80211_ATTR_IE={0xeb, 0x2a, [@ht={0x2d, 0x1a, {0x8000, 0x1, 0x6, 0x0, {0x9, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x1, 0x2}, 0x400, 0x3, 0x8}}, @mesh_config={0x71, 0x7, {0x0, 0x0, 0x1, 0x0, 0x2, 0x3f, 0x1}}, @measure_req={0x26, 0xc0, {0x5, 0x3f, 0x3f, "fe9c08b2d965792722a55cd8b934903791d3fbd601797f7700d692b91b534094ccb65da1fca1d132d4a3a008a79b5261439e2d2d0786ee7dff9ec1930033dedae75bd03a01d3fe7b1dd41d030d8a8fbcb2da455a6980ce72f4e7fbc426a3199d3fd2fefd763f4045a72e6dbf99bfe02fa47e78b99a0ce228d0c2838930318870356906c703097465cbccaf39f4dea6387cf1c8b353822757b9a40bcd9bec430a65c89db3521773469aca7fb1a6266367f6bcd282d908ef0cabd748bf61"}}]}]}, 0x114}, 0x1, 0x0, 0x0, 0x10}, 0x48000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_FRAME(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x68, r8, 0x7562f43b63fde81f, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME={0x4a, 0x33, @action={{}, @sp_mp_open={0xf, 0x1, {0x0, {}, @val={0x72, 0x6}, @val={0x2d, 0x1a}}}}}]}, 0x68}}, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(r1, &(0x7f00000008c0)={&(0x7f0000000800)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000880)={&(0x7f0000000a40)=ANY=[@ANYBLOB="ea132a8a7acffed2d5552ba1d305ab69461ed8986c107694aac505aca8bd78b9a67f676192cea45553be09", @ANYRES16=r8, @ANYBLOB="200027bd7000fedbdf252000000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0xc0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000600)={'ip_vti0\x00', &(0x7f0000000540)={'tunl0\x00', <r11=>0x0, 0x40, 0x7800, 0x8001, 0x34, {{0xc, 0x4, 0x1, 0x1, 0x30, 0x67, 0x0, 0xbf, 0x29, 0x0, @remote, @loopback, {[@cipso={0x86, 0x14, 0x2, [{0x6, 0x6, "0c311310"}, {0x5, 0x2}, {0x1, 0x4, "02d6"}, {0x7, 0x2}]}, @lsrr={0x83, 0x7, 0xd3, [@loopback]}]}}}}})
r12 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1012c0, 0x0)
ioctl$FS_IOC_GETFSMAP(r12, 0xc0c0583b, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, '\x00', [{0xffffffff}]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x11, 0x2, &(0x7f0000000040)=@raw=[@initr0={0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0xc0000000}], &(0x7f0000000400)='syzkaller\x00', 0x3ff, 0xbd, &(0x7f0000000740)=""/189, 0x40f00, 0x2, '\x00', r11, 0x0, r12, 0x8, &(0x7f0000000640)={0x4, 0x5}, 0x8, 0x10, &(0x7f00000006c0)={0x4, 0xe, 0x3, 0x2}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000940)=[r2]}, 0x80)
sendmsg$IPSET_CMD_TEST(r12, &(0x7f0000000700)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000140)={&(0x7f0000000e40)=ANY=[@ANYRES32=r6], 0x98}, 0x1, 0x0, 0x0, 0x4010}, 0x20000002)
ioctl$BTRFS_IOC_INO_PATHS(r1, 0xc0389423, &(0x7f0000000b80)={0x0, 0x28, [0x101, 0x5fbe, 0x1, 0x5], &(0x7f0000000b40)=[0x0, 0x0, 0x0, 0x0, 0x0]})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r13=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0xffffffef, &(0x7f0000000300)={&(0x7f0000001bc0)=@newlink={0x84, 0x10, 0xffffff1f, 0xee020000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x35288}, [@IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x4c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6}, @IFLA_IPTUN_REMOTE={0x14, 0x3, @private0}, @IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_LINK={0x8, 0x1, r13}, @IFLA_IPTUN_COLLECT_METADATA={0x4}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @remote}, @IFLA_IPTUN_PROTO={0x5, 0x9, 0x29}]}}}, @IFLA_MASTER={0x8, 0xa, r13}]}, 0x84}}, 0x4000080)

1.206189752s ago: executing program 3:
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file1\x00', 0x2000000c, &(0x7f0000000100)=ANY=[@ANYBLOB='errors=remount-ro,discard,errors=continue,uid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=0000000000000000000,iocharset=cp865,gid=', @ANYRESHEX=0x0, @ANYBLOB=',allow_utime=00000000000000000000007,dmask=00000000000000000000005,\x00'], 0x1, 0x14fd, &(0x7f0000002a80)="$eJzs3HuYjlXbMPB1rrUuxjTpbpLNsM51XtxpsEySZJOQTZIkSZJdQtIkSUJiyC5pSEK2k2QzhGQzjUljv99knzR5pEmSkJBkfcf0PN/red6e9+19vuf5Psf3zPk7jnXc65zrOs97rTnnmPu6rj/u73qPadCqYd0WRCT+KfDnlxQhRIwQYoQQ4johRCCEqBJfJT7veCEFKf/cm7B/rYfTr/YK2NXE/c/fuP/5G/c/f+P+52/c//yN+5+/cf/zN+4/Y/nZznklrueRfwc//8/P+PP/30huxalfba54Y59/IIX7n79x//M37v+/K/gfncX9z9+4//kb9//fX53/5hj3P3/j/jOWn13t5888ru642n9/jDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcbyhwv+Ci2EyHsNrvaiGGOMMcYYY4wx9i/lC17tFTDGGGOMMcYYY+z/PhBSKKFFIAqIgiJGFBKx4hoRJ64VhcV1IiKuF/HiBlFE3CiKimKiuCghEkRJUUoYgcIKEqEoLcqIqLhJlBU3i0RRTpQXFYQTFUWSuEVUEreKyuI2UUXcLqqKO0Q1UV3UEDXFnaKWuEvUFnVEXXG3qCfqiwaiobhHNBL3isbiPtFE3C+aigdEM/GgaC4eEi3Ew6KleES0Eo+K1uIx0Ua0Fe1Ee9Hh/yj/JdFfvCwGiIEiRQwSg8UrYogYKoaJ4WKEeFWMFK+JUeJ1kSpGizHiDTFWvCnGibfEeDFBTBRvi0lispgipoppYrpIE++IGeJdMVO8J2aJ2WKOmCvSxTwxX7wvFoiFYpH4QCwWH4olYqlYJpaLDPGRyBQrRJb4WKwUn4hssUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvETvGp2CV2iz1ir9gn9osD4jNxUHwuDokvRI748h/MP/+f8vuAAAESJGjQUAAKQAzEQCzEQhzEQWEoDBGIQDzEQxEoAkWhKBSH4pAACVAKSgECAgFBaSgNUYhCWSgLiZAI5aE8OHCQBElQCW6FylAZqkAVqApVoRpUh+pQE2pCLagFtaE21IW6UA/qQQNoAPfAPXAvNIbG0ASaQFNoCs2gGTSH5tACWkBLaAmtoBW0htbQBtpAO2gHHaADdISO0Ak6QRfoAl2hK3SDbpAMydAdukMP6AE9oSf0gl7QG3pDH+gLfeEleAlehpdhINSTg2AwDIYhMASGwXAYDq/CSHgNXoPXIRVGwxh4A96AN2EcnIPxMAEmwkSoJSfDFJgKJKdDGqTBDJgBM2EmzILZMBvmQjrMg/kwHxbAQlgIH8Bi+BA+hKWwFJZDBmRAJqyALMiClXAesmEVrIY1sBbWwVrYABthA2yGLbAZtsE22AE74FP4FHbDbtgLe2E/7IfP4DP4HD6HVMiBHDgMh+EIHIGjcBRyIReOwTE4DsfhBJyAk3ASTsFpOAOn4SychXNwHi7ABbgIF+ESvJDwTcv95TalCplHSy0LyAIyRsbIWBkr42ScLCwLy4iMyHgZL4vIIrKoLCqLy+IyQSbIUrKURImSZChLy9IyKqOyrCwrE2WiLC/LSyedTJJJspKsJCvLyrKKvF1WlXfIarK67Oxqypqyluziass6sq6sK+vJ+rKBbCgbykaykWwsG8smsolsKpvKZvJB2VwOgmHwsMzrTCs5GlrLMdBGtpXtZHv5JjwuO8px0El2ll3kk3ICjIdusqNLls/I7nIK9JDPyanwvOwlp0Nv+aLsI/vKfvIl2V92cgPkQDkLBsnBci4MkUPlMDlcLoD6Mq9jDeTrMlWOlmPkG3I5vCnHybfkeDlBTpRvy0lyspwip8ppcrpMk+/IGfJdOVO+J2fJ2XKOnCvT5Tw5X74vF8iFcpH8QC6WH8olcqlcJpfLDPmRzJQrZJb8WK6Un8hsuUqulmvkWrlOrpcb5Ea5SW6WW+RWuU1ulzvkTvmp3CV3yz1yr9wn98sD8jN5UH4uD8kvZI78Uh6Wf5JH5FfyqPxa5spv5DH5rTwuv5Mn5PfypPxBnpKn5Rn5ozwrf5Ln5Hl5Qf4sL8pf5CX5q7wsvRQKlFRKaRWoAqqgilGFVKy6RsWpa1VhdZ2KqOtVvLpBFVE3qqKqmCquSqgEVVKVUkahsopUqEqrMiqqblJl1c0qUZVT5VUF5VRFlaRuUZXUraqyuk1VUberquoOVU1VVzVUTXWnqqXuUrVVHVVX3a3qqfqqgWqo7lGN1L2qsbpPNVH3q6bqAdVMPaiaq4dUC/WwaqkeUa3Uo6q1eky1UW1VO9VedVCPq47qCdVJdVZd1JOqq3pKdVNPq2T1jOqunlU91HOqp3pe9VIvqN7qRdVH9VX91K/qsvJqgBqoUtQgNVi9ooaooWqYGq5GqFfVSPWaGqVeV6lqtBqj3lBj1ZtqnHpLjVcT1ET1tpqkJqspaqqapqarNPWOmqHeVTPVe2qWmq3mqLkqXc1Tw/5SadH/IP/dv5M/6rd336F2qk/VLrVb7VF71T61Xx1QB9RBdVAdUodUjspRh9VhdUQdUUfVUZWrctUxdUwdV8fVCXVCnVQn1Sl1Wv2sflRn1U/qnDqvzquf1UV1UV36y+9AaNBSK611oAvogjpGF9Kx+hodp6/VhfV1OqKv1/H6Bl1E36iL6mK6uC6hE3RJXUobjdpq0qEurcvoqL5Jl9U360RdTpfXFbTTFXWSvuWfzv+j9XXQHXRH3VF30p10F91Fd9VddTfdTSfrZN1dd9c9dA/dU/fUvXQv3Vv31n10H91P99P9dX89QA/QKTpFD9av6CF6qB6mh+sR+lU9Uo/Uo/QonapT9Rg9Ro/VY/U4PU6P1+P1RD1RT9KT9BQ9RU/T03SaTtMz9Aw9U8/Us/QsPUfP0ek6Xc/X8/UCvUAv0ov0Yr1YL9FL9DK9TGfoDJ2pM3WWztIr9UqdrVfpVXqNXqPX6XV6g96gN+lNeoveorfpbTpb79Q79S69S+/Re/Q+vU8f0Af0QX1QH9KHdI7O0Yf1YX1EH9FH9VGdq3P1MX1MH9fH9Ql9Qp/UJ/UpfUqf0Wf0WX1Wn9Pn9AV9QV/UF/UlfUlf1pfzLvsCGchABzooEBQIYoKYIDaIDeKCuKBwUDiIBJEgPogPigQ3BkWDYkHxoESQEJQMSgUmwMAGFIRB6aBMEA1uCsoGNweJQbmgfFAhcEHFICm4JagU3BpUDm4LqgS3B1WDO4JqQfWgRlAzuDOoFdwV1A7qBHWDu4N6Qf2gQdAwuCdoFNwbNA7uC5oE9wdNgweCZsGDQfPgoaBF8HDQMngkaBU8GrQOHgvaBG2DdoG/7P2/sr7354o94QaYgSbFDDKDzStmiBlqhpnhZoR51Yw0r5lR5nWTakabMeYNM9a8acaZt8x4M8FMNG+bSWaymWKmmmlmukkz75gZ5l0z07xnZpnZZo6Za9LNPDPfvG8WmIVmkfnALDYfmiVmqVlmlpsM85HJNCtMlvnYrDSfmGyzyqw2a8xas86sNxvMRrPJbDZbzFazzWw3O8xO86nZZXabPWav2Wf2mwPmM3PQfG4OmS9MjvnSHDZ/MkfMV+ao+drkmm/MMfOtOW6+MyfM9+ak+cGcMqfNGfOjOWt+MufMeXPB/Gwuml/MJfOruWx83sV93sc7atRYAAtgDMZgLMZiHMZhYSyMEYxgPMZjESyCRbEoFsfimIAJWApLYR5CwtJYGqMYxbJYFhMxEctjeXToMAmTsBJWwspYGatgFayKVbEaVsMaWAPvxDvxLrwL62AdvBvvxvpYHxtiQ2yEjbAxNsYm2ASbYlNshs2wOTbHFtgCW2JLbIWtsDW2xjbYBtthO+yAHbAjdsRO2Am7YBfsil2xG3bDZEzG7tgde2AP7Ik9sRf2wt7YG/tgH+yH/bA/9scBOABTMAUH42AcgkNwGA7DETgCR+JIHIWjMBVTcQyOwbE4FsfhOByPE3Aivo2TcDJOwak4DadjGqbhDJyBM3EmzsJZOAfnYDqm43ycjwtwAS7CRbgYF+MSXILLcBlmYAZmYiZmYRauxJWYjdm4GlfjWlyL63E9bsSNuBk341bcittxO+7EnbgLd+Ee3IP7cB8ewAN4EA/iITyEOZiDh/EwHsEjeBSPYi7m4jE8hsfxOJ7AE3gST+IpPIVn8AyexbN4Ds/hBbyAF/EXvIS/4mX0GGOliLXX2Dh7rS1sr7MxtpD967i4LWETbElbyhpb1Bb7mxittYm2nC1vK1hnK9oke8vv4mq2uq1ha9o7bS17l639u7iRvdc2tvfZJvZ+29De8zdxU/uAbWYftc3tY7aFbWtb2va2lX3UtraP2Ta2rW1n29uu9inbzT5tk+0ztrt99ndxpl1hN9pNdrPdYg/az+0F+7M9br+zF+0vdoAdaEfYV+1I+5odZV+3qXb07+KJ9m07yU62U+xUO81O/108x8616XaenW/ftwvswt/FGfYju9hm2SV2qV1ml/8W560py35sV9pPbLZdZVfbNXatXWfX2w3/sdY1dpvdbnfYA/Yzu8vutnvsXrvP7v8tztvHIfuFzbFf2mP2W3vEfmWP2hM2137zW5y3vxP2e3vS/mBP2dP2jP3RnrU/2XP2/G/7z9v7j/ZXe9l6KwhIkiJNARWgghRDhSiWrqE4upYK03UUoespnm6gInQjFaViVJxKUAKVpFJkCMkSUUilqQxF6SYqSzdTIpWj8lSBHFWkJLqFKtGtVJluoyp0O1WlO6gaVacaVJPupFp0F9WmOlSX7qZ6VJ8aUEO6hxrRvdSY7qMmdD81pQeoGT1IzekhakEPU0t6hFrRo9SaHqM21JbaUXvqQI9TR3qCOlFn6kJPUld6irrR05RMz1B3epZ60HPUk56nXvQC9aYXqQ/1pX70EvWnl2kADaQUGkSD6RUaQkNpGA2nEfQqjaTXaBS9Tqk0msbQGzSW3qRx9BaNpwk0kd6mSTSZptBUmkbTKY3eoRn0Ls2k92gWzaY5NJfSaR7Np/dpAS2kRfQBLaYPaQktpWW0nDLoI8qkFZRFH9NK+oSyaRWtpjW0ltbRetpAG2kTbaYttJW20XbaQTvpU9pFu2kP7aV9tJ8O0Gd0kD6nQ/QF5dCXdJj+REfoKzpKX1MufUPH6Fs6Tt/RCfqeTtIPdIpO0xn6kc7ST3SOztMF+pku0i90iX6ly+RJhBDKUIU6DMICYcEwJiwUxobXhHHhtWHh8LowEl4fxoc3hEXCG8OiYbGweFgiTAhLhqVCE2JoQwrDsHRYJoyGN4Vlw5vDxLBcWD6sELqwYpgU3hJWCm8NK4e3hVXC28Oq4R1htbB6+Oj9NcM7w1rhXWHtsE5YN7w7rBfWDxuEDcN7wkbhvWHj8L6wSXh/WDl8IGwWPhg2Dx8KW4QPhy3DR8JW4aNh6/CxsE3YNmwXtg87hI+HHcMnwk5h57BL+GTYNXwq7BY+HSaHz4Tdw2f/8HhKOCgcHL4SvhJ6f59aFl0ezYh+FM2MrohmRT+Orox+Es2Oroqujq6Jro2ui66PbohujG6Kbo5uiW6Nbotuj+6Iet+woHDgpFNOu8AVcAVdjCvkYt01Ls5d6wq761zEXe/i3Q2uiLvRFXXFXHFXwiW4kq6UMw6ddeRCV9qVcVF3kyvrbnaJrpwr7yo45yq6JNfedXAdXEf3hOvkOrsu7kn3pHvKPeWedk+7Z1x396zr4Z5zPd3zrpd7wb3gXnR9XF/Xz73k+ruX3QA30KW4FDfYDXZD3BA3zA1zI9wIN9KNdKPcKJfqUt0YN8aNdWPdODfOjXfj3UQ30U1yk9wUN8VNc9NcmktzM9wMN9PNdLPcLDfHzXHpLt3Nd/PdArfALXKL3OLExW6JW+KWuWUuw2W4TJfpslyWW+lWumyX7Va71W6tW+vWu/Vuo9voNrvNbqvb6ra77W6n2+l2uV1uj9vj9rl97oA74A66g+6QO+RyXI477A67I+6IO+q+drnuG3fMfeuOu+/cCfe9O+l+cKfcaXfG/ejOup/cOXfeXXA/u4vuF3fJ/eouO+/SIu9EZkTejcyMvBeZFZkdmROZG0mPzIvMj7wfWRBZGFkU+SCyOPJhZElkaWRZZHkkI/JRJDOyIpIV+TiyMvJJJDuyKrI6siayNrIu4n3JXaEv7cv4qL/Jl/U3+0Rfzpf3FbzzFX2Sv8VX8rf6yv42X8Xf7qv6O3w1X93X8I/5Nr6tb+fb+w7+cd/RP+E7+c6+i3/Sd/VP+W7+aZ/sn/Hd/bO+h3/O9/TP+17+Bd/bv+j7+L6+n3/J9/cv+wF+oE/xg/xg/4of4of6YX64H+Ff9SP9a36Uf92n+tF+jH/Dj/Vv+nH+LT/eT/AT/dt+kp/sp/ipfpqf7tP8O36Gf9fP9O/5WX62n+Pn+nQ/z8/37/sFfqFf5D/wi/2Hfolf6pf55T7Df+Qz/Qqf5T/2K/0nPtuv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dr/Tf+p3+d1+j9/r9/n9/oD/zB/0n/tD/guf47/0h/2f/BH/lT/qv/a5/ht/zH/rj/vv/An/vT/pf/Cn/Gl/xv/oz/qf/Dl/3l/wP/uL/hd/yf+adyPgr/aTdMYYY4yx/x+oPzg+6O/8TP5l5BkshLh2d4nc/1xza9E/z4fKhK4RIcQzA3s//L9HvXopKSl/OTdbiaDMUiFE5Ep+AXElXiW6iKdEsugsKv3d9Q2VfS/SH9SP3i5E7F/lxIgr8ZX6t/4X9R9/cmJm1fBC/H9Tf6kQiWWu5BQSV+Ir9Sv/F/WLdfyD9Rf6Kk2ITn+VEyeuxFfqJ4knxLMi+W/OZIwxxhhjjDHG/myorNHzj+6f8+7PE/SVnILiSvxH9+eMMcYYY4wxxhi7+p7v2+/px5OTO/fkCU94wpP/mFzt/0yMMcYYY4yxf7UrF/1XeyWMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxlj+9f/i68Su9h4ZY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxq+1/BQAA///QoDtv")
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x0)

1.15271671s ago: executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000100)='kfree\x00', r2}, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000003640), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000200)={0x34, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_STRSET_STRINGSETS={0x8, 0x2, 0x0, 0x1, [{0x4}]}, @ETHTOOL_A_STRSET_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}]}, 0x34}}, 0x0)

1.136947123s ago: executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c0000001d001102000000000000000007000000", @ANYRES32=r1, @ANYRESOCT=r0], 0x1c}}, 0x0)

1.131020974s ago: executing program 3:
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f00000002c0)=[{0x25}, {0x6}]})

1.085361211s ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2200010, &(0x7f0000000000)={[{@init_itable_val}, {@debug}]}, 0x1, 0x576, &(0x7f00000007c0)="$eJzs3U9rHOUfAPDvbLL9//s1hVLUgwR6sFK7aRP/VPBQjyLFgt7rkkxDyaZbspvSxILtwV68SBFELIgvwJMXj8U34KsoaKFICXrwEpnNbJLN7iYx3Xa37ucD0z7PzOw+852Z75NndnaZAIbWePZPIeLliPgqieTopmWjkS8cX1tv5cmt6WxKYnX14z+SSPJ5zfWT/P/DeeWliPjli4jThfZ2a0vLc+VKJV3I6xP1+esTtaXlM1fny7PpbHptcmrq/FtTk+++83bPYn390l/ffvTgg/Nfnlz55sdHx+4lcSGO5Ms2x/EUbm+ujMd4vk+KcWHLiud60NggSfq9AezJSJ7nxcj6gKMxkmc98N/3eUSsAkMqkf8wpJrjgOa1fY+ug18Yj99fuwBqj3907bORONC4Njq0krRcGWXXu2M9aD9r4+ff79/Lpujd5xAAO7p9JyLOjo62939J3v/t3dldrLO1Df0fPD8PsvHPG53GP4X18U90GP8c7pC7e7Fz/hcebZR7/9l0Nv57r+P4d/2m1dhIXvtfY8xXTK5craRZ3/b/iDgVxf1Zfbv7OedXHq62zvlpvbR5/JdNWfvNsWC+HY9G97e+eqZcLz9t3E2P70S80nH8m6wf/6TD8c/2x6VdtnEivf9qt2U7x/9srf4Q8VrH479xRyvZ/v7kRON8mGieFe3+vHvi127t7yL+Yg/DbZMd/0Pbxz+WbL5fW+v2Tt1z8/sDf6fdlu31/N+XfNIo78vn3SzX6wsbSXi7Zf7kxmub9eb6WfynTm7f/3U6/w9GxKddI2519/jdrqv2+/zP4p/pevwbe2DL8f/3hYcffvbd3uPPjv+bjdKpfM5u+r/dbuDT7j8AAAAAAAAYJIWIOBJJobReLhRKpbXvdxyPQ4VKtVY/faW6eG0mGr+VHYtioXmn++im70Ocy78P26xPbqlPRcSxiPh65GCjXpquVmb6HTwAAAAAAAAAAAAAAAAAAAAMiMMRBzr9/j/z20i/tw545toe3SDxYWh0f3RLvqQXT3oCBlLvH6sGvCjy/E/6vR3A8+fvPwwv+Q/DS/7D8JL/MLzkPwwv+Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWxaXXlyazqrz9xYWpyr3jgzk9bmSvOL06Xp6sL10my1OltJS9PV+Z3er1KtXj83GYs3J+pprT5RW1q+PF9dvFa/fHW+PJteTovPJSoAAAAAAAAAAAAAAAAAAAB4sdSWlufKlUq6oNBa2DcYmzH4hdHB2AyFHhf63TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIZ/AgAA//8Pszlh")
open(&(0x7f0000000080)='./bus\x00', 0xa942, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000540)={'fscrypt:', @auto=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31]}, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = fcntl$dupfd(r1, 0x0, r1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea13, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

1.068956463s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x6, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000002c0)='mm_page_alloc\x00', r6}, 0x10)
r7 = fcntl$dupfd(r5, 0x0, r5)
ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x5, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_WRITE_READ(r8, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
dup(0xffffffffffffffff)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r9 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r9}, 0x0, 0x0}, 0x20)

611.540265ms ago: executing program 2:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x308, 0x0, 0x9403, 0x4, 0x140, 0x2c0, 0x238, 0x4a8, 0x3d8, 0x238, 0x3d8, 0x3, 0x0, {[{{@uncond, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@ecn={{0x28}, {0x0, 0x33}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00'}}}, {{@uncond, 0x0, 0xd0, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x368)

602.263486ms ago: executing program 2:
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NLBL_CIPSOV4_C_ADD(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000480)=ANY=[@ANYBLOB="30010000", @ANYRES16, @ANYBLOB="01000000000000000000010000000800010001000000040004800800020001000000080108802c0007800800ffeac3bc0000080006001c000000080006"], 0x130}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="680000001600010000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB="14000100fe8000000000000000000000000000aa14"], 0x68}}, 0x0)

592.940887ms ago: executing program 2:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000140)="00c2", 0x2, 0xfffffffffffffffd)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r4=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r4, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
sync()

393.420819ms ago: executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000001c0)={'ip_vti0\x00', &(0x7f0000000100)})

183.097481ms ago: executing program 3:
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000180), 0x10)
dup2(r0, 0xffffffffffffffff)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x4000)
getsockopt$netlink(r1, 0x10e, 0x3, &(0x7f00000001c0)=""/240, &(0x7f00000002c0)=0xf0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x0, 0x0)
fstatfs(r2, &(0x7f0000000680)=""/95)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x1, 0x6}, 0x4)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in6=@private0, @in6=@local}, {@in6=@private2, 0x0, 0x32}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000680)=@newsa={0x138, 0x10, 0x713, 0x0, 0x0, {{@in=@multicast1, @in6=@local}, {@in6=@private2, 0x0, 0x32}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0xa}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}}, 0x0)
sendfile(r4, r5, 0x0, 0x3)
recvmmsg(r3, &(0x7f00000078c0)=[{{0x0, 0x0, &(0x7f0000005440)=[{&(0x7f0000000380)=""/255, 0xff}], 0x1}}], 0x1, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000010c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000300), 0x208e24b)
sendfile(r6, r1, &(0x7f0000000300)=0x6, 0x3)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x0, 0x10b, &(0x7f0000000040)=ANY=[@ANYBLOB="05010900b24b6a10e60403007701000000010902"], 0x0)

157.260955ms ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000002180)=ANY=[@ANYBLOB="180000000800000100000000e4ffffff140100000800000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_insert_range\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000002180)=ANY=[], &(0x7f00000000c0)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_insert_range\x00', r1}, 0x10)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x42, 0x0)
fallocate(r2, 0x20, 0x0, 0xffffffff000)

119.126421ms ago: executing program 4:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0xb}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='block_plug\x00', r2}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x7a05, 0x1700)
write$cgroup_int(r3, &(0x7f0000000200), 0x43400)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x200000a, 0x12, r0, 0x0)
sendto$inet6(r0, &(0x7f0000002380)="4bc32a49c5fee590838631f81d2d501b780e3376f11cd3e5af0a450233e74156f6bbf53a14d2e74c8e46115c0a4d4a0375317c4d988a690e37262cb48b591bfdb4ff738f0be31f3f33d65ec0256e00d937043394bbc296a55f0ffd3f8ae817bd0629ddb54b5a077cb64f8b1b75a3368c7908668352513b274701ffeab331e7427c786ca327f124645e97e4b67c7eda72388d008dbecae8227565c52c02500c1953cff47c07baeaa70ccda20f6ad15db93d0225f72ac9f7c32387b0e50de6f698decf584671232331c524c1e775c4b13e0e379e8253b0ff8fc05238f9a7dada66771b3c485d00532858ad4e137742e6adf72eec34b0ba8821c67f9d2726e98a6074617100882dc2711fb2e477cc76a1ff9b47d93ca2fa42e52f483bd2aa530974ff3fd29a170adadb10241abb8ddff7fdbe53765ee6239d7896be7db752b5046cc5b4b36b2a9c0b3c154915d90ccbf46675a81826b348a5c986a4d1c4488f6e24545619c829e7f6c4ae68d1a86bb2e700728086f30659178c7ba222b71f5786d77f12f221cd20b9fbd24801abcd64eaa605ca9da167fb06b11b9ee2a33d7d144f162f0699972818e0e69159e07393634fd13310a648768d17013063d34b2d68a20469891d0f24285a44ea4dc4aaadf3e326c7645fb569ee78dca1ec46d7942a42bd675ed1dbb3b537a24d57b76583df434bb57f38c0b4c2b6414f4511fb0126a3e17e06c65ec6023b8198ddc4b59707132affdb3123a930192d8a1a1d346501468faf24a8090b0454b7fd4fbe7f3afd8e70150edc2d3b6d799b45010dfd621c39d1e32e19f7c1554abf55e4cb0f450d129c4eaef1a1b7431ad30fc0d6ce6b973f2aa0f1dd2599d8284fb79deff298aae73388cd0ae4fccda5cff46b058fac08debb67bb9bc5eea5a6d28cff2d046a5afb09fb608bab362ef021fefc8d05e9619ea57959a884873b3a887a5e08123d564c5349c4c15c2ece77f0e4d0e4c88a516978afe85c014ff344668d4cd97681bae2ab6aecdc6f4a4c705c43d400f691ef6f5c926a8c51d9cd4d0fc15769c5b20662cfbef41d9cc3d62b9d68795907729d33133f3287f2ab5cce83e35fb0e358bb64a60675308f568a25c2327eebaaac30e6e282464d5547daf53eee7190e1e5a40f7d2e327858099bc5a7eff7f79859a074aaad5d6bdd8164c627ea59784fe40f1467bd17ded380e21bca5d7d0bb59aa681740d4e371e632862cdb8868c4d706a328704dd94d8687e07708b8a4742fb0caa260523e515bfd7ddcae9aff8e487aac73232c6a2bf63663c644f4451e209d720b0bd678b27b673443937d80958f94fd747be9f0df02950c2de593ea6978062aba26d12eda852f37cdfc18d3b96b08ac3eaffa2efb619db6ee789446b30fd5939f59e8cbafc28451fb95eefa265e038f43af933d288578be9ecf26495e6da011d91d5578c46b4a4bcbcf649eced6ac16f6623e67afd80c35dffe6b6aadd4bfbbfcd2f248455b8b1ce0f10f628999d8f56ae47e2fbb744bfb7962a3548240c286277db000d2b0e403d13fea75c7a789dec2a29e51e20a037a5156cfc547a7688f1926d8476a5d5bb64b4a82132a3bcadd080503f72e04e7d55ece7d5bbf24eb6fae2abace69fddbc3604c04a0a82408a7dc035e2512082397323cbf6ac5a01c07baa604bbd6315ad2592491a5397ef1c736f5fae08426ad14753fa0ea774f0397a77399bc5a7c9529f7a7b48313f426796346f77f7e975f8c2704bc61ce89f8f462ba69b68de5bbfaefae6b749d68af86334552a37f02b18671eb6ebf58cc77fde6d93a2b859c49113634afa77d33d2655675697b3ba142b94a18cda12773ed4391e4f80e7caf1c429eb4bbf2d2c982ea62aba0c94cfa2280d12e411edba880debe919d334d58492ce78ee93fafb2b6ef8206bf89cd10139dda68c57aece18acb02b5cb1d8ca7c6eba88751ddfad35db2ef8089e14cc30fa7e963394cbdfd4a39053c69e94b9bb44bb445d77b7a0965e3428142405ef3aa26426fcb8e26423b5342a1ea0bfd28448605e7c4346916a152839c23f1e3d463078830f55cfee3d719080be97cc6b6acd9effda875b18df23c07e55cd732d25d0c32b04c38b2c4cec8e9b57548cb7c153c2ac2043aaa49267c179f1485acb449823fd3f379953adaba9209ce052ee6470529ef6c044efdb9ec79c0da170e1a986706da2f191f735e8c9c27a433f06ad910b552ec871c20202bf39c13e3601a65facb32fb7ef2a85d12345b67409bd14c1e26c028676cef27d47e51deb5c8b616d7ec0dd837ad4fc4800ce78f83e5075bef6d3ef784519908712d411d6af598dda6ea13f20fb2ba8f4a85d1c8df3cc7dfe0a8e8d5b2d696e2b51d835c255d97873dae579a69cc3c9f8d50f282250142f78b562cd59325b010fdf5e103cc05f09295ecd5ad1bdbd195ba895bd38e5f3f8abe520a442f98c9b0df2e1bf30771be8c0ba86d59579a9ceda056c2b3b6d51ea5cd584750f45ccb7c9adc37ea8750ff035778da2cd9eac640e1121c4afac6f796a2a6d1892ce896f201a08cfa422bdbfabc34dad9e34352856160037d3485c344900ebb6d331d35fcb1c393a712cb5fe7002561c4bb11051492e65d4291c92c0545a926a798d7a23e806796fed6534d67cdf9857f7123d4dd1ebdb88d545201d75d1c9ba5456b7fb52af56652cb2537c0a5f82ad02f084edcaa66254f9a0a01eb7c5b9606c4c93594f1e636ab15d96f58b11ee9f7a16b6765a146bac6a98da6b47ecc87974a1c732c1194008c5f3514d0c1f42ba7b284b07b23a3b0fe9073dcec4b2d4ea397ef3984753b134d20515ed774118b46f21cd2f2c60b87f54e9335fa30517fe8c360f0803031a91302ba8f44e82d13c58736881ecf4cb643e7bf9585193f4d1e95e08c18c47d460e2edf2a0f1ed39c2e7800cfbffa0d9a09b108d8a5eab9ed409b61458e9d46bceab006e2df77505af41ff7dc0ee67748ec729ee09c11c229ac7ef447712c220ae2ef5612ae45299ca04cc3a26cc09a259c1dbc9a4291bd6589ce6eedc156df97d1bb7eea68ee273bb4c4c8ca0c515299aa53260e587608e4b1ec4f386ad0367a08bfa47ffca6af5705097d1657c94d5d7736e7157d8f7137416480933be3f325708f6f947ea08c94cf4489e0f338f91384715681044e00fbbff94b8d21a874b12be4294173c65f2f4e56427e840a5703e289f8314f705cf74e1d98ff88105967bd42d62a63a897fbe9a50ff08dd122c3ce1445b21aab0502b6fb47577604a0508249d8422b71eedc58fa678646922050d46d5e69d8612917bbb741c19ede0600917b7f84e44e580334db385ef5e5600a73bfdebcb037cea14f50eb7466db1e51d03d61923804ebfef38735452893486cf5a9e6ecc54526a2c998e3b5b41d5d8477c7e9b756876c8748dd10f44f315a5ccc578ec38a6799846ec1fac57bdfe4f9bc65b31d1e7de7cd9fc2f163cb513d790bd1dbb9b5a5cd46efecbbaba6bf504c23ca744ee36704f0b875396da1f9ac7089c28136e19b3c31ea3ac44f0bf8af4bdeb9a917370c78d11ab838282787cdc45b35f604bddf6c65f4079bd7606a40f219bbe940e25e6a54a8b9850ea0decb10013ae99aa920303f35f6283c0211e1bf12f33926840ec6acc53babc28b29c5aee0f626c48d58b092644823fc0b71a57d7125bc35ddf9ec7019d89a3497aa65fb4f34b169c535ce30d695dbb88f278e730d2e4f1394ed4b843885d8fa33b39152398fd2f6bb77520a84e4135e1995e9568bc4d3e60b98e1452ada5893bfc1a7574570a09fa21064ad12aa22af9195fe351cd34a5e3adac29da4669e09abf318d17c4b564f2ed0a7844c840a729fed5c106861f479fedf326d93b39f186c40e4fc59e064c6d090cc9ecf27630ab471817e3bf8acfa1518c6f0f6b2f4c0905e9249af04c8019d3fe12acd69e0a3085e01d673ffa5f2bb6d26717f611de3a0bdb7b838f0d156c06395bbb9294cb0e293f43baf60df683b35c4ff83bfd71b74fb25762079843d6484fa76a610b8cd6affeaf1930a47aa9aec77fee8b6b6a806527597f769570bb62af13a9da2d81254e102134e256f15126d21a7e5e6865989b1eb5c9752d059bea9eff27f7fed5f0ed40413ac11c20e68aa43baf4fc6a59e049e6bdb3ea3ebc5734b0ad0c6c9be761c5c248d2b50584ddfa2399884b091894f19061f4eb9ffa86097c11ee9fdb04d4ca44f91edded8e541adfab1b71c93305e85a41ca5f4eb9cf15820bf677694325c9c55cb443a7cb5e3d18157bd01bb23c1ede5dd5babc2751bead25b2f18860a085584ebf5211d67f74fd70edbecdbbf435d71db84fa96b9878a4166e2b0cc492f0f9eb82ad4fb4cdd5644e20f296feaa8f147e0e20a7c0f37767bf2a47fee3141447043fd990bb39dd56153eee38d05538b43627891f057a07526bf6848e171247549f53e0ba495a108f99e412a178e12001135e27b0184542ac579e0e22987b6b60fe5fc07954587556a53e1b326888d482f519c2e65f57193cb7f328e865db95b757d370200cb643a4da7596a13391d7b1017d842ecacaac3b0a3f53f388301374ad9033ff34d7d18db497c78a1ec8661c8e78e1d498f5a615649f3ecfe2c8ef3ee616ae455a42a06aacd64f1b2904dd111acd54d349dbb2ea2acf9e8fad483a53eb211018f6f2245c519c50fb3453b956c49a05a140b7270939f4f8216da940564f7facc9a83adae647c9fd43790577ed43dbe77420459a74237593fd5b703c0d4076ab1accd9ba686e621f189f41a66df608f7db2dfb1b08137f2f91413e670f3835dd7bca62a078c1cd14683ed4d9ff8d9025477aacffcc38c330c3940ce55ba0742d8ffb4e0a3220177529978390e19167e40dede952fc0cb5e6e8ad6863c6160f517d714bcf18256eb9d0eec8413dbec13a7bd637a77e328d4db8f61493eb0f26eca93137fc4420e0c5bd8d4a1b700bf0608daddec7d40d24751698f2dc89b8a04ae03d3349511a50f988b02cbfacf2c0455a9c8f034d671972368ceed715f3dfc2e9a143ff5c6275c8b714aee89c48c6b10aaf007e363ae17765dffea8b265a27793f55b86c214bbce2b3745f392109ece5688bdccd6dccf33407932dac4a18783b2d26d6dafeff39146397a4e89d2fb32d27c8b86e02b6ffa8fb91499f51d481ade5aa2e89bf5d24cdb95771574c777df39144316c6d6fcd9d8fb2fcec5823adfea0550014dfd2b5a3f7e23116359d12bee8362b5b96c7816583dabda95117b089f37cb3f682aeafec74dd62ca9ed9f1e56f7789e3b1ea9fcd0e3362ce0819f7b73d5e6b73162452eb69a1625a74926e6f4ee83e443e22f035e28f8bb19cfdc79c4e623356d022866edaf6d75c1938b86aa475670015433496f6455e4178072f05210d023ddb30dbaa5c8549fe893880e9da44d7ef99bc67940e73823962c8cc5e5e2708e22ddf27b863e360b372b57771099ab70fb51538bb0f42684e9b8bee428a9292869ad2bda5c554653e592066acd8e8547987f8e734e9e63ce39aae30439d4a0d7d88c8c5b2ee3727b6e8f22e96b9571ac2290edf3aa74e5cd54f464417773ef295e90d43042ee731d129179bef03fafc424b38118b5bfaa2051da04fbe8c84ddb142b8b80a599e419c09e0946268a52c352e74a8c3ff5b4e554dfcb1ae8b9a7f16ff823022ba5cd25ba70b6d6f620c5b2eff4a318c2c38f71c62b66b6d242e8b6046b57589ae1c9da4c71a3da67ae491f3222f911144603238bc0e508f7f6166e95700e043837b5839", 0x1000, 0x0, 0x0, 0x0)
socket(0x1, 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000140)={&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000000)=0x40)

3.860919ms ago: executing program 1:
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x2200010, &(0x7f0000000000)={[{@init_itable_val}, {@debug}]}, 0x1, 0x576, &(0x7f00000007c0)="$eJzs3U9rHOUfAPDvbLL9//s1hVLUgwR6sFK7aRP/VPBQjyLFgt7rkkxDyaZbspvSxILtwV68SBFELIgvwJMXj8U34KsoaKFICXrwEpnNbJLN7iYx3Xa37ucD0z7PzOw+852Z75NndnaZAIbWePZPIeLliPgqieTopmWjkS8cX1tv5cmt6WxKYnX14z+SSPJ5zfWT/P/DeeWliPjli4jThfZ2a0vLc+VKJV3I6xP1+esTtaXlM1fny7PpbHptcmrq/FtTk+++83bPYn390l/ffvTgg/Nfnlz55sdHx+4lcSGO5Ms2x/EUbm+ujMd4vk+KcWHLiud60NggSfq9AezJSJ7nxcj6gKMxkmc98N/3eUSsAkMqkf8wpJrjgOa1fY+ug18Yj99fuwBqj3907bORONC4Njq0krRcGWXXu2M9aD9r4+ff79/Lpujd5xAAO7p9JyLOjo62939J3v/t3dldrLO1Df0fPD8PsvHPG53GP4X18U90GP8c7pC7e7Fz/hcebZR7/9l0Nv57r+P4d/2m1dhIXvtfY8xXTK5craRZ3/b/iDgVxf1Zfbv7OedXHq62zvlpvbR5/JdNWfvNsWC+HY9G97e+eqZcLz9t3E2P70S80nH8m6wf/6TD8c/2x6VdtnEivf9qt2U7x/9srf4Q8VrH479xRyvZ/v7kRON8mGieFe3+vHvi127t7yL+Yg/DbZMd/0Pbxz+WbL5fW+v2Tt1z8/sDf6fdlu31/N+XfNIo78vn3SzX6wsbSXi7Zf7kxmub9eb6WfynTm7f/3U6/w9GxKddI2519/jdrqv2+/zP4p/pevwbe2DL8f/3hYcffvbd3uPPjv+bjdKpfM5u+r/dbuDT7j8AAAAAAAAYJIWIOBJJobReLhRKpbXvdxyPQ4VKtVY/faW6eG0mGr+VHYtioXmn++im70Ocy78P26xPbqlPRcSxiPh65GCjXpquVmb6HTwAAAAAAAAAAAAAAAAAAAAMiMMRBzr9/j/z20i/tw545toe3SDxYWh0f3RLvqQXT3oCBlLvH6sGvCjy/E/6vR3A8+fvPwwv+Q/DS/7D8JL/MLzkPwwv+Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWxaXXlyazqrz9xYWpyr3jgzk9bmSvOL06Xp6sL10my1OltJS9PV+Z3er1KtXj83GYs3J+pprT5RW1q+PF9dvFa/fHW+PJteTovPJSoAAAAAAAAAAAAAAAAAAAB4sdSWlufKlUq6oNBa2DcYmzH4hdHB2AyFHhf63TMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIZ/AgAA//8Pszlh")
open(&(0x7f0000000080)='./bus\x00', 0xa942, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000540)={'fscrypt:', @auto=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31]}, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x5)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = fcntl$dupfd(r1, 0x0, r1)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xc08, 0x3, 0x1e8, 0xc, 0x5002004a, 0xb, 0x310, 0xea13, 0x3d0, 0x3c8, 0x3c8, 0x3d0, 0x3c8, 0x3, 0x0, {[{{@ip={@rand_addr, @local, 0x0, 0x0, 'erspan0\x00', 'ip6tnl0\x00'}, 0x0, 0x70, 0xb8}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@NFQUEUE2={0x28}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x248)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x0, 0x0})
mount$incfs(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

0s ago: executing program 4:
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x6, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000004000000000000000000190095"], &(0x7f00000001c0)='syzkaller\x00'}, 0x90)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000780)=ANY=[@ANYBLOB], 0x0)

kernel console output (not intermixed with test programs):

02350][ T9756] loop3: detected capacity change from 0 to 256
[  266.205640][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  266.219095][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  266.228006][ T1890] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  266.228452][  T620] bridge0: port 1(bridge_slave_0) entered blocking state
[  266.243528][  T620] bridge0: port 1(bridge_slave_0) entered forwarding state
[  266.250802][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  266.256012][ T1890] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  266.258981][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  266.275400][  T620] bridge0: port 2(bridge_slave_1) entered blocking state
[  266.282268][  T620] bridge0: port 2(bridge_slave_1) entered forwarding state
[  266.289472][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  266.297353][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  266.305162][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  266.313034][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  266.327978][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  266.342888][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  266.355347][ T9708] device veth0_vlan entered promiscuous mode
[  266.361539][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  266.370518][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  266.378815][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  266.386185][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  266.401335][ T9708] device veth1_macvtap entered promiscuous mode
[  266.408043][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  266.415982][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  266.423863][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  266.434179][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  266.442822][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  266.465585][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  266.473807][ T2461] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  266.531125][ T9770] netlink: 'syz-executor.3': attribute type 3 has an invalid length.
[  266.549327][ T9776] proc: Bad value for 'gid'
[  266.551090][ T9777] overlayfs: missing 'lowerdir'
[  266.606557][  T447] device bridge_slave_1 left promiscuous mode
[  266.612503][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.619832][  T447] device bridge_slave_0 left promiscuous mode
[  266.625777][   T19] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  266.625977][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.649972][  T447] device veth1_macvtap left promiscuous mode
[  266.656157][  T447] device veth0_vlan left promiscuous mode
[  266.780872][ T9800] netlink: 'syz-executor.0': attribute type 3 has an invalid length.
[  266.797517][ T9804] cgroup2: Unexpected value for 'nsdelegate'
[  266.805590][ T2461] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  266.924074][ T9811] overlayfs: missing 'lowerdir'
[  266.985667][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.000910][   T19] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.010633][   T19] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  267.019586][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.027964][   T19] usb 5-1: config 0 descriptor??
[  267.085564][  T357] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  267.215612][ T2461] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.226450][ T2461] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  267.239226][ T2461] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  267.248094][ T2461] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.258046][ T2461] usb 3-1: config 0 descriptor??
[  267.325542][  T357] usb 1-1: Using ep0 maxpacket: 32
[  267.366497][ T9828] input: syz1 as /devices/virtual/input/input50
[  267.380513][ T9830] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.3'.
[  267.445651][  T357] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  267.457112][  T357] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  267.468043][  T357] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  267.476912][  T357] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.485412][  T357] usb 1-1: config 0 descriptor??
[  267.499994][ T9835] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted
[  267.505601][ T9808] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  267.526034][  T357] hub 1-1:0.0: USB hub found
[  267.745642][  T357] hub 1-1:0.0: 2 ports detected
[  267.751081][ T4472] kernel write not supported for file bpf-prog (pid: 4472 comm: kworker/0:6)
[  267.770292][ T9773] IPv6: sit1: Disabled Multicast RS
[  267.805655][   T19] usb 5-1: string descriptor 0 read error: -71
[  267.825595][   T19] uclogic 0003:256C:006D.0021: failed retrieving string descriptor #200: -71
[  267.834342][   T19] uclogic 0003:256C:006D.0021: failed retrieving pen parameters: -71
[  267.842256][   T19] uclogic 0003:256C:006D.0021: failed probing pen v2 parameters: -71
[  267.850380][   T19] uclogic 0003:256C:006D.0021: failed probing parameters: -71
[  268.043485][   T19] uclogic: probe of 0003:256C:006D.0021 failed with error -71
[  268.051861][   T19] usb 5-1: USB disconnect, device number 21
[  268.615564][ T2461] usbhid 3-1:0.0: can't add hid device: -71
[  268.631396][ T2461] usbhid: probe of 3-1:0.0 failed with error -71
[  268.640625][ T2461] usb 3-1: USB disconnect, device number 30
[  268.649257][ T9874] binder: 9869:9874 ioctl c0306201 200001c0 returned -14
[  269.575636][ T4472] hub 1-1:0.0: hub_ext_port_status failed (err = 0)
[  270.396916][   T39] usb 1-1: USB disconnect, device number 24
[  270.763975][ T9907] binder: 9906:9907 ioctl c0306201 200001c0 returned -14
[  270.800515][ T9913] bpf_get_probe_write_proto: 12 callbacks suppressed
[  270.800528][ T9913] syz-executor.3[9913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  270.807203][ T9913] syz-executor.3[9913] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  270.879232][   T28] audit: type=1326 audit(1718416124.267:16907): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  270.914533][   T28] audit: type=1326 audit(1718416124.267:16908): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  270.938776][   T28] audit: type=1326 audit(1718416124.267:16909): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  270.962595][   T28] audit: type=1326 audit(1718416124.267:16910): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  270.986397][   T28] audit: type=1326 audit(1718416124.267:16911): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  271.007843][ T9925] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9925 comm=syz-executor.0
[  271.010606][   T28] audit: type=1326 audit(1718416124.267:16912): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  271.046647][   T28] audit: type=1326 audit(1718416124.337:16913): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  271.058775][ T9931] binder: 9930:9931 ioctl c0306201 200001c0 returned -14
[  271.070605][   T28] audit: type=1326 audit(1718416124.337:16914): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa6ade7a627 code=0x7ffc0000
[  271.101143][   T28] audit: type=1326 audit(1718416124.337:16915): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa6ade40309 code=0x7ffc0000
[  271.124885][   T28] audit: type=1326 audit(1718416124.337:16916): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9920 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fa6ade7a627 code=0x7ffc0000
[  271.269333][ T9946] device syzkaller0 entered promiscuous mode
[  271.593791][ T9952] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  271.603663][ T9952] syz-executor.0 uses obsolete (PF_INET,SOCK_PACKET)
[  271.611234][ T9954] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=9954 comm=syz-executor.4
[  271.733550][ T9972] option changes via remount are deprecated (pid=9971 comm=syz-executor.4)
[  271.762171][ T9974] device syzkaller0 entered promiscuous mode
[  272.200197][ T9989] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.3'.
[  272.728902][T10003] device syzkaller0 entered promiscuous mode
[  272.815543][ T4472] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  273.118784][T10015] loop3: detected capacity change from 0 to 128
[  273.127026][T10015] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  273.135444][T10015] ext4 filesystem being mounted at /root/syzkaller-testdir2653379922/syzkaller.Hqfas2/153/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038 (0x7fffffff)
[  273.186439][ T8875] EXT4-fs (loop3): unmounting filesystem.
[  273.205595][ T4472] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.216410][ T4472] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.226105][ T4472] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  273.235041][ T4472] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.255679][ T4472] usb 1-1: config 0 descriptor??
[  273.275260][T10021] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.3'.
[  274.055585][ T4472] usb 1-1: string descriptor 0 read error: -71
[  274.075543][ T4472] uclogic 0003:256C:006D.0022: failed retrieving string descriptor #200: -71
[  274.084131][ T4472] uclogic 0003:256C:006D.0022: failed retrieving pen parameters: -71
[  274.092042][ T4472] uclogic 0003:256C:006D.0022: failed probing pen v2 parameters: -71
[  274.099926][ T4472] uclogic 0003:256C:006D.0022: failed probing parameters: -71
[  274.107244][ T4472] uclogic: probe of 0003:256C:006D.0022 failed with error -71
[  274.115385][ T4472] usb 1-1: USB disconnect, device number 25
[  274.128388][T10029] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.3'.
[  274.137801][T10029] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.3'.
[  274.149317][T10029] netlink: 160 bytes leftover after parsing attributes in process `syz-executor.3'.
[  274.591210][T10047] option changes via remount are deprecated (pid=10046 comm=syz-executor.4)
[  274.611970][T10049] loop4: detected capacity change from 0 to 512
[  274.627269][T10049] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  274.636049][T10049] ext4 filesystem being mounted at /root/syzkaller-testdir3917894416/syzkaller.RjJdH3/141/wÅü5ÔTÕÔ)­`)Y�Fæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff)
[  274.686289][T10045] loop0: detected capacity change from 0 to 40427
[  274.693007][T10045] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  274.700704][T10045] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  274.709690][T10045] F2FS-fs (loop0): invalid crc value
[  274.711805][T10052] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz-executor.4: corrupted inode contents
[  274.716337][T10045] F2FS-fs (loop0): Found nat_bits in checkpoint
[  274.727208][T10052] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor.4: mark_inode_dirty error
[  274.747995][T10052] EXT4-fs error (device loop4): ext4_do_update_inode:5212: inode #2: comm syz-executor.4: corrupted inode contents
[  274.760492][T10052] EXT4-fs error (device loop4): __ext4_ext_dirty:202: inode #2: comm syz-executor.4: mark_inode_dirty error
[  274.778765][T10045] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  274.785761][T10045] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  274.963698][T10045] overlayfs: failed to resolve './file2': -2
[  275.427788][ T1890] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  275.436754][   T19] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  275.437235][ T1890] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  275.457117][ T8203] EXT4-fs (loop4): unmounting filesystem.
[  275.529076][T10082] loop0: detected capacity change from 0 to 256
[  275.975556][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.986405][   T19] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.995928][   T19] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  276.004765][   T19] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.013043][   T19] usb 4-1: config 0 descriptor??
[  276.416140][T10097] loop4: detected capacity change from 0 to 512
[  276.422542][T10097] EXT4-fs: Ignoring removed orlov option
[  276.429639][T10097] EXT4-fs error (device loop4): dx_probe:822: inode #2: comm syz-executor.4: Attempting to read directory block (0) that is past i_size (256)
[  276.444135][T10097] EXT4-fs (loop4): Remounting filesystem read-only
[  276.450954][T10097] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  276.459028][T10097] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  276.474297][ T8203] EXT4-fs (loop4): unmounting filesystem.
[  276.855580][   T19] usb 4-1: string descriptor 0 read error: -71
[  276.875573][   T19] uclogic 0003:256C:006D.0023: failed retrieving string descriptor #200: -71
[  276.884156][   T19] uclogic 0003:256C:006D.0023: failed retrieving pen parameters: -71
[  276.892052][   T19] uclogic 0003:256C:006D.0023: failed probing pen v2 parameters: -71
[  276.899954][   T19] uclogic 0003:256C:006D.0023: failed probing parameters: -71
[  276.907241][   T19] uclogic: probe of 0003:256C:006D.0023 failed with error -71
[  276.915218][   T19] usb 4-1: USB disconnect, device number 25
[  277.347675][T10123] loop0: detected capacity change from 0 to 256
[  277.374283][T10129] loop4: detected capacity change from 0 to 512
[  277.381301][T10129] EXT4-fs: Ignoring removed orlov option
[  277.387781][T10133] loop0: detected capacity change from 0 to 1024
[  277.388351][T10129] EXT4-fs error (device loop4): dx_probe:822: inode #2: comm syz-executor.4: Attempting to read directory block (0) that is past i_size (256)
[  277.394773][T10133] EXT4-fs: Ignoring removed oldalloc option
[  277.408483][T10129] EXT4-fs (loop4): Remounting filesystem read-only
[  277.416366][T10133] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  277.420465][T10129] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  277.437032][T10129] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  277.699878][ T8203] EXT4-fs (loop4): unmounting filesystem.
[  277.715612][T10133] EXT4-fs (loop0): re-mounted. Quota mode: writeback.
[  277.722858][T10138] EXT4-fs (loop0): re-mounted. Quota mode: writeback.
[  277.733667][ T9708] EXT4-fs (loop0): unmounting filesystem.
[  278.481342][T10144] loop0: detected capacity change from 0 to 40427
[  278.488342][T10144] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[  278.497147][T10144] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  278.505883][T10144] F2FS-fs (loop0): invalid crc value
[  278.512433][T10144] F2FS-fs (loop0): Found nat_bits in checkpoint
[  278.552107][T10144] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  278.562924][T10144] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  278.575217][T10144] syz-executor.0: attempt to access beyond end of device
[  278.575217][T10144] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  279.570793][T10182] netlink: 'syz-executor.0': attribute type 298 has an invalid length.
[  279.925545][ T4472] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  279.946602][T10186] loop0: detected capacity change from 0 to 40427
[  279.953412][T10186] F2FS-fs (loop0): Mismatch start address, segment0(512) cp_blkaddr(175702528)
[  279.962213][T10186] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  279.971017][T10186] F2FS-fs (loop0): invalid crc value
[  279.977845][T10186] F2FS-fs (loop0): Found nat_bits in checkpoint
[  280.009432][T10186] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  280.016353][T10186] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  280.031442][T10186] syz-executor.0: attempt to access beyond end of device
[  280.031442][T10186] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  280.105950][T10192] loop0: detected capacity change from 0 to 512
[  280.116985][T10192] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  280.125817][T10192] ext4 filesystem being mounted at /root/syzkaller-testdir3858596082/syzkaller.18n5Ay/44/wÅü5ÔTÕÔ)­`)Y�Fæ¾nA­½@T<Ÿ3»Ú‚$¢ó×rçcnH³<¿pƒrèñ¹“>ÅwC¾" žð-ùËòöè€Ó8 supports timestamps until 2038 (0x7fffffff)
[  280.175537][ T4472] usb 5-1: Using ep0 maxpacket: 32
[  280.201556][T10196] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[  280.213636][T10196] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz-executor.0: mark_inode_dirty error
[  280.225260][T10196] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[  280.237802][T10196] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz-executor.0: mark_inode_dirty error
[  280.295593][ T4472] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  280.306595][ T4472] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  280.317494][ T4472] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  280.326326][ T4472] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  280.334812][ T4472] usb 5-1: config 0 descriptor??
[  280.355558][T10173] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  280.375960][ T4472] hub 5-1:0.0: USB hub found
[  280.595558][ T4472] hub 5-1:0.0: 2 ports detected
[  280.940740][ T9708] EXT4-fs (loop0): unmounting filesystem.
[  281.324605][T10216] loop3: detected capacity change from 0 to 40427
[  281.331348][T10216] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  281.338887][T10216] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  281.347703][T10216] F2FS-fs (loop3): invalid crc value
[  281.354043][T10216] F2FS-fs (loop3): Found nat_bits in checkpoint
[  281.384734][T10216] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  281.391626][T10216] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  281.535572][   T39] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  281.785548][   T39] usb 1-1: Using ep0 maxpacket: 8
[  281.926376][   T39] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  282.035618][   T39] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  282.044503][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  282.052685][   T39] usb 1-1: SerialNumber: syz
[  282.057529][   T39] usb 1-1: config 0 descriptor??
[  282.109685][ T8875] syz-executor.3: attempt to access beyond end of device
[  282.109685][ T8875] loop3: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  282.209391][   T28] kauditd_printk_skb: 143 callbacks suppressed
[  282.209405][   T28] audit: type=1400 audit(2000000001.010:17060): avc:  denied  { remount } for  pid=10225 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1
[  282.315586][   T39] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  282.322460][   T39] usb 1-1: No valid video chain found.
[  282.518334][   T39] usb 1-1: USB disconnect, device number 26
[  282.525558][ T4472] hub 5-1:0.0: hub_ext_port_status failed (err = 0)
[  282.569342][T10238] bridge0: port 2(bridge_slave_1) entered disabled state
[  282.576299][T10238] bridge0: port 1(bridge_slave_0) entered disabled state
[  282.586678][T10238] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.593527][T10238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.600755][T10238] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.607590][T10238] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.614952][T10238] device bridge0 entered promiscuous mode
[  282.726189][  T620] usb 5-1: USB disconnect, device number 22
[  283.054751][T10247] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  283.119147][T10253] loop0: detected capacity change from 0 to 512
[  283.137429][T10253] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  283.146207][T10253] ext4 filesystem being mounted at /root/syzkaller-testdir3858596082/syzkaller.18n5Ay/54/bus supports timestamps until 2038 (0x7fffffff)
[  283.595555][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  283.999072][ T9708] EXT4-fs (loop0): unmounting filesystem.
[  284.162626][T10280] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  284.185511][   T28] audit: type=1400 audit(2000000001.630:17061): avc:  denied  { mounton } for  pid=10281 comm="syz-executor.4" path="/root/syzkaller-testdir3917894416/syzkaller.RjJdH3/161/file0" dev="sda1" ino=1969 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=lnk_file permissive=1
[  284.305566][   T39] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  284.545554][   T39] usb 1-1: Using ep0 maxpacket: 8
[  284.685613][   T39] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  284.795643][   T39] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  284.804645][   T39] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  284.812615][   T39] usb 1-1: SerialNumber: syz
[  284.817602][   T39] usb 1-1: config 0 descriptor??
[  285.075602][   T39] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  285.082424][   T39] usb 1-1: No valid video chain found.
[  285.277849][   T39] usb 1-1: USB disconnect, device number 27
[  285.339739][   T28] audit: type=1400 audit(2000000002.790:17062): avc:  denied  { getopt } for  pid=10329 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  285.500889][T10342] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.507879][T10342] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.515982][T10342] device bridge_slave_0 entered promiscuous mode
[  285.525643][T10342] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.532571][T10342] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.539881][T10342] device bridge_slave_1 entered promiscuous mode
[  285.600477][T10342] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.607349][T10342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.614439][T10342] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.621220][T10342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.647691][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  285.655712][   T39] bridge0: port 1(bridge_slave_0) entered disabled state
[  285.662817][   T39] bridge0: port 2(bridge_slave_1) entered disabled state
[  285.679815][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  285.688492][ T4472] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.695359][ T4472] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.702605][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  285.711020][ T4472] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.717901][ T4472] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.735635][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  285.743588][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  285.758227][T10354] loop3: detected capacity change from 0 to 512
[  285.759698][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  285.764976][T10354] EXT4-fs: Ignoring removed nomblk_io_submit option
[  285.779158][T10354] EXT4-fs: old and new quota format mixing
[  285.982106][   T28] audit: type=1400 audit(2000000003.430:17063): avc:  denied  { read } for  pid=10366 comm="syz-executor.3" path="socket:[62650]" dev="sockfs" ino=62650 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  286.046074][  T447] device bridge_slave_1 left promiscuous mode
[  286.052748][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.060070][  T447] device bridge_slave_0 left promiscuous mode
[  286.066027][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.073596][  T447] device veth1_macvtap left promiscuous mode
[  286.079460][  T447] device veth0_vlan left promiscuous mode
[  286.252865][T10369] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.260012][T10369] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.267285][T10369] device bridge_slave_0 entered promiscuous mode
[  286.282626][T10369] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.289618][T10369] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.296936][T10369] device bridge_slave_1 entered promiscuous mode
[  286.312057][T10370] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.319176][T10370] bridge0: port 1(bridge_slave_0) entered disabled state
[  286.326438][T10370] device bridge_slave_0 entered promiscuous mode
[  286.336096][T10370] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.343021][T10370] bridge0: port 2(bridge_slave_1) entered disabled state
[  286.350784][T10370] device bridge_slave_1 entered promiscuous mode
[  286.371404][T10392] loop3: detected capacity change from 0 to 512
[  286.388752][T10392] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  286.397845][T10392] ext4 filesystem being mounted at /root/syzkaller-testdir2653379922/syzkaller.Hqfas2/221/file1 supports timestamps until 2038 (0x7fffffff)
[  286.418653][   T28] audit: type=1326 audit(2000000515.865:17064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10391 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  286.453634][   T28] audit: type=1326 audit(2000000515.865:17065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10391 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  286.480494][   T28] audit: type=1326 audit(2000000515.865:17066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10391 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  286.504585][   T28] audit: type=1326 audit(2000000515.865:17067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10391 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  286.530990][   T28] audit: type=1326 audit(2000000515.865:17068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10391 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  286.554954][   T19] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  286.555234][   T28] audit: type=1326 audit(2000000515.865:17069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10391 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa6ade7cea9 code=0x7ffc0000
[  286.651161][ T8875] EXT4-fs (loop3): unmounting filesystem.
[  286.665155][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  286.672454][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  286.680607][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  286.688723][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  286.696664][  T333] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.703483][  T333] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.710651][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  286.718759][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  286.726731][  T333] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.733556][  T333] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.741089][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  286.777346][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  286.785799][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  286.793581][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  286.800756][   T19] usb 5-1: Using ep0 maxpacket: 8
[  286.806676][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  286.813913][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  286.821994][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  286.830022][ T4472] bridge0: port 1(bridge_slave_0) entered blocking state
[  286.836863][ T4472] bridge0: port 1(bridge_slave_0) entered forwarding state
[  286.843994][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  286.852072][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  286.860233][ T4472] bridge0: port 2(bridge_slave_1) entered blocking state
[  286.867067][ T4472] bridge0: port 2(bridge_slave_1) entered forwarding state
[  286.886374][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  286.893800][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  286.901509][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  286.912264][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  286.925640][   T19] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  286.926784][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  286.949003][T10369] device veth0_vlan entered promiscuous mode
[  286.956066][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  286.963921][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  286.971203][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  286.989721][T10370] device veth0_vlan entered promiscuous mode
[  286.999542][T10369] device veth1_macvtap entered promiscuous mode
[  287.006732][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  287.014957][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  287.015725][   T19] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  287.024632][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  287.035980][   T19] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  287.041557][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  287.046325][   T19] usb 5-1: SerialNumber: syz
[  287.048412][   T19] usb 5-1: config 0 descriptor??
[  287.062493][T10370] device veth1_macvtap entered promiscuous mode
[  287.076965][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  287.090006][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  287.098172][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  287.114603][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  287.122946][  T620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  287.142985][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  287.151951][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  287.187479][T10424] loop0: detected capacity change from 0 to 512
[  287.194005][T10424] EXT4-fs: Ignoring removed nomblk_io_submit option
[  287.200873][T10424] EXT4-fs: old and new quota format mixing
[  287.528918][  T447] device bridge_slave_1 left promiscuous mode
[  287.535243][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.543012][  T447] device bridge_slave_0 left promiscuous mode
[  287.549123][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.557337][  T447] device bridge_slave_1 left promiscuous mode
[  287.559810][   T19] usb 5-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  287.563362][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.569991][   T19] usb 5-1: No valid video chain found.
[  287.582314][  T447] device bridge_slave_0 left promiscuous mode
[  287.588392][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[  287.597796][  T447] device veth1_macvtap left promiscuous mode
[  287.599660][  T322] usb 5-1: USB disconnect, device number 23
[  287.604001][  T447] device veth0_vlan left promiscuous mode
[  287.735575][ T4472] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  288.080544][   T28] kauditd_printk_skb: 59 callbacks suppressed
[  288.080585][   T28] audit: type=1400 audit(2000000517.525:17129): avc:  denied  { mount } for  pid=10437 comm="syz-executor.1" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  288.081038][T10438] devtmpfs: Too few inodes for current use
[  288.115299][   T28] audit: type=1400 audit(2000000517.525:17130): avc:  denied  { remount } for  pid=10437 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  288.155656][ T4472] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  288.183354][ T4472] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  288.197796][ T4472] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  288.207251][ T4472] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.228584][ T4472] usb 4-1: config 0 descriptor??
[  288.983995][T10456] loop0: detected capacity change from 0 to 256
[  289.020649][T10461] loop0: detected capacity change from 0 to 512
[  289.031159][T10463] device vlan2 entered promiscuous mode
[  289.037060][T10463] device syz_tun entered promiscuous mode
[  289.043555][T10463] device syz_tun left promiscuous mode
[  289.044184][T10461] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  289.057705][T10461] ext4 filesystem being mounted at /root/syzkaller-testdir2132170259/syzkaller.bPsKlp/11/file1 supports timestamps until 2038 (0x7fffffff)
[  289.081921][   T28] audit: type=1326 audit(2000000518.525:17131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.106698][   T28] audit: type=1326 audit(2000000518.525:17132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.131205][   T28] audit: type=1326 audit(2000000518.525:17133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.155328][   T28] audit: type=1326 audit(2000000518.525:17134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.179472][   T28] audit: type=1326 audit(2000000518.525:17135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.204100][   T28] audit: type=1326 audit(2000000518.525:17136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.228897][   T28] audit: type=1326 audit(2000000518.525:17137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.253350][   T28] audit: type=1326 audit(2000000518.525:17138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10460 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f061ac7cea9 code=0x7ffc0000
[  289.315742][ T4472] hid-led: probe of 0003:27B8:01ED.0024 failed with error -71
[  289.325560][ T4472] usb 4-1: USB disconnect, device number 26
[  289.381859][T10369] EXT4-fs (loop0): unmounting filesystem.
[  289.718663][T10494] loop0: detected capacity change from 0 to 256
[  290.985541][ T2461] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  291.015562][ T4472] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  291.255624][ T4472] usb 2-1: Using ep0 maxpacket: 8
[  291.385700][ T2461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.397072][ T2461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.423288][ T2461] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  291.457711][ T2461] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.503236][ T2461] usb 1-1: config 0 descriptor??
[  291.565609][ T4472] usb 2-1: unable to get BOS descriptor or descriptor too short
[  291.645623][ T4472] usb 2-1: config index 0 descriptor too short (expected 16914, got 18)
[  291.654260][ T4472] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  291.664213][ T4472] usb 2-1: config 0 has no interfaces?
[  291.675116][T10553] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  291.684130][T10553] FAT-fs (loop7): unable to read boot sector
[  291.825649][ T4472] usb 2-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=30.9b
[  291.834623][ T4472] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.842420][ T4472] usb 2-1: Product: syz
[  291.846423][ T4472] usb 2-1: Manufacturer: syz
[  291.850806][ T4472] usb 2-1: SerialNumber: syz
[  291.855773][ T4472] usb 2-1: config 0 descriptor??
[  292.096777][  T616] usb 2-1: USB disconnect, device number 26
[  292.235622][ T2461] hid-led: probe of 0003:27B8:01ED.0025 failed with error -71
[  292.243604][ T2461] usb 1-1: USB disconnect, device number 28
[  292.544482][T10567] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  292.613067][T10570] overlayfs: failed to get inode (-116)
[  292.618547][T10570] overlayfs: failed to get inode (-116)
[  292.637438][T10574] loop3: detected capacity change from 0 to 512
[  292.646167][T10574] EXT4-fs (loop3): 1 truncate cleaned up
[  292.651700][T10574] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  292.663210][T10574] EXT4-fs error (device loop3): ext4_lookup:1855: inode #13: comm syz-executor.3: iget: checksum invalid
[  292.678004][ T8875] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor.3: path /root/syzkaller-testdir2653379922/syzkaller.Hqfas2/245/file2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[  292.703684][ T8875] EXT4-fs error (device loop3): ext4_lookup:1855: inode #11: comm syz-executor.3: iget: checksum invalid
[  292.715058][ T8875] EXT4-fs error (device loop3): ext4_lookup:1855: inode #11: comm syz-executor.3: iget: checksum invalid
[  292.768250][ T8875] EXT4-fs (loop3): unmounting filesystem.
[  292.865923][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  292.876758][T10587] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  292.900427][T10587] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  293.004229][T10589] overlayfs: failed to resolve './file2': -2
[  293.632125][T10588] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.639021][T10588] bridge0: port 1(bridge_slave_0) entered disabled state
[  293.646671][T10588] device bridge_slave_0 entered promiscuous mode
[  293.653528][T10588] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.660536][T10588] bridge0: port 2(bridge_slave_1) entered disabled state
[  293.667890][T10588] device bridge_slave_1 entered promiscuous mode
[  293.781529][ T5274] bridge0: port 3(syz_tun) entered disabled state
[  293.789103][ T5274] device syz_tun left promiscuous mode
[  293.794384][ T5274] bridge0: port 3(syz_tun) entered disabled state
[  293.813866][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  293.821365][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  293.822296][T10603] loop1: detected capacity change from 0 to 40427
[  293.835803][T10603] F2FS-fs (loop1): Unrecognized mount option "ifline_xattr" or missing value
[  293.836614][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  293.853100][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  293.861073][ T4472] bridge0: port 1(bridge_slave_0) entered blocking state
[  293.865627][  T616] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  293.867942][ T4472] bridge0: port 1(bridge_slave_0) entered forwarding state
[  293.883138][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  293.891307][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  293.899297][ T4472] bridge0: port 2(bridge_slave_1) entered blocking state
[  293.906154][ T4472] bridge0: port 2(bridge_slave_1) entered forwarding state
[  293.936598][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  293.944040][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  293.965814][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  293.973587][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  293.983689][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  293.991487][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  293.999854][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  294.009797][T10588] device veth0_vlan entered promiscuous mode
[  294.023470][T10588] device veth1_macvtap entered promiscuous mode
[  294.036975][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  294.044839][ T2461] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  294.063740][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  294.071445][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  294.081839][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  294.089064][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  294.099327][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  294.107749][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  294.182504][   T28] kauditd_printk_skb: 61 callbacks suppressed
[  294.182546][   T28] audit: type=1326 audit(2000000523.625:17200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10602 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d2287cea9 code=0x7ffc0000
[  294.182583][  T616] usb 5-1: Using ep0 maxpacket: 8
[  294.218845][   T28] audit: type=1326 audit(2000000523.625:17201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10602 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d2287cea9 code=0x7ffc0000
[  294.295712][  T616] usb 5-1: unable to get BOS descriptor or descriptor too short
[  294.316641][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  294.324758][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  294.364663][T10609] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.371594][T10609] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.379206][T10609] device bridge_slave_0 entered promiscuous mode
[  294.386104][T10609] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.392946][T10609] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.400090][  T616] usb 5-1: config index 0 descriptor too short (expected 16914, got 18)
[  294.401164][T10609] device bridge_slave_1 entered promiscuous mode
[  294.414438][  T616] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  294.424442][  T616] usb 5-1: config 0 has no interfaces?
[  294.485550][ T2461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.499586][T10609] bridge0: port 2(bridge_slave_1) entered blocking state
[  294.506441][T10609] bridge0: port 2(bridge_slave_1) entered forwarding state
[  294.513535][T10609] bridge0: port 1(bridge_slave_0) entered blocking state
[  294.520328][T10609] bridge0: port 1(bridge_slave_0) entered forwarding state
[  294.562020][T10617] loop3: detected capacity change from 0 to 40427
[  294.575307][ T2461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  294.586514][ T2461] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  294.595755][T10617] F2FS-fs (loop3): invalid crc value
[  294.596290][ T2461] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.604720][T10617] F2FS-fs (loop3): Found nat_bits in checkpoint
[  294.609520][ T2461] usb 1-1: config 0 descriptor??
[  294.619633][  T616] usb 5-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=30.9b
[  294.629618][  T616] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  294.636197][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  294.637546][  T616] usb 5-1: Product: syz
[  294.645004][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  294.648572][  T616] usb 5-1: Manufacturer: syz
[  294.660913][  T616] usb 5-1: SerialNumber: syz
[  294.666240][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  294.666453][  T616] usb 5-1: config 0 descriptor??
[  294.690727][T10617] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  294.698971][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  294.715920][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  294.731103][T10609] device veth0_vlan entered promiscuous mode
[  294.746569][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  294.765059][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  294.775225][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  294.787219][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  294.812318][T10609] device veth1_macvtap entered promiscuous mode
[  294.820904][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  294.829242][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  294.837193][T10588] syz-executor.3: attempt to access beyond end of device
[  294.837193][T10588] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  294.837391][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  294.861939][   T10] device bridge_slave_1 left promiscuous mode
[  294.868052][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  294.875553][   T10] device bridge_slave_0 left promiscuous mode
[  294.886662][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  294.906498][   T10] device veth1_macvtap left promiscuous mode
[  294.916757][   T10] device veth0_vlan left promiscuous mode
[  294.925061][   T19] usb 5-1: USB disconnect, device number 24
[  294.984934][T10626] loop3: detected capacity change from 0 to 512
[  294.998560][T10626] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  295.007928][T10626] ext4 filesystem being mounted at /root/syzkaller-testdir2796222331/syzkaller.Iz0e5O/2/bus supports timestamps until 2038 (0x7fffffff)
[  295.346004][ T2461] hid-led: probe of 0003:27B8:01ED.0026 failed with error -71
[  295.371245][ T2461] usb 1-1: USB disconnect, device number 29
[  295.445133][T10633] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  295.453574][T10633] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  295.471585][T10635] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  295.483908][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  295.492804][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  295.501033][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  295.509263][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  295.557324][T10644] loop4: detected capacity change from 0 to 512
[  295.570093][T10644] EXT4-fs (loop4): 1 truncate cleaned up
[  295.576122][T10644] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  295.588713][T10644] EXT4-fs error (device loop4): ext4_lookup:1855: inode #13: comm syz-executor.4: iget: checksum invalid
[  295.605977][ T8203] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor.4: path /root/syzkaller-testdir3917894416/syzkaller.RjJdH3/193/file2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[  295.634760][ T8203] EXT4-fs error (device loop4): ext4_lookup:1855: inode #11: comm syz-executor.4: iget: checksum invalid
[  295.646625][ T8203] EXT4-fs error (device loop4): ext4_lookup:1855: inode #11: comm syz-executor.4: iget: checksum invalid
[  295.727152][   T10] tipc: Left network mode
[  295.728377][ T8203] EXT4-fs (loop4): unmounting filesystem.
[  295.739019][T10662] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  295.748424][T10662] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  295.773139][T10662] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  295.862957][T10588] EXT4-fs (loop3): unmounting filesystem.
[  295.892055][T10676] loop3: detected capacity change from 0 to 512
[  295.931020][T10676] EXT4-fs (loop3): 1 truncate cleaned up
[  295.942465][T10676] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  295.959401][T10676] EXT4-fs error (device loop3): ext4_lookup:1855: inode #13: comm syz-executor.3: iget: checksum invalid
[  295.974713][T10588] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 13: comm syz-executor.3: path /root/syzkaller-testdir2796222331/syzkaller.Iz0e5O/3/file2: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=196608, rec_len=0, size=1024 fake=0
[  296.000746][T10588] EXT4-fs error (device loop3): ext4_lookup:1855: inode #11: comm syz-executor.3: iget: checksum invalid
[  296.012354][T10588] EXT4-fs error (device loop3): ext4_lookup:1855: inode #11: comm syz-executor.3: iget: checksum invalid
[  296.026460][T10678] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.033459][T10678] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.040686][T10678] device bridge_slave_0 entered promiscuous mode
[  296.047769][T10678] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.054750][T10678] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.062062][T10678] device bridge_slave_1 entered promiscuous mode
[  296.069792][T10588] EXT4-fs (loop3): unmounting filesystem.
[  296.164330][T10678] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.171198][T10678] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.178326][T10678] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.185074][T10678] bridge0: port 1(bridge_slave_0) entered forwarding state
[  296.218869][T10708] syz-executor.2[10708] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  296.218930][T10708] syz-executor.2[10708] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  296.228736][T10710] loop0: detected capacity change from 0 to 2048
[  296.260247][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  296.268595][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  296.276670][T10710]  loop0: p1 < > p4
[  296.280774][T10710] loop0: p4 size 8388608 extends beyond EOD, truncated
[  296.292457][   T28] audit: type=1400 audit(2000000525.735:17202): avc:  denied  { mounton } for  pid=10709 comm="syz-executor.0" path="/dev/loop0p1" dev="devtmpfs" ino=1134 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=blk_file permissive=1
[  296.333736][ T5735] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.353747][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  296.361691][ T5735] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.368532][ T5735] bridge0: port 2(bridge_slave_1) entered forwarding state
[  296.375670][ T5735] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  296.393650][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  296.444720][   T10] device bridge_slave_1 left promiscuous mode
[  296.457249][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.466046][   T10] device bridge_slave_0 left promiscuous mode
[  296.472448][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.489458][   T10] device veth1_macvtap left promiscuous mode
[  296.495578][   T10] device veth0_vlan left promiscuous mode
[  296.628674][   T28] audit: type=1400 audit(2000000526.075:17203): avc:  denied  { execute } for  pid=10711 comm="syz-executor.2" dev="tmpfs" ino=1516 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  296.650787][   T28] audit: type=1400 audit(2000000526.075:17204): avc:  denied  { execute_no_trans } for  pid=10711 comm="syz-executor.2" path=2F6D656D66643A2D42D54E49C56A9A707070F00884A26D202864656C6574656429 dev="tmpfs" ino=1516 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  296.789265][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  296.801745][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  296.820936][T10678] device veth0_vlan entered promiscuous mode
[  296.835100][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  296.843248][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  296.865835][T10713] bridge0: port 1(bridge_slave_0) entered blocking state
[  296.872689][T10713] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.889247][T10713] device bridge_slave_0 entered promiscuous mode
[  296.901892][T10678] device veth1_macvtap entered promiscuous mode
[  296.908927][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  296.916532][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  296.928973][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  296.938231][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  296.946230][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  296.953767][T10713] bridge0: port 2(bridge_slave_1) entered blocking state
[  296.968769][T10713] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.976906][T10713] device bridge_slave_1 entered promiscuous mode
[  296.992176][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  296.995717][T10734] loop0: detected capacity change from 0 to 40427
[  297.000595][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  297.009870][T10734] F2FS-fs (loop0): Found nat_bits in checkpoint
[  297.014499][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  297.028647][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  297.078736][T10734] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  297.086905][T10753] loop1: detected capacity change from 0 to 1024
[  297.096704][T10753] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  297.133572][T10753] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  297.167980][T10753] EXT4-fs (loop1): re-mounted. Quota mode: writeback.
[  297.174844][T10759] syz-executor.2[10759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  297.174917][T10759] syz-executor.2[10759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  297.189982][T10713] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.208463][T10713] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.215573][T10713] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.222339][T10713] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.233213][T10370] EXT4-fs (loop1): unmounting filesystem.
[  297.268341][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  297.276036][  T616] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.281579][T10765] loop1: detected capacity change from 0 to 2048
[  297.289311][  T616] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.306706][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  297.314888][  T616] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.315984][T10765]  loop1: p1 < > p4
[  297.321728][  T616] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.325927][T10765] loop1: p4 size 8388608 extends beyond EOD, truncated
[  297.332628][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  297.346952][   T39] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  297.354541][  T616] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.361389][  T616] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.368980][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  297.377572][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  297.396812][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  297.416544][T10713] device veth0_vlan entered promiscuous mode
[  297.424907][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  297.433207][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  297.441651][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  297.459841][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  297.479011][T10713] device veth1_macvtap entered promiscuous mode
[  297.505960][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  297.514158][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  297.538586][T10776] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  297.556000][T10776] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  297.585808][   T39] usb 5-1: Using ep0 maxpacket: 8
[  297.606668][T10778] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.613547][T10778] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.621180][T10778] device bridge_slave_0 entered promiscuous mode
[  297.630407][T10778] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.637764][T10778] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.645068][T10778] device bridge_slave_1 entered promiscuous mode
[  297.675699][   T39] usb 5-1: unable to get BOS descriptor or descriptor too short
[  297.714994][T10778] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.721864][T10778] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.723262][T10780] loop1: detected capacity change from 0 to 40427
[  297.729043][T10778] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.738533][T10780] F2FS-fs (loop1): Found nat_bits in checkpoint
[  297.742080][T10778] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.765647][   T39] usb 5-1: config index 0 descriptor too short (expected 16914, got 18)
[  297.773918][   T39] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  297.784008][   T39] usb 5-1: config 0 has no interfaces?
[  297.789052][T10780] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  297.807324][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.815560][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.835607][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  297.842872][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  297.850270][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  297.859538][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  297.867773][  T357] bridge0: port 1(bridge_slave_0) entered blocking state
[  297.874636][  T357] bridge0: port 1(bridge_slave_0) entered forwarding state
[  297.881809][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  297.889930][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  297.897877][  T357] bridge0: port 2(bridge_slave_1) entered blocking state
[  297.904700][  T357] bridge0: port 2(bridge_slave_1) entered forwarding state
[  297.911839][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  297.919596][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  297.927322][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  297.935212][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  297.945610][   T39] usb 5-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=30.9b
[  297.954646][   T39] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  297.962690][   T39] usb 5-1: Product: syz
[  297.962799][   T10] device bridge_slave_1 left promiscuous mode
[  297.966730][   T39] usb 5-1: Manufacturer: syz
[  297.972669][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.977301][   T39] usb 5-1: SerialNumber: syz
[  297.988676][   T10] device bridge_slave_0 left promiscuous mode
[  297.994711][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  297.995718][   T39] usb 5-1: config 0 descriptor??
[  298.006958][   T10] device veth1_macvtap left promiscuous mode
[  298.012843][   T10] device veth0_vlan left promiscuous mode
[  298.105639][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  298.113745][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  298.128022][T10778] device veth0_vlan entered promiscuous mode
[  298.136726][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  298.144425][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  298.152727][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  298.160170][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  298.185721][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  298.193846][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  298.203133][T10778] device veth1_macvtap entered promiscuous mode
[  298.213200][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  298.221129][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  298.229417][  T333] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  298.248561][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  298.261851][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  298.270735][  T358] usb 5-1: USB disconnect, device number 25
[  298.313771][T10796] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.321922][T10796] bridge0: port 1(bridge_slave_0) entered disabled state
[  298.329453][T10796] device bridge_slave_0 entered promiscuous mode
[  298.336939][T10796] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.343845][T10796] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.351222][T10796] device bridge_slave_1 entered promiscuous mode
[  298.386922][   T28] audit: type=1326 audit(2000000527.835:17205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e0ba7cea9 code=0x0
[  298.442645][   T28] audit: type=1326 audit(2000000527.885:17206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10809 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=436 compat=0 ip=0x7f0e0ba7cea9 code=0x0
[  298.477035][T10796] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.483880][T10796] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.490998][T10796] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.497772][T10796] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.509503][T10815] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  298.562562][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  298.571551][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  298.580278][   T19] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.601147][T10830] overlayfs: statfs failed on './file0'
[  298.607680][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  298.625795][   T19] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.632633][   T19] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.640008][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  298.661375][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  298.669609][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  298.681457][T10796] device veth0_vlan entered promiscuous mode
[  298.692888][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  298.702622][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  298.710169][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  298.723564][T10796] device veth1_macvtap entered promiscuous mode
[  298.737270][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  298.756301][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  298.764465][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  298.909053][T10849] loop4: detected capacity change from 0 to 512
[  298.936511][   T10] device bridge_slave_1 left promiscuous mode
[  298.943593][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  298.950949][T10849] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  298.967339][   T10] device bridge_slave_0 left promiscuous mode
[  298.973419][T10849] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  298.978422][T10836] loop0: detected capacity change from 0 to 40427
[  298.993152][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.000722][T10849] EXT4-fs error (device loop4): ext4_xattr_inode_iget:404: comm syz-executor.4: inode #1: comm syz-executor.4: iget: illegal inode #
[  299.015305][   T10] device veth1_macvtap left promiscuous mode
[  299.023559][T10836] F2FS-fs (loop0): Found nat_bits in checkpoint
[  299.029638][T10849] EXT4-fs error (device loop4): ext4_xattr_inode_iget:409: comm syz-executor.4: error while reading EA inode 1 err=-117
[  299.029736][   T10] device veth0_vlan left promiscuous mode
[  299.069948][T10849] EXT4-fs (loop4): 1 orphan inode deleted
[  299.081257][T10849] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  299.120874][T10836] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  299.257277][T10678] EXT4-fs (loop4): unmounting filesystem.
[  299.297874][T10869] loop4: detected capacity change from 0 to 16
[  299.308231][T10869] erofs: (device loop4): mounted with root inode @ nid 36.
[  299.343608][T10872] netlink: 'syz-executor.4': attribute type 30 has an invalid length.
[  299.417742][T10880] device syzkaller0 entered promiscuous mode
[  299.423144][T10867] loop1: detected capacity change from 0 to 40427
[  299.439658][T10867] F2FS-fs (loop1): invalid crc value
[  299.447648][T10867] F2FS-fs (loop1): Found nat_bits in checkpoint
[  299.502661][T10867] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  299.560159][T10882] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.572512][T10882] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.581971][T10882] device bridge_slave_0 entered promiscuous mode
[  299.592323][T10882] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.601540][T10882] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.609490][T10882] device bridge_slave_1 entered promiscuous mode
[  299.609697][T10796] syz-executor.1: attempt to access beyond end of device
[  299.609697][T10796] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  299.641563][T10889] syz-executor.3[10889] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  299.641629][T10889] syz-executor.3[10889] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  299.734025][T10884] loop4: detected capacity change from 0 to 40427
[  299.743139][T10882] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.758805][T10882] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.765887][T10882] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.772672][T10882] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.793913][T10884] F2FS-fs (loop4): Found nat_bits in checkpoint
[  299.833561][T10902] netlink: 23 bytes leftover after parsing attributes in process `syz-executor.1'.
[  299.846845][  T333] bridge0: port 1(bridge_slave_0) entered disabled state
[  299.861917][  T333] bridge0: port 2(bridge_slave_1) entered disabled state
[  299.883467][T10884] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  299.898906][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  299.906461][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  299.928113][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  299.941131][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  299.949830][ T4472] bridge0: port 1(bridge_slave_0) entered blocking state
[  299.956707][ T4472] bridge0: port 1(bridge_slave_0) entered forwarding state
[  299.964679][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  299.972873][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  299.980924][ T4472] bridge0: port 2(bridge_slave_1) entered blocking state
[  299.987811][ T4472] bridge0: port 2(bridge_slave_1) entered forwarding state
[  299.997817][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  300.013453][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  300.023988][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  300.032347][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  300.062421][T10882] device veth0_vlan entered promiscuous mode
[  300.081878][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  300.092764][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  300.102266][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  300.110034][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  300.123578][T10882] device veth1_macvtap entered promiscuous mode
[  300.137511][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  300.144795][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  300.152901][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  300.161055][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  300.169098][  T322] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  300.190517][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  300.203765][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  300.213990][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  300.222903][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  300.231863][   T10] device bridge_slave_1 left promiscuous mode
[  300.239078][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.251754][   T10] device bridge_slave_0 left promiscuous mode
[  300.261053][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.275321][   T10] device veth1_macvtap left promiscuous mode
[  300.296677][   T10] device veth0_vlan left promiscuous mode
[  300.424415][T10926] loop2: detected capacity change from 0 to 16
[  300.439276][T10926] erofs: (device loop2): mounted with root inode @ nid 36.
[  300.679815][T10927] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.686861][T10927] bridge0: port 1(bridge_slave_0) entered disabled state
[  300.694484][T10927] device bridge_slave_0 entered promiscuous mode
[  300.701548][T10927] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.708568][T10927] bridge0: port 2(bridge_slave_1) entered disabled state
[  300.717680][T10927] device bridge_slave_1 entered promiscuous mode
[  300.729729][T10944] SELinux:  Context system_u:object_r:apt_var_lib_t:s0 is not valid (left unmapped).
[  300.748633][   T28] audit: type=1400 audit(2000000530.195:17207): avc:  denied  { relabelto } for  pid=10943 comm="syz-executor.2" name="bus" dev="sda1" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:apt_var_lib_t:s0"
[  300.791945][   T28] audit: type=1400 audit(2000000530.225:17208): avc:  denied  { unlink } for  pid=10609 comm="syz-executor.2" name="bus" dev="sda1" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="system_u:object_r:apt_var_lib_t:s0"
[  300.886737][T10948] device veth1_macvtap left promiscuous mode
[  300.895585][  T333] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  300.921866][T10952] device veth1_macvtap entered promiscuous mode
[  301.055636][   T39] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  301.145658][  T333] usb 1-1: Using ep0 maxpacket: 8
[  301.183560][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  301.190964][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  301.200123][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  301.208266][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  301.217820][  T358] bridge0: port 1(bridge_slave_0) entered blocking state
[  301.224674][  T358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  301.231905][  T333] usb 1-1: unable to get BOS descriptor or descriptor too short
[  301.240251][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  301.247723][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  301.256016][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  301.265519][  T358] bridge0: port 2(bridge_slave_1) entered blocking state
[  301.272361][  T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  301.288593][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  301.298425][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  301.312280][T10961] overlayfs: statfs failed on './file0'
[  301.318581][   T39] usb 3-1: Using ep0 maxpacket: 8
[  301.321738][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  301.323473][  T333] usb 1-1: config index 0 descriptor too short (expected 16914, got 18)
[  301.335846][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  301.339618][  T333] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.348286][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  301.357605][  T333] usb 1-1: config 0 has no interfaces?
[  301.364730][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  301.378630][T10927] device veth0_vlan entered promiscuous mode
[  301.394880][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  301.405266][T10927] device veth1_macvtap entered promiscuous mode
[  301.416194][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  301.424445][  T357] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  301.433692][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  301.442192][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  301.465629][   T39] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  301.487236][T10973] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=10973 comm=syz-executor.4
[  301.555627][  T333] usb 1-1: New USB device found, idVendor=0bb4, idProduct=0a9b, bcdDevice=30.9b
[  301.564561][   T39] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  301.573434][   T39] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  301.591357][  T333] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.599478][   T39] usb 3-1: SerialNumber: syz
[  301.608825][  T333] usb 1-1: Product: syz
[  301.612803][  T333] usb 1-1: Manufacturer: syz
[  301.617985][   T39] usb 3-1: config 0 descriptor??
[  301.624546][  T333] usb 1-1: SerialNumber: syz
[  301.630357][  T333] usb 1-1: config 0 descriptor??
[  301.682187][T10987] syz-executor.4[10987] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  301.682249][T10987] syz-executor.4[10987] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  301.827124][   T10] device bridge_slave_1 left promiscuous mode
[  301.844944][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  301.852777][   T10] device bridge_slave_0 left promiscuous mode
[  301.858937][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  301.875824][  T358] usb 1-1: USB disconnect, device number 30
[  301.885165][   T10] device veth1_macvtap left promiscuous mode
[  301.891089][   T39] usb 3-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[  301.897890][   T39] usb 3-1: No valid video chain found.
[  301.903913][   T10] device veth0_vlan left promiscuous mode
[  302.115171][  T358] usb 3-1: USB disconnect, device number 31
[  302.254347][   T28] audit: type=1326 audit(2000000531.695:17209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11003 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a16c7cea9 code=0x7fc00000
[  302.344950][   T28] audit: type=1326 audit(2000000531.785:17210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11003 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a16c7a627 code=0x7fc00000
[  302.381035][   T28] audit: type=1326 audit(2000000531.785:17211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11003 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a16c40309 code=0x7fc00000
[  302.425602][   T28] audit: type=1326 audit(2000000531.785:17212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11003 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f7a16c403cf code=0x7fc00000
[  302.475709][   T28] audit: type=1326 audit(2000000531.785:17213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11003 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f7a16c7cea9 code=0x7fc00000
[  302.902441][T11046] syz-executor.1[11046] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  302.902685][T11046] syz-executor.1[11046] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.217053][T11059] loop3: detected capacity change from 0 to 16
[  303.237203][T11059] erofs: (device loop3): mounted with root inode @ nid 36.
[  303.346639][T11069] loop3: detected capacity change from 0 to 512
[  303.377819][T11069] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  303.386810][T11069] ext4 filesystem being mounted at /root/syzkaller-testdir3543683859/syzkaller.HpiH3v/20/file0 supports timestamps until 2038 (0x7fffffff)
[  303.403193][T11069] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #2: comm syz-executor.3: corrupted inode contents
[  303.416155][T11069] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #2: comm syz-executor.3: mark_inode_dirty error
[  303.427837][T11069] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #2: comm syz-executor.3: corrupted inode contents
[  303.440482][T11069] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz-executor.3: mark_inode_dirty error
[  303.474804][T10713] EXT4-fs (loop3): unmounting filesystem.
[  303.589718][   T28] audit: type=1326 audit(2000000533.035:17214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11086 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a16c7cea9 code=0x7fc00000
[  303.684030][   T28] audit: type=1326 audit(2000000533.125:17215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11086 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f7a16c7a627 code=0x7fc00000
[  303.753571][T11093] loop1: detected capacity change from 0 to 16
[  303.763086][   T28] audit: type=1326 audit(2000000533.125:17216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11086 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a16c40309 code=0x7fc00000
[  303.796225][T11093] erofs: (device loop1): mounted with root inode @ nid 36.
[  303.844665][T11096] netlink: 104 bytes leftover after parsing attributes in process `syz-executor.1'.
[  303.932908][T11100] syz-executor.1[11100] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.932974][T11100] syz-executor.1[11100] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  303.993563][T11104] loop0: detected capacity change from 0 to 512
[  304.073375][T11104] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  304.087525][T11112] loop1: detected capacity change from 0 to 512
[  304.095093][T11112] EXT4-fs (loop1): Number of reserved GDT blocks insanely large: 2048
[  304.102584][T11104] ext4 filesystem being mounted at /root/syzkaller-testdir3305015871/syzkaller.MOaZJw/7/file0 supports timestamps until 2038 (0x7fffffff)
[  304.144099][T11104] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[  304.169924][T11112] loop1: detected capacity change from 0 to 512
[  304.176217][T11104] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz-executor.0: mark_inode_dirty error
[  304.187721][T11112] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  304.198206][T11104] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[  304.210808][T11104] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz-executor.0: mark_inode_dirty error
[  304.232999][T11112] EXT4-fs (loop1): orphan cleanup on readonly fs
[  304.248953][T11112] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters
[  304.263155][T11112] EXT4-fs (loop1): 1 truncate cleaned up
[  304.263868][T10882] EXT4-fs (loop0): unmounting filesystem.
[  304.285074][T11112] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  304.318041][T10796] EXT4-fs (loop1): unmounting filesystem.
[  304.495090][T11141] syz-executor.0[11141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  304.495163][T11141] syz-executor.0[11141] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  304.699588][T11144] overlayfs: failed to resolve './file2': -2
[  305.378678][T11177] loop3: detected capacity change from 0 to 512
[  305.418160][T11177] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  305.442261][T11177] ext4 filesystem being mounted at /root/syzkaller-testdir3543683859/syzkaller.HpiH3v/30/file0 supports timestamps until 2038 (0x7fffffff)
[  305.460956][T11177] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #2: comm syz-executor.3: corrupted inode contents
[  305.486300][T11177] EXT4-fs error (device loop3): ext4_dirty_inode:6074: inode #2: comm syz-executor.3: mark_inode_dirty error
[  305.546298][T11177] EXT4-fs error (device loop3): ext4_do_update_inode:5212: inode #2: comm syz-executor.3: corrupted inode contents
[  305.580452][T11177] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #2: comm syz-executor.3: mark_inode_dirty error
[  305.628908][T10713] EXT4-fs (loop3): unmounting filesystem.
[  305.692502][T11197] bridge0: port 1(bridge_slave_0) entered blocking state
[  305.699708][T11197] bridge0: port 1(bridge_slave_0) entered disabled state
[  305.707298][T11197] device bridge_slave_0 entered promiscuous mode
[  305.714023][T11197] bridge0: port 2(bridge_slave_1) entered blocking state
[  305.720864][T11197] bridge0: port 2(bridge_slave_1) entered disabled state
[  305.736410][T11197] device bridge_slave_1 entered promiscuous mode
[  306.081795][   T28] kauditd_printk_skb: 10 callbacks suppressed
[  306.081809][   T28] audit: type=1326 audit(2000000535.525:17225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11220 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a16c7cea9 code=0x7ffc0000
[  306.213388][T11197] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.220265][T11197] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.227351][T11197] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.234128][T11197] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.240620][   T28] audit: type=1326 audit(2000000535.525:17226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11220 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a16c7cea9 code=0x7ffc0000
[  306.347417][T11225] 9pnet_fd: Insufficient options for proto=fd
[  306.397691][  T616] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.410779][  T616] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.566474][   T28] audit: type=1326 audit(2000000535.525:17227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11220 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=23 compat=0 ip=0x7f7a16c7cea9 code=0x7ffc0000
[  306.591353][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  306.599730][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  306.637967][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  306.651490][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  306.681518][  T358] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.688492][  T358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.695797][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  306.703980][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  306.712472][  T358] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.719325][  T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.730877][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  306.738793][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  306.749224][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  306.757141][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  306.792922][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  306.807443][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  306.827466][   T10] device bridge_slave_1 left promiscuous mode
[  306.834602][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  306.846136][T11236] loop4: detected capacity change from 0 to 512
[  306.854392][   T10] device bridge_slave_0 left promiscuous mode
[  306.862739][T11238] loop0: detected capacity change from 0 to 512
[  306.869020][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  306.877359][T11236] EXT4-fs (loop4): Number of reserved GDT blocks insanely large: 2048
[  306.886817][   T10] device veth1_macvtap left promiscuous mode
[  306.892763][   T10] device veth0_vlan left promiscuous mode
[  306.907987][T11240] loop1: detected capacity change from 0 to 1024
[  306.929727][T11238] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  306.930750][T11240] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[  306.938852][T11238] ext4 filesystem being mounted at /root/syzkaller-testdir3305015871/syzkaller.MOaZJw/17/file0 supports timestamps until 2038 (0x7fffffff)
[  306.972558][T11236] loop4: detected capacity change from 0 to 512
[  306.980784][T11240] System zones: 0-1, 3-12
[  306.985551][T11240] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  306.994888][T11238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[  307.005824][T11236] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  307.015688][   T28] audit: type=1400 audit(2000000536.455:17228): avc:  denied  { map } for  pid=11245 comm="syz-executor.3" path="/dev/zero" dev="devtmpfs" ino=5 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:zero_device_t tclass=chr_file permissive=1
[  307.023017][T11238] EXT4-fs error (device loop0): ext4_dirty_inode:6074: inode #2: comm syz-executor.0: mark_inode_dirty error
[  307.052130][T11238] EXT4-fs error (device loop0): ext4_do_update_inode:5212: inode #2: comm syz-executor.0: corrupted inode contents
[  307.065096][T11236] EXT4-fs (loop4): orphan cleanup on readonly fs
[  307.078505][T11236] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1102: group 0, block bitmap and bg descriptor inconsistent: 19 vs 41 free clusters
[  307.083336][T11238] EXT4-fs error (device loop0): __ext4_ext_dirty:202: inode #2: comm syz-executor.0: mark_inode_dirty error
[  307.093217][T11236] Quota error (device loop4): write_blk: dquota write failed
[  307.122485][T11236] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  307.132392][T11236] EXT4-fs (loop4): 1 truncate cleaned up
[  307.152249][T10882] EXT4-fs (loop0): unmounting filesystem.
[  307.160086][T11236] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  307.202940][   T28] audit: type=1400 audit(2000000536.645:17229): avc:  denied  { write } for  pid=11252 comm="syz-executor.0" name="file0" dev="sda1" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[  307.204738][T10927] EXT4-fs (loop4): unmounting filesystem.
[  307.226078][   T28] audit: type=1400 audit(2000000536.645:17230): avc:  denied  { open } for  pid=11252 comm="syz-executor.0" path="/root/syzkaller-testdir3305015871/syzkaller.MOaZJw/18/bus/file0" dev="overlay" ino=1960 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=chr_file permissive=1
[  307.312439][T11254] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  307.321494][T11254] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  307.330843][T11254] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  307.339751][T11254] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  307.348612][T11254] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  307.357446][T11254] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  307.366709][T11254] incfs: Can't find or create .index dir in ./file0
[  307.373288][T11254] incfs: mount failed -12
[  307.460943][T11197] device veth0_vlan entered promiscuous mode
[  307.481229][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  307.495354][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  307.504464][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  307.517156][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  307.534781][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  307.544975][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  307.561487][T11197] device veth1_macvtap entered promiscuous mode
[  307.567600][   T28] audit: type=1400 audit(2000000537.005:17231): avc:  denied  { mount } for  pid=11259 comm="syz-executor.4" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  307.597187][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  307.607751][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  307.619540][T11262] overlayfs: missing 'lowerdir'
[  307.619985][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  307.646189][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  307.665520][  T332] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  307.751760][   T28] audit: type=1400 audit(2000000537.195:17232): avc:  denied  { unmount } for  pid=10927 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  307.780798][T10796] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir1495132508/syzkaller.IkC3ox/44/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  307.782006][  T358] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[  307.812341][T10796] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  307.821654][  T358] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[  307.837928][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  307.851618][T10796] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir1495132508/syzkaller.IkC3ox/44/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  307.866147][  T358] hid-generic 0000:0000:0000.0027: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  307.886909][T10796] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  307.908565][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  307.922482][T10796] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir1495132508/syzkaller.IkC3ox/44/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  307.958975][T10796] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  307.984918][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.001612][T10796] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir1495132508/syzkaller.IkC3ox/44/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  308.031034][T10796] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  308.050582][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.062924][T10796] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir1495132508/syzkaller.IkC3ox/44/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  308.090163][T10796] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  308.111454][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.124961][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.137104][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.151761][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.164222][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.178551][T10796] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  308.286972][T10796] EXT4-fs (loop1): unmounting filesystem.
[  308.631553][T11316] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.644734][T11316] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.674445][T11316] device bridge_slave_0 entered promiscuous mode
[  308.698755][T11316] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.722316][T11316] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.729624][T11316] device bridge_slave_1 entered promiscuous mode
[  308.785332][T11340] loop3: detected capacity change from 0 to 2048
[  308.800204][T11340] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  308.808721][T11340] ext4 filesystem being mounted at /root/syzkaller-testdir3543683859/syzkaller.HpiH3v/49/file0 supports timestamps until 2038 (0x7fffffff)
[  308.830104][T10713] EXT4-fs (loop3): unmounting filesystem.
[  308.890144][T11316] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.897009][T11316] bridge0: port 2(bridge_slave_1) entered forwarding state
[  308.904086][T11316] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.910896][T11316] bridge0: port 1(bridge_slave_0) entered forwarding state
[  308.992825][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  309.002150][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.014697][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.036353][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  309.044386][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.051243][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.058431][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  309.075701][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.082552][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.115959][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  309.131263][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  309.165659][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  309.173989][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  309.181887][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  309.189217][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  309.197501][  T447] device bridge_slave_1 left promiscuous mode
[  309.203426][  T447] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.211320][  T447] device bridge_slave_0 left promiscuous mode
[  309.228693][  T447] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.244121][  T447] device veth1_macvtap left promiscuous mode
[  309.256526][  T447] device veth0_vlan left promiscuous mode
[  309.468292][T11316] device veth0_vlan entered promiscuous mode
[  309.492411][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  309.506801][T11316] device veth1_macvtap entered promiscuous mode
[  309.517516][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  309.525678][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  309.534994][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  309.543239][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  309.574950][T11389] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  310.446692][T11414] loop4: detected capacity change from 0 to 1024
[  310.457382][T11404] loop1: detected capacity change from 0 to 40427
[  310.466122][T11404] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  310.473777][T11404] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  310.474755][T11414] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[  310.490281][T11414] System zones: 0-1, 3-12
[  310.495324][T11404] F2FS-fs (loop1): invalid crc value
[  310.500259][T11414] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  310.515715][T11404] F2FS-fs (loop1): Found nat_bits in checkpoint
[  310.559084][T11404] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  310.566049][T11404] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  311.239154][T11424] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop4 ino=12
[  311.247881][T11424] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop4 ino=12
[  311.256654][T11424] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop4 ino=12
[  311.265348][T11424] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop4 ino=12
[  311.274020][T11424] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop4 ino=12
[  311.282723][T11424] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop4 ino=12
[  311.291632][T11424] incfs: Can't find or create .index dir in ./file0
[  311.298169][T11424] incfs: mount failed -12
[  311.801401][T10927] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor.4: path /root/syzkaller-testdir2556722561/syzkaller.CJTb2j/53/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  311.836192][T10927] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  311.873569][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  311.885740][T10927] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor.4: path /root/syzkaller-testdir2556722561/syzkaller.CJTb2j/53/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  311.913061][T10927] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  311.950108][T11437] loop2: detected capacity change from 0 to 512
[  311.957214][T11437] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  311.965758][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  311.977289][T10927] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor.4: path /root/syzkaller-testdir2556722561/syzkaller.CJTb2j/53/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  312.016550][T10927] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  312.035717][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.052699][T11437] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  312.061517][T10927] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor.4: path /root/syzkaller-testdir2556722561/syzkaller.CJTb2j/53/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  312.081686][T11437] ext4 filesystem being mounted at /root/syzkaller-testdir1725464055/syzkaller.GTv61T/21/file0 supports timestamps until 2038 (0x7fffffff)
[  312.100678][   T28] kauditd_printk_skb: 1 callbacks suppressed
[  312.100691][   T28] audit: type=1400 audit(2000000541.545:17234): avc:  denied  { read } for  pid=11442 comm="syz-executor.1" path="socket:[68330]" dev="sockfs" ino=68330 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=xdp_socket permissive=1
[  312.101451][T10927] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  312.140064][T11437] EXT4-fs error (device loop2): __ext4_new_inode:1281: comm syz-executor.2: failed to insert inode 16: doubly allocated?
[  312.165902][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.178039][T10927] EXT4-fs error (device loop4): ext4_readdir:260: inode #11: block 32: comm syz-executor.4: path /root/syzkaller-testdir2556722561/syzkaller.CJTb2j/53/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  312.204609][T11197] EXT4-fs (loop2): unmounting filesystem.
[  312.217325][T10927] EXT4-fs error (device loop4): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.4: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  312.238179][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.257164][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.269222][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.280988][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.293054][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.304965][T10927] EXT4-fs warning (device loop4): ext4_empty_dir:3101: inode #11: comm syz-executor.4: directory missing '.'
[  312.435574][  T358] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  312.647640][T10927] EXT4-fs (loop4): unmounting filesystem.
[  312.715610][  T358] usb 2-1: Using ep0 maxpacket: 16
[  312.775907][T11460] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.782861][T11460] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.790045][T11460] device bridge_slave_0 entered promiscuous mode
[  312.798053][T11460] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.804913][T11460] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.813272][T11460] device bridge_slave_1 entered promiscuous mode
[  312.860550][T11460] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.867399][T11460] bridge0: port 2(bridge_slave_1) entered forwarding state
[  312.874474][T11460] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.881288][T11460] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.888859][  T358] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  312.899434][  T358] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  312.908950][  T358] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  312.919034][  T358] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 0
[  312.920201][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  312.937160][T11147] bridge0: port 1(bridge_slave_0) entered disabled state
[  312.944213][T11147] bridge0: port 2(bridge_slave_1) entered disabled state
[  312.954319][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  312.962418][ T4472] bridge0: port 1(bridge_slave_0) entered blocking state
[  312.969250][ T4472] bridge0: port 1(bridge_slave_0) entered forwarding state
[  312.977482][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  312.985507][  T616] bridge0: port 2(bridge_slave_1) entered blocking state
[  312.992335][  T616] bridge0: port 2(bridge_slave_1) entered forwarding state
[  313.015581][  T358] usb 2-1: New USB device found, idVendor=04e6, idProduct=0007, bcdDevice= 1.75
[  313.027736][  T358] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=5
[  313.042769][T11460] device veth0_vlan entered promiscuous mode
[  313.050155][  T358] usb 2-1: SerialNumber: syz
[  313.050884][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  313.064286][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  313.072157][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  313.080564][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  313.087824][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  313.095734][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  313.105904][  T358] usb-storage 2-1:1.0: USB Mass Storage device detected
[  313.117039][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  313.117138][  T358] usb-storage 2-1:1.0: Quirks match for vid 04e6 pid 0007: 1
[  313.129639][T11460] device veth1_macvtap entered promiscuous mode
[  313.139719][T11472] loop3: detected capacity change from 0 to 512
[  313.142795][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  313.154742][  T358] scsi host1: usb-storage 2-1:1.0
[  313.159265][T11472] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802e01c, mo2=0002]
[  313.167407][T11472] System zones: 1-12
[  313.171924][T11472] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz-executor.3: invalid indirect mapped block 8323072 (level 1)
[  313.186185][T11472] EXT4-fs (loop3): 1 truncate cleaned up
[  313.186747][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  313.191730][T11472] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  313.214131][T11472] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 5: comm syz-executor.3: lblock 0 mapped to illegal pblock 5 (length 1)
[  313.228758][T11472] EXT4-fs warning (device loop3): dx_probe:822: inode #2: lblock 0: comm syz-executor.3: error -117 reading directory block
[  313.248410][T10713] EXT4-fs (loop3): unmounting filesystem.
[  313.261314][   T28] audit: type=1400 audit(2000000542.705:17235): avc:  denied  { map } for  pid=11479 comm="syz-executor.3" path="socket:[69179]" dev="sockfs" ino=69179 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  313.300832][T11488] loop3: detected capacity change from 0 to 1024
[  313.309369][T11488] EXT4-fs: Invalid commit interval -2147483648, must be smaller than 21474836
[  313.318401][  T616] usb 2-1: USB disconnect, device number 27
[  313.325989][    T8] device bridge_slave_1 left promiscuous mode
[  313.331922][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[  313.339148][    T8] device bridge_slave_0 left promiscuous mode
[  313.345074][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[  313.352674][    T8] device veth1_macvtap left promiscuous mode
[  313.358765][    T8] device veth0_vlan left promiscuous mode
[  313.371401][   T28] audit: type=1400 audit(2000000542.815:17236): avc:  denied  { write } for  pid=11485 comm="syz-executor.3" name="hwrng" dev="devtmpfs" ino=82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:random_device_t tclass=chr_file permissive=1
[  313.529160][T11498] loop3: detected capacity change from 0 to 512
[  313.535448][T11498] EXT4-fs: Ignoring removed nomblk_io_submit option
[  313.542780][T11498] EXT4-fs: test_dummy_encryption requires encrypt feature
[  313.650952][T11501] loop2: detected capacity change from 0 to 256
[  313.851582][T11508] loop1: detected capacity change from 0 to 1024
[  313.897680][T11510] syz-executor.2[11510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  313.898032][T11510] syz-executor.2[11510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  314.016830][T11508] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[  314.036964][T11508] System zones: 0-1, 3-12
[  314.050990][T11508] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  314.210554][T11521] loop3: detected capacity change from 0 to 2048
[  314.363901][T11523] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  314.373567][T11523] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  314.385026][T11523] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  314.395090][T11523] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  314.404557][T11523] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  314.413792][T11523] SELinux: inode_doinit_use_xattr:  getxattr returned 12 for dev=loop1 ino=12
[  314.425291][T11523] incfs: Can't find or create .index dir in ./file0
[  314.431867][T11523] incfs: mount failed -12
[  314.456065][T11521] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  314.465809][T11521] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  314.476775][T11521] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 not in group (block 1)!
[  314.486727][T11521] EXT4-fs (loop3): group descriptors corrupted!
[  315.124242][T11316] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir367779688/syzkaller.uNO97x/7/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.153945][T11316] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.185349][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.198019][T11316] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir367779688/syzkaller.uNO97x/7/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.224178][T11316] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.243441][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.255077][T11316] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir367779688/syzkaller.uNO97x/7/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.280769][T11316] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.304549][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.314797][T11543] loop2: detected capacity change from 0 to 1024
[  315.322666][T11543] EXT4-fs: Invalid commit interval -2147483648, must be smaller than 21474836
[  315.331617][T11316] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir367779688/syzkaller.uNO97x/7/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.371538][T11316] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.405696][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.428128][T11316] EXT4-fs error (device loop1): ext4_readdir:260: inode #11: block 32: comm syz-executor.1: path /root/syzkaller-testdir367779688/syzkaller.uNO97x/7/file1/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.454541][T11316] EXT4-fs error (device loop1): ext4_empty_dir:3099: inode #11: block 32: comm syz-executor.1: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  315.474709][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.490489][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.502497][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.514551][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.528252][T11551] loop2: detected capacity change from 0 to 512
[  315.529224][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.534856][T11551] EXT4-fs: Ignoring removed nomblk_io_submit option
[  315.546265][T11316] EXT4-fs warning (device loop1): ext4_empty_dir:3101: inode #11: comm syz-executor.1: directory missing '.'
[  315.563671][T11551] EXT4-fs: test_dummy_encryption requires encrypt feature
[  315.601351][T11553] loop3: detected capacity change from 0 to 256
[  315.612642][T11553] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010470, chksum : 0x23280b3e, utbl_chksum : 0xe619d30d)
[  315.637781][T11316] EXT4-fs (loop1): unmounting filesystem.
[  315.661574][   T28] audit: type=1326 audit(2000000545.105:17237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11556 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a16c7cea9 code=0x0
[  315.815016][T11561] bridge0: port 1(bridge_slave_0) entered blocking state
[  315.821945][T11561] bridge0: port 1(bridge_slave_0) entered disabled state
[  315.829208][T11561] device bridge_slave_0 entered promiscuous mode
[  315.837692][T11561] bridge0: port 2(bridge_slave_1) entered blocking state
[  315.844611][T11561] bridge0: port 2(bridge_slave_1) entered disabled state
[  315.853697][T11561] device bridge_slave_1 entered promiscuous mode
[  315.903929][T11566] syz-executor.3[11566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  315.904222][T11566] syz-executor.3[11566] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  316.123119][T11561] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.141507][T11561] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.148611][T11561] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.155391][T11561] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.189059][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  316.197252][T11147] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.204623][T11147] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.214953][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  316.223306][  T358] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.230139][  T358] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.237438][  T358] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  316.245366][  T358] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.252200][  T358] bridge0: port 2(bridge_slave_1) entered forwarding state
[  316.414834][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  316.453035][  T616] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  316.491427][   T10] device bridge_slave_1 left promiscuous mode
[  316.501300][   T10] bridge0: port 2(bridge_slave_1) entered disabled state
[  316.510409][   T10] device bridge_slave_0 left promiscuous mode
[  316.517006][   T10] bridge0: port 1(bridge_slave_0) entered disabled state
[  316.525194][   T10] device veth1_macvtap left promiscuous mode
[  316.531537][   T10] device veth0_vlan left promiscuous mode
[  316.627988][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  316.638719][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  316.654069][T11561] device veth0_vlan entered promiscuous mode
[  316.664554][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  316.673166][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  316.687095][T11561] device veth1_macvtap entered promiscuous mode
[  316.694023][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  316.701481][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  316.708791][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  316.717951][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  316.726001][T11147] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  316.741415][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  316.749590][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  316.757736][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  316.765865][ T4472] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  316.793676][   T28] audit: type=1400 audit(2000000546.235:17238): avc:  denied  { read } for  pid=11577 comm="syz-executor.3" path="socket:[69396]" dev="sockfs" ino=69396 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  316.795102][T11585] loop1: detected capacity change from 0 to 1024
[  316.824882][T11587] general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN
[  316.836519][T11587] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
[  316.844772][T11587] CPU: 0 PID: 11587 Comm: syz-executor.4 Tainted: G        W          6.1.78-syzkaller-00009-g25216be1ac5e #0
[  316.856225][T11587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  316.866120][T11587] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  316.872198][T11587] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  316.886364][T11585] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[  316.891634][T11587] RSP: 0018:ffffc90002a3f6c0 EFLAGS: 00010246
[  316.905440][T11587] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  316.913249][T11587] RDX: ffffc9000782d000 RSI: 0000000000000414 RDI: 0000000000000415
[  316.915541][T11585] System zones: 0-1
[  316.921058][T11587] RBP: ffffc90002a3f818 R08: 0000000000000005 R09: ffffffff8411e7b3
[  316.921078][T11587] R10: 0000000000000004 R11: ffff88813d809440 R12: dffffc0000000000
[  316.924704][T11585] , 3-12
[  316.932511][T11587] R13: ffff888137eb0000 R14: 1ffff92000547ee4 R15: 0000000000000000
[  316.932530][T11587] FS:  00007fa844a866c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  316.932549][T11587] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  316.932564][T11587] CR2: 0000000020010000 CR3: 0000000134424000 CR4: 00000000003506b0
[  316.932581][T11587] DR0: 000000000000004e DR1: 0000000000000000 DR2: 0000000000000000
[  316.932593][T11587] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  316.954631][T11585] 
[  316.959591][T11587] Call Trace:
[  316.959599][T11587]  <TASK>
[  316.959606][T11587]  ? __die_body+0x62/0xb0
[  316.984736][T11585] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  316.989450][T11587]  ? die_addr+0x9f/0xd0
[  316.989477][T11587]  ? exc_general_protection+0x317/0x4c0
[  317.019311][T11587]  ? asm_exc_general_protection+0x27/0x30
[  317.024861][T11587]  ? xdp_do_generic_redirect+0x303/0xad0
[  317.030329][T11587]  ? dev_map_generic_redirect+0x90/0x7d0
[  317.035797][T11587]  ? __free_pages_core+0x180/0x180
[  317.040741][T11587]  ? __this_cpu_preempt_check+0x13/0x20
[  317.046124][T11587]  ? bq_enqueue+0x3e0/0x3e0
[  317.050463][T11587]  ? bpf_prog_run_generic_xdp+0x9aa/0x1110
[  317.056112][T11587]  xdp_do_generic_redirect+0x411/0xad0
[  317.061401][T11587]  do_xdp_generic+0x53e/0x800
[  317.065914][T11587]  ? generic_xdp_tx+0x560/0x560
[  317.070601][T11587]  ? __schedule+0xcaf/0x1550
[  317.075027][T11587]  ? tun_get_user+0x2340/0x3a90
[  317.079712][T11587]  tun_get_user+0x238a/0x3a90
[  317.084230][T11587]  ? futex_q_unlock+0x30/0x30
[  317.088742][T11587]  ? tun_do_read+0x1ee0/0x1ee0
[  317.093339][T11587]  ? ref_tracker_alloc+0x31d/0x450
[  317.098287][T11587]  ? ref_tracker_dir_print+0x160/0x160
[  317.103583][T11587]  ? futex_wait+0x4b7/0x7e0
[  317.107922][T11587]  ? avc_policy_seqno+0x1b/0x70
[  317.112608][T11587]  ? tun_get+0xe9/0x120
[  317.116597][T11587]  tun_chr_write_iter+0x129/0x210
[  317.121459][T11587]  vfs_write+0x902/0xeb0
[  317.125540][T11587]  ? __x64_sys_prctl+0xd0/0xd0
[  317.130141][T11587]  ? file_end_write+0x1c0/0x1c0
[  317.134828][T11587]  ? __fget_files+0x2cb/0x330
[  317.139340][T11587]  ? __fdget_pos+0x204/0x390
[  317.143763][T11587]  ? ksys_write+0x77/0x2c0
[  317.148018][T11587]  ksys_write+0x199/0x2c0
[  317.152182][T11587]  ? __x64_sys_futex+0x100/0x100
[  317.156958][T11587]  ? __ia32_sys_read+0x90/0x90
[  317.161557][T11587]  ? fpregs_restore_userregs+0x130/0x290
[  317.167026][T11587]  __x64_sys_write+0x7b/0x90
[  317.171451][T11587]  do_syscall_64+0x3d/0xb0
[  317.175708][T11587]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[  317.181436][T11587] RIP: 0033:0x7fa843c7bbef
[  317.185684][T11587] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 b9 80 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 0c 81 02 00 48
[  317.205216][T11587] RSP: 002b:00007fa844a86090 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  317.213460][T11587] RAX: ffffffffffffffda RBX: 00007fa843db3f80 RCX: 00007fa843c7bbef
[  317.221271][T11587] RDX: 000000000000fdef RSI: 0000000020000780 RDI: 00000000000000c8
[  317.229082][T11587] RBP: 00007fa843cebff4 R08: 0000000000000000 R09: 0000000000000000
[  317.236893][T11587] R10: 000000000000fdef R11: 0000000000000293 R12: 0000000000000000
[  317.244707][T11587] R13: 000000000000000b R14: 00007fa843db3f80 R15: 00007fffb94d9938
[  317.252523][T11587]  </TASK>
[  317.255384][T11587] Modules linked in:
[  317.259194][T11587] ---[ end trace 0000000000000000 ]---
[  317.264413][T11587] RIP: 0010:dev_map_generic_redirect+0x90/0x7d0
[  317.270507][T11587] Code: f1 f1 00 f2 f2 f2 4b 89 04 26 43 c7 44 26 0f f3 f3 f3 f3 43 c6 44 26 13 f3 e8 ac 07 de ff 48 89 d8 48 c1 e8 03 48 89 44 24 48 <42> 80 3c 20 00 74 08 48 89 df e8 f1 04 25 00 48 89 5c 24 18 4c 8b
[  317.289940][T11587] RSP: 0018:ffffc90002a3f6c0 EFLAGS: 00010246
[  317.295851][T11587] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000040000
[  317.303643][T11587] RDX: ffffc9000782d000 RSI: 0000000000000414 RDI: 0000000000000415
[  317.311462][T11587] RBP: ffffc90002a3f818 R08: 0000000000000005 R09: ffffffff8411e7b3
[  317.319283][T11587] R10: 0000000000000004 R11: ffff88813d809440 R12: dffffc0000000000
[  317.327107][T11587] R13: ffff888137eb0000 R14: 1ffff92000547ee4 R15: 0000000000000000
[  317.334884][T11587] FS:  00007fa844a866c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  317.335558][  T616] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  317.343687][T11587] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  317.357467][T11587] CR2: 0000000020010000 CR3: 0000000134424000 CR4: 00000000003506b0
[  317.365264][T11587] DR0: 000000000000004e DR1: 0000000000000000 DR2: 0000000000000000
[  317.373085][T11587] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  317.380906][T11587] Kernel panic - not syncing: Fatal exception in interrupt
[  317.388245][T11587] Kernel Offset: disabled
[  317.392370][T11587] Rebooting in 86400 seconds..