last executing test programs:

5.402306615s ago: executing program 2 (id=9804):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x2, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)={0x14, 0x14, 0x301, 0x0, 0x0, {0x1e}}, 0x14}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x0)
mkdirat(r4, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000a5517f5fbfa30000000000000703000028feffff720af0fff8ffffff71a4f0ff00000000b7060000000000012e400300000000006506020001cd00007118540000000000c3640000000000006b0a00fe00000000850000002e000000b7000000000000009500000000000000023bc065b7a379d179fc9e94af69912435f1b6a693172e61917ad4b200000000000000000beca090f32050e436fe275daf51efd601b6bf01c8e8b1abe4fef3bef7074815ae98743d1ace4c46631256dd19aed0d600c0b6199fe3ff3128e599b0eaebbdbd7359a48f5b0afc3996792043a6787bac46aa7aa400000000000069669622208266f896ba2c9e73c2efeec2dc565fbafb2cb63f5fef9ab79ff8abaa8a08f54a062107e9bb3e980fff675c8d3e91df6648a7a6aebcb63e0867b75690152af27711f0cbb9c06018d21bf3007c8eb65323b4267a526d53442db8e48dbc5ce47d67d07441a7975d5e41b14fd0154a8246249952a8b61633ce068220defe09d3b1136af6d03e9cf996c13d1bfcdc54567a9ca80dec2e943fe4ae7c617cc071f7add70cfbd48f8f6b50fe6a8297d88efa73e7e601040000b4a685969f28902bdecf66ef39755de79ed2c711477febc96231a53984d00877301d0ec62427a8e3a118fdd1ce9aaed569ebc5f2e58d6028e66139a737cc7146a131d47dcebb32ed67021d76e983223c998aec22242ae54e87f438d26982876b58f9134366952f7399a733f07138a736924f37c7d86f2ce97f0c117ec439c6b7b965752bbc06eced08d97a32ae4b1ad4d11c5b6f68ee841975233e4cea13f3ef04b2cab9cc256d4539dbafd888c7097c1169e0bebcc81ca3b740e663fbddcf91c50f1fda40bf34b6c9c1da2d6ed8acaf2a8091820ff4cf6be74ddca8bf2eed0e11b2139e8c3ec95436af5269d5792decda7d8b5dcf8640b504ba23c6d0a7f67cdfd27328100ebf9319a56f0f9cee17deecf747f3493f1dc39551f4c9a40b3e93fa80b8234ccbf39a9ef09bd97321f0dc20956f44ba2c5ec2e7569b05cf4690ddc189f174046a8b214acf23f42fb51ed4819e6b4cb5a8bf2b559d0c198fe0315483b8beb9801d06c58b22dd713fe3b7ef18e21081aacfd091b754125a488cea18255f79bebcb3051f622f8a1d9af1908e88a58774a24f35a4ccdbedea6212286c23dd89c2b4b90647f17231472af8dda7f3ab20f093aad3ce875f7458039ee6d0a52aeb7bc8eb393f056a5e7725531c5485278e0362338e2e2710fe00465e0d182a322091022cf5b814eeb9b3cab21196581e4d92d0b6fe5525285eea359274f1f21d69233bbe94941f10ba292100000000000000000000000000000000c18e93a0c5231779f2ee201e9fe7e63e84b57b5f05ecb594b8255b3085b352ca9533d6c31c1a30158c30352f8a126a65cb6582e58aa641007418611df53a601c3a8fb8d2286e86abf98136f345446730f68f5d6d1817a9e1b09e5650d2599fbe719a45337d29eb3fef5f7f565457660dec6fe903a1c2ea4f40a8ea1c179892afa219fc69a44163f0d731de418e9fd82a8c4661caea674b19242d1840d047882f640ea248457288c5ffb63e857da03ff5c0475c3cfff41c4806f1dc750eb1c45ec3a2a0b064834010604d6f88069e8e9bda2bc9c18d1b53a08f25d62ccaa46bc0235c830a7b3fe64bc6031b431bcad6b698a1ba6027870ea9e55fafbbf140c5f82a33ee4ac793b989c12a5827a7957f4d8136cf918b7cbf5bc5fc64c8001992536584586edded6f65bdd371ac84fd5cc60ab79b84e9e85a1c54d566625d133e95eff121621dff14b9de7a188b8c5387f9da63c2cce405bc44079e34e2db2b275bfbb54841d647338cad74be91144b780cf381a6860f641446ef73bd11d45f5e4df8f3c6440d8425fd7382225cf8c2cada01bf3cd5cbc6a403173e0c89a491c75efc5eef94abc3000002000000000000000000000000d71b794e9b4c145caf050429937eef4364d9e1cbe9150bccd9b2e73757f1f5e8ac50736cd3cbc029ede28696428486980a929c1aaa8826889a909e6716b60e4b568b6761f8ccc7d35b0e66357746b10fc481b47e67f1e14408c1ef3e018a5e647e3f607654f3bf82bcfb42be038a272d82f8362944f608b38100000000000000000000000000005de1824131fd8ba93220e6516a53b618b09904e52d42e6d8acd9a7d2d1f47daee9e0a73843d54326a1455c33e01ead5bbab7ec58085d127c95160a5d061f617b2183ae6912930ab7252e10525953bb4581a3a23c69726440161ba34ca6085817b763e16dcd680f053338f92c0fcb5b6a380df324a0a4adba7ee5b5e16e89cd29b2eada3a4391bb5f72f707a171520b2c99f52755e7a301c86b54ceb0e2c8d72890c5e03534a7da6a07a0e1f120714da56802ad2a4531f72b6b62ad46b581541eec703f1f0eda16c0e96f621f0f3a434975261ebbc94025d49c610a61aeefe79849d5915522e15cddb789e6d41e4f46f35ae1d5d4d1661c582d307b6b5a015f06d040ce56ab0a012592b17b6151e65a0bdd116e2442eed9c67a49cd0592d33af26ebeed649c6c25434435e90b8b3b470a6a18c73b90636455b2590a1e9a32dec76c3426ae5889161af7d960b3a9a5c0958f8f6f9d0dbe72c772e33be29725"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x45}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r5, 0x0, 0x0}, 0x10)

3.898471495s ago: executing program 3 (id=9811):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
removexattr(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x1ff)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000006c0)=0xa)
fsopen(&(0x7f0000000040)='selinuxfs\x00', 0x0)

3.584121777s ago: executing program 2 (id=9805):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000840)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b80000001900010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYRES32], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="b800000014000100"/20], 0xb8}}, 0x0)

3.02213003s ago: executing program 3 (id=9815):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000380)={<r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_init()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000300)=r0}, 0x26)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}], 0x2c})

2.949501103s ago: executing program 4 (id=9817):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
removexattr(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x1ff)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000006c0)=0xa)
fsopen(&(0x7f0000000040)='selinuxfs\x00', 0x0)

2.708634332s ago: executing program 2 (id=9821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x2, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)={0x14, 0x14, 0x301, 0x0, 0x0, {0x1e}}, 0x14}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x0)
mkdirat(r4, &(0x7f0000000000)='./file0\x00', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000a5517f5fbfa30000000000000703000028feffff720af0fff8ffffff71a4f0ff00000000b7060000000000012e400300000000006506020001cd00007118540000000000c3640000000000006b0a00fe00000000850000002e000000b7000000000000009500000000000000023bc065b7a379d179fc9e94af69912435f1b6a693172e61917ad4b200000000000000000beca090f32050e436fe275daf51efd601b6bf01c8e8b1abe4fef3bef7074815ae98743d1ace4c46631256dd19aed0d600c0b6199fe3ff3128e599b0eaebbdbd7359a48f5b0afc3996792043a6787bac46aa7aa400000000000069669622208266f896ba2c9e73c2efeec2dc565fbafb2cb63f5fef9ab79ff8abaa8a08f54a062107e9bb3e980fff675c8d3e91df6648a7a6aebcb63e0867b75690152af27711f0cbb9c06018d21bf3007c8eb65323b4267a526d53442db8e48dbc5ce47d67d07441a7975d5e41b14fd0154a8246249952a8b61633ce068220defe09d3b1136af6d03e9cf996c13d1bfcdc54567a9ca80dec2e943fe4ae7c617cc071f7add70cfbd48f8f6b50fe6a8297d88efa73e7e601040000b4a685969f28902bdecf66ef39755de79ed2c711477febc96231a53984d00877301d0ec62427a8e3a118fdd1ce9aaed569ebc5f2e58d6028e66139a737cc7146a131d47dcebb32ed67021d76e983223c998aec22242ae54e87f438d26982876b58f9134366952f7399a733f07138a736924f37c7d86f2ce97f0c117ec439c6b7b965752bbc06eced08d97a32ae4b1ad4d11c5b6f68ee841975233e4cea13f3ef04b2cab9cc256d4539dbafd888c7097c1169e0bebcc81ca3b740e663fbddcf91c50f1fda40bf34b6c9c1da2d6ed8acaf2a8091820ff4cf6be74ddca8bf2eed0e11b2139e8c3ec95436af5269d5792decda7d8b5dcf8640b504ba23c6d0a7f67cdfd27328100ebf9319a56f0f9cee17deecf747f3493f1dc39551f4c9a40b3e93fa80b8234ccbf39a9ef09bd97321f0dc20956f44ba2c5ec2e7569b05cf4690ddc189f174046a8b214acf23f42fb51ed4819e6b4cb5a8bf2b559d0c198fe0315483b8beb9801d06c58b22dd713fe3b7ef18e21081aacfd091b754125a488cea18255f79bebcb3051f622f8a1d9af1908e88a58774a24f35a4ccdbedea6212286c23dd89c2b4b90647f17231472af8dda7f3ab20f093aad3ce875f7458039ee6d0a52aeb7bc8eb393f056a5e7725531c5485278e0362338e2e2710fe00465e0d182a322091022cf5b814eeb9b3cab21196581e4d92d0b6fe5525285eea359274f1f21d69233bbe94941f10ba292100000000000000000000000000000000c18e93a0c5231779f2ee201e9fe7e63e84b57b5f05ecb594b8255b3085b352ca9533d6c31c1a30158c30352f8a126a65cb6582e58aa641007418611df53a601c3a8fb8d2286e86abf98136f345446730f68f5d6d1817a9e1b09e5650d2599fbe719a45337d29eb3fef5f7f565457660dec6fe903a1c2ea4f40a8ea1c179892afa219fc69a44163f0d731de418e9fd82a8c4661caea674b19242d1840d047882f640ea248457288c5ffb63e857da03ff5c0475c3cfff41c4806f1dc750eb1c45ec3a2a0b064834010604d6f88069e8e9bda2bc9c18d1b53a08f25d62ccaa46bc0235c830a7b3fe64bc6031b431bcad6b698a1ba6027870ea9e55fafbbf140c5f82a33ee4ac793b989c12a5827a7957f4d8136cf918b7cbf5bc5fc64c8001992536584586edded6f65bdd371ac84fd5cc60ab79b84e9e85a1c54d566625d133e95eff121621dff14b9de7a188b8c5387f9da63c2cce405bc44079e34e2db2b275bfbb54841d647338cad74be91144b780cf381a6860f641446ef73bd11d45f5e4df8f3c6440d8425fd7382225cf8c2cada01bf3cd5cbc6a403173e0c89a491c75efc5eef94abc3000002000000000000000000000000d71b794e9b4c145caf050429937eef4364d9e1cbe9150bccd9b2e73757f1f5e8ac50736cd3cbc029ede28696428486980a929c1aaa8826889a909e6716b60e4b568b6761f8ccc7d35b0e66357746b10fc481b47e67f1e14408c1ef3e018a5e647e3f607654f3bf82bcfb42be038a272d82f8362944f608b38100000000000000000000000000005de1824131fd8ba93220e6516a53b618b09904e52d42e6d8acd9a7d2d1f47daee9e0a73843d54326a1455c33e01ead5bbab7ec58085d127c95160a5d061f617b2183ae6912930ab7252e10525953bb4581a3a23c69726440161ba34ca6085817b763e16dcd680f053338f92c0fcb5b6a380df324a0a4adba7ee5b5e16e89cd29b2eada3a4391bb5f72f707a171520b2c99f52755e7a301c86b54ceb0e2c8d72890c5e03534a7da6a07a0e1f120714da56802ad2a4531f72b6b62ad46b581541eec703f1f0eda16c0e96f621f0f3a434975261ebbc94025d49c610a61aeefe79849d5915522e15cddb789e6d41e4f46f35ae1d5d4d1661c582d307b6b5a015f06d040ce56ab0a012592b17b6151e65a0bdd116e2442eed9c67a49cd0592d33af26ebeed649c6c25434435e90b8b3b470a6a18c73b90636455b2590a1e9a32dec76c3426ae5889161af7d960b3a9a5c0958f8f6f9d0dbe72c772e33be29725"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x45}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r5, 0x0, 0x0}, 0x10)

2.182285443s ago: executing program 1 (id=9826):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x0, 0x5}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f0000002680))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = io_uring_setup(0x7ac3, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xc, 0x0, 0xfffffffffffffe95)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='track_foreign_dirty\x00', r5}, 0x10)

2.124798566s ago: executing program 4 (id=9827):
timer_create(0x0, 0x0, &(0x7f0000001400))
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000111e6ca5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_gettime(0x0, &(0x7f00000000c0))

2.045880639s ago: executing program 4 (id=9828):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08086, &(0x7f0000000040)=ANY=[], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000d00008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r4 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_elf64(r4, &(0x7f0000000140)=ANY=[], 0xfd14)

2.045165019s ago: executing program 3 (id=9829):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000d83daf8ca556375e18120000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08086, &(0x7f0000000040)=ANY=[], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000000), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$fuse(0x0, 0x0, 0x40000, &(0x7f0000000540)=ANY=[], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_elf64(r5, &(0x7f0000000140)=ANY=[], 0xfd14)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000000)

1.959055282s ago: executing program 1 (id=9830):
pipe2(0x0, 0x0)
r0 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172"], 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_usb_control_io$uac1(r0, &(0x7f0000000680)={0x14, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00032a0000002a03"]}, 0x0)

1.813831948s ago: executing program 2 (id=9832):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000380)={<r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_init()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000300)=r0}, 0x26)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}], 0x2c})

1.492904501s ago: executing program 0 (id=9819):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000300)='qdisc_dequeue\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x60000000}, 0x50)

1.433557953s ago: executing program 0 (id=9833):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x15)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1)

1.401497265s ago: executing program 0 (id=9834):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='nonumtail=0,rodir,dmask=0000000000000000000000,uni_xlate=0,fmask=00000000000000000000040,utf8=0,uni_xlate=1,nfs=nostale_ro,uni_xlate=1,shorgname=win95,shortname=lower,utf8=1,flush,rodir,nonumtail=0,utf8=1,\x00'/219], 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x821c10, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r3)
r4 = eventfd(0x4)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r4})
read(r4, &(0x7f0000000080)=""/22, 0x16)
socket$key(0xf, 0x3, 0x2)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00')
read$FUSE(r5, &(0x7f0000003800)={0x2020}, 0x2020)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000836000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00002c1000/0x2000)=nil)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)

1.213107452s ago: executing program 0 (id=9835):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
fallocate(r1, 0x0, 0x0, 0x1000f4)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x90e976db910956fe, 0x4002011, r3, 0x0)
write$evdev(r1, &(0x7f00000001c0)=[{}], 0x18)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r4, &(0x7f0000000080), 0x208e24b)
fallocate(r0, 0x3, 0x0, 0x1a00)

1.212468612s ago: executing program 4 (id=9836):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xa, 0x4, 0x0, 0x5}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000181200", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r1}, 0x10)
r2 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r2, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r3, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
ioctl$USBDEVFS_REAPURB(0xffffffffffffffff, 0x4008550c, &(0x7f0000002680))
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = io_uring_setup(0x7ac3, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_RESTRICTIONS(r6, 0xc, 0x0, 0xfffffffffffffe95)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='track_foreign_dirty\x00', r5}, 0x10)

1.188533182s ago: executing program 3 (id=9837):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
removexattr(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x1ff)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000006c0)=0xa)
fsopen(&(0x7f0000000040)='selinuxfs\x00', 0x0)

1.162066314s ago: executing program 4 (id=9838):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000380)={<r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_init()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000300)=r0}, 0x26)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}], 0x2c})

909.935734ms ago: executing program 2 (id=9839):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000000000), 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00'}, 0x10)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006}]})
removexattr(0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.net/syz1\x00', 0x1ff)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r5, 0x5412, &(0x7f00000006c0)=0xa)
fsopen(&(0x7f0000000040)='selinuxfs\x00', 0x0)

875.936455ms ago: executing program 0 (id=9840):
pipe2(0x0, 0x0)
r0 = syz_usb_connect$uac1(0x0, 0xa4, &(0x7f00000000c0)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172"], 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x2, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r2}, &(0x7f0000000040), &(0x7f0000000140)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
syz_usb_control_io$uac1(r0, &(0x7f0000000680)={0x14, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00032a0000002a03"]}, 0x0)

587.034167ms ago: executing program 1 (id=9831):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18010000000020000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kvm_userspace_exit\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000300)='kvm_userspace_exit\x00', r2}, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

505.4917ms ago: executing program 0 (id=9841):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0xa, 0x2, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x0)
fspick(0xffffffffffffffff, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x4)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f000000d379)={&(0x7f0000000200)={0x14, 0x14, 0x301, 0x0, 0x0, {0x1e}}, 0x14}}, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x0)
mkdirat(r5, &(0x7f0000000000)='./file0\x00', 0x0)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000040)={r6, 0x0, 0x0}, 0x10)

504.04501ms ago: executing program 1 (id=9843):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r2}, 0x15)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r0, 0x40045402, &(0x7f0000000040)=0x1)

460.433712ms ago: executing program 1 (id=9844):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000540)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000480)='kfree\x00', r0}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fchmodat(r1, &(0x7f00000000c0)='./file1\x00', 0x0)
link(&(0x7f0000000080)='./file1\x00', &(0x7f0000000240)='./file2/file0\x00')
lstat(&(0x7f0000001080)='./file0/file0\x00', 0x0)

459.725142ms ago: executing program 1 (id=9845):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08086, &(0x7f0000000040)=ANY=[], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000d00008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
r4 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_elf64(r4, &(0x7f0000000140)=ANY=[], 0xfd14)

271.159919ms ago: executing program 3 (id=9846):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f00000001c0)='./file1\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='nonumtail=0,rodir,dmask=0000000000000000000000,uni_xlate=0,fmask=00000000000000000000040,utf8=0,uni_xlate=1,nfs=nostale_ro,uni_xlate=1,shorgname=win95,shortname=lower,utf8=1,flush,rodir,nonumtail=0,utf8=1,\x00'/219], 0x6, 0x2a6, &(0x7f0000000440)="$eJzs3T9rW1cUAPDzbFlS20EaOpVCH7RDJ2N77SJTbDDV1KKh7dCa2oZiiYINhv6hqqeuXTr2ExQC2fIlsmTIHsgayBYPhhee9F4kO7JsBcvOn99v8fV999x77vXFxoPO+/Hj3v5OGnvHfzyKej2JhVa04iSJZixE6a84o/VPAABvspMsi6fZ0CxxSUTU55cWADBHM//9vzv3lACAOfvm2+++Wm+3N75O03ps9v4+6uT/2edfh8/X9+Ln6MZurEQjTiOyF4btzSzL+pU014zPev2jTh7Z++F+Mf/6k4hB/Go0ojnoOhu/1d5YTYfG4vt5Hu8X67fy+LVoxIcT1t9qb6xNiI9ONT7/dCz/5WjEg5/il+jGziCJUfyfq2n6Zfbvs9+/z9PL45P+Uac2GDeSLd7wjwYAAAAAAAAAAAAAAAAAAAAAgLfYclE7pxaD+j15V1F/Z/E0/2Yp0lLzbH2eYXxSTnSuPlA/i//K+joraZpmxcBRfCU+qkTldnYNAAAAAAAAAAAAAAAAAAAAr5fDX3/b3+52dw+upVFWAyg/1v+q87TGej6J6YNro7UWiuaUmWOxHJNETE0j38Q1Hctljfcuyvn/O7NOWL98zNK087meRnm79reTyWdYi7KnXl6Se+NjqnHFtaoXPcpmun7ViY8aM++9+sGg0Z8yJpJpiX3xeHhyRU9yfhfVwalODF8qGmPh5+7GTPf55d8ViWodAAAAAAAAAAAAAAAAAAAwV6MP/U54eHxB0MOt4Uv+a3NODgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuyOj9/zM0+kXwFQZX4+DwlrcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAO+B5AAAA///S9mga")
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x821c10, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r3)
r4 = eventfd(0x4)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r4})
read(r4, &(0x7f0000000080)=""/22, 0x16)
socket$key(0xf, 0x3, 0x2)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00')
read$FUSE(r5, &(0x7f0000003800)={0x2020}, 0x2020)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f0000836000/0x4000)=nil, 0x4000, 0x2000, 0x3, &(0x7f00002c1000/0x2000)=nil)
madvise(&(0x7f00003c1000/0x1000)=nil, 0xdfc3efff, 0x15)

193.401722ms ago: executing program 4 (id=9847):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000200000000001200000085"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000040)='mm_page_alloc\x00'}, 0x10)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000d83daf8ca556375e18120000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0xa08086, &(0x7f0000000040)=ANY=[], 0x9, 0x2a8, &(0x7f0000000500)="$eJzs3F9IU38Yx/HHPz/1Z+hGRFBQPeVNRRzcrgMdoRENjHJhCcExz2rstI2dsZqEWxB400U3/buuIEIQoosgELvoKpTwrovuvPMiu0oiOjGnudnUMnWS79fF9rDn+zl8z58dtu9g08fvXouGHSNspqS6oUqq2yUns1XilWpZkJMj10fe7zt34eLpQDDYcVa1M9Dt86tq84HR3pvDh8ZSO86/bH5dL+PeS9Mz/qnx3eN7pr93X404GnE0Fk+pqX3xeMrssy3tv+9EDdUztmU6lkZijpUs6YfteCKRUTPW39SYSFqOo2Yso1Ero6m4ppIZNa+YkZgahqFNjYKVDacfBZbvhp7Puq7MpN65bn1OXNfNv9iwidNDhc2df9ctOv93Kj0lbKKim3qDiD2UDqVDhedCPxCWiNhiSat45JvkrxH38Yg7d6nkH2/4R4KTR9++UVWvDNrZ+Xw2HaopzfvEI95CpqBQd54Kdvi0oDT/nzQW5/3ikV3l8/6y+To53FKUN8Qjk5clLrZMjB78MtU19GAhP+hTPdEVXJL/X/oXD9OzzxU6PwAAAAAAAAAArIWhP5VdvzfyA24PqGrTkn4hX+73gaXr861l1+drZW9tZfcdAAAAAIDtwskMRE3btpJ/WeS/yq/Hdv694smt3x+8v3PlMS1tNRPtH3KJrbBff1B87dkS0ygtZH71abXBNev8TlksPq3Ldqrm57f8mJO9H1+sup26X47PcsY2/q4EAAAAYCMsfuhvk2z4VTrbc+xepecEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB2s4a/HJt4WK6l+WLn03KtSu8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADASn4EAAD//xAR0Ao=")
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000000), 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
syz_mount_image$fuse(0x0, 0x0, 0x40000, &(0x7f0000000540)=ANY=[], 0x1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r5 = creat(&(0x7f00000000c0)='./bus\x00', 0x0)
write$binfmt_elf64(r5, &(0x7f0000000140)=ANY=[], 0xfd14)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x100000000)

105.010976ms ago: executing program 3 (id=9848):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000380)={<r0=>0xffffffffffffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x89}, 0x0)
sched_setaffinity(0x0, 0x4e, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
inotify_init()
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000280), &(0x7f0000000300)=r0}, 0x26)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f00000000c0))
bpf$MAP_CREATE(0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [{@fscontext={'fscontext', 0x3d, 'staff_u'}}], 0x2c})

0s ago: executing program 2 (id=9849):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.events\x00', 0x275a, 0x0)
write$cgroup_int(r2, &(0x7f0000000100), 0x1001)
fallocate(r1, 0x0, 0x0, 0x1000f4)
r3 = open(&(0x7f0000000780)='./bus\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x90e976db910956fe, 0x4002011, r3, 0x0)
write$evdev(r1, &(0x7f00000001c0)=[{}], 0x18)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r4, &(0x7f0000000080), 0x208e24b)
fallocate(r0, 0x3, 0x0, 0x1a00)

kernel console output (not intermixed with test programs):

state
[ 1398.766631][T30257] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1398.774009][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1398.783068][T30257] ext4 filesystem being mounted at /root/syzkaller.WqVwzs/7/file1 supports timestamps until 2038 (0x7fffffff)
[ 1398.791487][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1398.810042][T27899] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1398.816908][T27899] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1398.821304][T30257] EXT4-fs error (device loop0): ext4_ext_remove_space:2866: inode #16: comm syz.0.9109: path[1].p_hdr == NULL
[ 1398.824334][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1398.835740][T30257] EXT4-fs (loop0): Remounting filesystem read-only
[ 1398.843608][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1398.849549][T30257] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm syz.0.9109: Invalid inode table block 0 in block_group 0
[ 1398.857362][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1398.870017][T30257] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1398.877746][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1398.886739][T30257] EXT4-fs error (device loop0): ext4_punch_hole:4142: inode #16: comm syz.0.9109: mark_inode_dirty error
[ 1398.910050][T30224] device veth0_vlan entered promiscuous mode
[ 1398.916817][T29995] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1398.927551][T30224] device veth1_macvtap entered promiscuous mode
[ 1398.939954][T29995] EXT4-fs (loop0): unmounting filesystem.
[ 1398.940033][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1398.954328][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1398.962680][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1398.970532][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1398.978382][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1398.986386][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1398.994386][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1399.001885][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1399.009264][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1399.019036][ T9043] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1399.029076][ T9043] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1399.041977][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1399.050452][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1399.058697][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1399.066670][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1399.117991][ T9043] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1399.125161][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1399.131943][ T9043] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1399.135654][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1399.159314][ T9043] usb 4-1: SerialNumber: syz
[ 1399.190398][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1399.205626][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1399.215129][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1399.221993][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1399.231162][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1399.239369][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1399.250743][  T309] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1399.257627][  T309] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1399.265355][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1399.273250][   T28] audit: type=1400 audit(1719726237.990:613): avc:  denied  { ioctl } for  pid=30272 comm="syz.1.9117" path="socket:[133287]" dev="sockfs" ino=133287 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[ 1399.273687][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1399.382430][T30278] loop1: detected capacity change from 0 to 512
[ 1399.417019][T30278] EXT4-fs (loop1): 1 orphan inode deleted
[ 1399.423126][T30278] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1399.433695][T30278] ext4 filesystem being mounted at /root/syzkaller.h6wvNN/38/file1 supports timestamps until 2038 (0x7fffffff)
[ 1399.510465][T30278] EXT4-fs error (device loop1): ext4_ext_remove_space:2866: inode #16: comm syz.1.9118: path[1].p_hdr == NULL
[ 1399.526537][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1399.526617][T30278] EXT4-fs (loop1): Remounting filesystem read-only
[ 1399.534788][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1399.540743][T30278] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz.1.9118: Invalid inode table block 0 in block_group 0
[ 1399.561974][ T9043] usb 4-1: USB disconnect, device number 50
[ 1399.565945][T30278] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1399.577409][T30278] EXT4-fs error (device loop1): ext4_punch_hole:4142: inode #16: comm syz.1.9118: mark_inode_dirty error
[ 1399.600158][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1399.601993][T29944] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1399.622671][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1399.630960][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1399.631306][T29944] EXT4-fs (loop1): unmounting filesystem.
[ 1399.643216][T30249] device veth0_vlan entered promiscuous mode
[ 1399.660998][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1399.668872][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1399.683985][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1399.691548][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1399.701617][T30249] device veth1_macvtap entered promiscuous mode
[ 1399.713126][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1399.757000][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1399.765270][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1399.774568][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1399.782926][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1399.810763][T30286] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1399.819499][T30274] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1399.834058][T30274] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1399.842042][T30274] device bridge_slave_0 entered promiscuous mode
[ 1399.849371][T30274] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1399.856214][T30274] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1399.863624][T30274] device bridge_slave_1 entered promiscuous mode
[ 1399.873088][T30291] mmap: syz.2.9123 (30291) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1399.958114][T30289] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1399.964982][T30289] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1399.972381][T30289] device bridge_slave_0 entered promiscuous mode
[ 1399.979844][T30274] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1399.986696][T30274] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1399.993805][T30274] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1400.000587][T30274] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1400.008623][T30289] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1400.015529][T30289] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.023327][T30289] device bridge_slave_1 entered promiscuous mode
[ 1400.084139][T30303] loop4: detected capacity change from 0 to 512
[ 1400.099477][  T358] device bridge_slave_1 left promiscuous mode
[ 1400.105485][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.107492][T30303] EXT4-fs (loop4): 1 orphan inode deleted
[ 1400.118189][T30303] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1400.118372][  T358] device bridge_slave_0 left promiscuous mode
[ 1400.127055][T30303] ext4 filesystem being mounted at /root/syzkaller.pf0u8R/4/file1 supports timestamps until 2038 (0x7fffffff)
[ 1400.133361][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1400.169048][  T358] device bridge_slave_1 left promiscuous mode
[ 1400.175071][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.188000][T30303] EXT4-fs error (device loop4): ext4_ext_remove_space:2866: inode #16: comm syz.4.9127: path[1].p_hdr == NULL
[ 1400.200392][  T358] device bridge_slave_0 left promiscuous mode
[ 1400.206600][T30303] EXT4-fs (loop4): Remounting filesystem read-only
[ 1400.213429][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1400.220847][T30303] EXT4-fs error (device loop4): __ext4_get_inode_loc:4497: comm syz.4.9127: Invalid inode table block 0 in block_group 0
[ 1400.234345][   T28] audit: type=1326 audit(1719726238.950:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30300 comm="syz.3.9126" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac7ab75b99 code=0x0
[ 1400.234852][T30303] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1400.266813][  T358] device veth1_macvtap left promiscuous mode
[ 1400.272770][  T358] device veth0_vlan left promiscuous mode
[ 1400.278856][  T358] device veth1_macvtap left promiscuous mode
[ 1400.284897][T30303] EXT4-fs error (device loop4): ext4_punch_hole:4142: inode #16: comm syz.4.9127: mark_inode_dirty error
[ 1400.296199][  T358] device veth0_vlan left promiscuous mode
[ 1400.332231][T30224] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1400.364682][T30224] EXT4-fs (loop4): unmounting filesystem.
[ 1400.641923][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1400.649433][  T389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1400.656574][  T389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1400.670658][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1400.679368][  T382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1400.686244][  T382] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1400.699508][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1400.719141][T27899] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1400.726012][T27899] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1400.740892][T30313] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1400.749813][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1400.777612][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1400.789465][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1400.808214][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1400.815597][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1400.823461][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1400.831904][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1400.840223][  T382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1400.847090][  T382] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1400.867772][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1400.876268][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1400.884734][  T382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1400.891596][  T382] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1400.902072][T30274] device veth0_vlan entered promiscuous mode
[ 1400.916021][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1400.923725][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1401.324616][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1401.334309][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1401.342247][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1401.350001][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1401.357927][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1401.366437][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1401.373840][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1401.381144][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1401.389010][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1401.400872][T30320] netlink: 'syz.2.9131': attribute type 4 has an invalid length.
[ 1401.409737][T30319] netlink: 'syz.2.9131': attribute type 4 has an invalid length.
[ 1401.434906][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1401.442905][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1401.454255][T30274] device veth1_macvtap entered promiscuous mode
[ 1401.470138][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1401.477558][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1401.485987][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1401.497358][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1401.505535][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1401.513755][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1401.521828][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1401.532757][T30289] device veth0_vlan entered promiscuous mode
[ 1401.543324][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1401.551180][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1401.559203][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1401.566423][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1401.583861][T30316] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1401.590846][T30316] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1401.598114][T30316] device bridge_slave_0 entered promiscuous mode
[ 1401.605573][T30316] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1401.613001][T30316] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1401.620238][T30316] device bridge_slave_1 entered promiscuous mode
[ 1401.633767][T30289] device veth1_macvtap entered promiscuous mode
[ 1401.800594][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1401.808686][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1401.816805][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1401.974023][T30344] loop3: detected capacity change from 0 to 256
[ 1402.054086][T30344] FAT-fs (loop3): Unrecognized mount option "shorgname=win95" or missing value
[ 1402.088635][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1402.089409][   T28] audit: type=1400 audit(1719726240.810:615): avc:  denied  { map } for  pid=30345 comm="syz.1.9121" path="/dev/usbmon0" dev="devtmpfs" ino=139 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[ 1402.097181][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1402.128394][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1402.136655][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1402.184418][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1402.191850][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1402.201084][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1402.209961][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1402.219696][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1402.226554][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1402.234425][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1402.261091][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1402.269365][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1402.277651][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1402.284534][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1402.300188][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1402.308561][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1402.316300][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1402.336556][T30353] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1402.337240][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1402.357293][T30355] loop1: detected capacity change from 0 to 512
[ 1402.361324][T30316] device veth0_vlan entered promiscuous mode
[ 1402.377640][T30316] device veth1_macvtap entered promiscuous mode
[ 1402.385600][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1402.395987][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1402.396811][T30355] EXT4-fs (loop1): 1 orphan inode deleted
[ 1402.403835][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1402.409853][T30355] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1402.415951][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1402.425301][T30355] ext4 filesystem being mounted at /root/syzkaller.sTRBl0/3/file1 supports timestamps until 2038 (0x7fffffff)
[ 1402.457484][T30355] EXT4-fs error (device loop1): ext4_ext_remove_space:2866: inode #16: comm syz.1.9141: path[1].p_hdr == NULL
[ 1402.463067][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1402.472373][T30355] EXT4-fs (loop1): Remounting filesystem read-only
[ 1402.478108][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1402.484059][T30355] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz.1.9141: Invalid inode table block 0 in block_group 0
[ 1402.492337][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1402.504826][T30355] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1402.514110][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1402.572718][T30355] EXT4-fs error (device loop1): ext4_punch_hole:4142: inode #16: comm syz.1.9141: mark_inode_dirty error
[ 1402.594959][T30365] bpf_get_probe_write_proto: 2 callbacks suppressed
[ 1402.594976][T30365] syz.0.9143[30365] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1402.607170][T30365] syz.0.9143[30365] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1402.615072][T30289] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1402.626363][T30365] syz.0.9143[30365] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1402.643978][T30365] syz.0.9143[30365] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1402.655977][T30289] EXT4-fs (loop1): unmounting filesystem.
[ 1402.785884][T30374] loop0: detected capacity change from 0 to 128
[ 1402.913118][T30376] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1402.921349][T30376] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1402.931758][T30376] device bridge_slave_0 entered promiscuous mode
[ 1402.962892][T30376] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1403.017466][T30376] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1403.062039][T30376] device bridge_slave_1 entered promiscuous mode
[ 1403.164232][T30383] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1403.191830][T30386] loop4: detected capacity change from 0 to 256
[ 1403.198599][T30386] FAT-fs (loop4): Unrecognized mount option "shorgname=win95" or missing value
[ 1403.247470][T30376] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1403.254409][T30376] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1403.261451][T30376] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1403.268248][T30376] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1403.289510][  T358] device bridge_slave_1 left promiscuous mode
[ 1403.296512][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1403.308147][  T358] device bridge_slave_0 left promiscuous mode
[ 1403.316712][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1403.326477][  T358] device bridge_slave_1 left promiscuous mode
[ 1403.332521][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1403.341176][  T358] device bridge_slave_0 left promiscuous mode
[ 1403.347151][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1403.355453][  T358] device bridge_slave_1 left promiscuous mode
[ 1403.362116][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1403.375342][  T358] device bridge_slave_0 left promiscuous mode
[ 1403.381479][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1403.390122][  T358] device veth1_macvtap left promiscuous mode
[ 1403.396138][  T358] device veth0_vlan left promiscuous mode
[ 1403.402185][  T358] device veth1_macvtap left promiscuous mode
[ 1403.408110][  T358] device veth0_vlan left promiscuous mode
[ 1403.413816][  T358] device veth1_macvtap left promiscuous mode
[ 1403.421001][  T358] device veth0_vlan left promiscuous mode
[ 1403.793433][T30397] loop2: detected capacity change from 0 to 512
[ 1403.840234][T30397] EXT4-fs (loop2): 1 orphan inode deleted
[ 1403.845860][T30397] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1403.854775][T30397] ext4 filesystem being mounted at /root/syzkaller.jxdgxs/9/file1 supports timestamps until 2038 (0x7fffffff)
[ 1403.875727][T30397] EXT4-fs error (device loop2): ext4_ext_remove_space:2866: inode #16: comm syz.2.9155: path[1].p_hdr == NULL
[ 1403.887449][T30397] EXT4-fs (loop2): Remounting filesystem read-only
[ 1403.894122][T30397] EXT4-fs error (device loop2): __ext4_get_inode_loc:4497: comm syz.2.9155: Invalid inode table block 0 in block_group 0
[ 1403.906940][T30397] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1403.916405][T30397] EXT4-fs error (device loop2): ext4_punch_hole:4142: inode #16: comm syz.2.9155: mark_inode_dirty error
[ 1403.933034][T30249] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1403.951585][T30249] EXT4-fs (loop2): unmounting filesystem.
[ 1404.069800][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1404.077099][T23071] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1404.084339][T23071] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1404.100710][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1404.108974][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1404.116924][T23071] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1404.123860][T23071] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1404.132744][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1404.141192][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1404.149468][T23071] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1404.156327][T23071] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1404.232897][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1404.247213][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1404.255285][T30415] loop0: detected capacity change from 0 to 256
[ 1404.269985][T30415] FAT-fs (loop0): Unrecognized mount option "shorgname=win95" or missing value
[ 1404.277328][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1404.287437][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1404.330907][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1404.339189][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1404.357044][T30376] device veth0_vlan entered promiscuous mode
[ 1404.371246][T30376] device veth1_macvtap entered promiscuous mode
[ 1404.428528][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1404.440334][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1404.460130][T30431] hub 6-0:1.0: USB hub found
[ 1404.460395][T30432] overlayfs: failed to resolve './file2': -2
[ 1404.464657][T30431] hub 6-0:1.0: 1 port detected
[ 1404.471896][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1404.763930][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1404.772193][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1404.791147][T30437] loop4: detected capacity change from 0 to 128
[ 1404.798924][T30435] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1404.807091][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1404.824889][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1404.856062][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1404.864711][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1404.944525][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1404.952018][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1405.115367][T30447] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1405.169508][T30416] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1405.204900][T30453] loop1: detected capacity change from 0 to 256
[ 1405.212022][T30416] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1405.239955][T30453] FAT-fs (loop1): Unrecognized mount option "shorgname=win95" or missing value
[ 1405.250913][T30416] device bridge_slave_0 entered promiscuous mode
[ 1405.266034][T30416] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1405.274780][T30459] syz.3.9178[30459] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1405.274852][T30459] syz.3.9178[30459] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1405.286490][T30416] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1405.320529][T30416] device bridge_slave_1 entered promiscuous mode
[ 1405.500931][T30467] hub 6-0:1.0: USB hub found
[ 1405.509553][T30469] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1405.517183][T30467] hub 6-0:1.0: 1 port detected
[ 1405.585790][T30416] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1405.592697][T30416] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1405.599773][T30416] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1405.606540][T30416] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1405.638386][  T389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1405.645777][  T389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1405.653401][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1405.661292][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1405.742355][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1405.753121][ T9043] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1405.760007][ T9043] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1405.771075][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1405.780036][ T9043] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1405.786890][ T9043] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1405.841956][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1405.868417][ T9043] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1405.895881][T30416] device veth0_vlan entered promiscuous mode
[ 1405.908093][T30480] loop0: detected capacity change from 0 to 128
[ 1405.915049][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1405.923227][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1405.931770][T30478] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1405.940788][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1405.948432][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1405.962752][T30416] device veth1_macvtap entered promiscuous mode
[ 1405.987959][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1405.997238][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1406.010479][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1406.045993][T30490] syz.4.9188[30490] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1406.046069][T30490] syz.4.9188[30490] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1406.101443][T30496] loop2: detected capacity change from 0 to 256
[ 1406.126490][T30496] FAT-fs (loop2): Unrecognized mount option "shorgname=win95" or missing value
[ 1406.178280][  T372] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1406.213575][T30499] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1406.238989][  T358] device bridge_slave_1 left promiscuous mode
[ 1406.239348][T30502] hub 6-0:1.0: USB hub found
[ 1406.245527][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.256694][T30502] hub 6-0:1.0: 1 port detected
[ 1406.265746][  T358] device bridge_slave_0 left promiscuous mode
[ 1406.277072][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.290644][  T358] device bridge_slave_1 left promiscuous mode
[ 1406.305016][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1406.382853][  T358] device bridge_slave_0 left promiscuous mode
[ 1406.418575][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1406.433634][  T358] device veth1_macvtap left promiscuous mode
[ 1406.439747][  T358] device veth0_vlan left promiscuous mode
[ 1406.445767][  T358] device veth1_macvtap left promiscuous mode
[ 1406.452011][  T358] device veth0_vlan left promiscuous mode
[ 1406.497092][T30512] overlayfs: failed to resolve './file2': -2
[ 1406.582410][T30514] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1406.898201][T30520] loop1: detected capacity change from 0 to 128
[ 1407.099360][T30527] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1407.185653][T30530] loop0: detected capacity change from 0 to 256
[ 1407.238942][T30530] FAT-fs (loop0): Unrecognized mount option "shorgname=win95" or missing value
[ 1407.338882][T30537] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1407.501566][T25620] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 1408.273606][T30561] loop4: detected capacity change from 0 to 128
[ 1408.311467][T30563] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1408.337977][T25620] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1408.355944][T25620] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1408.437974][T25620] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1408.446846][T25620] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1408.454906][T25620] usb 4-1: SerialNumber: syz
[ 1408.538485][T30574] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1409.465452][T30581] loop2: detected capacity change from 0 to 256
[ 1409.478591][T30579] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1409.545154][T30581] FAT-fs (loop2): Unrecognized mount option "shorgname=win95" or missing value
[ 1409.609806][T30589] netlink: 104 bytes leftover after parsing attributes in process `syz.0.9222'.
[ 1409.754811][T30596] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1409.770687][T30598] loop2: detected capacity change from 0 to 128
[ 1409.780366][T27899] usb 4-1: USB disconnect, device number 51
[ 1410.192694][T30606] hub 6-0:1.0: USB hub found
[ 1410.197382][T30606] hub 6-0:1.0: 1 port detected
[ 1410.220068][T30608] loop1: detected capacity change from 0 to 128
[ 1410.825556][T30622] hub 6-0:1.0: USB hub found
[ 1410.830263][T30622] hub 6-0:1.0: 1 port detected
[ 1410.933687][T30625] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1410.970322][T30628] loop2: detected capacity change from 0 to 128
[ 1411.047021][T30629] netlink: 'syz.4.9235': attribute type 4 has an invalid length.
[ 1411.287584][T30631] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1411.338649][   T28] audit: type=1326 audit(1719726250.060:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30635 comm="syz.1.9240" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7a7e975b99 code=0x0
[ 1411.353856][T30639] hub 6-0:1.0: USB hub found
[ 1411.367445][T30639] hub 6-0:1.0: 1 port detected
[ 1411.566746][T30648] netlink: 'syz.3.9243': attribute type 4 has an invalid length.
[ 1411.809271][T30654] loop4: detected capacity change from 0 to 128
[ 1411.827885][T23071] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1412.345718][T30666] loop1: detected capacity change from 0 to 128
[ 1412.408015][T23071] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1412.424188][T23071] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1412.527943][T23071] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1412.536856][T23071] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1412.545093][T23071] usb 1-1: SerialNumber: syz
[ 1412.575065][T30671] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1412.582097][T30671] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1412.589743][T30671] device bridge_slave_0 entered promiscuous mode
[ 1412.596612][T30671] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1412.604246][T30671] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1412.611683][T30671] device bridge_slave_1 entered promiscuous mode
[ 1412.728334][T30671] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1412.735416][T30671] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1412.742520][T30671] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1412.749282][T30671] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1412.767477][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1412.775242][T21707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1412.782721][T21707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1412.793228][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1412.801280][T27899] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1412.808136][T27899] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1412.838624][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1412.848360][  T382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1412.851226][T30682] loop2: detected capacity change from 0 to 128
[ 1412.855205][  T382] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1412.876814][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1412.885671][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1412.893871][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1412.901376][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1412.908932][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1412.916647][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1412.926078][T30671] device veth0_vlan entered promiscuous mode
[ 1412.932613][  T372] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1412.939631][T30671] device veth1_macvtap entered promiscuous mode
[ 1412.955367][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1412.993394][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1413.001669][T23071] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1413.021458][T30684] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1413.051598][T30689] loop3: detected capacity change from 0 to 128
[ 1413.069132][T23071] usb 1-1: USB disconnect, device number 82
[ 1413.170340][  T731] device bridge_slave_1 left promiscuous mode
[ 1413.177001][  T731] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1413.209451][  T731] device bridge_slave_0 left promiscuous mode
[ 1413.369562][  T731] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1413.395675][  T731] device veth1_macvtap left promiscuous mode
[ 1413.401630][  T731] device veth0_vlan left promiscuous mode
[ 1413.449579][   T28] audit: type=1326 audit(1719726252.170:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30696 comm="syz.4.9259" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7dd975b99 code=0x0
[ 1413.483491][T30699] overlayfs: missing 'lowerdir'
[ 1413.872789][T30708] loop0: detected capacity change from 0 to 128
[ 1415.401557][T30733] overlayfs: missing 'lowerdir'
[ 1415.410053][T30736] loop2: detected capacity change from 0 to 128
[ 1415.459995][T30738] hub 6-0:1.0: USB hub found
[ 1415.466553][T30738] hub 6-0:1.0: 1 port detected
[ 1415.479848][  T372] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1415.570235][T30752] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1415.620818][T30754] hub 6-0:1.0: USB hub found
[ 1415.625352][T30754] hub 6-0:1.0: 1 port detected
[ 1415.652849][   T28] audit: type=1326 audit(1719726254.370:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30755 comm="syz.0.9280" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8b1d175b99 code=0x0
[ 1415.737875][T21707] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1415.885954][T30759] hub 6-0:1.0: USB hub found
[ 1415.890494][T30759] hub 6-0:1.0: 1 port detected
[ 1415.914992][T30763] loop3: detected capacity change from 0 to 128
[ 1416.257284][T30768] overlayfs: missing 'lowerdir'
[ 1416.288683][T21707] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1416.301983][T21707] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1416.319231][T30778] hub 6-0:1.0: USB hub found
[ 1416.322269][T30780] loop1: detected capacity change from 0 to 128
[ 1416.324729][T30778] hub 6-0:1.0: 1 port detected
[ 1416.427929][T21707] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1416.437084][T21707] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1416.444946][T21707] usb 5-1: SerialNumber: syz
[ 1416.485332][T30784] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1416.522206][T30786] loop0: detected capacity change from 0 to 512
[ 1416.659261][T30786] EXT4-fs (loop0): 1 orphan inode deleted
[ 1416.665178][T30786] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1416.676100][T30786] ext4 filesystem being mounted at /root/syzkaller.Xm3UKQ/33/file1 supports timestamps until 2038 (0x7fffffff)
[ 1416.710907][T30274] EXT4-fs (loop0): unmounting filesystem.
[ 1416.948964][T30800] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1416.963896][T23073] usb 5-1: USB disconnect, device number 68
[ 1417.191351][T30802] loop1: detected capacity change from 0 to 128
[ 1417.225649][T30804] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1417.249687][T30804] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1417.299743][T30815] loop0: detected capacity change from 0 to 128
[ 1417.400412][   T28] audit: type=1326 audit(1719726256.120:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30812 comm="syz.2.9301" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1417.577531][T30823] loop4: detected capacity change from 0 to 128
[ 1418.057665][T30836] loop1: detected capacity change from 0 to 128
[ 1418.211830][T30843] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1418.221751][T30843] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1418.568931][T30861] loop3: detected capacity change from 0 to 128
[ 1418.607992][  T309] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[ 1418.632181][T30862] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1418.780043][   T28] audit: type=1326 audit(1719726257.500:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30865 comm="syz.2.9319" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1419.068034][  T309] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1419.082503][  T309] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1419.230914][T30874] netlink: 'syz.1.9320': attribute type 4 has an invalid length.
[ 1419.352372][  T309] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1419.373746][  T309] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1419.387708][  T309] usb 1-1: SerialNumber: syz
[ 1419.402184][T30877] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1419.411378][T30877] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1419.454543][T30886] loop3: detected capacity change from 0 to 128
[ 1419.522472][T30894] loop2: detected capacity change from 0 to 128
[ 1419.984769][T30900] loop1: detected capacity change from 0 to 128
[ 1420.019503][  T309] usb 1-1: USB disconnect, device number 83
[ 1420.085773][T30904] loop4: detected capacity change from 0 to 256
[ 1420.092608][T30904] FAT-fs (loop4): Unrecognized mount option "shorgname=win95" or missing value
[ 1420.128784][  T372] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1420.690429][T30914] loop2: detected capacity change from 0 to 128
[ 1420.812298][T30928] loop0: detected capacity change from 0 to 128
[ 1420.932672][   T28] audit: type=1326 audit(1719726259.650:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=30923 comm="syz.3.9339" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf0ab75b99 code=0x0
[ 1421.849551][T30949] loop1: detected capacity change from 0 to 128
[ 1423.005432][T30957] netlink: 'syz.0.9343': attribute type 4 has an invalid length.
[ 1423.270949][T30972] loop4: detected capacity change from 0 to 128
[ 1423.276149][T30973] hub 6-0:1.0: USB hub found
[ 1423.286640][T30973] hub 6-0:1.0: 1 port detected
[ 1423.315896][T30977] loop1: detected capacity change from 0 to 128
[ 1423.398031][T27899] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 1423.819665][T27899] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1424.046621][T27899] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1424.500638][T30996] loop4: detected capacity change from 0 to 128
[ 1424.547928][T27899] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1424.556984][T27899] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1424.564819][T27899] usb 4-1: SerialNumber: syz
[ 1424.742585][T31001] loop0: detected capacity change from 0 to 512
[ 1424.750542][T30999] loop2: detected capacity change from 0 to 128
[ 1424.800307][T31001] EXT4-fs (loop0): 1 orphan inode deleted
[ 1424.805884][T31001] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1424.821351][T31001] ext4 filesystem being mounted at /root/syzkaller.Xm3UKQ/53/file1 supports timestamps until 2038 (0x7fffffff)
[ 1424.919231][T30274] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1424.941852][T30274] EXT4-fs (loop0): Remounting filesystem read-only
[ 1424.983415][T30274] EXT4-fs (loop0): unmounting filesystem.
[ 1425.130508][T23073] usb 4-1: USB disconnect, device number 52
[ 1425.214809][T31015] hub 6-0:1.0: USB hub found
[ 1425.219367][T31015] hub 6-0:1.0: 1 port detected
[ 1425.634152][T31025] loop4: detected capacity change from 0 to 128
[ 1425.695375][T31020] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1425.709522][T31020] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1425.725186][T31033] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1425.733686][T31020] device bridge_slave_0 entered promiscuous mode
[ 1425.742626][T31020] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1425.754702][T31020] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1425.764291][T31020] device bridge_slave_1 entered promiscuous mode
[ 1425.830362][T31046] overlayfs: missing 'workdir'
[ 1425.842418][T31039] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1425.859231][T31020] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1425.866084][T31020] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1425.873185][T31020] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1425.879966][T31020] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1425.901366][T25620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1425.910474][T25620] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1425.918554][T25620] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1425.930489][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1425.939585][  T309] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1425.946473][  T309] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1425.963738][   T28] audit: type=1326 audit(1719726264.680:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31047 comm="syz.3.9378" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf0ab75b99 code=0x0
[ 1425.992430][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1426.000821][T27899] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1426.007670][T27899] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1426.016029][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1426.034430][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1426.047768][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1426.058113][T31020] device veth0_vlan entered promiscuous mode
[ 1426.065205][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1426.076220][T15371] device bridge_slave_1 left promiscuous mode
[ 1426.085196][T15371] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1426.093171][T15371] device bridge_slave_0 left promiscuous mode
[ 1426.099201][T15371] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1426.107143][T15371] device veth1_macvtap left promiscuous mode
[ 1426.120076][T15371] device veth0_vlan left promiscuous mode
[ 1426.127143][T31053] hub 6-0:1.0: USB hub found
[ 1426.131706][T31053] hub 6-0:1.0: 1 port detected
[ 1426.149890][T31055] loop1: detected capacity change from 0 to 128
[ 1426.168498][  T372] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1426.275135][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1426.282535][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1426.306642][T25620] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1426.323659][T25620] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1426.339615][T31020] device veth1_macvtap entered promiscuous mode
[ 1426.550534][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1426.558952][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1426.567120][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1426.578007][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1426.586371][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1426.625561][T31063] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1426.817929][T23073] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1427.513376][T31080] netlink: 'syz.3.9388': attribute type 4 has an invalid length.
[ 1427.729292][T31087] loop0: detected capacity change from 0 to 128
[ 1427.892439][T31098] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1427.975547][T31104] netlink: 104 bytes leftover after parsing attributes in process `syz.3.9394'.
[ 1428.095779][T31102] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1428.191424][T23073] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1428.202420][T23073] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1428.258806][T31105] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1428.287958][T23073] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1428.296980][T23073] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1428.304776][T23073] usb 5-1: SerialNumber: syz
[ 1428.639466][T31118] loop0: detected capacity change from 0 to 128
[ 1428.678463][  T372] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1428.818347][T31127] loop1: detected capacity change from 0 to 128
[ 1428.821679][  T309] usb 5-1: USB disconnect, device number 69
[ 1429.390979][T31135] netlink: 'syz.3.9406': attribute type 4 has an invalid length.
[ 1429.718427][   T28] audit: type=1326 audit(1719726268.440:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31130 comm="syz.2.9409" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1429.852159][T31159] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1429.879260][T31166] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1429.942470][T31168] netlink: 104 bytes leftover after parsing attributes in process `syz.0.9419'.
[ 1430.022541][T31170] loop1: detected capacity change from 0 to 128
[ 1430.092362][T31172] loop4: detected capacity change from 0 to 128
[ 1430.981373][T31186] loop0: detected capacity change from 0 to 128
[ 1431.049584][T31197] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1431.061007][T31199] loop4: detected capacity change from 0 to 128
[ 1431.093876][T31206] loop1: detected capacity change from 0 to 128
[ 1431.138545][  T372] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1431.258690][   T28] audit: type=1326 audit(1719726269.980:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31200 comm="syz.3.9433" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcf0ab75b99 code=0x0
[ 1431.389905][T31219] netlink: 104 bytes leftover after parsing attributes in process `syz.2.9437'.
[ 1432.013122][T31229] loop1: detected capacity change from 0 to 128
[ 1432.149533][T31238] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1432.169647][T31236] loop2: detected capacity change from 0 to 128
[ 1432.692196][T31246] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1433.093315][T31249] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1433.289119][T31256] loop1: detected capacity change from 0 to 128
[ 1433.289481][T31261] loop0: detected capacity change from 0 to 128
[ 1433.335006][T31266] loop3: detected capacity change from 0 to 128
[ 1433.341222][T31268] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1433.376355][T31265] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1433.435994][T31271] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1434.509516][T31286] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1434.513338][T31290] loop1: detected capacity change from 0 to 512
[ 1434.617775][T31290] EXT4-fs (loop1): 1 orphan inode deleted
[ 1434.623476][T31290] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1434.629621][T31304] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1434.633055][T31290] ext4 filesystem being mounted at /root/syzkaller.SCpqHb/63/file1 supports timestamps until 2038 (0x7fffffff)
[ 1434.926540][T30376] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1434.942478][T30376] EXT4-fs (loop1): Remounting filesystem read-only
[ 1434.952509][T31311] loop0: detected capacity change from 0 to 128
[ 1434.963425][T30376] EXT4-fs (loop1): unmounting filesystem.
[ 1435.081554][T31313] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1435.430467][T31319] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1435.437515][T31319] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1435.445183][T31319] device bridge_slave_0 entered promiscuous mode
[ 1435.453226][T31319] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1435.460171][T31319] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1435.467261][T31319] device bridge_slave_1 entered promiscuous mode
[ 1435.512274][T31319] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1435.519153][T31319] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1435.526224][T31319] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1435.533024][T31319] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1435.553761][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1435.561192][T27899] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1435.568611][T27899] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1435.577263][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1435.585301][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1435.592152][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1435.602815][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1435.610910][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1435.617742][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1435.631609][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1435.640342][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1435.653576][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1435.664848][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1435.672895][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1435.680279][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1435.688416][T15371] device bridge_slave_1 left promiscuous mode
[ 1435.694424][T15371] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1435.701756][T15371] device bridge_slave_0 left promiscuous mode
[ 1435.707742][T15371] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1435.715472][T15371] device veth1_macvtap left promiscuous mode
[ 1435.721715][T15371] device veth0_vlan left promiscuous mode
[ 1435.790933][T31319] device veth0_vlan entered promiscuous mode
[ 1435.808331][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1435.818169][T31332] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1435.825624][T31319] device veth1_macvtap entered promiscuous mode
[ 1435.844185][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1435.846574][T31336] loop0: detected capacity change from 0 to 128
[ 1435.870358][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1435.908853][T31338] loop4: detected capacity change from 0 to 128
[ 1435.923279][T31340] loop3: detected capacity change from 0 to 512
[ 1435.982077][T31340] EXT4-fs (loop3): 1 orphan inode deleted
[ 1435.992372][T31340] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1436.002913][T31340] ext4 filesystem being mounted at /root/syzkaller.lIi80A/48/file1 supports timestamps until 2038 (0x7fffffff)
[ 1436.054825][T30671] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1436.069418][T30671] EXT4-fs (loop3): Remounting filesystem read-only
[ 1436.080397][T30671] EXT4-fs (loop3): unmounting filesystem.
[ 1436.131361][T31352] loop1: detected capacity change from 0 to 128
[ 1436.277650][T31356] loop2: detected capacity change from 0 to 128
[ 1436.454472][T31358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1436.466675][T31358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1436.475397][T31358] device bridge_slave_0 entered promiscuous mode
[ 1436.484864][T31358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1436.492075][T31358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1436.499636][T31358] device bridge_slave_1 entered promiscuous mode
[ 1436.562401][T31358] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1436.569273][T31358] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1436.576366][T31358] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1436.583154][T31358] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1436.601675][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1436.609098][T23073] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1436.616159][T23073] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1436.625091][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1436.633382][T15060] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1436.640238][T15060] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1436.651028][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1436.658990][T27899] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1436.665825][T27899] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1436.681610][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1436.689533][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1436.714200][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1436.726837][T31358] device veth0_vlan entered promiscuous mode
[ 1436.728500][T31366] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1436.734000][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1436.749200][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1436.756527][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1436.764686][T27244] device bridge_slave_1 left promiscuous mode
[ 1436.773543][T27244] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1436.786201][T27244] device bridge_slave_0 left promiscuous mode
[ 1436.794786][T27244] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1436.803255][T27244] device veth1_macvtap left promiscuous mode
[ 1436.809373][T27244] device veth0_vlan left promiscuous mode
[ 1436.898515][T31378] loop4: detected capacity change from 0 to 512
[ 1437.042175][T31358] device veth1_macvtap entered promiscuous mode
[ 1437.066743][T31378] EXT4-fs (loop4): 1 orphan inode deleted
[ 1437.081015][T31378] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1437.145735][T31378] ext4 filesystem being mounted at /root/syzkaller.gefOKd/57/file1 supports timestamps until 2038 (0x7fffffff)
[ 1437.170047][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1437.201886][T31386] loop2: detected capacity change from 0 to 128
[ 1437.211842][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1437.220477][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1437.228734][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1437.236857][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1437.240652][T30316] EXT4-fs error (device loop4): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1437.306695][T30316] EXT4-fs (loop4): Remounting filesystem read-only
[ 1437.307577][T31392] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1437.326094][T30316] EXT4-fs (loop4): unmounting filesystem.
[ 1437.402334][T31400] loop1: detected capacity change from 0 to 128
[ 1437.434365][T31394] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1437.623748][T31405] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1437.641920][T31405] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1437.657964][T31405] device bridge_slave_0 entered promiscuous mode
[ 1437.685995][T31405] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1437.720161][T31405] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1437.738403][T31405] device bridge_slave_1 entered promiscuous mode
[ 1437.819734][T31415] loop0: detected capacity change from 0 to 512
[ 1437.859328][T31415] EXT4-fs (loop0): 1 orphan inode deleted
[ 1437.868216][T31415] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1437.877005][T31415] ext4 filesystem being mounted at /root/syzkaller.6vBomC/26/file1 supports timestamps until 2038 (0x7fffffff)
[ 1437.901999][T31405] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1437.908913][T31405] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1437.915974][T31405] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1437.922780][T31405] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1437.931194][T31020] EXT4-fs (loop0): unmounting filesystem.
[ 1437.939186][T27244] device bridge_slave_1 left promiscuous mode
[ 1437.945329][T27244] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1437.952740][T27244] device bridge_slave_0 left promiscuous mode
[ 1437.958790][T27244] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1437.971594][T27244] device veth1_macvtap left promiscuous mode
[ 1437.973307][T31419] loop0: detected capacity change from 0 to 128
[ 1437.977491][T27244] device veth0_vlan left promiscuous mode
[ 1438.107914][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1438.115386][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1438.124840][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1438.238373][   T28] audit: type=1326 audit(1719726276.940:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31421 comm="syz.2.9509" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1438.290234][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1438.333530][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1438.434220][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1438.445902][T31432] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1438.448390][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1438.480212][T31405] device veth0_vlan entered promiscuous mode
[ 1438.488467][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1438.497438][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1438.505865][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1438.532267][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1438.553060][T31405] device veth1_macvtap entered promiscuous mode
[ 1438.603456][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1438.605820][T31443] loop4: detected capacity change from 0 to 128
[ 1438.610883][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1438.624320][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1438.883833][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1438.990283][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1439.079179][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1439.087772][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1439.096216][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1439.104572][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1439.176443][T31458] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1439.411587][T31463] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1439.495720][T31470] loop3: detected capacity change from 0 to 128
[ 1439.948470][T31487] 9pnet_fd: Insufficient options for proto=fd
[ 1440.058345][   T28] audit: type=1326 audit(1719726278.760:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31484 comm="syz.0.9529" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fcc575b99 code=0x0
[ 1440.289993][T31496] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1440.309077][T31498] loop4: detected capacity change from 0 to 128
[ 1440.673052][T31510] loop3: detected capacity change from 0 to 128
[ 1440.897940][T27899] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[ 1441.331166][T31522] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1441.362602][   T28] audit: type=1326 audit(1719726280.080:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31520 comm="syz.4.9541" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1441.578134][T27899] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1441.588208][T27899] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1442.179455][T31533] hub 6-0:1.0: USB hub found
[ 1442.184866][T31533] hub 6-0:1.0: 1 port detected
[ 1442.198074][T27899] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1442.213722][T27899] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1442.221776][T27899] usb 3-1: SerialNumber: syz
[ 1442.247587][T31538] 9pnet_fd: Insufficient options for proto=fd
[ 1442.412678][   T28] audit: type=1326 audit(1719726281.130:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31541 comm="syz.0.9548" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fcc575b99 code=0x0
[ 1442.491491][T31548] hub 6-0:1.0: USB hub found
[ 1442.496328][T31548] hub 6-0:1.0: 1 port detected
[ 1442.509159][  T389] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[ 1442.776045][T27899] usb 3-1: USB disconnect, device number 72
[ 1442.790805][T31554] hub 6-0:1.0: USB hub found
[ 1442.795347][T31554] hub 6-0:1.0: 1 port detected
[ 1442.821090][T31559] hub 6-0:1.0: USB hub found
[ 1442.825649][T31559] hub 6-0:1.0: 1 port detected
[ 1442.907948][  T389] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1442.917988][  T389] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1442.997956][  T389] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1443.007166][  T389] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1443.016059][  T389] usb 2-1: SerialNumber: syz
[ 1443.164706][   T28] audit: type=1326 audit(1719726281.880:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31562 comm="syz.4.9556" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1443.376612][T31573] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1443.379121][T31574] hub 6-0:1.0: USB hub found
[ 1443.389291][T31574] hub 6-0:1.0: 1 port detected
[ 1443.410132][T31576] hub 6-0:1.0: USB hub found
[ 1443.414715][T31576] hub 6-0:1.0: 1 port detected
[ 1443.434145][T31579] loop3: detected capacity change from 0 to 128
[ 1443.452060][T31582] 9pnet_fd: Insufficient options for proto=fd
[ 1443.720397][T27899] usb 2-1: USB disconnect, device number 65
[ 1443.815179][T31589] hub 6-0:1.0: USB hub found
[ 1443.820299][T31589] hub 6-0:1.0: 1 port detected
[ 1443.960984][   T28] audit: type=1326 audit(1719726282.680:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31592 comm="syz.4.9567" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1444.007723][T31599] loop2: detected capacity change from 0 to 512
[ 1444.020351][T31599] EXT4-fs (loop2): 1 orphan inode deleted
[ 1444.025948][T31599] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1444.034917][T31599] ext4 filesystem being mounted at /root/syzkaller.7sIkkF/78/file1 supports timestamps until 2038 (0x7fffffff)
[ 1444.055134][T30416] EXT4-fs (loop2): unmounting filesystem.
[ 1444.167319][T31607] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1444.249396][T31612] hub 6-0:1.0: USB hub found
[ 1444.253878][T31612] hub 6-0:1.0: 1 port detected
[ 1444.341596][T31619] loop3: detected capacity change from 0 to 128
[ 1444.902650][  T389] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[ 1445.142427][T31630] loop1: detected capacity change from 0 to 512
[ 1445.169956][T31630] EXT4-fs (loop1): 1 orphan inode deleted
[ 1445.175513][T31630] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1445.184632][T31630] ext4 filesystem being mounted at /root/syzkaller.githVz/20/file1 supports timestamps until 2038 (0x7fffffff)
[ 1445.288052][   T28] audit: type=1326 audit(1719726283.990:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31628 comm="syz.4.9578" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1445.406854][T31319] EXT4-fs (loop1): unmounting filesystem.
[ 1445.412931][  T389] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1445.447140][  T389] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1445.465845][T31642] loop1: detected capacity change from 0 to 256
[ 1445.472674][T31642] FAT-fs (loop1): Unrecognized mount option "shorgname=win95" or missing value
[ 1445.527920][  T389] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1445.536900][  T389] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1445.544716][  T389] usb 1-1: SerialNumber: syz
[ 1445.626800][T31648] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1445.707972][  T419] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1445.744327][   T28] audit: type=1326 audit(1719726284.460:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31651 comm="syz.2.9587" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1445.884917][T31661] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1446.049276][  T389] usb 1-1: USB disconnect, device number 84
[ 1446.097940][  T419] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1446.108001][  T419] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1446.337962][  T419] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1446.346893][  T419] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1446.354657][  T419] usb 4-1: SerialNumber: syz
[ 1446.484232][T31669] loop2: detected capacity change from 0 to 512
[ 1446.499880][T31669] EXT4-fs (loop2): 1 orphan inode deleted
[ 1446.505502][T31669] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1446.514472][T31669] ext4 filesystem being mounted at /root/syzkaller.7sIkkF/83/file1 supports timestamps until 2038 (0x7fffffff)
[ 1446.533499][T30416] EXT4-fs (loop2): unmounting filesystem.
[ 1446.557046][T31676] loop2: detected capacity change from 0 to 128
[ 1446.571902][T31678] loop0: detected capacity change from 0 to 256
[ 1446.601614][T31678] FAT-fs (loop0): Unrecognized mount option "shorgname=win95" or missing value
[ 1446.729794][T31689] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1446.862148][  T389] usb 4-1: USB disconnect, device number 53
[ 1446.954651][T31698] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1447.325522][T31701] loop1: detected capacity change from 0 to 512
[ 1447.350353][T31701] EXT4-fs (loop1): 1 orphan inode deleted
[ 1447.356038][T31701] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1447.364983][T31701] ext4 filesystem being mounted at /root/syzkaller.githVz/30/file1 supports timestamps until 2038 (0x7fffffff)
[ 1447.409266][T31701] EXT4-fs error (device loop1): ext4_ext_remove_space:2866: inode #16: comm syz.1.9603: path[1].p_hdr == NULL
[ 1447.440181][T31701] EXT4-fs (loop1): Remounting filesystem read-only
[ 1447.446826][T31701] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1447.466294][T31701] EXT4-fs error (device loop1): ext4_punch_hole:4142: inode #16: comm syz.1.9603: mark_inode_dirty error
[ 1447.495039][T31319] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1447.511890][   T28] audit: type=1326 audit(1719726286.240:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31704 comm="syz.3.9604" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80e8f75b99 code=0x0
[ 1447.535439][T31319] EXT4-fs (loop1): unmounting filesystem.
[ 1447.779195][T31720] SELinux: security_context_str_to_sid (ÿÿÿÿ) failed with errno=-22
[ 1447.788385][T23073] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1448.032824][T31718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1448.040104][T31718] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1448.047742][T31718] device bridge_slave_0 entered promiscuous mode
[ 1448.054871][T31718] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1448.061955][T31718] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1448.069408][T31718] device bridge_slave_1 entered promiscuous mode
[ 1448.112144][T31718] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1448.119091][T31718] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1448.126183][T31718] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1448.132987][T31718] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1448.152083][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1448.159501][T21707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1448.166606][T21707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1448.175394][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1448.177982][T23073] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1448.183611][T15060] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1448.194282][T23073] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1448.200059][T15060] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1448.216593][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1448.224633][T15060] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1448.231487][T15060] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1448.239146][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1448.247075][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1448.265174][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1448.277408][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1448.288120][T23073] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1448.298445][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1448.305783][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1448.312983][T23073] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1448.321612][T23073] usb 3-1: SerialNumber: syz
[ 1448.322630][T31718] device veth0_vlan entered promiscuous mode
[ 1448.338942][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1448.348643][T31718] device veth1_macvtap entered promiscuous mode
[ 1448.359923][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1448.368294][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1448.405565][T31738] loop3: detected capacity change from 0 to 128
[ 1448.583854][   T28] audit: type=1326 audit(1719726287.220:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31733 comm="syz.1.9609" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3930575b99 code=0x0
[ 1448.622515][T18522] device bridge_slave_1 left promiscuous mode
[ 1448.675876][T18522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1448.784207][T31746] loop0: detected capacity change from 0 to 512
[ 1448.794072][T18522] device bridge_slave_0 left promiscuous mode
[ 1448.820317][T18522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1448.828998][T18522] device veth1_macvtap left promiscuous mode
[ 1448.834904][T18522] device veth0_vlan left promiscuous mode
[ 1448.850773][T31746] EXT4-fs (loop0): 1 orphan inode deleted
[ 1448.856468][T31746] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1448.866033][T31746] ext4 filesystem being mounted at /root/syzkaller.6vBomC/42/file1 supports timestamps until 2038 (0x7fffffff)
[ 1448.890741][  T309] usb 3-1: USB disconnect, device number 73
[ 1448.904037][T31746] EXT4-fs error (device loop0): ext4_ext_remove_space:2866: inode #16: comm syz.0.9618: path[1].p_hdr == NULL
[ 1448.915964][T31746] EXT4-fs (loop0): Remounting filesystem read-only
[ 1448.927236][T31746] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1448.939611][T31746] EXT4-fs error (device loop0): ext4_punch_hole:4142: inode #16: comm syz.0.9618: mark_inode_dirty error
[ 1448.969700][T31020] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1448.993535][T31020] EXT4-fs (loop0): unmounting filesystem.
[ 1449.083940][T31758] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1449.266647][T31760] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1449.279531][T31760] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1449.286892][T31760] device bridge_slave_0 entered promiscuous mode
[ 1449.293819][T31760] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1449.300769][T31760] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1449.308009][T31760] device bridge_slave_1 entered promiscuous mode
[ 1449.385339][T31760] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1449.392223][T31760] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1449.399309][T31760] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1449.406086][T31760] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1449.668169][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1449.675839][  T309] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1449.683684][  T309] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1449.692840][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1449.702908][  T984] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1449.709791][  T984] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1449.724870][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1449.733230][T15060] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1449.740112][T15060] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1449.752988][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1449.762063][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1449.797099][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1449.810068][T31760] device veth0_vlan entered promiscuous mode
[ 1449.816507][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1449.831781][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1449.844343][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1449.863485][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1449.873017][T31760] device veth1_macvtap entered promiscuous mode
[ 1449.950264][   T28] audit: type=1326 audit(1719726288.670:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31786 comm="syz.2.9635" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1450.031018][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1450.088301][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1450.370857][T18522] device bridge_slave_1 left promiscuous mode
[ 1450.378904][T18522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1450.386553][T18522] device bridge_slave_0 left promiscuous mode
[ 1450.393022][T18522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1450.401424][T18522] device veth1_macvtap left promiscuous mode
[ 1450.407343][T18522] device veth0_vlan left promiscuous mode
[ 1450.437360][T31797] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1450.446667][T31803] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1450.618107][  T984] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[ 1450.835165][T31824] loop3: detected capacity change from 0 to 128
[ 1451.128394][  T984] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1451.138706][  T984] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1451.233399][  T984] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1451.242437][  T984] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1451.250721][  T984] usb 1-1: SerialNumber: syz
[ 1451.447071][   T28] audit: type=1326 audit(1719726290.160:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31835 comm="syz.1.9651" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3930575b99 code=0x0
[ 1451.772431][   T28] audit: type=1326 audit(1719726290.490:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31843 comm="syz.2.9653" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1451.804513][T21707] usb 1-1: USB disconnect, device number 85
[ 1452.073819][T31851] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1452.140215][T31858] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1452.191366][T31860] loop1: detected capacity change from 0 to 512
[ 1452.210333][T31860] EXT4-fs (loop1): 1 orphan inode deleted
[ 1452.215909][T31860] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1452.224922][T31860] ext4 filesystem being mounted at /root/syzkaller.VC2hgH/9/file1 supports timestamps until 2038 (0x7fffffff)
[ 1452.244480][T31860] EXT4-fs error (device loop1): ext4_ext_remove_space:2866: inode #16: comm syz.1.9658: path[1].p_hdr == NULL
[ 1452.256234][T31860] EXT4-fs (loop1): Remounting filesystem read-only
[ 1452.262832][T31860] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1452.272375][T31860] EXT4-fs error (device loop1): ext4_punch_hole:4142: inode #16: comm syz.1.9658: mark_inode_dirty error
[ 1452.288309][T31718] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1452.305058][T31718] EXT4-fs (loop1): unmounting filesystem.
[ 1452.775252][T31868] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1452.782716][T31868] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1452.790595][T31868] device bridge_slave_0 entered promiscuous mode
[ 1452.791862][T31882] loop4: detected capacity change from 0 to 128
[ 1452.797519][T31868] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1452.810270][T31868] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1452.817566][T31868] device bridge_slave_1 entered promiscuous mode
[ 1452.914318][T31868] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1452.921212][T31868] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1452.928295][T31868] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1452.935496][T31868] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1452.962217][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1452.969746][T15060] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1452.976945][T15060] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1452.988492][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1452.996575][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1453.003455][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1453.012358][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1453.024734][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1453.031623][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1453.045644][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1453.064419][   T28] audit: type=1326 audit(1719726291.780:638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31887 comm="syz.3.9668" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80e8f75b99 code=0x0
[ 1453.064886][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1453.126428][T31868] device veth0_vlan entered promiscuous mode
[ 1453.139832][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1453.158272][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1453.166126][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1453.178230][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1453.224720][T31868] device veth1_macvtap entered promiscuous mode
[ 1453.235882][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1453.257699][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1453.261151][T31896] loop0: detected capacity change from 0 to 128
[ 1453.270438][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1453.290511][T18522] device bridge_slave_1 left promiscuous mode
[ 1453.300008][T18522] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1453.323391][T18522] device bridge_slave_0 left promiscuous mode
[ 1453.333728][T18522] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1453.351002][T18522] device veth1_macvtap left promiscuous mode
[ 1453.362248][T18522] device veth0_vlan left promiscuous mode
[ 1453.633985][   T28] audit: type=1326 audit(1719726292.350:639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31898 comm="syz.1.9662" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1453.874744][T31908] hub 6-0:1.0: USB hub found
[ 1453.889601][T31908] hub 6-0:1.0: 1 port detected
[ 1454.140448][T31918] netlink: 104 bytes leftover after parsing attributes in process `syz.4.9675'.
[ 1454.175237][   T28] audit: type=1326 audit(1719726292.830:640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31909 comm="syz.3.9673" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f80e8f75b99 code=0x0
[ 1454.960088][T31924] loop3: detected capacity change from 0 to 512
[ 1455.006124][T31925] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1455.017538][T31935] loop1: detected capacity change from 0 to 256
[ 1455.025981][T31935] FAT-fs (loop1): Unrecognized mount option "shorgname=win95" or missing value
[ 1455.038812][T31924] EXT4-fs (loop3): 1 orphan inode deleted
[ 1455.044491][T31924] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1455.062717][T31924] ext4 filesystem being mounted at /root/syzkaller.yeN0XM/39/file1 supports timestamps until 2038 (0x7fffffff)
[ 1455.177408][T31924] EXT4-fs error (device loop3): ext4_ext_remove_space:2866: inode #16: comm syz.3.9678: path[1].p_hdr == NULL
[ 1455.190475][T31924] EXT4-fs (loop3): Remounting filesystem read-only
[ 1455.196921][T31924] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1455.260445][T31924] EXT4-fs error (device loop3): ext4_punch_hole:4142: inode #16: comm syz.3.9678: mark_inode_dirty error
[ 1455.290419][T31358] EXT4-fs error (device loop3): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1455.321798][T31358] EXT4-fs (loop3): unmounting filesystem.
[ 1455.361160][T31942] hub 6-0:1.0: USB hub found
[ 1455.365719][T31942] hub 6-0:1.0: 1 port detected
[ 1455.424071][T31945] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1455.505070][   T28] audit: type=1326 audit(1719726294.220:641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31943 comm="syz.2.9684" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1455.601525][T31952] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9687'.
[ 1456.162888][T31959] netlink: 'syz.4.9688': attribute type 4 has an invalid length.
[ 1456.184149][T31960] netlink: 'syz.4.9688': attribute type 4 has an invalid length.
[ 1456.357117][T31958] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1456.372034][T31958] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1456.400932][T31958] device bridge_slave_0 entered promiscuous mode
[ 1456.403435][T31972] loop2: detected capacity change from 0 to 256
[ 1456.411602][T31973] loop0: detected capacity change from 0 to 512
[ 1456.420629][  T731] device bridge_slave_1 left promiscuous mode
[ 1456.426790][  T731] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1456.443187][  T731] device bridge_slave_0 left promiscuous mode
[ 1456.449674][  T731] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1456.460238][  T731] device veth1_macvtap left promiscuous mode
[ 1456.466499][  T731] device veth0_vlan left promiscuous mode
[ 1456.474221][   T28] audit: type=1326 audit(1719726295.200:642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=31964 comm="syz.1.9689" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1456.476240][T31972] FAT-fs (loop2): Unrecognized mount option "shorgname=win95" or missing value
[ 1456.605237][T31973] EXT4-fs (loop0): 1 orphan inode deleted
[ 1456.642913][T31973] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1456.704612][T31973] ext4 filesystem being mounted at /root/syzkaller.Z7Kb1a/8/file1 supports timestamps until 2038 (0x7fffffff)
[ 1456.742527][T31973] EXT4-fs error (device loop0): ext4_ext_remove_space:2866: inode #16: comm syz.0.9692: path[1].p_hdr == NULL
[ 1456.754328][T31973] EXT4-fs (loop0): Remounting filesystem read-only
[ 1456.777365][T31973] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1456.798962][T31973] EXT4-fs error (device loop0): ext4_punch_hole:4142: inode #16: comm syz.0.9692: mark_inode_dirty error
[ 1456.819043][T31760] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1456.835034][T31984] hub 6-0:1.0: USB hub found
[ 1456.840284][T31984] hub 6-0:1.0: 1 port detected
[ 1456.845971][T31760] EXT4-fs (loop0): unmounting filesystem.
[ 1456.867188][T31958] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1456.874159][T31958] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1456.882402][T31958] device bridge_slave_1 entered promiscuous mode
[ 1456.959978][T31993] netlink: 104 bytes leftover after parsing attributes in process `syz.4.9698'.
[ 1457.156415][T31995] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1457.336023][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1457.400158][T32000] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9702'.
[ 1457.653581][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1457.669446][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1457.677664][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1457.685727][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1457.692590][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1457.719400][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1457.727614][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1457.738725][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1457.745579][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1457.778755][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1457.787017][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1457.796078][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1457.803615][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1457.812488][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1457.821790][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1457.834572][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1457.972557][T31958] device veth0_vlan entered promiscuous mode
[ 1458.028014][   T28] audit: type=1326 audit(1719726296.670:643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32002 comm="syz.4.9703" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1458.152779][T32009] loop2: detected capacity change from 0 to 256
[ 1458.160028][T32009] FAT-fs (loop2): Unrecognized mount option "shorgname=win95" or missing value
[ 1458.174130][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1458.191989][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1458.200159][T32014] loop1: detected capacity change from 0 to 128
[ 1458.208400][T31958] device veth1_macvtap entered promiscuous mode
[ 1458.253672][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[ 1458.261975][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1458.270147][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1458.279242][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1458.287394][T15060] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1458.298791][T32001] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1458.305683][T32001] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1458.312990][T32001] device bridge_slave_0 entered promiscuous mode
[ 1458.321399][T32001] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1458.328352][T32001] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1458.335681][T32001] device bridge_slave_1 entered promiscuous mode
[ 1458.458782][T32026] loop3: detected capacity change from 0 to 128
[ 1458.800480][T32027] netlink: 'syz.2.9707': attribute type 4 has an invalid length.
[ 1458.810089][T32028] netlink: 'syz.2.9707': attribute type 4 has an invalid length.
[ 1458.821732][  T731] device bridge_slave_1 left promiscuous mode
[ 1458.827695][  T731] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1458.837220][  T731] device bridge_slave_0 left promiscuous mode
[ 1458.843377][  T731] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1458.851777][  T731] device veth1_macvtap left promiscuous mode
[ 1458.857703][  T731] device veth0_vlan left promiscuous mode
[ 1458.955432][   T28] audit: type=1326 audit(1719726297.670:644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32032 comm="syz.4.9710" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1459.179556][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1459.188337][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1459.210660][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1459.224375][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1459.278365][ T2101] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1459.285258][ T2101] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1459.323140][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1459.375928][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1459.411660][ T2101] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1459.418570][ T2101] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1459.438043][   T28] audit: type=1326 audit(1719726298.080:645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32040 comm="syz.2.9711" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1459.531971][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1459.570418][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1459.594069][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1459.610689][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1459.638160][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1459.654061][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1459.668730][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1459.688699][T32001] device veth0_vlan entered promiscuous mode
[ 1459.702717][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1459.710783][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1459.721897][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1459.730170][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1459.744857][T32001] device veth1_macvtap entered promiscuous mode
[ 1459.760267][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1459.771429][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1459.781659][T32050] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1459.805446][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1459.823008][  T309] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1459.845475][T32052] netlink: 104 bytes leftover after parsing attributes in process `syz.3.9713'.
[ 1459.893864][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1459.909776][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1460.134516][T32058] loop2: detected capacity change from 0 to 256
[ 1460.151409][T32058] FAT-fs (loop2): Unrecognized mount option "shorgname=win95" or missing value
[ 1460.338549][   T28] audit: type=1326 audit(1719726298.990:646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32059 comm="syz.4.9716" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1460.512574][T32070] loop2: detected capacity change from 0 to 512
[ 1460.530609][T32070] EXT4-fs (loop2): 1 orphan inode deleted
[ 1460.537395][T32068] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1460.546152][T32070] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1460.574380][T32070] ext4 filesystem being mounted at /root/syzkaller.7sIkkF/113/file1 supports timestamps until 2038 (0x7fffffff)
[ 1460.610359][T30416] EXT4-fs (loop2): unmounting filesystem.
[ 1460.619416][T32079] loop1: detected capacity change from 0 to 256
[ 1460.629714][T32079] FAT-fs (loop1): Unrecognized mount option "shorgname=win95" or missing value
[ 1460.647544][T32083] loop2: detected capacity change from 0 to 128
[ 1461.080075][T32095] loop0: detected capacity change from 0 to 128
[ 1461.184390][   T28] audit: type=1326 audit(1719726299.900:647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32092 comm="syz.1.9725" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1461.343667][   T28] audit: type=1326 audit(1719726300.010:648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32090 comm="syz.4.9724" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1461.758007][   T28] audit: type=1326 audit(1719726300.400:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32105 comm="syz.3.9727" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa398375b99 code=0x0
[ 1461.786972][T32112] loop2: detected capacity change from 0 to 256
[ 1461.879256][T32112] FAT-fs (loop2): Unrecognized mount option "shorgname=win95" or missing value
[ 1461.992878][T32115] hub 6-0:1.0: USB hub found
[ 1461.997759][T32115] hub 6-0:1.0: 1 port detected
[ 1462.202121][T32122] netlink: 'syz.1.9730': attribute type 4 has an invalid length.
[ 1462.328250][T32125] loop0: detected capacity change from 0 to 512
[ 1462.759971][T32130] hub 6-0:1.0: USB hub found
[ 1462.769280][T32130] hub 6-0:1.0: 1 port detected
[ 1462.785088][T32125] EXT4-fs (loop0): 1 orphan inode deleted
[ 1462.791755][T32125] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1462.804686][T32125] ext4 filesystem being mounted at /root/syzkaller.n48jXL/3/file1 supports timestamps until 2038 (0x7fffffff)
[ 1462.947927][   T28] audit: type=1326 audit(1719726301.630:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32132 comm="syz.2.9735" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbb1bf75b99 code=0x0
[ 1463.127597][T32001] EXT4-fs (loop0): unmounting filesystem.
[ 1463.153384][T32151] hub 6-0:1.0: USB hub found
[ 1463.157983][T32151] hub 6-0:1.0: 1 port detected
[ 1464.806245][T32158] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1465.758178][   T28] audit: type=1326 audit(1719726304.430:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32163 comm="syz.3.9745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa398375b99 code=0x0
[ 1465.921596][   T28] audit: type=1326 audit(1719726304.440:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32152 comm="syz.0.9741" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7f99775b99 code=0x0
[ 1465.939301][T32178] loop2: detected capacity change from 0 to 128
[ 1465.987049][   T28] audit: type=1326 audit(1719726304.440:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32159 comm="syz.1.9742" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1466.018323][T32181] loop3: detected capacity change from 0 to 128
[ 1466.040861][T32186] loop1: detected capacity change from 0 to 512
[ 1466.126584][T32186] EXT4-fs (loop1): 1 orphan inode deleted
[ 1466.132275][T32186] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1466.167961][T32186] ext4 filesystem being mounted at /root/syzkaller.CeqjJU/16/file1 supports timestamps until 2038 (0x7fffffff)
[ 1466.405152][T32188] netlink: 'syz.0.9750': attribute type 4 has an invalid length.
[ 1466.453435][T32192] loop4: detected capacity change from 0 to 256
[ 1466.473410][T31868] EXT4-fs (loop1): unmounting filesystem.
[ 1466.500694][T32192] FAT-fs (loop4): Unrecognized mount option "shorgname=win95" or missing value
[ 1466.635297][T32199] netlink: 104 bytes leftover after parsing attributes in process `syz.1.9753'.
[ 1467.149240][T32214] loop4: detected capacity change from 0 to 128
[ 1467.277940][   T28] audit: type=1326 audit(1719726305.950:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32207 comm="syz.0.9755" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7f99775b99 code=0x0
[ 1467.884516][   T28] audit: type=1326 audit(1719726306.600:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32218 comm="syz.1.9759" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1467.948534][   T28] audit: type=1326 audit(1719726306.600:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32220 comm="syz.3.9760" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa398375b99 code=0x0
[ 1467.954204][T32232] loop2: detected capacity change from 0 to 512
[ 1467.991378][T32232] EXT4-fs (loop2): 1 orphan inode deleted
[ 1467.996932][T32232] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1468.006006][T32232] ext4 filesystem being mounted at /root/syzkaller.7sIkkF/124/file1 supports timestamps until 2038 (0x7fffffff)
[ 1468.031450][T30416] EXT4-fs (loop2): unmounting filesystem.
[ 1468.091847][T32240] netlink: 104 bytes leftover after parsing attributes in process `syz.0.9764'.
[ 1469.318301][T32247] loop1: detected capacity change from 0 to 256
[ 1469.325042][T32247] FAT-fs (loop1): Unrecognized mount option "shorgname=win95" or missing value
[ 1469.367818][T32255] loop0: detected capacity change from 0 to 256
[ 1469.389325][T32255] FAT-fs (loop0): Unrecognized mount option "shorgname=win95" or missing value
[ 1469.423804][  T372] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1469.427057][T32268] loop4: detected capacity change from 0 to 512
[ 1469.514796][T32268] EXT4-fs (loop4): 1 orphan inode deleted
[ 1469.520382][T32268] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1469.529549][T32268] ext4 filesystem being mounted at /root/syzkaller.bvcgxB/54/file1 supports timestamps until 2038 (0x7fffffff)
[ 1469.550224][T31405] EXT4-fs (loop4): unmounting filesystem.
[ 1469.911902][  T389] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[ 1469.927606][T32279] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1470.146793][   T28] audit: type=1326 audit(1719726308.860:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32280 comm="syz.1.9779" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1471.161775][T32289] loop4: detected capacity change from 0 to 128
[ 1472.351616][T32307] netlink: 104 bytes leftover after parsing attributes in process `syz.0.9785'.
[ 1472.408248][   T28] audit: type=1326 audit(1719726310.030:658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32286 comm="syz.3.9780" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa398375b99 code=0x0
[ 1472.663099][T32312] loop0: detected capacity change from 0 to 512
[ 1472.706529][T32312] EXT4-fs (loop0): 1 orphan inode deleted
[ 1472.712238][T32312] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1472.731582][T32312] ext4 filesystem being mounted at /root/syzkaller.n48jXL/14/file1 supports timestamps until 2038 (0x7fffffff)
[ 1472.771192][  T389] usb 3-1: unable to read config index 0 descriptor/all
[ 1472.778750][  T389] usb 3-1: can't read configurations, error -71
[ 1472.799079][T32329] netlink: 104 bytes leftover after parsing attributes in process `syz.2.9789'.
[ 1473.853956][T32001] EXT4-fs (loop0): unmounting filesystem.
[ 1474.104857][   T28] audit: type=1326 audit(1719726312.710:659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32332 comm="syz.1.9793" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6217175b99 code=0x0
[ 1474.264126][T32344] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1474.807217][   T28] audit: type=1326 audit(1719726313.510:660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32350 comm="syz.0.9798" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7f99775b99 code=0x0
[ 1474.915176][T32363] loop2: detected capacity change from 0 to 512
[ 1474.929671][T32363] EXT4-fs (loop2): 1 orphan inode deleted
[ 1474.935333][T32363] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1474.944254][T32363] ext4 filesystem being mounted at /root/syzkaller.7sIkkF/132/file1 supports timestamps until 2038 (0x7fffffff)
[ 1475.001463][T32368] netlink: 104 bytes leftover after parsing attributes in process `syz.4.9800'.
[ 1475.051842][T32363] EXT4-fs error (device loop2): ext4_ext_remove_space:2866: inode #16: comm syz.2.9802: path[1].p_hdr == NULL
[ 1475.065413][T32363] EXT4-fs (loop2): Remounting filesystem read-only
[ 1475.072981][T32363] EXT4-fs error (device loop2): __ext4_get_inode_loc:4497: comm syz.2.9802: Invalid inode table block 0 in block_group 0
[ 1475.087061][T32363] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1475.096555][ T2101] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1475.097747][T32363] EXT4-fs error (device loop2): ext4_punch_hole:4142: inode #16: comm syz.2.9802: mark_inode_dirty error
[ 1475.197296][T30416] EXT4-fs error (device loop2): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1475.214111][T30416] EXT4-fs (loop2): unmounting filesystem.
[ 1475.342513][T32370] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1475.349527][T32370] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1475.356739][T32370] device bridge_slave_0 entered promiscuous mode
[ 1475.364984][T32370] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1475.371896][T32370] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1475.379041][T32370] device bridge_slave_1 entered promiscuous mode
[ 1475.421320][T32370] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1475.428179][T32370] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1475.435242][T32370] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1475.442070][T32370] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1475.462906][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1475.470644][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1475.477720][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1475.489190][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1475.497191][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1475.504069][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1475.527976][ T2101] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1475.538068][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1475.546187][ T2101] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 3
[ 1475.555683][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1475.562561][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1475.570017][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1475.578161][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1475.599175][T32370] device veth0_vlan entered promiscuous mode
[ 1475.610833][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1475.619395][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1475.675124][T32383] loop4: detected capacity change from 0 to 128
[ 1475.771703][T32386] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1476.750949][ T2101] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1476.760427][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1476.767744][ T2101] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1476.790555][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1476.801192][ T2101] usb 2-1: SerialNumber: syz
[ 1476.814196][T32370] device veth1_macvtap entered promiscuous mode
[ 1476.823411][T32395] loop0: detected capacity change from 0 to 512
[ 1476.836242][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1476.879299][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1476.887775][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1476.925079][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1476.950617][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1476.978176][   T28] audit: type=1326 audit(1719726315.620:661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32389 comm="syz.3.9811" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa398375b99 code=0x0
[ 1477.074322][T32395] EXT4-fs (loop0): 1 orphan inode deleted
[ 1477.084379][T32395] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1477.097103][  T358] device bridge_slave_1 left promiscuous mode
[ 1477.120246][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1477.137697][  T358] device bridge_slave_0 left promiscuous mode
[ 1477.144106][T32395] ext4 filesystem being mounted at /root/syzkaller.n48jXL/20/file1 supports timestamps until 2038 (0x7fffffff)
[ 1477.157718][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1477.233283][T32407] netlink: 104 bytes leftover after parsing attributes in process `syz.2.9805'.
[ 1477.297392][  T358] device veth1_macvtap left promiscuous mode
[ 1477.331504][T27899] usb 2-1: USB disconnect, device number 66
[ 1477.351479][  T358] device veth0_vlan left promiscuous mode
[ 1477.416671][T32395] EXT4-fs error (device loop0): ext4_ext_remove_space:2866: inode #16: comm syz.0.9813: path[1].p_hdr == NULL
[ 1477.501408][T32395] EXT4-fs (loop0): Remounting filesystem read-only
[ 1477.540353][T32395] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm syz.0.9813: Invalid inode table block 0 in block_group 0
[ 1477.588519][T32395] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1477.605982][T32395] EXT4-fs error (device loop0): ext4_punch_hole:4142: inode #16: comm syz.0.9813: mark_inode_dirty error
[ 1477.629408][T32001] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1477.664726][T32001] EXT4-fs (loop0): unmounting filesystem.
[ 1477.775675][   T28] audit: type=1326 audit(1719726316.490:662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32412 comm="syz.4.9817" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fabaff75b99 code=0x0
[ 1478.031053][T32425] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1478.038051][T32425] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1478.045322][T32425] device bridge_slave_0 entered promiscuous mode
[ 1478.062327][T32425] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1478.073690][T32425] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1478.184221][T32425] device bridge_slave_1 entered promiscuous mode
[ 1478.342959][T32438] loop1: detected capacity change from 0 to 512
[ 1478.370390][T32438] EXT4-fs (loop1): 1 orphan inode deleted
[ 1478.376013][T32438] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[ 1478.385122][T32438] ext4 filesystem being mounted at /root/syzkaller.CeqjJU/32/file1 supports timestamps until 2038 (0x7fffffff)
[ 1478.407708][T32438] EXT4-fs error (device loop1): ext4_ext_remove_space:2866: inode #16: comm syz.1.9825: path[1].p_hdr == NULL
[ 1478.419458][T32438] EXT4-fs (loop1): Remounting filesystem read-only
[ 1478.425798][T32438] EXT4-fs error (device loop1): __ext4_get_inode_loc:4497: comm syz.1.9825: Invalid inode table block 0 in block_group 0
[ 1478.438666][T32438] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1478.449048][T32438] EXT4-fs error (device loop1): ext4_punch_hole:4142: inode #16: comm syz.1.9825: mark_inode_dirty error
[ 1478.470513][T31868] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1478.476399][T32425] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1478.491274][T32425] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1478.498377][T32425] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1478.505174][T32425] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1478.513328][T31868] EXT4-fs (loop1): unmounting filesystem.
[ 1478.544275][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1478.554297][  T389] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1478.562292][  T389] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1478.573661][T32445] loop4: detected capacity change from 0 to 128
[ 1478.592372][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1478.597483][T32447] loop3: detected capacity change from 0 to 128
[ 1478.600660][  T389] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1478.613244][  T389] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1478.669089][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1478.677030][  T389] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1478.683881][  T389] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1478.708040][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1478.716508][  T389] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1478.739037][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1478.772676][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1478.786093][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1478.838831][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1478.847101][T32425] device veth0_vlan entered promiscuous mode
[ 1478.874544][T32425] device veth1_macvtap entered promiscuous mode
[ 1478.889625][T27899] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1478.898276][  T358] device bridge_slave_1 left promiscuous mode
[ 1478.904214][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1478.912162][  T358] device bridge_slave_0 left promiscuous mode
[ 1478.927947][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1478.935793][  T358] device veth1_macvtap left promiscuous mode
[ 1478.942349][  T358] device veth0_vlan left promiscuous mode
[ 1479.098931][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1479.107186][  T382] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1479.116273][T32456] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1479.266168][T32462] loop0: detected capacity change from 0 to 256
[ 1479.273832][T32462] FAT-fs (loop0): Unrecognized mount option "shorgname=win95" or missing value
[ 1479.291968][T32455] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1479.299066][T32455] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.306432][T32455] device bridge_slave_0 entered promiscuous mode
[ 1479.319031][T32455] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1479.326039][T32455] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.333518][T32455] device bridge_slave_1 entered promiscuous mode
[ 1479.389420][T32455] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1479.396283][T32455] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1479.403386][T32455] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1479.410183][T32455] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1479.456907][T32468] loop0: detected capacity change from 0 to 512
[ 1479.493548][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1479.501810][ T2101] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1479.509972][ T2101] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1479.518356][T32468] EXT4-fs (loop0): 1 orphan inode deleted
[ 1479.524226][T32468] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1479.535415][T32468] ext4 filesystem being mounted at /root/syzkaller.VTOFR6/3/file1 supports timestamps until 2038 (0x7fffffff)
[ 1479.568062][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1479.576489][   T24] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1479.583368][   T24] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1479.593604][   T28] audit: type=1326 audit(1719726318.320:663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32469 comm="syz.3.9837" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa398375b99 code=0x0
[ 1479.617735][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1479.626300][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1479.633184][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1479.656447][T32468] EXT4-fs error (device loop0): ext4_ext_remove_space:2866: inode #16: comm syz.0.9835: path[1].p_hdr == NULL
[ 1479.679762][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1479.687777][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1479.697747][T32468] EXT4-fs (loop0): Remounting filesystem read-only
[ 1479.704368][T32468] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm syz.0.9835: Invalid inode table block 0 in block_group 0
[ 1479.704556][T32468] EXT4-fs error (device loop0) in ext4_reserve_inode_write:5870: Corrupt filesystem
[ 1479.734206][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1479.742728][T32468] EXT4-fs error (device loop0): ext4_punch_hole:4142: inode #16: comm syz.0.9835: mark_inode_dirty error
[ 1479.760803][T32455] device veth0_vlan entered promiscuous mode
[ 1479.777959][T32425] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor: lblock 0 mapped to illegal pblock 3 (length 1)
[ 1479.778097][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1479.800078][T32425] EXT4-fs (loop0): unmounting filesystem.
[ 1479.800569][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1479.812952][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1479.845397][ T2101] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1479.860887][T32455] device veth1_macvtap entered promiscuous mode
[ 1479.904720][   T28] audit: type=1326 audit(1719726318.620:664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=32481 comm="syz.2.9839" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1fe775b99 code=0x0
[ 1479.981872][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1480.033482][T23073] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1480.109682][  T358] device bridge_slave_1 left promiscuous mode
[ 1480.115803][  T358] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1480.127670][  T358] device bridge_slave_0 left promiscuous mode
[ 1480.133784][  T358] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1480.142229][  T358] device veth1_macvtap left promiscuous mode
[ 1480.150772][  T358] device veth0_vlan left promiscuous mode
[ 1480.250557][T32497] loop1: detected capacity change from 0 to 128
[ 1480.326587][T32495] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1480.333679][T32495] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1480.348425][T32495] device bridge_slave_0 entered promiscuous mode
[ 1480.356498][T32495] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1480.363495][T32495] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1480.370937][T32495] device bridge_slave_1 entered promiscuous mode
[ 1480.394908][T32503] loop3: detected capacity change from 0 to 256
[ 1480.402600][T32503] FAT-fs (loop3): Unrecognized mount option "shorgname=win95" or missing value
[ 1480.437494][T32507] loop4: detected capacity change from 0 to 128
[ 1480.476833][  T372] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1480.586691][T32495] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1480.593580][T32495] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1480.600687][T32495] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1480.607697][T32495] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1480.666805][T32512] loop2: detected capacity change from 0 to 512
[ 1480.707674][T21707] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1480.718904][T21707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1480.730707][T32512] EXT4-fs (loop2): 1 orphan inode deleted
[ 1480.736333][T32512] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1480.745272][T32512] ext4 filesystem being mounted at /root/syzkaller.m3mxBJ/4/file1 supports timestamps until 2038 (0x7fffffff)
[ 1480.757009][T21707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1480.826845][T32515] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[ 1480.840005][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1480.850080][T32516] EXT4-fs error (device loop2): ext4_free_blocks:6197: comm syz.2.9849: Freeing blocks not in datazone - block = 20, count = 1
[ 1480.852720][  T984] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1480.869895][  T984] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1480.881082][T32516] EXT4-fs (loop2): Remounting filesystem read-only
[ 1480.888064][T32516] ==================================================================
[ 1480.890882][  T984] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1480.895938][T32516] BUG: KASAN: out-of-bounds in ext4_ext_remove_space+0x1e16/0x4f50
[ 1480.904709][  T984] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1480.911475][T32516] Read of size 18446744073709551604 at addr ffff88813ba1a018 by task syz.2.9849/32516
[ 1480.911496][T32516] 
[ 1480.911503][T32516] CPU: 0 PID: 32516 Comm: syz.2.9849 Not tainted 6.1.78-syzkaller-00050-g76d91af9daec #0
[ 1480.911521][T32516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1480.911532][T32516] Call Trace:
[ 1480.911538][T32516]  <TASK>
[ 1480.911547][T32516]  dump_stack_lvl+0x151/0x1b7
[ 1480.918360][  T984] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1480.927705][T32516]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[ 1480.972251][T32516]  ? _printk+0xd1/0x111
[ 1480.976243][T32516]  ? __virt_addr_valid+0x242/0x2f0
[ 1480.981189][T32516]  print_report+0x158/0x4e0
[ 1480.985527][T32516]  ? __virt_addr_valid+0x242/0x2f0
[ 1480.990476][T32516]  ? kasan_addr_to_slab+0xd/0x80
[ 1480.995249][T32516]  ? ext4_ext_remove_space+0x1e16/0x4f50
[ 1481.000718][T32516]  kasan_report+0x13c/0x170
[ 1481.005058][T32516]  ? ext4_ext_remove_space+0x1e16/0x4f50
[ 1481.010525][T32516]  kasan_check_range+0x294/0x2a0
[ 1481.015299][T32516]  ? ext4_ext_remove_space+0x1e16/0x4f50
[ 1481.020781][T32516]  memmove+0x2d/0x70
[ 1481.024553][T32516]  ext4_ext_remove_space+0x1e16/0x4f50
[ 1481.029792][T32516]  ? kasan_save_alloc_info+0x1f/0x30
[ 1481.034919][T32516]  ? ext4_ext_index_trans_blocks+0x120/0x120
[ 1481.040727][T32516]  ? ext4_es_remove_extent+0x297/0x460
[ 1481.046113][T32516]  ext4_punch_hole+0x794/0xc00
[ 1481.050798][T32516]  ext4_fallocate+0x318/0x1e90
[ 1481.055396][T32516]  ? avc_policy_seqno+0x1b/0x70
[ 1481.060083][T32516]  ? ext4_ext_truncate+0x320/0x320
[ 1481.065028][T32516]  ? fsnotify_perm+0x6a/0x5d0
[ 1481.069552][T32516]  vfs_fallocate+0x492/0x570
[ 1481.074057][T32516]  __x64_sys_fallocate+0xc0/0x110
[ 1481.078918][T32516]  do_syscall_64+0x3d/0xb0
[ 1481.083175][T32516]  entry_SYSCALL_64_after_hwframe+0x63/0xcd
[ 1481.088899][T32516] RIP: 0033:0x7fe1fe775b99
[ 1481.093189][T32516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1481.112616][T32516] RSP: 002b:00007fe1ff497048 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[ 1481.120923][T32516] RAX: ffffffffffffffda RBX: 00007fe1fe904078 RCX: 00007fe1fe775b99
[ 1481.128735][T32516] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 0000000000000004
[ 1481.136547][T32516] RBP: 00007fe1fe7f677e R08: 0000000000000000 R09: 0000000000000000
[ 1481.144359][T32516] R10: 0000000000001a00 R11: 0000000000000246 R12: 0000000000000000
[ 1481.152175][T32516] R13: 000000000000006e R14: 00007fe1fe904078 R15: 00007ffd1f474fd8
[ 1481.159986][T32516]  </TASK>
[ 1481.162845][T32516] 
[ 1481.165021][T32516] The buggy address belongs to the physical page:
[ 1481.171268][T32516] page:ffffea0004ee8680 refcount:2 mapcount:0 mapping:ffff88810b811c50 index:0x3f pfn:0x13ba1a
[ 1481.181419][T32516] memcg:ffff88810fc3c000
[ 1481.185500][T32516] aops:def_blk_aops ino:700002
[ 1481.190098][T32516] flags: 0x5600000000002056(referenced|uptodate|lru|workingset|private|zone=1)
[ 1481.198874][T32516] raw: 5600000000002056 ffffea0004f35d08 ffffea000446cd08 ffff88810b811c50
[ 1481.207292][T32516] raw: 000000000000003f ffff88812af0f498 00000002ffffffff ffff88810fc3c000
[ 1481.215709][T32516] page dumped because: kasan: bad access detected
[ 1481.221959][T32516] page_owner tracks the page as allocated
[ 1481.227591][T32516] page last allocated via order 0, migratetype Movable, gfp_mask 0x148c48(GFP_NOFS|__GFP_NOFAIL|__GFP_COMP|__GFP_HARDWALL|__GFP_MOVABLE), pid 32512, tgid 32511 (syz.2.9849), ts 1480787762391, free_ts 1480636234503
[ 1481.248078][T32516]  post_alloc_hook+0x213/0x220
[ 1481.252677][T32516]  prep_new_page+0x1b/0x110
[ 1481.257015][T32516]  get_page_from_freelist+0x27ea/0x2870
[ 1481.262406][T32516]  __alloc_pages+0x3a1/0x780
[ 1481.266823][T32516]  __folio_alloc+0x15/0x40
[ 1481.271077][T32516]  __filemap_get_folio+0x827/0xae0
[ 1481.276025][T32516]  pagecache_get_page+0x2f/0x110
[ 1481.280797][T32516]  __getblk_gfp+0x205/0x7d0
[ 1481.285136][T32516]  ext4_ext_insert_extent+0xfd2/0x4e00
[ 1481.290455][T32516]  ext4_split_extent_at+0x863/0x11f0
[ 1481.295560][T32516]  ext4_split_extent+0x1bd/0x4e0
[ 1481.300328][T32516]  ext4_ext_map_blocks+0x211e/0x71e0
[ 1481.305454][T32516]  ext4_map_blocks+0xa36/0x1ca0
[ 1481.310132][T32516]  ext4_writepages+0x17b5/0x3fd0
[ 1481.314907][T32516]  do_writepages+0x385/0x620
[ 1481.319339][T32516]  filemap_fdatawrite_wbc+0x153/0x1b0
[ 1481.324542][T32516] page last free stack trace:
[ 1481.329053][T32516]  free_unref_page_prepare+0x83d/0x850
[ 1481.334347][T32516]  free_unref_page_list+0xf1/0x7b0
[ 1481.339294][T32516]  release_pages+0xf7f/0xfe0
[ 1481.343720][T32516]  free_pages_and_swap_cache+0x8a/0xa0
[ 1481.349017][T32516]  tlb_flush_mmu+0xfe/0x1d0
[ 1481.353355][T32516]  unmap_page_range+0x219d/0x2480
[ 1481.358215][T32516]  unmap_vmas+0x4e4/0x660
[ 1481.362387][T32516]  exit_mmap+0x2d1/0x940
[ 1481.366462][T32516]  __mmput+0x95/0x310
[ 1481.370281][T32516]  mmput+0x56/0x170
[ 1481.373930][T32516]  do_exit+0xb29/0x2b80
[ 1481.378006][T32516]  do_group_exit+0x21a/0x2d0
[ 1481.382430][T32516]  get_signal+0x169d/0x1820
[ 1481.386771][T32516]  arch_do_signal_or_restart+0xb0/0x16f0
[ 1481.392247][T32516]  exit_to_user_mode_loop+0x74/0xa0
[ 1481.397272][T32516]  exit_to_user_mode_prepare+0x5a/0xa0
[ 1481.402568][T32516] 
[ 1481.404738][T32516] Memory state around the buggy address:
[ 1481.410332][T32516]  ffff88813ba19f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1481.418195][T32516]  ffff88813ba19f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
SYZFAIL: failed to recv rpc
fd=3 want=4 sent=0 n=0 (errno 9: Bad file descriptor)
[ 1481.426092][T32516] >ffff88813ba1a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1481.433987][T32516]                             ^
[ 1481.438676][T32516]  ffff88813ba1a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1481.446575][T32516]  ffff88813ba1a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[ 1481.454470][T32516] ==================================================================
[ 1481.479279][T32516] Disabling lock debugging due to