last executing test programs:

4.211554031s ago: executing program 3:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDENABIO(r0, 0x4b36)
keyctl$chown(0x4, 0x0, 0xee01, 0x0)

4.199804943s ago: executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f000053b000/0x2000)=nil})
r3 = dup(r2)
clock_gettime(0x0, &(0x7f0000000180))
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)={0x0, 0x0, 0x0, {0x0, 0xea60}, {}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "fe8bb69bb90dbdbf"}}, 0x48}}, 0x2)
keyctl$instantiate_iov(0x14, 0x0, &(0x7f00000035c0)=[{&(0x7f0000000100)="ebb20639123fa20bb54bd839febb49f9b1b8768d110d169571a56f30a6c4185dbca4266903fbe389dc33005b6cb3c947df31", 0x32}], 0x1, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040))
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.09119328s ago: executing program 1:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDENABIO(r0, 0x4b36)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
rt_sigaction(0x4, 0x0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000340))

4.08880806s ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x80ffffff}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.083772451s ago: executing program 1:
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000003280)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x1, 0x8, 0x8, 0x0, 0x1}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000080), &(0x7f0000000200)='%-010d \x00'}, 0x20)
sendmsg$tipc(r1, &(0x7f0000000e40)={0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(r1, &(0x7f0000000f80)={0x0, 0x0, &(0x7f0000000f40)=[{&(0x7f00000042c0)}], 0x1}, 0x0)
sendmsg$tipc(r1, &(0x7f0000002700)={0x0, 0x0, 0x0}, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x21, &(0x7f0000000040), 0x4)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
recvmsg(r0, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000600)=""/203, 0xcb}], 0x1}, 0x0)

3.399298318s ago: executing program 2:
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r0, &(0x7f0000000100)=""/62, 0x3e)
getdents(r0, 0xfffffffffffffffd, 0x58)

3.39065919s ago: executing program 2:
setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x2a, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000001600)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaa0086dd600000"], 0x0)

3.380215151s ago: executing program 4:
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socket$inet6(0xa, 0x200000000003, 0x87)
syz_emit_ethernet(0x62, &(0x7f0000000300)={@local, @multicast, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, '\x00\x00\b', 0x28, 0x2b, 0x0, @private2, @local, {[@hopopts={0x87}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@loopback]}], {0x0, 0x0, 0x8}}}}}}, 0x0)

3.379883071s ago: executing program 2:
unshare(0x22020400)
pipe(&(0x7f0000000340)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
vmsplice(r0, &(0x7f0000000300)=[{&(0x7f0000000080)="a1", 0x1}], 0x1, 0x0)

3.360405944s ago: executing program 4:
mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')

3.346693417s ago: executing program 2:
r0 = openat(0xffffffffffffff9c, &(0x7f00000006c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40087602, 0x0)

3.296113735s ago: executing program 2:
unshare(0x2a020400)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

3.293553435s ago: executing program 4:
timer_create(0x0, &(0x7f0000000440)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
timer_create(0x0, &(0x7f0000000000), &(0x7f0000000200))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x1c)
timer_create(0x2, &(0x7f0000000040)={0x0, 0x34, 0x2, @tid=0xffffffffffffffff}, &(0x7f00000000c0))
syz_mount_image$fuse(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, 0x0, 0x8100077b)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x0)
getdents64(r2, &(0x7f0000000140)=""/62, 0x3e)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='status\x00')
sendfile(r0, r3, 0x0, 0x100000001)
mlockall(0x1)
syz_emit_ethernet(0x46, &(0x7f0000000180)={@broadcast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "ddd006", 0x10, 0x3a, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast2, {[], @ndisc_ra}}}}}, 0x0)
timer_create(0x0, 0x0, &(0x7f0000000100))
timer_create(0x0, &(0x7f0000000200)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff})
write$binfmt_misc(r5, &(0x7f00000004c0)=ANY=[], 0xfffffcdd)

3.272448148s ago: executing program 2:
r0 = syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000300)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x84}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@lazytime}, {@jqfmt_vfsold}, {@usrquota}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0x8, &(0x7f0000002a40)=ANY=[@ANYBLOB="620af8ff0c208021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22424c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9dffd6fa5043aa3926b81e3b59c95c253573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff90326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec22712366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0f34d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959ffc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b9ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd2800f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b4d163fc752a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726612111b40e761fd21081920386f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11815c59c0a09ff04f4a14f5f21035db21bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccde826d2780940a4aca891cea592b0430a537a395dc73bdaa5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf974fcf36cbf6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd574d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad66507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d0104361c37c61a43b5afd865b60d4cae891b73220f17d25979a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fca7978abf1366b3c7bb782ec0900cec1f434d09d1ee4928aafe23de66fed972e0dddfb39e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b88da8c26385e5a2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd4e9fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4faa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a2689217380400a9f3cb3811ac87c54c8ebc8bc7b4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c1470608c7a6e10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000020bd79e41c682139c58ac1deb039a691ad640e12c12fe11d70fe495906f2d5d71778acbd4eee32e0996cb0de84bd2b059d60c0f96a53ea44e0b293865aa68df494f87db976e36ad6c06912244d4c883c4aaa60b4a1392ce0b2f2c519663b4652ff871e0f6dfff9f7d34ecf04be0a58c3d53174b67d1886e34b81ad8c60da56acc64739c3acab24aa8d0ac92d465074f915608b1b60a948bad401b1a7fb4927bbe6c45123ed44bfdf8cc143bd1b7a663dc3d0476b8e39becffc429e41f66b1e"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
creat(&(0x7f0000000340)='./file0\x00', 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000010000400000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r3, 0x29, 0x45, 0x0, &(0x7f0000000040))
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mkdir(&(0x7f0000000380)='./file0\x00', 0x0)
mkdir(0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001940)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da97e22f4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ad0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bff3b89c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c2ed01faa7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497dad64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6fba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd2310801570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb414c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085ab73e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a000000000000000000000000000000000000000000000000000000a0cc2b89ce1525748ce167cbabb881f060599a6a59f645edca1d5c24b2f6b8c997a8f3e1b7679984a566d98d4d31198ee4c5ea7be0d99cf89bba4a6fd0bec12e7792bec3c5038e13b1982f80cdecd07f8908a983a7c9fb81c2ba7f7e87c991f30e50d1b3bbe4cf2a2f5d4571b6568ada51bc121c9139d2a8e0638c84066b1759081802", @ANYRES64=r0, @ANYRES8=r3], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000700), 0x2, 0x0)
prctl$PR_CAP_AMBIENT(0x2f, 0x0, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000100)={'syz1\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], [0x0, 0x0, 0x10001], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1b7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_DEV_SETUP(r5, 0x5501, 0x0)
readv(r5, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
write$input_event(r5, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000002000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
ftruncate(0xffffffffffffffff, 0x7fff)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r7, 0x400455c8, 0x40000000004)
ioctl$TIOCSTI(r7, 0x5412, &(0x7f0000000180)=0x33)

3.213201507s ago: executing program 3:
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/netfilter\x00')
fchdir(r0)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x105042, 0x0)

3.207009939s ago: executing program 1:
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$tipc(0x1e, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfed7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x3ffffffffffffda, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mount$incfs(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000340), 0x0, 0x0)

3.168371614s ago: executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
dup3(r1, r0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r2, @ANYBLOB], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
sched_setscheduler(0x0, 0x2, 0x0)
ptrace$ARCH_GET_UNTAG_MASK(0x1e, 0x0, 0x0, 0x4001)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=@newtaction={0x488, 0x30, 0x1, 0x0, 0x0, {0x7a}, [{0x474, 0x1, [@m_police={0x470, 0x1, 0x0, 0x0, {{0xb}, {0x444, 0x2, 0x0, 0x1, [[@TCA_POLICE_RATE={0x404, 0x2, [0x0, 0x0, 0x1]}], [@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x4, 0x0, 0x0, 0x0, 0x0, 0xba5}}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x488}}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

3.045250143s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff})
close(r5)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r5)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)

1.959912743s ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x0, 0x8, 0x1}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

1.936632087s ago: executing program 0:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7040000000000008500000057"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
quotactl$Q_QUOTAON(0x0, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f00000006c0)='./file0\x00')

1.910481821s ago: executing program 0:
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000188500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$SNDRV_TIMER_IOCTL_START(0xffffffffffffffff, 0x54a0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000100), 0x1001)
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, &(0x7f0000000040)={0x4000, &(0x7f0000000000), 0x0, 0xffffffffffffffff, 0x3})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fstat(0xffffffffffffffff, 0x0)
brk(0x55555ede6001)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x10}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x8}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000021f5ff00000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000001000000b7040000000000008500000033000000850000000800000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.752891736s ago: executing program 1:
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xc, 0x4, 0x8}, 0x48)
timer_create(0x0, &(0x7f00000012c0)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000080))
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r2 = gettid()
tkill(r2, 0x14)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000500)={0xffffffffffffffff, 0x20, &(0x7f00000004c0)={&(0x7f0000000580)=""/250, 0xfa, <r3=>0x0, &(0x7f0000000300)=""/125, 0x7d}}, 0x10)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000680)={@dev, @local}, &(0x7f00000006c0)=0xc)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)={0x15, 0x65, 0xffff, 0x0, 0x8, '9P2000.u'}, 0x15)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000000500)=ANY=[], 0x1, 0x2b6, &(0x7f00000000c0)="$eJzs3UFrY1UUAODz0jSNukgRN4qLB7pwVaZu3bTKCGJXSgR1ocXpgCRhIIWAI5iZ1fwCl/4Pf4IbN/4Dwa3gri6qV17ee01iX9PS1hT1+1an995z73nvQrrKyeevjgYPHmXx9OTn6HazaO3FXvyZxXa0ovYk2nFe0xgA8G/we0rxW7pOZrt1+9UAAOtQ/v8v3XUtAMB6fPjxJ+/vHxzc/yDPu/Fy79mkn0XE6NmkX87vP4wvYxhHcS96cRqRzpTxu+8d3I92XtiO10fTSb/IHH32Y7X//q8Rs/zd6MV2c/5uXlrIn076m/F85LH/cLMutRcvNee/2ZAf/U688dpC/TvRi5++iEcxjAdR5M7zv9nN83fStydff1ocU+RnrehvzdbNpY113gsAAAAAAAAAAAAAAAAAAAAAAP9tO3mele17Zv17iqGq/87G6Wx+J69tL/fnKfOzeqOyP1CKqkXPNMV3dX+de3mep2rhPL8dr7T9iAAAAAAAAAAAAAAAAAAAAAAUjr96PDgcDo/GtxLU3QDqr/Vfd5+9+cjWUrkNi7euftZit4Gi1pWLo92O1RuepNLlz9WqD21e89zFUzcItuaX+1GUQX0xN9o5/e2Fv/h2+ffjwWFeralf8uAwu+ysbr3P94tTnbjpS0izCk/T8p12z0pdzurc0pvvvNA49UdK6Wr7vPVLeUfVSDZrsXG10zeroPEBi6B7/i5+uHjDCz8yNq75UQMAAAAAAAAAAAAAAAAAAFyi/K7vk6PxccPk05WprX+sKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYs/L3/4dH47OgGxHLI+eCaZW8ak0VdGJ8fMePCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/AXwEAAP//wZJM4A==")
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='net/fib_trie\x00')
read$FUSE(r5, &(0x7f00000082c0)={0x2020}, 0x2020)
read$FUSE(r5, &(0x7f000000a300)={0x2020}, 0x204c)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc028aa05, 0x0)
preadv2(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)=""/185, 0xb9}], 0x1, 0x0, 0x0, 0x0)
read$FUSE(r5, &(0x7f0000012400)={0x2020}, 0x2006)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, &(0x7f0000000700)=ANY=[@ANYRES16=0x0, @ANYRESDEC=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb2}, 0x90)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000540)=ANY=[@ANYBLOB="1201000074020440fd07010099480102030109021b0001000000000904000001c5b3e30009050b"], 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000180)={'tunl0\x00', &(0x7f0000000280)={'gretap0\x00', <r8=>0x0, 0x40, 0x20, 0x776, 0x100, {{0xd, 0x4, 0x3, 0x1, 0x34, 0x66, 0x0, 0xca, 0x2f, 0x0, @broadcast, @remote, {[@ssrr={0x89, 0x7, 0xb4, [@empty]}, @ssrr={0x89, 0x7, 0xfd, [@dev={0xac, 0x14, 0x14, 0x18}]}, @ssrr={0x89, 0x7, 0x2c, [@rand_addr=0x64010102]}, @timestamp={0x44, 0x8, 0xf0, 0x0, 0x4, [0x0]}]}}}}})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000200)={@dev={0xfe, 0x80, '\x00', 0x1b}, 0x67, r8})
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='kfree\x00'}, 0x10)

1.460565721s ago: executing program 3:
syz_usb_connect(0x0, 0x24, &(0x7f0000001440)={{0x12, 0x1, 0x0, 0xab, 0xd1, 0xa0, 0x40, 0x77b, 0x2226, 0xca8b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x3a, 0x92, 0xf8}}]}}]}}, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000200), &(0x7f0000000280)=r2}, 0x20)
sched_setscheduler(0x0, 0x0, &(0x7f0000000080))
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, 0x0)

1.02305394s ago: executing program 0:
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$key(0xf, 0x3, 0x2)
ioctl$KVM_CREATE_PIT2(0xffffffffffffffff, 0x4040ae77, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)

897.69655ms ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
getpid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
dup(0xffffffffffffffff)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)

871.106943ms ago: executing program 1:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x80ffffff}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

852.957787ms ago: executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f00000004c0)='net/netfilter\x00')
fchdir(r0)
capset(&(0x7f0000000200)={0x19980330}, &(0x7f0000000040))
openat(0xffffffffffffff9c, &(0x7f00000003c0)='./file1\x00', 0x105042, 0x0)

791.292936ms ago: executing program 4:
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$inet6(0xa, 0x0, 0x87)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0x1}, 0x4)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f00000000c0)={'tunl0\x00', &(0x7f0000000480)={'gre0\x00', <r0=>0x0, 0x0, 0x0, 0x0, 0x40, {{0x19, 0x4, 0x1, 0x0, 0x64, 0x0, 0x0, 0x3b, 0x2f, 0x0, @broadcast, @local, {[@noop, @timestamp_prespec={0x44, 0x3c, 0xc4, 0x3, 0x0, [{@rand_addr=0x64010102, 0x2}, {@multicast1, 0x5e4c3ac7}, {@broadcast, 0xfffffffb}, {@dev={0xac, 0x14, 0x14, 0x43}, 0x7}, {@local, 0x6}, {@remote, 0xfff}, {@loopback, 0xfb9}]}, @timestamp={0x44, 0x4}, @ra={0x94, 0x4}, @noop, @cipso={0x86, 0x9, 0xffffffffffffffff, [{0x0, 0x3, "e1"}]}]}}}}})
r1 = openat$full(0xffffffffffffff9c, &(0x7f00000001c0), 0x44600, 0x0)
r2 = bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x5)
write$char_usb(r3, &(0x7f00000007c0)="7f2d2e62a15dcda0b71cd71608b18a383612d3c89fa5aaf072161c138953950562bb91bade98b78d872de98bdb8eb00ba64d400d6e08588f6346f2c8af81c4b701e490d91428e52df9e5404a5dd0541d7a7642ab322528aa2c7d32e2474f2fcc5afe9ca579b65914f0468a314f39a3be9114a38033ff8dacf8f8b671e60a", 0x7e)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{0x1}, &(0x7f0000000600), &(0x7f0000000640)}, 0x20)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000700)=@bpf_tracing={0x1a, 0x9, &(0x7f0000000140)=@framed={{0x18, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x80000001}, [@alu={0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffa}, @ringbuf_query, @generic={0x0, 0x1}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0xfb, &(0x7f0000000380)=""/251, 0x41000, 0x46, '\x00', r0, 0x0, r1, 0x8, &(0x7f00000002c0)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000300)={0x0, 0x6, 0x8, 0x20}, 0x10, 0x2ff4, r2, 0x0, &(0x7f00000006c0)}, 0x90)
syz_emit_ethernet(0x3e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff080047000030000000000006907800000000e00000018608ffffffff0002"], 0x0)
r4 = syz_usb_connect(0x0, 0x41, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000e518a708ac0501859d200000690109022f00010000000009040000000e0100"], 0x0)
syz_usb_disconnect(r4)

28.198965ms ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, 0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000"], 0x0}, 0x90)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000), 0xc)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000000))

0s ago: executing program 0:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000107000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000002300007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x7a)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff})
close(r5)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
close(r5)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000000)={0xffffffffffffffff, 0xe0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdb4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe15, 0x5, 0x0, 0x0, 0x0, 0x0, 0x8, 0xffffffffffffff4b, 0x0}}, 0x10)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000c80)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r7, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)

kernel console output (not intermixed with test programs):

 link becomes ready
[   84.257740][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   84.266474][ T1238] device veth0_vlan entered promiscuous mode
[   84.276250][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   84.283837][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   84.296599][ T1238] device veth1_macvtap entered promiscuous mode
[   84.303470][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   84.313128][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   84.325885][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   84.348640][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   84.358872][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   84.367302][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   84.376160][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   84.865824][ T1272] EXT4-fs (loop4): Quota format mount options ignored when QUOTA feature is enabled
[   84.893995][ T1272] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue
[   84.927595][ T1272] input: syz1 as /devices/virtual/input/input10
[   84.974124][  T986] ------------[ cut here ]------------
[   84.979550][  T986] WARNING: CPU: 1 PID: 986 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   84.988662][  T986] Modules linked in:
[   84.992601][  T986] CPU: 1 PID: 986 Comm: syz-executor.3 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   84.992608][  T986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   84.992625][  T986] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   84.992635][  T986] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   84.992641][  T986] RSP: 0018:ffffc90000c47b88 EFLAGS: 00010293
[   84.992652][  T986] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881170ea780
[   84.992657][  T986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   84.992663][  T986] RBP: ffffc90000c47bd0 R08: ffffffff8206dfa1 R09: ffffed1023949175
[   84.992669][  T986] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811014b690
[   84.992676][  T986] R13: 1ffff110220296d2 R14: ffff88811ca48b00 R15: dffffc0000000000
[   84.992685][  T986] FS:  0000555555deb480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   84.992692][  T986] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.992698][  T986] CR2: 0000555555df4818 CR3: 0000000119079000 CR4: 00000000003506a0
[   84.992708][  T986] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.992714][  T986] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.992717][  T986] Call Trace:
[   84.992729][  T986]  ? show_regs+0x58/0x60
[   84.992740][  T986]  ? __warn+0x160/0x2f0
[   84.992749][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.992760][  T986]  ? report_bug+0x3d9/0x5b0
[   84.992769][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.992780][  T986]  ? handle_bug+0x41/0x70
[   84.992788][  T986]  ? exc_invalid_op+0x1b/0x50
[   84.992799][  T986]  ? asm_exc_invalid_op+0x12/0x20
[   84.992808][  T986]  ? ovl_dir_modified+0x201/0x3e0
[   84.992816][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.992825][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.992833][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.992939][  T986]  ovl_do_remove+0x656/0xc90
[   84.992951][  T986]  ? ovl_set_redirect+0x630/0x630
[   84.992959][  T986]  ? down_write+0xd7/0x150
[   84.992971][  T986]  ? selinux_inode_rmdir+0x22/0x30
[   84.992979][  T986]  ovl_rmdir+0x1a/0x20
[   84.992989][  T986]  vfs_rmdir+0x2b7/0x3f0
[   84.992997][  T986]  incfs_kill_sb+0x108/0x220
[   84.993006][  T986]  deactivate_locked_super+0xad/0x110
[   84.993015][  T986]  deactivate_super+0xbe/0xf0
[   84.993025][  T986]  cleanup_mnt+0x45c/0x510
[   84.993034][  T986]  __cleanup_mnt+0x19/0x20
[   84.993043][  T986]  task_work_run+0x129/0x190
[   84.993053][  T986]  exit_to_user_mode_loop+0xbf/0xd0
[   84.993062][  T986]  syscall_exit_to_user_mode+0xa2/0x1a0
[   84.993071][  T986]  do_syscall_64+0x40/0x70
[   84.993080][  T986]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   84.993088][  T986] RIP: 0033:0x7fb376cc7257
[   84.993096][  T986] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   84.993102][  T986] RSP: 002b:00007ffe54149b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   84.993113][  T986] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fb376cc7257
[   84.993119][  T986] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe54149c40
[   84.993125][  T986] RBP: 00007ffe54149c40 R08: 0000000000000000 R09: 0000000000000000
[   84.993131][  T986] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5414acf0
[   84.993137][  T986] R13: 00007fb376d226c6 R14: 0000000000014881 R15: 0000000000000018
[   84.993145][  T986] ---[ end trace aab53bae897603a2 ]---
[   84.993517][  T986] ------------[ cut here ]------------
[   84.993567][  T986] WARNING: CPU: 1 PID: 986 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   84.993570][  T986] Modules linked in:
[   84.993585][  T986] CPU: 1 PID: 986 Comm: syz-executor.3 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   84.993591][  T986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   84.993601][  T986] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   84.993610][  T986] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   84.993616][  T986] RSP: 0018:ffffc90000c47b88 EFLAGS: 00010293
[   84.993624][  T986] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881170ea780
[   84.993631][  T986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   84.993637][  T986] RBP: ffffc90000c47bd0 R08: ffffffff8206dfa1 R09: ffffed1023949175
[   84.993644][  T986] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811014b690
[   84.993652][  T986] R13: 1ffff110220296d2 R14: ffff88811ca48b00 R15: dffffc0000000000
[   84.993661][  T986] FS:  0000555555deb480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   84.993669][  T986] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   84.993677][  T986] CR2: 0000555555df4818 CR3: 0000000119079000 CR4: 00000000003506a0
[   84.993687][  T986] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   84.993693][  T986] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   84.993696][  T986] Call Trace:
[   84.993708][  T986]  ? show_regs+0x58/0x60
[   84.993717][  T986]  ? __warn+0x160/0x2f0
[   84.993726][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.993736][  T986]  ? report_bug+0x3d9/0x5b0
[   84.993745][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.993755][  T986]  ? handle_bug+0x41/0x70
[   84.993763][  T986]  ? exc_invalid_op+0x1b/0x50
[   84.993774][  T986]  ? asm_exc_invalid_op+0x12/0x20
[   84.993784][  T986]  ? ovl_dir_modified+0x201/0x3e0
[   84.993792][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.993801][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.993810][  T986]  ? ovl_dir_modified+0x2f4/0x3e0
[   84.993820][  T986]  ovl_do_remove+0x656/0xc90
[   84.993832][  T986]  ? ovl_set_redirect+0x630/0x630
[   84.993841][  T986]  ? down_write+0xd7/0x150
[   84.993853][  T986]  ? selinux_inode_rmdir+0x22/0x30
[   84.993862][  T986]  ovl_rmdir+0x1a/0x20
[   84.993872][  T986]  vfs_rmdir+0x2b7/0x3f0
[   84.993881][  T986]  incfs_kill_sb+0x1a2/0x220
[   84.993892][  T986]  deactivate_locked_super+0xad/0x110
[   84.993902][  T986]  deactivate_super+0xbe/0xf0
[   84.993913][  T986]  cleanup_mnt+0x45c/0x510
[   84.993923][  T986]  __cleanup_mnt+0x19/0x20
[   84.993933][  T986]  task_work_run+0x129/0x190
[   84.993944][  T986]  exit_to_user_mode_loop+0xbf/0xd0
[   84.993954][  T986]  syscall_exit_to_user_mode+0xa2/0x1a0
[   84.993961][  T986]  do_syscall_64+0x40/0x70
[   84.993970][  T986]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   84.993976][  T986] RIP: 0033:0x7fb376cc7257
[   84.993984][  T986] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   84.993990][  T986] RSP: 002b:00007ffe54149b88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   84.994000][  T986] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fb376cc7257
[   84.994006][  T986] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe54149c40
[   84.994012][  T986] RBP: 00007ffe54149c40 R08: 0000000000000000 R09: 0000000000000000
[   84.994019][  T986] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe5414acf0
[   84.994026][  T986] R13: 00007fb376d226c6 R14: 0000000000014881 R15: 0000000000000018
[   84.994035][  T986] ---[ end trace aab53bae897603a3 ]---
[   85.208883][ T1277] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.778672][ T1238] ------------[ cut here ]------------
[   85.802075][ T1277] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.809464][ T1238] WARNING: CPU: 0 PID: 1238 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   85.809926][ T1277] device bridge_slave_0 entered promiscuous mode
[   85.818683][ T1238] Modules linked in:
[   85.825872][ T1277] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.835734][ T1238] CPU: 0 PID: 1238 Comm: syz-executor.2 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   85.835740][ T1277] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.836113][ T1277] device bridge_slave_1 entered promiscuous mode
[   85.847472][ T1238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   85.871547][ T1238] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   85.877073][ T1238] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   85.896677][ T1238] RSP: 0018:ffffc90001007b88 EFLAGS: 00010293
[   85.902988][ T1238] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff88810de22780
[   85.911241][ T1238] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   85.919848][ T1238] RBP: ffffc90001007bd0 R08: ffffffff8206dfa1 R09: ffffed10239491e9
[   85.927678][ T1238] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811011bcf0
[   85.966939][ T1238] R13: 1ffff1102202379e R14: ffff88811ca48ea0 R15: dffffc0000000000
[   85.975350][ T1238] FS:  0000555557026480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   85.988289][ T1238] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   85.994747][ T1238] CR2: 0000001b2d122000 CR3: 0000000118b81000 CR4: 00000000003506b0
[   86.003261][ T1238] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   86.011495][ T1238] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   86.019378][ T1238] Call Trace:
[   86.022488][ T1238]  ? show_regs+0x58/0x60
[   86.026569][ T1238]  ? __warn+0x160/0x2f0
[   86.030593][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.035515][ T1238]  ? report_bug+0x3d9/0x5b0
[   86.040094][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.059991][ T1238]  ? handle_bug+0x41/0x70
[   86.064258][ T1238]  ? exc_invalid_op+0x1b/0x50
[   86.066674][ T1277] bridge0: port 2(bridge_slave_1) entered blocking state
[   86.068749][ T1238]  ? asm_exc_invalid_op+0x12/0x20
[   86.068768][ T1238]  ? ovl_dir_modified+0x201/0x3e0
[   86.075722][ T1277] bridge0: port 2(bridge_slave_1) entered forwarding state
[   86.075801][ T1277] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.089177][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.092450][ T1277] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.110681][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.187272][ T1288] input: syz0 as /devices/virtual/input/input11
[   86.299471][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.304850][ T1238]  ovl_do_remove+0x656/0xc90
[   86.318496][ T1238]  ? ovl_set_redirect+0x630/0x630
[   86.323729][ T1066] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.324534][ T1238]  ? down_write+0xd7/0x150
[   86.334964][ T1066] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.335014][ T1238]  ? selinux_inode_rmdir+0x22/0x30
[   86.346763][ T1238]  ovl_rmdir+0x1a/0x20
[   86.350907][ T1238]  vfs_rmdir+0x2b7/0x3f0
[   86.354971][ T1238]  incfs_kill_sb+0x108/0x220
[   86.359437][ T1238]  deactivate_locked_super+0xad/0x110
[   86.364614][ T1238]  deactivate_super+0xbe/0xf0
[   86.369132][ T1238]  cleanup_mnt+0x45c/0x510
[   86.378709][ T1238]  __cleanup_mnt+0x19/0x20
[   86.386153][ T1238]  task_work_run+0x129/0x190
[   86.390629][ T1238]  exit_to_user_mode_loop+0xbf/0xd0
[   86.395974][    T9] device bridge_slave_1 left promiscuous mode
[   86.402041][ T1238]  syscall_exit_to_user_mode+0xa2/0x1a0
[   86.402079][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   86.407387][ T1238]  do_syscall_64+0x40/0x70
[   86.407399][ T1238]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   86.407407][ T1238] RIP: 0033:0x7faf8e0b3257
[   86.407422][ T1238] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   86.448850][    T9] device bridge_slave_0 left promiscuous mode
[   86.449111][ T1238] RSP: 002b:00007fffbe1c9388 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   86.455359][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   86.463035][ T1238] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007faf8e0b3257
[   86.477663][ T1238] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbe1c9440
[   86.485821][ T1238] RBP: 00007fffbe1c9440 R08: 0000000000000000 R09: 0000000000000000
[   86.485852][    T9] device veth1_macvtap left promiscuous mode
[   86.493637][ T1238] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbe1ca4f0
[   86.493651][ T1238] R13: 00007faf8e10e6c6 R14: 00000000000149a2 R15: 0000000000000013
[   86.501033][    T9] device veth0_vlan left promiscuous mode
[   86.507321][ T1238] ---[ end trace aab53bae897603a4 ]---
[   86.507719][ T1238] ------------[ cut here ]------------
[   86.531321][ T1238] WARNING: CPU: 1 PID: 1238 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   86.540516][ T1238] Modules linked in:
[   86.544232][ T1238] CPU: 1 PID: 1238 Comm: syz-executor.2 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   86.555738][ T1238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   86.565612][ T1238] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   86.571119][ T1238] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   86.590522][ T1238] RSP: 0018:ffffc90001007b88 EFLAGS: 00010293
[   86.596466][ T1238] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff88810de22780
[   86.604434][ T1238] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   86.612247][ T1238] RBP: ffffc90001007bd0 R08: ffffffff8206dfa1 R09: ffffed10239491e9
[   86.620106][ T1238] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811011bcf0
[   86.627969][ T1238] R13: 1ffff1102202379e R14: ffff88811ca48ea0 R15: dffffc0000000000
[   86.635906][ T1238] FS:  0000555557026480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   86.644711][ T1238] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   86.651087][ T1238] CR2: 00007fa19be2d018 CR3: 0000000118b81000 CR4: 00000000003506a0
[   86.658844][ T1238] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   86.666983][ T1238] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   86.681764][ T1238] Call Trace:
[   86.684933][ T1238]  ? show_regs+0x58/0x60
[   86.689007][ T1238]  ? __warn+0x160/0x2f0
[   86.693344][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.698313][ T1238]  ? report_bug+0x3d9/0x5b0
[   86.703223][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.708185][ T1238]  ? handle_bug+0x41/0x70
[   86.712642][ T1238]  ? exc_invalid_op+0x1b/0x50
[   86.717317][ T1238]  ? asm_exc_invalid_op+0x12/0x20
[   86.722936][ T1238]  ? ovl_dir_modified+0x201/0x3e0
[   86.727838][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.733967][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.739430][ T1238]  ? ovl_dir_modified+0x2f4/0x3e0
[   86.739628][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   86.744462][ T1238]  ovl_do_remove+0x656/0xc90
[   86.744474][ T1238]  ? ovl_set_redirect+0x630/0x630
[   86.744491][ T1238]  ? down_write+0xd7/0x150
[   86.751879][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   86.756282][ T1238]  ? selinux_inode_rmdir+0x22/0x30
[   86.761362][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   86.765242][ T1238]  ovl_rmdir+0x1a/0x20
[   86.772972][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   86.787248][ T1238]  vfs_rmdir+0x2b7/0x3f0
[   86.789352][   T15] bridge0: port 1(bridge_slave_0) entered blocking state
[   86.796912][ T1238]  incfs_kill_sb+0x1a2/0x220
[   86.800820][   T15] bridge0: port 1(bridge_slave_0) entered forwarding state
[   86.801637][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   86.808063][ T1238]  deactivate_locked_super+0xad/0x110
[   87.030335][ T1238]  deactivate_super+0xbe/0xf0
[   87.034876][ T1238]  cleanup_mnt+0x45c/0x510
[   87.039113][ T1238]  __cleanup_mnt+0x19/0x20
[   87.043795][ T1238]  task_work_run+0x129/0x190
[   87.048230][ T1238]  exit_to_user_mode_loop+0xbf/0xd0
[   87.050343][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.062246][   T15] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.065896][ T1238]  syscall_exit_to_user_mode+0xa2/0x1a0
[   87.069096][   T15] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.088424][ T1289] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.095545][ T1289] bridge0: port 1(bridge_slave_0) entered disabled state
[   87.102934][ T1289] device bridge_slave_0 entered promiscuous mode
[   87.109814][ T1289] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.116700][ T1289] bridge0: port 2(bridge_slave_1) entered disabled state
[   87.123951][ T1289] device bridge_slave_1 entered promiscuous mode
[   87.138771][ T1238]  do_syscall_64+0x40/0x70
[   87.143700][ T1238]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   87.149606][ T1238] RIP: 0033:0x7faf8e0b3257
[   87.151926][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   87.153839][ T1238] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   87.153855][ T1238] RSP: 002b:00007fffbe1c9388 EFLAGS: 00000246
[   87.162861][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.181092][ T1238]  ORIG_RAX: 00000000000000a6
[   87.202825][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.210977][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.216457][ T1238] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007faf8e0b3257
[   87.229086][ T1277] device veth0_vlan entered promiscuous mode
[   87.240338][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   87.242786][ T1238] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbe1c9440
[   87.248889][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   87.265186][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   87.273357][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   87.276197][ T1238] RBP: 00007fffbe1c9440 R08: 0000000000000000 R09: 0000000000000000
[   87.292793][ T1277] device veth1_macvtap entered promiscuous mode
[   87.297843][ T1238] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbe1ca4f0
[   87.299926][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   87.314740][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   87.322258][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   87.322412][ T1238] R13: 00007faf8e10e6c6 R14: 00000000000149a2 R15: 0000000000000013
[   87.330663][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   87.346387][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   87.349918][ T1238] ---[ end trace aab53bae897603a5 ]---
[   87.371132][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   87.379555][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   87.388719][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   87.397288][  T314] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   87.453492][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   87.461740][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   87.478458][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   87.500931][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   87.544604][  T420] bridge0: port 1(bridge_slave_0) entered blocking state
[   87.552067][  T420] bridge0: port 1(bridge_slave_0) entered forwarding state
[   87.560568][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   87.568888][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   87.577576][  T420] bridge0: port 2(bridge_slave_1) entered blocking state
[   87.585067][  T420] bridge0: port 2(bridge_slave_1) entered forwarding state
[   87.592627][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   87.600537][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   87.629688][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   87.637255][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   87.646485][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   87.654528][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   87.673170][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   87.689648][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   87.701724][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   87.720865][ T1289] device veth0_vlan entered promiscuous mode
[   87.740290][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   87.747819][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   87.935386][ T1154] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[   87.997706][ T1233] ------------[ cut here ]------------
[   88.003922][ T1233] WARNING: CPU: 0 PID: 1233 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   88.014133][ T1233] Modules linked in:
[   88.018075][ T1233] CPU: 0 PID: 1233 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   88.038397][ T1233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   88.050370][ T1233] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   88.055975][ T1233] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   88.061283][ T1289] device veth1_macvtap entered promiscuous mode
[   88.086857][ T1233] RSP: 0000:ffffc90001a7fb88 EFLAGS: 00010293
[   88.093234][ T1233] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff88811380cf00
[   88.103061][ T1233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   88.115070][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   88.119223][ T1233] RBP: ffffc90001a7fbd0 R08: ffffffff8206dfa1 R09: ffffed1023938ee5
[   88.123621][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   88.131711][ T1233] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c8e3140
[   88.140349][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   88.148097][ T1233] R13: 1ffff1102391c628 R14: ffff88811c9c7680 R15: dffffc0000000000
[   88.199351][ T1233] FS:  000055555577d480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   88.320107][ T1233] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.358207][ T1233] CR2: 0000001b2d126000 CR3: 000000012af40000 CR4: 00000000003506a0
[   88.367662][ T1233] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   88.377552][ T1233] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   88.386494][ T1233] Call Trace:
[   88.390778][ T1233]  ? show_regs+0x58/0x60
[   88.395432][ T1233]  ? __warn+0x160/0x2f0
[   88.401657][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   88.407552][ T1233]  ? report_bug+0x3d9/0x5b0
[   88.412091][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   88.417310][ T1233]  ? handle_bug+0x41/0x70
[   88.421943][ T1233]  ? exc_invalid_op+0x1b/0x50
[   88.426712][ T1233]  ? asm_exc_invalid_op+0x12/0x20
[   88.431816][ T1154] usb 4-1: Using ep0 maxpacket: 16
[   88.432171][ T1233]  ? ovl_dir_modified+0x201/0x3e0
[   88.441659][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   88.446976][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   88.452197][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   88.457103][ T1233]  ovl_do_remove+0x656/0xc90
[   88.461893][ T1233]  ? ovl_set_redirect+0x630/0x630
[   88.466814][ T1233]  ? down_write+0xd7/0x150
[   88.467083][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   88.471339][ T1233]  ? selinux_inode_rmdir+0x22/0x30
[   88.479635][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   88.484647][ T1233]  ovl_rmdir+0x1a/0x20
[   88.493936][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   88.497524][ T1233]  vfs_rmdir+0x2b7/0x3f0
[   88.505894][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   88.509502][ T1233]  incfs_kill_sb+0x108/0x220
[   88.522220][ T1233]  deactivate_locked_super+0xad/0x110
[   88.527453][ T1233]  deactivate_super+0xbe/0xf0
[   88.532298][ T1233]  cleanup_mnt+0x45c/0x510
[   88.536550][ T1233]  __cleanup_mnt+0x19/0x20
[   88.541171][ T1233]  task_work_run+0x129/0x190
[   88.546304][ T1233]  exit_to_user_mode_loop+0xbf/0xd0
[   88.548978][ T1308] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.551656][ T1233]  syscall_exit_to_user_mode+0xa2/0x1a0
[   88.551664][ T1233]  do_syscall_64+0x40/0x70
[   88.551676][ T1233]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   88.551693][ T1233] RIP: 0033:0x7fcc3eed9257
[   88.559714][ T1154] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   88.569978][ T1233] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   88.575166][ T1154] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   88.579099][ T1308] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.590110][ T1154] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   88.610402][ T1233] RSP: 002b:00007ffe68660e28 EFLAGS: 00000246
[   88.619345][ T1154] usb 4-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[   88.619361][ T1154] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.626520][ T1233]  ORIG_RAX: 00000000000000a6
[   88.639915][ T1308] device bridge_slave_0 entered promiscuous mode
[   88.655507][ T1233] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fcc3eed9257
[   88.661889][ T1154] usb 4-1: config 0 descriptor??
[   88.669511][ T1233] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe68660ee0
[   88.673876][ T1308] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.689477][  T362] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[   88.692913][ T1308] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.709388][ T1233] RBP: 00007ffe68660ee0 R08: 0000000000000000 R09: 0000000000000000
[   88.715272][ T1308] device bridge_slave_1 entered promiscuous mode
[   88.728692][ T1233] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe68661f90
[   88.736546][ T1233] R13: 00007fcc3ef346c6 R14: 0000000000015406 R15: 0000000000000015
[   88.744508][ T1233] ---[ end trace aab53bae897603a6 ]---
[   88.750315][ T1233] ------------[ cut here ]------------
[   88.756775][ T1233] WARNING: CPU: 0 PID: 1233 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   88.767295][ T1233] Modules linked in:
[   88.771093][ T1233] CPU: 1 PID: 1233 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   88.782737][ T1233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   88.792606][ T1233] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   88.798152][ T1233] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   88.804352][ T1308] bridge0: port 2(bridge_slave_1) entered blocking state
[   88.825504][ T1308] bridge0: port 2(bridge_slave_1) entered forwarding state
[   88.829511][ T1233] RSP: 0000:ffffc90001a7fb88 EFLAGS: 00010293
[   88.832700][ T1308] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.838521][ T1233] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff88811380cf00
[   88.846514][ T1308] bridge0: port 1(bridge_slave_0) entered forwarding state
[   88.877869][  T420] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   88.885824][  T420] bridge0: port 1(bridge_slave_0) entered disabled state
[   88.893505][ T1233] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   88.901649][ T1233] RBP: ffffc90001a7fbd0 R08: ffffffff8206dfa1 R09: ffffed1023938ee5
[   88.909903][  T420] bridge0: port 2(bridge_slave_1) entered disabled state
[   88.916960][ T1233] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c8e3140
[   88.925272][ T1233] R13: 1ffff1102391c628 R14: ffff88811c9c7680 R15: dffffc0000000000
[   88.933644][ T1233] FS:  000055555577d480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   88.943188][ T1233] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   88.950250][ T1233] CR2: 00007fd9bd48d000 CR3: 000000012af40000 CR4: 00000000003506a0
[   88.952519][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   88.966385][ T1233] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   88.974489][ T1233] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   88.976684][ T1066] bridge0: port 1(bridge_slave_0) entered blocking state
[   88.982430][ T1233] Call Trace:
[   88.989185][ T1066] bridge0: port 1(bridge_slave_0) entered forwarding state
[   89.002300][   T24] audit: type=1400 audit(1718720887.109:159): avc:  denied  { mounton } for  pid=1322 comm="syz-executor.0" path="/root/syzkaller-testdir1626846789/syzkaller.zqmuNA/14/file0" dev="sda1" ino=2021 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=file permissive=1
[   89.002371][ T1323] incfs: Error accessing: ./file0.
[   89.032519][ T1233]  ? show_regs+0x58/0x60
[   89.034788][ T1323] incfs: mount failed -20
[   89.042586][ T1233]  ? __warn+0x160/0x2f0
[   89.042597][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   89.042607][ T1233]  ? report_bug+0x3d9/0x5b0
[   89.042615][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   89.042625][ T1233]  ? handle_bug+0x41/0x70
[   89.042634][ T1233]  ? exc_invalid_op+0x1b/0x50
[   89.042645][ T1233]  ? asm_exc_invalid_op+0x12/0x20
[   89.042654][ T1233]  ? ovl_dir_modified+0x201/0x3e0
[   89.042670][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   89.057044][ T1323] input: syz1 as /devices/virtual/input/input12
[   89.061281][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   89.065620][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   89.069893][ T1233]  ? ovl_dir_modified+0x2f4/0x3e0
[   89.074950][ T1153] bridge0: port 2(bridge_slave_1) entered blocking state
[   89.089254][ T1233]  ovl_do_remove+0x656/0xc90
[   89.090565][ T1153] bridge0: port 2(bridge_slave_1) entered forwarding state
[   89.095427][ T1233]  ? ovl_set_redirect+0x630/0x630
[   89.119837][ T1303] syz-executor.3[1303] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   89.126460][  T362] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   89.131806][ T1233]  ? down_write+0xd7/0x150
[   89.154484][  T362] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   89.154510][  T362] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   89.159449][ T1233]  ? selinux_inode_rmdir+0x22/0x30
[   89.169618][  T362] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.179584][ T1233]  ovl_rmdir+0x1a/0x20
[   89.184434][  T362] usb 5-1: config 0 descriptor??
[   89.193235][ T1233]  vfs_rmdir+0x2b7/0x3f0
[   89.204008][ T1233]  incfs_kill_sb+0x1a2/0x220
[   89.209193][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   89.216865][ T1233]  deactivate_locked_super+0xad/0x110
[   89.222532][ T1233]  deactivate_super+0xbe/0xf0
[   89.232676][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   89.234856][ T1233]  cleanup_mnt+0x45c/0x510
[   89.245005][ T1233]  __cleanup_mnt+0x19/0x20
[   89.250249][ T1233]  task_work_run+0x129/0x190
[   89.255152][ T1233]  exit_to_user_mode_loop+0xbf/0xd0
[   89.263457][ T1233]  syscall_exit_to_user_mode+0xa2/0x1a0
[   89.277061][ T1308] device veth0_vlan entered promiscuous mode
[   89.283904][ T1233]  do_syscall_64+0x40/0x70
[   89.288569][ T1233]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   89.295672][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   89.304281][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   89.312447][ T1233] RIP: 0033:0x7fcc3eed9257
[   89.316675][ T1233] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   89.337284][ T1154] usbhid 4-1:0.0: can't add hid device: -71
[   89.343418][ T1154] usbhid: probe of 4-1:0.0 failed with error -71
[   89.350394][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   89.357651][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   89.365928][ T1154] usb 4-1: USB disconnect, device number 12
[   89.369240][ T1233] RSP: 002b:00007ffe68660e28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   89.388010][ T1233] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fcc3eed9257
[   89.390212][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   89.396075][ T1233] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe68660ee0
[   89.411893][ T1233] RBP: 00007ffe68660ee0 R08: 0000000000000000 R09: 0000000000000000
[   89.420297][ T1233] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe68661f90
[   89.421470][ T1308] device veth1_macvtap entered promiscuous mode
[   89.428188][ T1233] R13: 00007fcc3ef346c6 R14: 0000000000015406 R15: 0000000000000015
[   89.459939][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   89.465608][ T1233] ---[ end trace aab53bae897603a7 ]---
[   89.468002][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   89.496088][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   89.504339][   T25] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   89.760286][ T1337] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[   89.799344][ T1335] netlink: 'syz-executor.2': attribute type 4 has an invalid length.
[   89.969330][  T362] usbhid 5-1:0.0: can't add hid device: -32
[   89.987597][  T362] usbhid: probe of 5-1:0.0 failed with error -32
[   90.233323][    T9] device bridge_slave_1 left promiscuous mode
[   90.242714][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.258297][    T9] device bridge_slave_0 left promiscuous mode
[   90.270550][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.290161][    T9] device bridge_slave_1 left promiscuous mode
[   90.296109][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.313453][    T9] device bridge_slave_0 left promiscuous mode
[   90.323769][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.349027][    T9] device bridge_slave_1 left promiscuous mode
[   90.358456][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.369627][    T9] device bridge_slave_0 left promiscuous mode
[   90.376541][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.385257][    T9] device veth1_macvtap left promiscuous mode
[   90.391194][    T9] device veth0_vlan left promiscuous mode
[   90.397013][    T9] device veth1_macvtap left promiscuous mode
[   90.403125][    T9] device veth0_vlan left promiscuous mode
[   90.408970][    T9] device veth1_macvtap left promiscuous mode
[   90.414911][    T9] device veth0_vlan left promiscuous mode
[   90.844984][ T1338] bridge0: port 1(bridge_slave_0) entered blocking state
[   90.858505][ T1338] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.874696][ T1338] device bridge_slave_0 entered promiscuous mode
[   90.888369][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state
[   90.907831][ T1338] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.930984][ T1338] device bridge_slave_1 entered promiscuous mode
[   91.050528][ T1338] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.057399][ T1338] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.064519][ T1338] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.071286][ T1338] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.081996][   T24] audit: type=1400 audit(1718720889.189:160): avc:  denied  { setopt } for  pid=1352 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[   91.096935][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   91.103643][ T1348] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   91.116816][ T1348] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   91.125929][ T1348] F2FS-fs (loop2): invalid crc value
[   91.131204][ T1154] bridge0: port 1(bridge_slave_0) entered disabled state
[   91.138630][ T1154] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.138768][ T1348] F2FS-fs (loop2): Found nat_bits in checkpoint
[   91.161593][  T450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   91.169791][  T450] bridge0: port 1(bridge_slave_0) entered blocking state
[   91.176628][  T450] bridge0: port 1(bridge_slave_0) entered forwarding state
[   91.180822][ T1348] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   91.183837][  T450] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   91.191059][ T1348] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   91.198522][  T450] bridge0: port 2(bridge_slave_1) entered blocking state
[   91.212491][  T450] bridge0: port 2(bridge_slave_1) entered forwarding state
[   91.221236][  T450] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   91.224160][   T24] audit: type=1400 audit(1718720889.329:161): avc:  denied  { audit_write } for  pid=1347 comm="syz-executor.2" capability=29  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[   91.259509][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   91.270584][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   91.284277][ T1338] device veth0_vlan entered promiscuous mode
[   91.291701][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   91.300073][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   91.309706][ T1153] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   91.323464][ T1338] device veth1_macvtap entered promiscuous mode
[   91.330211][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   91.341546][   T20] usb 5-1: USB disconnect, device number 12
[   91.350240][  T362] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   91.352342][ T1360] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[   91.372515][  T450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   91.442288][   T24] audit: type=1400 audit(1718720889.549:162): avc:  denied  { mounton } for  pid=1347 comm="syz-executor.2" path="/root/syzkaller-testdir328124751/syzkaller.PJ7Tl4/1/bus/file0" dev="loop2" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   91.476454][   T24] audit: type=1400 audit(1718720889.549:163): avc:  denied  { write } for  pid=1347 comm="syz-executor.2" name="file0" dev="loop2" ino=455 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   91.498813][   T24] audit: type=1400 audit(1718720889.549:164): avc:  denied  { add_name } for  pid=1347 comm="syz-executor.2" name="work" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   91.519929][   T24] audit: type=1400 audit(1718720889.579:165): avc:  denied  { setattr } for  pid=1347 comm="syz-executor.2" name="work" dev="loop2" ino=457 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   91.542455][   T24] audit: type=1400 audit(1718720889.579:166): avc:  denied  { remove_name } for  pid=1347 comm="syz-executor.2" name="#5f" dev="loop2" ino=459 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[   91.580219][   T24] audit: type=1400 audit(1718720889.579:167): avc:  denied  { rename } for  pid=1347 comm="syz-executor.2" name="#5f" dev="loop2" ino=459 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[   91.603438][   T24] audit: type=1400 audit(1718720889.579:168): avc:  denied  { unlink } for  pid=1347 comm="syz-executor.2" name="#5f" dev="loop2" ino=460 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=chr_file permissive=1
[   91.684777][ T1375] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1375 comm=syz-executor.1
[   91.870983][    T9] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[   91.879998][    T9] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[   91.899589][   T20] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[   92.170699][   T20] usb 5-1: Using ep0 maxpacket: 8
[   92.289257][   T20] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   92.400551][    T7] device bridge_slave_1 left promiscuous mode
[   92.406556][    T7] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.413993][    T7] device bridge_slave_0 left promiscuous mode
[   92.426637][    T7] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.438378][    T7] device veth1_macvtap left promiscuous mode
[   92.444566][    T7] device veth0_vlan left promiscuous mode
[   92.467404][ T1047] ------------[ cut here ]------------
[   92.472833][ T1047] WARNING: CPU: 0 PID: 1047 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   92.482641][ T1047] Modules linked in:
[   92.483118][ T1382] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[   92.486398][ T1047] CPU: 0 PID: 1047 Comm: syz-executor.0 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   92.494343][   T20] usb 5-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[   92.509295][ T1382] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   92.514389][ T1047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   92.526926][ T1382] F2FS-fs (loop2): invalid crc value
[   92.537510][ T1047] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   92.538605][   T20] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.543106][ T1047] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   92.551375][   T20] usb 5-1: Product: syz
[   92.570891][ T1047] RSP: 0018:ffffc900010bfb88 EFLAGS: 00010293
[   92.575072][   T20] usb 5-1: Manufacturer: syz
[   92.580536][ T1047] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff888132d78000
[   92.585332][   T20] usb 5-1: SerialNumber: syz
[   92.592782][ T1047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   92.601083][   T20] usb 5-1: config 0 descriptor??
[   92.605897][ T1382] F2FS-fs (loop2): Found nat_bits in checkpoint
[   92.611677][ T1047] RBP: ffffc900010bfbd0 R08: ffffffff8206dfa1 R09: ffffed1023949101
[   92.636949][ T1047] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c882f10
[   92.645405][ T1047] R13: 1ffff110239105e2 R14: ffff88811ca48760 R15: dffffc0000000000
[   92.649344][ T1382] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   92.658862][ T1047] FS:  00005555558d0480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   92.669195][ T1382] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   92.669793][ T1047] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   92.690474][ T1047] CR2: 00007fc0319d0000 CR3: 0000000104b95000 CR4: 00000000003506a0
[   92.698419][ T1047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   92.706485][ T1047] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   92.714357][ T1047] Call Trace:
[   92.717471][ T1047]  ? show_regs+0x58/0x60
[   92.721812][ T1047]  ? __warn+0x160/0x2f0
[   92.725839][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   92.730713][ T1047]  ? report_bug+0x3d9/0x5b0
[   92.735108][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   92.740299][ T1047]  ? handle_bug+0x41/0x70
[   92.744491][ T1047]  ? exc_invalid_op+0x1b/0x50
[   92.748997][ T1047]  ? asm_exc_invalid_op+0x12/0x20
[   92.754107][ T1047]  ? ovl_dir_modified+0x201/0x3e0
[   92.758987][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   92.763996][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   92.768966][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   92.777189][ T1047]  ovl_do_remove+0x656/0xc90
[   92.783213][ T1047]  ? ovl_set_redirect+0x630/0x630
[   92.788133][ T1047]  ? down_write+0xd7/0x150
[   92.792693][ T1047]  ? selinux_inode_rmdir+0x22/0x30
[   92.797663][ T1047]  ovl_rmdir+0x1a/0x20
[   92.802171][ T1047]  vfs_rmdir+0x2b7/0x3f0
[   92.806327][ T1047]  incfs_kill_sb+0x108/0x220
[   92.810882][ T1047]  deactivate_locked_super+0xad/0x110
[   92.817135][ T1047]  deactivate_super+0xbe/0xf0
[   92.822330][ T1047]  cleanup_mnt+0x45c/0x510
[   92.826710][ T1047]  __cleanup_mnt+0x19/0x20
[   92.831149][ T1047]  task_work_run+0x129/0x190
[   92.831337][ T1277] ------------[ cut here ]------------
[   92.835542][ T1047]  exit_to_user_mode_loop+0xbf/0xd0
[   92.835559][ T1047]  syscall_exit_to_user_mode+0xa2/0x1a0
[   92.841245][ T1277] WARNING: CPU: 0 PID: 1277 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   92.845998][ T1047]  do_syscall_64+0x40/0x70
[   92.846010][ T1047]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   92.846042][ T1047] RIP: 0033:0x7fd9c64b5257
[   92.852023][ T1277] Modules linked in:
[   92.861155][ T1047] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   92.876295][ T1277] 
[   92.878653][ T1047] RSP: 002b:00007ffcbad6dd78 EFLAGS: 00000246
[   92.899469][ T1277] CPU: 0 PID: 1277 Comm: syz-executor.3 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   92.908208][ T1047]  ORIG_RAX: 00000000000000a6
[   92.918314][ T1277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   92.932698][ T1277] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   92.938423][ T1277] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   92.938519][ T1047] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fd9c64b5257
[   92.958321][ T1277] RSP: 0018:ffffc90000d77b88 EFLAGS: 00010293
[   92.966501][ T1047] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcbad6de30
[   92.998067][ T1277] 
[   93.013981][ T1277] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881143b0000
[   93.023354][ T1047] RBP: 00007ffcbad6de30 R08: 0000000000000000 R09: 0000000000000000
[   93.031867][ T1047] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcbad6eee0
[   93.038745][ T1277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   93.040782][ T1047] R13: 00007fd9c65106c6 R14: 00000000000165a9 R15: 0000000000000015
[   93.049392][ T1277] RBP: ffffc90000d77bd0 R08: ffffffff8206dfa1 R09: ffffed10239389e9
[   93.063680][ T1047] ---[ end trace aab53bae897603a8 ]---
[   93.075341][ T1277] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810c618ad0
[   93.076014][ T1047] ------------[ cut here ]------------
[   93.084530][ T1047] WARNING: CPU: 1 PID: 1047 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   93.089131][ T1277] R13: 1ffff110218c315a R14: ffff88811c9c4ea0 R15: dffffc0000000000
[   93.098652][ T1047] Modules linked in:
[   93.106258][ T1277] FS:  00005555562bf480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   93.106578][ T1047] 
[   93.121338][ T1277] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   93.132334][ T1277] CR2: 00007f1f31c30ff0 CR3: 00000001277e3000 CR4: 00000000003506b0
[   93.141234][ T1277] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   93.149816][ T1047] CPU: 1 PID: 1047 Comm: syz-executor.0 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   93.175878][ T1392] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1392 comm=syz-executor.4
[   93.282988][ T1277] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   93.290902][ T1277] Call Trace:
[   93.293980][ T1277]  ? show_regs+0x58/0x60
[   93.298045][ T1277]  ? __warn+0x160/0x2f0
[   93.302092][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.304456][ T1047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   93.306877][ T1277]  ? report_bug+0x3d9/0x5b0
[   93.321323][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.326186][ T1277]  ? handle_bug+0x41/0x70
[   93.329027][ T1047] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   93.330364][ T1277]  ? exc_invalid_op+0x1b/0x50
[   93.338186][ T1047] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   93.340779][ T1277]  ? asm_exc_invalid_op+0x12/0x20
[   93.340791][ T1277]  ? ovl_dir_modified+0x201/0x3e0
[   93.340799][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.340808][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.340824][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.362086][ T1047] RSP: 0018:ffffc900010bfb88 EFLAGS: 00010293
[   93.372513][ T1277]  ovl_do_remove+0x656/0xc90
[   93.375332][ T1047] 
[   93.387091][ T1277]  ? ovl_set_redirect+0x630/0x630
[   93.395815][ T1047] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff888132d78000
[   93.400275][ T1277]  ? down_write+0xd7/0x150
[   93.404279][ T1047] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   93.410587][ T1277]  ? selinux_inode_rmdir+0x22/0x30
[   93.415291][ T1047] RBP: ffffc900010bfbd0 R08: ffffffff8206dfa1 R09: ffffed1023949101
[   93.422959][ T1277]  ovl_rmdir+0x1a/0x20
[   93.427960][ T1047] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c882f10
[   93.435460][ T1277]  vfs_rmdir+0x2b7/0x3f0
[   93.439796][ T1047] R13: 1ffff110239105e2 R14: ffff88811ca48760 R15: dffffc0000000000
[   93.447812][ T1277]  incfs_kill_sb+0x108/0x220
[   93.451656][ T1047] FS:  00005555558d0480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   93.459638][ T1277]  deactivate_locked_super+0xad/0x110
[   93.464227][ T1047] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   93.472863][ T1277]  deactivate_super+0xbe/0xf0
[   93.478173][ T1047] CR2: 0000001b2d421000 CR3: 0000000104b95000 CR4: 00000000003506a0
[   93.484412][ T1277]  cleanup_mnt+0x45c/0x510
[   93.489114][ T1047] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   93.496746][ T1277]  __cleanup_mnt+0x19/0x20
[   93.501205][ T1047] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   93.508795][ T1277]  task_work_run+0x129/0x190
[   93.525747][ T1277]  exit_to_user_mode_loop+0xbf/0xd0
[   93.530849][ T1277]  syscall_exit_to_user_mode+0xa2/0x1a0
[   93.536240][ T1277]  do_syscall_64+0x40/0x70
[   93.540474][ T1277]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   93.546163][ T1277] RIP: 0033:0x7f624d173257
[   93.550492][ T1277] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   93.570434][ T1047] Call Trace:
[   93.573621][ T1047]  ? show_regs+0x58/0x60
[   93.577692][ T1047]  ? __warn+0x160/0x2f0
[   93.581955][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.584846][ T1277] RSP: 002b:00007ffc566f3718 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   93.586973][ T1047]  ? report_bug+0x3d9/0x5b0
[   93.595292][ T1277] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f624d173257
[   93.599695][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.607812][ T1277] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc566f37d0
[   93.612873][ T1047]  ? handle_bug+0x41/0x70
[   93.620141][ T1277] RBP: 00007ffc566f37d0 R08: 0000000000000000 R09: 0000000000000000
[   93.625278][ T1047]  ? exc_invalid_op+0x1b/0x50
[   93.632306][ T1277] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc566f4880
[   93.636565][ T1047]  ? asm_exc_invalid_op+0x12/0x20
[   93.644442][ T1277] R13: 00007f624d1ce6c6 R14: 000000000001670d R15: 0000000000000015
[   93.649460][ T1047]  ? ovl_dir_modified+0x201/0x3e0
[   93.657091][ T1277] ---[ end trace aab53bae897603a9 ]---
[   93.662082][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.673316][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.678349][ T1047]  ? ovl_dir_modified+0x2f4/0x3e0
[   93.685367][ T1047]  ovl_do_remove+0x656/0xc90
[   93.690562][ T1047]  ? ovl_set_redirect+0x630/0x630
[   93.695700][ T1047]  ? down_write+0xd7/0x150
[   93.701322][ T1047]  ? selinux_inode_rmdir+0x22/0x30
[   93.706523][ T1047]  ovl_rmdir+0x1a/0x20
[   93.711941][ T1047]  vfs_rmdir+0x2b7/0x3f0
[   93.716198][ T1047]  incfs_kill_sb+0x1a2/0x220
[   93.731853][ T1047]  deactivate_locked_super+0xad/0x110
[   93.737228][ T1047]  deactivate_super+0xbe/0xf0
[   93.743281][ T1047]  cleanup_mnt+0x45c/0x510
[   93.747665][ T1047]  __cleanup_mnt+0x19/0x20
[   93.753441][ T1047]  task_work_run+0x129/0x190
[   93.757966][ T1047]  exit_to_user_mode_loop+0xbf/0xd0
[   93.766596][ T1277] ------------[ cut here ]------------
[   93.772088][ T1277] WARNING: CPU: 1 PID: 1277 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   93.796789][ T1047]  syscall_exit_to_user_mode+0xa2/0x1a0
[   93.799008][ T1277] Modules linked in:
[   93.802580][ T1047]  do_syscall_64+0x40/0x70
[   93.810226][ T1047]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   93.815960][ T1047] RIP: 0033:0x7fd9c64b5257
[   93.820212][ T1047] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   93.840864][ T1047] RSP: 002b:00007ffcbad6dd78 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   93.846411][ T1277] CPU: 1 PID: 1277 Comm: syz-executor.3 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   93.857031][ T1047] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fd9c64b5257
[   93.861802][ T1277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   93.872116][ T1047] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcbad6de30
[   93.879640][ T1277] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   93.892574][ T1277] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   93.899254][ T1047] RBP: 00007ffcbad6de30 R08: 0000000000000000 R09: 0000000000000000
[   93.912870][ T1277] RSP: 0018:ffffc90000d77b88 EFLAGS: 00010293
[   93.926193][ T1277] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881143b0000
[   93.934268][ T1277] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   93.938538][ T1047] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcbad6eee0
[   93.942402][ T1277] RBP: ffffc90000d77bd0 R08: ffffffff8206dfa1 R09: ffffed10239389e9
[   93.957994][ T1277] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88810c618ad0
[   93.961283][ T1047] R13: 00007fd9c65106c6 R14: 00000000000165a9 R15: 0000000000000015
[   93.966085][ T1277] R13: 1ffff110218c315a R14: ffff88811c9c4ea0 R15: dffffc0000000000
[   93.981687][ T1277] FS:  00005555562bf480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   93.990477][ T1047] ---[ end trace aab53bae897603aa ]---
[   93.990687][ T1277] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   94.002481][ T1277] CR2: 00007ffc949fe0d8 CR3: 00000001277e3000 CR4: 00000000003506a0
[   94.010486][ T1277] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   94.018385][ T1277] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   94.026367][ T1277] Call Trace:
[   94.030697][ T1277]  ? show_regs+0x58/0x60
[   94.034805][ T1277]  ? __warn+0x160/0x2f0
[   94.038747][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   94.044048][ T1277]  ? report_bug+0x3d9/0x5b0
[   94.048442][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   94.053497][ T1277]  ? handle_bug+0x41/0x70
[   94.057713][ T1277]  ? exc_invalid_op+0x1b/0x50
[   94.062746][ T1277]  ? asm_exc_invalid_op+0x12/0x20
[   94.067662][ T1277]  ? ovl_dir_modified+0x201/0x3e0
[   94.072948][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   94.077974][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   94.084129][ T1277]  ? ovl_dir_modified+0x2f4/0x3e0
[   94.089033][ T1277]  ovl_do_remove+0x656/0xc90
[   94.093672][ T1277]  ? ovl_set_redirect+0x630/0x630
[   94.098615][ T1277]  ? down_write+0xd7/0x150
[   94.102942][ T1277]  ? selinux_inode_rmdir+0x22/0x30
[   94.108691][ T1277]  ovl_rmdir+0x1a/0x20
[   94.112582][ T1277]  vfs_rmdir+0x2b7/0x3f0
[   94.116635][ T1277]  incfs_kill_sb+0x1a2/0x220
[   94.121122][ T1277]  deactivate_locked_super+0xad/0x110
[   94.126275][ T1277]  deactivate_super+0xbe/0xf0
[   94.159216][ T1277]  cleanup_mnt+0x45c/0x510
[   94.163599][ T1277]  __cleanup_mnt+0x19/0x20
[   94.167874][ T1277]  task_work_run+0x129/0x190
[   94.172906][ T1277]  exit_to_user_mode_loop+0xbf/0xd0
[   94.177982][ T1277]  syscall_exit_to_user_mode+0xa2/0x1a0
[   94.183577][ T1277]  do_syscall_64+0x40/0x70
[   94.187851][ T1277]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   94.193874][ T1277] RIP: 0033:0x7f624d173257
[   94.198247][ T1277] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   94.217873][ T1277] RSP: 002b:00007ffc566f3718 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   94.226222][ T1277] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f624d173257
[   94.234097][ T1277] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc566f37d0
[   94.237540][ T1402] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.249781][ T1277] RBP: 00007ffc566f37d0 R08: 0000000000000000 R09: 0000000000000000
[   94.249992][ T1402] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.264878][ T1277] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc566f4880
[   94.265792][ T1402] device bridge_slave_0 entered promiscuous mode
[   94.288673][ T1277] R13: 00007f624d1ce6c6 R14: 000000000001670d R15: 0000000000000015
[   94.296659][ T1277] ---[ end trace aab53bae897603ab ]---
[   94.362438][ T1402] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.369924][ T1402] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.379020][ T1402] device bridge_slave_1 entered promiscuous mode
[   94.509756][  T314] usb 5-1: USB disconnect, device number 13
[   94.591421][ T1402] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.598289][ T1402] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.605415][ T1402] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.612170][ T1402] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.654765][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   94.662802][   T15] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.670295][   T15] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.700970][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   94.709102][  T350] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.715981][  T350] bridge0: port 1(bridge_slave_0) entered forwarding state
[   94.723575][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   94.732297][  T350] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.739171][  T350] bridge0: port 2(bridge_slave_1) entered forwarding state
[   94.750095][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   94.758281][  T350] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   94.774088][ T1413] bridge0: port 1(bridge_slave_0) entered blocking state
[   94.783838][ T1413] bridge0: port 1(bridge_slave_0) entered disabled state
[   94.791464][ T1413] device bridge_slave_0 entered promiscuous mode
[   94.797765][ T1421] overlayfs: missing 'workdir'
[   94.809093][ T1402] device veth0_vlan entered promiscuous mode
[   94.818276][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   94.826770][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   94.835198][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   94.843370][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   94.851003][ T1413] bridge0: port 2(bridge_slave_1) entered blocking state
[   94.857832][ T1413] bridge0: port 2(bridge_slave_1) entered disabled state
[   94.865779][ T1413] device bridge_slave_1 entered promiscuous mode
[   94.878156][ T1402] device veth1_macvtap entered promiscuous mode
[   94.884932][  T314] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[   94.893665][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   94.928944][ T1050] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   94.972598][ T1050] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   94.983439][  T352] device bridge_slave_1 left promiscuous mode
[   94.999266][  T352] bridge0: port 2(bridge_slave_1) entered disabled state
[   95.006761][  T352] device bridge_slave_0 left promiscuous mode
[   95.013131][  T352] bridge0: port 1(bridge_slave_0) entered disabled state
[   95.021113][  T352] device veth1_macvtap left promiscuous mode
[   95.026927][  T352] device veth0_vlan left promiscuous mode
[   95.029182][ T1368] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   95.159081][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   95.166368][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   95.175803][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   95.184486][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   95.192535][   T20] bridge0: port 1(bridge_slave_0) entered blocking state
[   95.199386][   T20] bridge0: port 1(bridge_slave_0) entered forwarding state
[   95.207158][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   95.215652][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   95.223762][   T15] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   95.232057][   T15] bridge0: port 2(bridge_slave_1) entered blocking state
[   95.238907][   T15] bridge0: port 2(bridge_slave_1) entered forwarding state
[   95.249292][  T314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.249501][ T1050] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[   95.260258][  T314] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.277735][  T314] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[   95.277811][ T1049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   95.286744][  T314] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.295368][ T1049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   95.305460][  T314] usb 5-1: config 0 descriptor??
[   95.310962][ T1049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   95.323690][ T1049] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   95.331613][ T1049] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   95.339866][ T1049] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   95.349870][ T1413] device veth0_vlan entered promiscuous mode
[   95.359467][ T1413] device veth1_macvtap entered promiscuous mode
[   95.366365][ T1048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   95.382075][ T1048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   95.399822][ T1048] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   95.407743][ T1048] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   95.415722][ T1368] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.434437][ T1368] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.444676][ T1048] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   95.452053][ T1368] usb 3-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[   95.461508][ T1368] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.471230][ T1368] usb 3-1: config 0 descriptor??
[   95.476159][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   95.483704][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   95.491144][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   95.499438][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   95.519541][ T1050] usb 1-1: Using ep0 maxpacket: 8
[   95.525307][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   95.533477][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   95.817124][ T1050] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.827226][ T1050] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   96.009783][ T1050] usb 1-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[   96.018773][ T1050] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.026745][ T1050] usb 1-1: Product: syz
[   96.030842][ T1368] usbhid 3-1:0.0: can't add hid device: -71
[   96.036795][ T1368] usbhid: probe of 3-1:0.0 failed with error -71
[   96.042970][ T1050] usb 1-1: Manufacturer: syz
[   96.047299][ T1050] usb 1-1: SerialNumber: syz
[   96.052645][ T1368] usb 3-1: USB disconnect, device number 6
[   96.060697][ T1050] usb 1-1: config 0 descriptor??
[   96.089287][  T314] usbhid 5-1:0.0: can't add hid device: -32
[   96.095197][  T314] usbhid: probe of 5-1:0.0 failed with error -32
[   96.219980][  T352] device bridge_slave_1 left promiscuous mode
[   96.225985][  T352] bridge0: port 2(bridge_slave_1) entered disabled state
[   96.233243][  T352] device bridge_slave_0 left promiscuous mode
[   96.239307][  T352] bridge0: port 1(bridge_slave_0) entered disabled state
[   96.246869][  T352] device veth1_macvtap left promiscuous mode
[   96.252851][  T352] device veth0_vlan left promiscuous mode
[   96.312518][ T1338] ------------[ cut here ]------------
[   96.318009][ T1338] WARNING: CPU: 0 PID: 1338 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   96.328149][ T1338] Modules linked in:
[   96.335353][ T1338] CPU: 0 PID: 1338 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   96.347490][ T1338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   96.357724][ T1338] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   96.363337][ T1338] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   96.383011][ T1338] RSP: 0018:ffffc90000c57b88 EFLAGS: 00010293
[   96.388886][ T1338] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881147acf00
[   96.396847][ T1338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   96.406174][ T1338] RBP: ffffc90000c57bd0 R08: ffffffff8206dfa1 R09: ffffed102396625d
[   96.416687][ T1338] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c881580
[   96.432931][ T1338] R13: 1ffff110239102b0 R14: ffff88811cb31240 R15: dffffc0000000000
[   96.442791][ T1338] FS:  00005555570d8480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[   96.451766][ T1338] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   96.458185][ T1338] CR2: 0000000000000000 CR3: 000000010e17a000 CR4: 00000000003506b0
[   96.469330][ T1338] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   96.477185][ T1338] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   97.382520][ T1435] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1435 comm=syz-executor.0
[   98.559406][ T1338] Call Trace:
[   98.584758][ T1338]  ? show_regs+0x58/0x60
[   98.817213][   T53] usb 5-1: USB disconnect, device number 14
[   98.830278][ T1338]  ? __warn+0x160/0x2f0
[   98.854026][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   98.858986][ T1338]  ? report_bug+0x3d9/0x5b0
[   98.863969][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   98.871231][ T1338]  ? handle_bug+0x41/0x70
[   98.907884][ T1338]  ? exc_invalid_op+0x1b/0x50
[   98.912764][ T1338]  ? asm_exc_invalid_op+0x12/0x20
[   98.917644][ T1338]  ? ovl_dir_modified+0x201/0x3e0
[   98.922531][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   98.927355][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   98.936571][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   98.947855][ T1338]  ovl_do_remove+0x656/0xc90
[   98.952627][ T1338]  ? ovl_set_redirect+0x630/0x630
[   98.957562][ T1338]  ? down_write+0xd7/0x150
[   98.963690][ T1338]  ? selinux_inode_rmdir+0x22/0x30
[   98.969894][ T1338]  ovl_rmdir+0x1a/0x20
[   98.973822][ T1338]  vfs_rmdir+0x2b7/0x3f0
[   98.977894][ T1338]  incfs_kill_sb+0x108/0x220
[   98.982574][ T1338]  deactivate_locked_super+0xad/0x110
[   99.172659][ T1338]  deactivate_super+0xbe/0xf0
[   99.177259][ T1338]  cleanup_mnt+0x45c/0x510
[   99.185118][ T1338]  __cleanup_mnt+0x19/0x20
[   99.190276][ T1338]  task_work_run+0x129/0x190
[   99.194982][ T1338]  exit_to_user_mode_loop+0xbf/0xd0
[   99.201042][ T1338]  syscall_exit_to_user_mode+0xa2/0x1a0
[   99.206553][ T1338]  do_syscall_64+0x40/0x70
[   99.258532][ T1338]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[   99.272249][ T1451] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[   99.315318][ T1451] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[   99.373072][ T1338] RIP: 0033:0x7f68a653e257
[   99.395485][ T1338] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[   99.427414][ T1338] RSP: 002b:00007ffd57939018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   99.435767][ T1338] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f68a653e257
[   99.443742][ T1338] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd579390d0
[   99.451817][ T1338] RBP: 00007ffd579390d0 R08: 0000000000000000 R09: 0000000000000000
[   99.459784][ T1338] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5793a180
[   99.467732][ T1338] R13: 00007f68a65996c6 R14: 00000000000174ca R15: 0000000000000015
[   99.475590][ T1338] ---[ end trace aab53bae897603ac ]---
[   99.480830][  T314] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   99.486411][ T1338] ------------[ cut here ]------------
[   99.493586][ T1338] WARNING: CPU: 0 PID: 1338 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[   99.502881][ T1338] Modules linked in:
[   99.506664][ T1338] CPU: 1 PID: 1338 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[   99.518122][ T1338] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[   99.528854][ T1338] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[   99.534591][ T1338] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[   99.554394][ T1338] RSP: 0018:ffffc90000c57b88 EFLAGS: 00010293
[   99.560732][ T1338] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881147acf00
[   99.568623][ T1338] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[   99.576876][ T1338] RBP: ffffc90000c57bd0 R08: ffffffff8206dfa1 R09: ffffed102396625d
[   99.585143][ T1338] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff88811c881580
[   99.586984][ T1364] usb 1-1: USB disconnect, device number 11
[   99.596627][ T1338] R13: 1ffff110239102b0 R14: ffff88811cb31240 R15: dffffc0000000000
[   99.609091][ T1338] FS:  00005555570d8480(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[   99.618559][ T1338] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   99.625162][ T1338] CR2: 0000001b2c037000 CR3: 000000010e17a000 CR4: 00000000003506a0
[   99.633216][ T1338] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   99.641140][ T1338] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   99.649393][ T1338] Call Trace:
[   99.652659][ T1338]  ? show_regs+0x58/0x60
[   99.656730][ T1338]  ? __warn+0x160/0x2f0
[   99.660943][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   99.665836][ T1338]  ? report_bug+0x3d9/0x5b0
[   99.670549][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   99.675549][ T1338]  ? handle_bug+0x41/0x70
[   99.680213][ T1338]  ? exc_invalid_op+0x1b/0x50
[   99.684784][ T1338]  ? asm_exc_invalid_op+0x12/0x20
[   99.689950][ T1338]  ? ovl_dir_modified+0x201/0x3e0
[   99.694876][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   99.704452][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   99.709441][ T1338]  ? ovl_dir_modified+0x2f4/0x3e0
[   99.714291][ T1338]  ovl_do_remove+0x656/0xc90
[   99.718700][ T1338]  ? ovl_set_redirect+0x630/0x630
[   99.723583][ T1338]  ? down_write+0xd7/0x150
[   99.727822][ T1338]  ? selinux_inode_rmdir+0x22/0x30
[   99.732772][ T1338]  ovl_rmdir+0x1a/0x20
[   99.734530][  T314] usb 3-1: Using ep0 maxpacket: 16
[   99.741678][ T1338]  vfs_rmdir+0x2b7/0x3f0
[   99.745744][ T1338]  incfs_kill_sb+0x1a2/0x220
[   99.750462][ T1338]  deactivate_locked_super+0xad/0x110
[   99.764367][ T1338]  deactivate_super+0xbe/0xf0
[   99.769015][ T1338]  cleanup_mnt+0x45c/0x510
[   99.813350][ T1457] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1457 comm=syz-executor.0
[   99.969577][ T1338]  __cleanup_mnt+0x19/0x20
[   99.973895][ T1338]  task_work_run+0x129/0x190
[   99.978338][ T1338]  exit_to_user_mode_loop+0xbf/0xd0
[   99.984846][ T1338]  syscall_exit_to_user_mode+0xa2/0x1a0
[   99.994149][ T1338]  do_syscall_64+0x40/0x70
[   99.998500][ T1338]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  100.004436][ T1338] RIP: 0033:0x7f68a653e257
[  100.008898][ T1338] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  100.028655][ T1338] RSP: 002b:00007ffd57939018 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  100.037131][ T1338] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f68a653e257
[  100.045143][ T1338] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd579390d0
[  100.053496][ T1338] RBP: 00007ffd579390d0 R08: 0000000000000000 R09: 0000000000000000
[  100.061556][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.072668][ T1338] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd5793a180
[  100.080527][  T314] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  100.080671][ T1338] R13: 00007f68a65996c6 R14: 00000000000174ca R15: 0000000000000015
[  100.090214][  T314] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  100.098170][ T1338] ---[ end trace aab53bae897603ad ]---
[  100.110613][  T314] usb 3-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  100.124658][  T314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.129224][ T1050] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  100.133147][  T314] usb 3-1: config 0 descriptor??
[  100.301001][ T1463] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  100.329711][ T1462] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  100.407061][ T1050] usb 5-1: Using ep0 maxpacket: 8
[  100.434779][ T1465] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.441810][ T1465] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.448903][ T1465] device bridge_slave_0 entered promiscuous mode
[  100.457123][ T1465] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.464015][ T1465] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.471169][ T1465] device bridge_slave_1 entered promiscuous mode
[  100.504134][ T1465] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.510987][ T1465] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.518043][ T1465] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.524880][ T1465] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.540992][ T1364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  100.548333][ T1364] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.555371][ T1050] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.566632][ T1364] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.576679][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  100.584670][    T5] bridge0: port 1(bridge_slave_0) entered blocking state
[  100.591632][    T5] bridge0: port 1(bridge_slave_0) entered forwarding state
[  100.600292][ T1368] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  100.608295][ T1368] bridge0: port 2(bridge_slave_1) entered blocking state
[  100.609757][ T1447] syz-executor.2[1447] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  100.615162][ T1368] bridge0: port 2(bridge_slave_1) entered forwarding state
[  100.646381][ T1364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  100.654339][ T1364] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  100.669983][ T1368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.680432][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.688208][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  100.695650][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  100.703798][ T1465] device veth0_vlan entered promiscuous mode
[  100.715405][ T1364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  100.724516][ T1465] device veth1_macvtap entered promiscuous mode
[  100.730687][  T314] usbhid 3-1:0.0: can't add hid device: -71
[  100.735039][ T1364] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  100.736449][  T314] usbhid: probe of 3-1:0.0 failed with error -71
[  100.754439][  T314] usb 3-1: USB disconnect, device number 7
[  100.761798][ T1368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  100.789299][ T1050] usb 5-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  100.798210][ T1050] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.806263][ T1050] usb 5-1: Product: syz
[  100.810456][ T1050] usb 5-1: Manufacturer: syz
[  100.814898][ T1050] usb 5-1: SerialNumber: syz
[  100.821030][ T1050] usb 5-1: config 0 descriptor??
[  100.909867][  T352] device bridge_slave_1 left promiscuous mode
[  100.915875][  T352] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.923240][  T352] device bridge_slave_0 left promiscuous mode
[  100.929325][  T352] bridge0: port 1(bridge_slave_0) entered disabled state
[  100.936799][  T352] device veth1_macvtap left promiscuous mode
[  100.942888][  T352] device veth0_vlan left promiscuous mode
[  101.240675][  T350] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  101.290727][ T1478] EXT4-fs (loop2): Quota format mount options ignored when QUOTA feature is enabled
[  101.312682][ T1478] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000084,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,lazytime,jqfmt=vfsold,usrquota,data_err=abort,,errors=continue
[  101.365808][ T1482] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1482 comm=syz-executor.4
[  101.509904][ T1478] input: syz1 as /devices/virtual/input/input13
[  101.629194][  T350] usb 2-1: Using ep0 maxpacket: 8
[  101.659997][ T1485] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.666929][ T1485] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.674342][ T1485] device bridge_slave_0 entered promiscuous mode
[  101.682781][ T1485] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.689733][ T1485] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.696863][ T1485] device bridge_slave_1 entered promiscuous mode
[  101.743298][ T1485] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.750176][ T1485] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.757292][ T1485] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.764263][ T1485] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.771915][  T350] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  101.792916][ T1368] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  101.801034][ T1368] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.808314][ T1368] bridge0: port 2(bridge_slave_1) entered disabled state
[  101.824779][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  101.834995][ T1066] bridge0: port 1(bridge_slave_0) entered blocking state
[  101.841867][ T1066] bridge0: port 1(bridge_slave_0) entered forwarding state
[  101.863615][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  101.871687][ T1066] bridge0: port 2(bridge_slave_1) entered blocking state
[  101.878546][ T1066] bridge0: port 2(bridge_slave_1) entered forwarding state
[  101.886478][ T1066] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  101.907630][ T1485] device veth0_vlan entered promiscuous mode
[  101.916933][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  101.925446][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  101.933316][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  101.940493][  T350] usb 2-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  101.949691][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  101.956720][  T350] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.964785][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  101.972392][  T350] usb 2-1: Product: syz
[  102.032330][ T1493] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1493 comm=syz-executor.3
[  102.143798][  T350] usb 2-1: Manufacturer: syz
[  102.148723][  T350] usb 2-1: SerialNumber: syz
[  102.155552][  T350] usb 2-1: config 0 descriptor??
[  102.166825][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  102.175844][ T1485] device veth1_macvtap entered promiscuous mode
[  102.185069][ T1154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  102.194254][ T1368] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  102.329685][  T352] device bridge_slave_1 left promiscuous mode
[  102.335892][  T352] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.395219][ T1497] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1497 comm=syz-executor.2
[  102.481153][  T352] device bridge_slave_0 left promiscuous mode
[  102.514148][  T352] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.527451][  T352] device veth1_macvtap left promiscuous mode
[  102.533408][  T352] device veth0_vlan left promiscuous mode
[  102.789018][ T1501] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1501 comm=syz-executor.1
[  102.889541][  T350] usb 5-1: USB disconnect, device number 15
[  103.169332][ T1364] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  103.369192][  T350] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  103.419175][ T1364] usb 4-1: Using ep0 maxpacket: 8
[  103.569388][ T1364] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.758404][ T1364] usb 4-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  103.801409][ T1364] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  103.808693][  T350] usb 5-1: Using ep0 maxpacket: 8
[  103.809778][ T1364] usb 4-1: SerialNumber: syz
[  103.829505][ T1364] usb 4-1: config 0 descriptor??
[  103.870491][ T1364] uvcvideo: Found UVC 0.00 device <unnamed> (05ac:8501)
[  103.877306][ T1364] uvcvideo 4-1:0.0: Entity type for entity Output 255 was not initialized!
[  103.904161][ T1364] uvcvideo: Failed to create links for entity 255
[  103.913426][ T1364] uvcvideo: Failed to register entities (-22).
[  103.920878][ T1050] usb 2-1: USB disconnect, device number 8
[  103.939295][  T350] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  103.949464][  T350] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  104.058049][ T1521] incfs: Error accessing: ./file0.
[  104.063180][ T1521] incfs: mount failed -20
[  104.068209][ T1521] input: syz1 as /devices/virtual/input/input14
[  104.083334][ T1066] usb 4-1: USB disconnect, device number 13
[  104.109302][  T350] usb 5-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  104.118205][  T350] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.126060][  T350] usb 5-1: Product: syz
[  104.130000][  T350] usb 5-1: Manufacturer: syz
[  104.134411][  T350] usb 5-1: SerialNumber: syz
[  104.140119][  T350] usb 5-1: config 0 descriptor??
[  104.289332][ T1050] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  104.574843][ T1529] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1529 comm=syz-executor.4
[  104.689231][ T1050] usb 2-1: Using ep0 maxpacket: 16
[  104.809423][ T1050] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.820396][ T1050] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.829934][ T1050] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  104.842531][ T1050] usb 2-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  104.851399][ T1050] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.859798][ T1050] usb 2-1: config 0 descriptor??
[  105.842505][ T1542] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1542 comm=syz-executor.2
[  105.857029][ T1544] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1544 comm=syz-executor.0
[  105.976699][  T324] usb 5-1: USB disconnect, device number 16
[  105.989252][ T1518] syz-executor.1[1518] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.179344][ T1050] usbhid 2-1:0.0: can't add hid device: -71
[  106.206242][ T1050] usbhid: probe of 2-1:0.0 failed with error -71
[  106.232333][ T1050] usb 2-1: USB disconnect, device number 9
[  106.659225][ T1066] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  106.932133][ T1561] incfs: Error accessing: ./file0.
[  106.937157][ T1561] incfs: mount failed -20
[  106.942388][ T1561] input: syz1 as /devices/virtual/input/input15
[  106.984565][ T1050] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  107.284988][ T1570] input: syz0 as /devices/virtual/input/input16
[  107.298381][ T1066] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  107.318574][ T1066] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  107.331166][ T1066] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  107.342250][ T1066] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.369878][ T1066] usb 1-1: config 0 descriptor??
[  107.409512][ T1050] usb 2-1: Using ep0 maxpacket: 8
[  107.529288][ T1050] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  107.719411][ T1050] usb 2-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  107.730031][ T1050] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.737969][ T1050] usb 2-1: Product: syz
[  107.742070][ T1050] usb 2-1: Manufacturer: syz
[  107.746452][ T1050] usb 2-1: SerialNumber: syz
[  107.751481][ T1050] usb 2-1: config 0 descriptor??
[  107.959904][ T1066] hid (null): bogus close delimiter
[  107.992317][ T1579] netlink: 'syz-executor.3': attribute type 4 has an invalid length.
[  108.249455][ T1066] usb 1-1: language id specifier not provided by device, defaulting to English
[  108.573716][ T1581] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1581 comm=syz-executor.1
[  109.152810][ T1066] uclogic 0003:256C:006D.0009: failed retrieving Huion firmware version: -71
[  109.164371][ T1066] uclogic 0003:256C:006D.0009: failed probing parameters: -71
[  109.174736][ T1066] uclogic: probe of 0003:256C:006D.0009 failed with error -71
[  109.270853][ T1154] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  109.314447][ T1066] usb 1-1: USB disconnect, device number 12
[  109.559202][ T1154] usb 4-1: Using ep0 maxpacket: 8
[  109.699425][ T1154] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  109.709444][ T1154] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  109.769622][ T1368] usb 2-1: USB disconnect, device number 10
[  109.927161][ T1606] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  109.964140][ T1606] netlink: 'syz-executor.1': attribute type 4 has an invalid length.
[  110.045731][  T350] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  110.053175][ T1066] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  110.060636][ T1154] usb 4-1: New USB device found, idVendor=8086, idProduct=0b03, bcdDevice=f4.28
[  110.069672][ T1154] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.077391][ T1154] usb 4-1: Product: syz
[  110.081683][ T1154] usb 4-1: Manufacturer: syz
[  110.086079][ T1154] usb 4-1: SerialNumber: syz
[  110.091324][ T1154] usb 4-1: config 0 descriptor??
[  110.129297][  T314] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  110.309207][  T350] usb 5-1: Using ep0 maxpacket: 16
[  110.369275][  T314] usb 3-1: Using ep0 maxpacket: 8
[  110.391967][ T1607] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=36 sclass=netlink_tcpdiag_socket pid=1607 comm=syz-executor.3
[  110.429298][ T1066] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.440057][  T350] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  110.450744][ T1066] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.460368][  T350] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  110.469954][ T1066] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  110.478810][  T350] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  110.491571][  T314] usb 3-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  110.501579][ T1066] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.509439][  T350] usb 5-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  110.518435][  T350] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  110.526467][ T1066] usb 1-1: config 0 descriptor??
[  110.531821][  T350] usb 5-1: config 0 descriptor??
[  110.589298][  T314] usb 3-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  110.598213][  T314] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  110.606256][  T314] usb 3-1: SerialNumber: syz
[  110.639595][  T314] usb 3-1: config 0 descriptor??
[  110.969235][  T314] uvcvideo: Found UVC 0.00 device <unnamed> (05ac:8501)
[  110.976038][  T314] uvcvideo: No valid video chain found.
[  110.982132][  T314] usb 3-1: USB disconnect, device number 8
[  110.989875][ T1597] syz-executor.4[1597] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  111.069251][  T350] usbhid 5-1:0.0: can't add hid device: -71
[  111.086677][  T350] usbhid: probe of 5-1:0.0 failed with error -71
[  111.093544][  T350] usb 5-1: USB disconnect, device number 17
[  111.515359][   T24] kauditd_printk_skb: 3 callbacks suppressed
[  111.515372][   T24] audit: type=1400 audit(1718720909.619:172): avc:  denied  { read write } for  pid=1615 comm="syz-executor.4" name="fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  111.544715][   T24] audit: type=1400 audit(1718720909.619:173): avc:  denied  { open } for  pid=1615 comm="syz-executor.4" path="/dev/fuse" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fuse_device_t tclass=chr_file permissive=1
[  111.712203][ T1621] xt_TPROXY: Can be used only with -p tcp or -p udp
[  111.816082][ T1368] usb 4-1: USB disconnect, device number 14
[  112.149287][ T1066] uclogic 0003:256C:006D.000A: v1 buttonpad probing failed: -71
[  112.157271][ T1066] uclogic 0003:256C:006D.000A: failed probing parameters: -71
[  112.164536][ T1066] uclogic: probe of 0003:256C:006D.000A failed with error -71
[  112.171821][   T15] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  112.180266][ T1066] usb 1-1: USB disconnect, device number 13
[  112.289204][ T1368] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  112.529242][   T15] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  112.539915][   T15] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.550657][   T15] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.559181][ T1368] usb 4-1: Using ep0 maxpacket: 32
[  112.560240][   T15] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  112.622797][   T24] audit: type=1400 audit(1718720910.729:174): avc:  denied  { sys_module } for  pid=1647 comm="syz-executor.0" capability=16  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability permissive=1
[  112.626647][ T1648] Zero length message leads to an empty skb
[  112.644348][   T24] audit: type=1400 audit(1718720910.729:175): avc:  denied  { write } for  pid=1647 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  112.663847][   T15] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  112.678851][   T15] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  112.687011][   T15] usb 3-1: Manufacturer: syz
[  112.689168][   T53] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  112.692349][   T15] usb 3-1: config 0 descriptor??
[  112.709268][ T1368] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  112.720018][ T1368] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  112.728829][ T1368] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.737887][ T1368] usb 4-1: config 0 descriptor??
[  112.779948][ T1368] hub 4-1:0.0: USB hub found
[  112.939230][   T53] usb 2-1: Using ep0 maxpacket: 8
[  112.989351][ T1368] hub 4-1:0.0: 1 port detected
[  113.079226][   T53] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  113.089537][   T53] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x93, skipping
[  113.099828][   T53] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  113.290097][   T53] usb 2-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  113.299001][   T53] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  113.306774][   T53] usb 2-1: Product: syz
[  113.310784][   T53] usb 2-1: Manufacturer: syz
[  113.315150][   T53] usb 2-1: SerialNumber: syz
[  113.321504][   T53] usb 2-1: config 0 descriptor??
[  113.339620][ T1637] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  113.371881][   T24] audit: type=1326 audit(1718720911.479:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1653 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa19bcf5f29 code=0x7ffc0000
[  113.396359][ T1630] udc-core: couldn't find an available UDC or it's busy
[  113.403499][   T24] audit: type=1326 audit(1718720911.479:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1653 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa19bcf5f29 code=0x7ffc0000
[  113.427172][ T1630] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  113.427391][ T1630] udc-core: couldn't find an available UDC or it's busy
[  113.440050][   T24] audit: type=1326 audit(1718720911.479:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1653 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa19bcf5f29 code=0x7ffc0000
[  113.452070][ T1630] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  113.481912][   T24] audit: type=1326 audit(1718720911.479:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1653 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa19bcf5f29 code=0x7ffc0000
[  113.539209][   T15] usbhid 3-1:0.0: can't add hid device: -71
[  113.545088][   T15] usbhid: probe of 3-1:0.0 failed with error -71
[  113.560050][   T24] audit: type=1326 audit(1718720911.479:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1653 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa19bcf5f29 code=0x7ffc0000
[  113.577764][   T15] usb 3-1: USB disconnect, device number 9
[  113.583991][   T24] audit: type=1326 audit(1718720911.479:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1653 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa19bcf5f29 code=0x7ffc0000
[  113.693599][ T1676] xt_TPROXY: Can be used only with -p tcp or -p udp
[  113.940123][ T1627] udc-core: couldn't find an available UDC or it's busy
[  113.946942][ T1627] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  113.954527][ T1627] udc-core: couldn't find an available UDC or it's busy
[  113.961379][ T1627] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  113.969475][   T53] hub 4-1:0.0: hub_ext_port_status failed (err = -71)
[  113.976202][   T53] usb 4-1: USB disconnect, device number 15
[  114.036373][ T1687] process 'syz-executor.0' launched './file1' with NULL argv: empty string added
[  115.063557][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Dropping request.  Check SNMP counters.
[  115.407151][   T53] usb 2-1: USB disconnect, device number 11
[  115.944793][ T1814] ======================================================
[  115.944793][ T1814] WARNING: the mand mount option is being deprecated and
[  115.944793][ T1814]          will be removed in v5.15!
[  115.944793][ T1814] ======================================================
[  116.818731][   T24] kauditd_printk_skb: 16 callbacks suppressed
[  116.818741][   T24] audit: type=1400 audit(1718720914.919:198): avc:  denied  { create } for  pid=1842 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  116.869196][   T24] audit: type=1400 audit(1718720914.969:199): avc:  denied  { read } for  pid=1855 comm="syz-executor.0" name="ppp" dev="devtmpfs" ino=133 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  116.892417][   T24] audit: type=1400 audit(1718720914.969:200): avc:  denied  { open } for  pid=1855 comm="syz-executor.0" path="/dev/ppp" dev="devtmpfs" ino=133 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  116.915736][   T24] audit: type=1400 audit(1718720914.969:201): avc:  denied  { ioctl } for  pid=1855 comm="syz-executor.0" path="/dev/ppp" dev="devtmpfs" ino=133 ioctlcmd=0x743e scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  117.073175][   T24] audit: type=1400 audit(1718720915.179:202): avc:  denied  { append } for  pid=1864 comm="syz-executor.2" name="001" dev="devtmpfs" ino=160 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usb_device_t tclass=chr_file permissive=1
[  117.208530][   T24] audit: type=1400 audit(1718720915.309:203): avc:  denied  { create } for  pid=1860 comm="syz-executor.0" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  117.428204][   T24] audit: type=1400 audit(1718720915.309:204): avc:  denied  { read } for  pid=1860 comm="syz-executor.0" name="file0" dev="sda1" ino=2059 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  117.495893][   T24] audit: type=1400 audit(1718720915.309:205): avc:  denied  { open } for  pid=1860 comm="syz-executor.0" path="/root/syzkaller-testdir1969968101/syzkaller.P2knrp/37/file0" dev="sda1" ino=2059 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=blk_file permissive=1
[  117.659008][   T24] audit: type=1400 audit(1718720915.759:206): avc:  denied  { mount } for  pid=1901 comm="syz-executor.1" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  117.682653][   T24] audit: type=1400 audit(1718720915.779:207): avc:  denied  { mounton } for  pid=1901 comm="syz-executor.1" path="/root/syzkaller-testdir3187035510/syzkaller.NshpNf/12/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  118.297648][ T1935] device syzkaller0 entered promiscuous mode
[  119.147402][ T1966] device syzkaller0 entered promiscuous mode
[  121.111265][ T2068] capability: warning: `syz-executor.2' uses deprecated v2 capabilities in a way that may be insecure
[  121.289197][   T53] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  121.454258][ T2084] request_module fs-nilfs2 succeeded, but still no fs?
[  121.579848][ T2086] capability: warning: `syz-executor.4' uses 32-bit capabilities (legacy support in use)
[  121.590048][   T53] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  121.901749][ T2119] ------------[ cut here ]------------
[  121.907150][ T2119] trace type BPF program uses run-time allocation
[  121.914366][ T2119] WARNING: CPU: 1 PID: 2119 at kernel/bpf/verifier.c:10480 check_map_prog_compatibility+0x65b/0x7c0
[  121.925286][ T2119] Modules linked in:
[  121.929061][ T2119] CPU: 1 PID: 2119 Comm: syz-executor.4 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[  121.941345][ T2119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  121.951816][ T2119] RIP: 0010:check_map_prog_compatibility+0x65b/0x7c0
[  121.958687][ T2119] Code: c8 e9 84 fe ff ff e8 54 f5 ee ff 31 db e9 85 fe ff ff e8 48 f5 ee ff c6 05 fe e9 64 05 01 48 c7 c7 e0 6f 45 85 e8 65 7f c2 ff <0f> 0b e9 42 fc ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 17 fa ff
[  121.978637][ T2119] RSP: 0018:ffffc90000c56f90 EFLAGS: 00010246
[  121.984812][ T2119] RAX: 3bda6de56a3cdb00 RBX: ffff888110a9c000 RCX: 0000000000040000
[  121.999993][ T2119] RDX: ffffc90002304000 RSI: 0000000000000826 RDI: 0000000000000827
[  122.011010][ T2119] RBP: ffffc90000c56fd0 R08: ffffffff815220c8 R09: ffffed103ee2a5f8
[  122.019101][ T2119] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000000000011
[  122.034308][ T2119] R13: 1ffff92000021604 R14: ffff8881097a4000 R15: ffffc9000010b020
[  122.051064][ T2119] FS:  00007fa19b0706c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  122.060463][ T2119] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  122.075498][ T2119] CR2: 00007ffe63f59e08 CR3: 0000000129a2f000 CR4: 00000000003506b0
[  122.092198][ T2119] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  122.100795][ T2119] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  122.112123][   T24] kauditd_printk_skb: 19 callbacks suppressed
[  122.112135][   T24] audit: type=1400 audit(1718720920.219:227): avc:  denied  { ioctl } for  pid=2136 comm="syz-executor.2" path="socket:[25568]" dev="sockfs" ino=25568 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  122.112151][ T2119] Call Trace:
[  122.151220][ T2119]  ? show_regs+0x58/0x60
[  122.156689][ T2119]  ? __warn+0x160/0x2f0
[  122.157432][   T24] audit: type=1400 audit(1718720920.259:228): avc:  denied  { create } for  pid=2140 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  122.161081][ T2119]  ? check_map_prog_compatibility+0x65b/0x7c0
[  122.186483][ T2119]  ? report_bug+0x3d9/0x5b0
[  122.191029][ T2119]  ? check_map_prog_compatibility+0x65b/0x7c0
[  122.197180][ T2119]  ? handle_bug+0x41/0x70
[  122.202147][ T2119]  ? exc_invalid_op+0x1b/0x50
[  122.206642][ T2119]  ? asm_exc_invalid_op+0x12/0x20
[  122.211837][   T24] audit: type=1400 audit(1718720920.299:229): avc:  denied  { connect } for  pid=2140 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  122.232834][ T2119]  ? wake_up_klogd+0xb8/0xf0
[  122.237327][ T2119]  ? check_map_prog_compatibility+0x65b/0x7c0
[  122.253641][   T24] audit: type=1400 audit(1718720920.299:230): avc:  denied  { write } for  pid=2140 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  122.279602][ T2119]  ? __fdget+0x1bc/0x240
[  122.283729][ T2119]  resolve_pseudo_ldimm64+0x586/0x1020
[  122.289101][ T2119]  ? bpf_check+0xf2b0/0xf2b0
[  122.294360][ T2119]  ? kvmalloc_node+0x82/0x130
[  122.302716][   T24] audit: type=1326 audit(1718720920.359:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2142 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ea7e40f29 code=0x7ffc0000
[  122.305219][ T2119]  bpf_check+0xaf21/0xf2b0
[  122.339329][   T53] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  122.342984][ T2119]  ? stack_depot_save+0xe/0x10
[  122.351537][   T53] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.357518][ T2119]  ? __se_sys_bpf+0x9856/0x11cb0
[  122.365713][ T2119]  ? sched_clock+0x3a/0x40
[  122.373149][   T24] audit: type=1326 audit(1718720920.359:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2142 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ea7e40f29 code=0x7ffc0000
[  122.379291][ T2119]  ? 0xffffffffa0002000
[  122.430587][   T24] audit: type=1326 audit(1718720920.359:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2142 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7f5ea7e40f29 code=0x7ffc0000
[  122.457999][   T24] audit: type=1326 audit(1718720920.359:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2142 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ea7e40f29 code=0x7ffc0000
[  122.459712][ T2119]  ? bpf_get_btf_vmlinux+0x60/0x60
[  122.482473][   T24] audit: type=1326 audit(1718720920.359:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=2142 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ea7e40f29 code=0x7ffc0000
[  122.487657][ T2119]  ? __kernel_text_address+0x9b/0x110
[  122.510853][   T24] audit: type=1400 audit(1718720920.359:236): avc:  denied  { mount } for  pid=2144 comm="syz-executor.2" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  122.516238][ T2119]  ? unwind_get_return_address+0x4d/0x90
[  122.543440][ T2119]  ? arch_stack_walk+0xf3/0x140
[  122.548095][ T2119]  ? stack_trace_save+0x113/0x1c0
[  122.552986][ T2119]  ? stack_trace_snprint+0xf0/0xf0
[  122.557905][ T2119]  ? stack_trace_snprint+0xf0/0xf0
[  122.562918][ T2119]  ? selinux_bpf_prog_alloc+0x51/0x140
[  122.568140][ T2119]  ? selinux_bpf_prog_alloc+0x51/0x140
[  122.573470][ T2119]  ? ____kasan_kmalloc+0xed/0x110
[  122.578301][ T2119]  ? ____kasan_kmalloc+0xdb/0x110
[  122.583250][ T2119]  ? __kasan_kmalloc+0x9/0x10
[  122.587670][ T2119]  ? kmem_cache_alloc_trace+0x18a/0x2e0
[  122.593089][ T2119]  ? selinux_bpf_prog_alloc+0x51/0x140
[  122.598365][ T2119]  ? security_bpf_prog_alloc+0x62/0x90
[  122.603752][ T2119]  ? __se_sys_bpf+0x9f8c/0x11cb0
[  122.608418][ T2119]  ? __x64_sys_bpf+0x7b/0x90
[  122.610839][ T2059] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  122.612882][ T2119]  ? do_syscall_64+0x34/0x70
[  122.626400][ T2119]  ? entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  122.640174][ T2119]  ? __kasan_kmalloc+0x9/0x10
[  122.647905][ T2119]  __se_sys_bpf+0x107a2/0x11cb0
[  122.663308][ T2119]  ? futex_wait+0x6a0/0x7c0
[  122.667704][ T2119]  ? __x64_sys_bpf+0x90/0x90
[  122.672337][ T2119]  ? do_futex+0x17b0/0x17b0
[  122.676950][ T2119]  ? __kasan_check_write+0x14/0x20
[  122.684495][ T2119]  ? __switch_to+0x5f6/0x1240
[  122.689309][   T53] usb 1-1: string descriptor 0 read error: -71
[  122.695278][ T2119]  ? percpu_array_map_lookup_elem+0xcd/0x180
[  122.695291][ T2119]  ? do_futex+0x139a/0x17b0
[  122.695301][ T2119]  ? compat_start_thread+0x80/0x80
[  122.695322][ T2119]  ? bpf_trace_run2+0x280/0x280
[  122.709501][   T53] uvcvideo: Found UVC 0.00 device <unnamed> (046d:08c1)
[  122.714540][ T2119]  ? native_set_ldt+0x360/0x360
[  122.726098][   T53] uvcvideo: No valid video chain found.
[  122.727505][ T2119]  ? __this_cpu_preempt_check+0x13/0x20
[  122.739863][ T2119]  ? tracing_record_taskinfo_sched_switch+0x84/0x390
[  122.746361][ T2119]  ? _raw_spin_unlock_irq+0x4e/0x70
[  122.757000][ T2119]  ? futex_exit_release+0x1e0/0x1e0
[  122.766361][ T2119]  ? __switch_to_asm+0x34/0x60
[  122.771108][ T2119]  ? __schedule+0xbee/0x1330
[  122.775561][ T2119]  ? release_firmware_map_entry+0x192/0x192
[  122.785066][   T53] usb 1-1: USB disconnect, device number 14
[  122.793121][ T2119]  ? kvm_sched_clock_read+0x18/0x40
[  122.798220][ T2119]  ? sched_clock+0x3a/0x40
[  122.805630][ T2119]  ? __se_sys_futex+0x355/0x470
[  122.810406][ T2119]  ? fpu__clear_all+0x20/0x20
[  122.814874][ T2119]  ? __kasan_check_read+0x11/0x20
[  122.821743][ T2119]  __x64_sys_bpf+0x7b/0x90
[  122.825993][ T2119]  do_syscall_64+0x34/0x70
[  122.830301][ T2119]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  122.835980][ T2119] RIP: 0033:0x7fa19bcf5f29
[  122.840253][ T2119] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  122.859771][ T2119] RSP: 002b:00007fa19b0700c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  122.868252][ T2119] RAX: ffffffffffffffda RBX: 00007fa19be2cf80 RCX: 00007fa19bcf5f29
[  122.876205][ T2119] RDX: 0000000000000052 RSI: 0000000020000200 RDI: 0000000000000005
[  122.884321][ T2119] RBP: 00007fa19bd65074 R08: 0000000000000000 R09: 0000000000000000
[  122.923717][ T2119] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  123.039281][ T2119] R13: 000000000000000b R14: 00007fa19be2cf80 R15: 00007fffcdb01888
[  123.074853][ T2119] ---[ end trace aab53bae897603ae ]---
[  123.142524][ T2186] usb usb8: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  123.297349][ T2197] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=83 sclass=netlink_route_socket pid=2197 comm=syz-executor.1
[  123.574822][ T2244] tmpfs: Unsupported parameter 'mpol'
[  123.603859][ T2246] EXT4-fs warning (device sda1): verify_group_input:147: Cannot add at group 7 (only 8 groups)
[  123.668102][ T2258] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  123.686605][ T2258] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  123.726064][ T2265] overlayfs: missing 'workdir'
[  123.789206][  T314] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  124.108026][ T2296] binder: Bad value for 'stats'
[  124.299308][  T314] usb 1-1: too many configurations: 65, using maximum allowed: 8
[  124.623039][ T2355] overlayfs: conflicting lowerdir path
[  125.095535][ T2376] netlink: 892 bytes leftover after parsing attributes in process `syz-executor.2'.
[  125.115175][ T2379] tmpfs: Bad value for 'nr_inodes'
[  125.193583][ T2393] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  125.203095][ T2393] kvm: pic: non byte read
[  125.207469][ T2393] kvm: pic: level sensitive irq not supported
[  125.207502][ T2393] kvm: pic: non byte read
[  125.217910][ T2393] kvm: pic: level sensitive irq not supported
[  125.217943][ T2393] kvm: pic: non byte read
[  125.228294][ T2393] kvm: pic: level sensitive irq not supported
[  125.228328][ T2393] kvm: pic: non byte read
[  125.229265][  T314] usb 1-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  125.247690][  T314] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.310952][ T2399] EXT4-fs warning (device sda1): __ext4_ioctl:890: Setting inode version is not supported with metadata_csum enabled.
[  125.388374][ T2413] 9pnet: Insufficient options for proto=fd
[  125.512293][ T2238] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  125.542999][ T2438] EXT4-fs warning (device sda1): __ext4_ioctl:890: Setting inode version is not supported with metadata_csum enabled.
[  125.559361][  T314] usb 1-1: string descriptor 0 read error: -71
[  125.559544][ T2435] tmpfs: Unknown parameter 'usrquotaÇÂ@'
[  125.565342][  T314] uvcvideo: Found UVC 0.00 device <unnamed> (046d:08c1)
[  125.565354][  T314] uvcvideo: No valid video chain found.
[  125.603353][  T314] usb 1-1: USB disconnect, device number 15
[  125.634673][ T2444] syz-executor.2[2444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.634728][ T2444] syz-executor.2[2444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.681457][ T2444] input: syz1 as /devices/virtual/input/input17
[  125.803745][ T2444] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  127.127970][ T1465] ------------[ cut here ]------------
[  127.133750][ T1465] WARNING: CPU: 0 PID: 1465 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[  127.143211][ T1465] Modules linked in:
[  127.147000][ T1465] CPU: 0 PID: 1465 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[  127.158717][ T1465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  127.169076][ T1465] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[  127.174740][ T1465] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[  127.194479][ T1465] RSP: 0018:ffffc900017cfb88 EFLAGS: 00010293
[  127.200510][ T1465] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881147ae2c0
[  127.208386][ T1465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  127.216371][ T1465] RBP: ffffc900017cfbd0 R08: ffffffff8206dfa1 R09: ffffed102392c345
[  127.228351][ T1465] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881101e1140
[  127.236971][ T1465] R13: 1ffff1102203c228 R14: ffff88811c961980 R15: dffffc0000000000
[  127.244955][ T1465] FS:  000055555679a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  127.266112][ T1465] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.278689][ T1465] CR2: 00000000ffffffff CR3: 0000000116715000 CR4: 00000000003506b0
[  127.294705][ T1465] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  127.311759][ T1465] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  127.319870][ T1465] Call Trace:
[  127.323017][ T1465]  ? show_regs+0x58/0x60
[  127.327090][ T1465]  ? __warn+0x160/0x2f0
[  127.331365][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.336337][ T1465]  ? report_bug+0x3d9/0x5b0
[  127.340887][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.345829][ T1465]  ? handle_bug+0x41/0x70
[  127.350105][ T1465]  ? exc_invalid_op+0x1b/0x50
[  127.354649][ T1465]  ? asm_exc_invalid_op+0x12/0x20
[  127.360144][ T1465]  ? ovl_dir_modified+0x201/0x3e0
[  127.365044][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.370171][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.375060][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.380229][ T1465]  ovl_do_remove+0x656/0xc90
[  127.384679][ T1465]  ? ovl_set_redirect+0x630/0x630
[  127.389738][ T1465]  ? down_write+0xd7/0x150
[  127.394073][ T1465]  ? selinux_inode_rmdir+0x22/0x30
[  127.398947][ T1465]  ovl_rmdir+0x1a/0x20
[  127.414130][ T1465]  vfs_rmdir+0x2b7/0x3f0
[  127.422654][ T1465]  incfs_kill_sb+0x108/0x220
[  127.427181][ T1465]  deactivate_locked_super+0xad/0x110
[  127.433278][ T1465]  deactivate_super+0xbe/0xf0
[  127.449575][ T1465]  cleanup_mnt+0x45c/0x510
[  127.455261][ T1465]  __cleanup_mnt+0x19/0x20
[  127.459967][ T1465]  task_work_run+0x129/0x190
[  127.464437][ T1465]  exit_to_user_mode_loop+0xbf/0xd0
[  127.469893][ T1465]  syscall_exit_to_user_mode+0xa2/0x1a0
[  127.475427][ T1465]  do_syscall_64+0x40/0x70
[  127.479841][ T1465]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  127.485635][ T1465] RIP: 0033:0x7f5ea7e42257
[  127.490302][ T1465] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  127.510022][ T1465] RSP: 002b:00007ffedcde7af8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  127.518278][ T1465] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f5ea7e42257
[  127.526477][ T1465] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffedcde7bb0
[  127.534474][ T1465] RBP: 00007ffedcde7bb0 R08: 0000000000000000 R09: 0000000000000000
[  127.542508][ T1465] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffedcde8c60
[  127.550526][ T1465] R13: 00007f5ea7e9d6c6 R14: 000000000001eae4 R15: 0000000000000015
[  127.558403][ T1465] ---[ end trace aab53bae897603af ]---
[  127.564236][ T1465] ------------[ cut here ]------------
[  127.569984][ T1465] WARNING: CPU: 0 PID: 1465 at fs/overlayfs/util.c:450 ovl_dir_modified+0x2f4/0x3e0
[  127.579326][ T1465] Modules linked in:
[  127.583128][ T1465] CPU: 0 PID: 1465 Comm: syz-executor.1 Tainted: G        W         5.10.215-syzkaller-00370-gb58b8f9dad93 #0
[  127.594818][ T1465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  127.605034][ T1465] RIP: 0010:ovl_dir_modified+0x2f4/0x3e0
[  127.610798][ T1465] Code: 48 c1 e8 03 42 80 3c 38 00 74 08 4c 89 f7 e8 83 60 a1 ff 49 ff 06 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 cc cc 63 ff <0f> 0b e9 14 ff ff ff e8 c0 cc 63 ff 0f 0b e9 4e ff ff ff 44 89 f9
[  127.630483][ T1465] RSP: 0018:ffffc900017cfb88 EFLAGS: 00010293
[  127.636390][ T1465] RAX: ffffffff8206e094 RBX: 0000000000000000 RCX: ffff8881147ae2c0
[  127.644447][ T1465] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  127.652546][ T1465] RBP: ffffc900017cfbd0 R08: ffffffff8206dfa1 R09: ffffed102392c345
[  127.660559][ T1465] R10: 0000000000000000 R11: dffffc0000000001 R12: ffff8881101e1140
[  127.668368][ T1465] R13: 1ffff1102203c228 R14: ffff88811c961980 R15: dffffc0000000000
[  127.676474][ T1465] FS:  000055555679a480(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[  127.685380][ T1465] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  127.692018][ T1465] CR2: 00000000ffffffff CR3: 0000000116715000 CR4: 00000000003506b0
[  127.699959][ T1465] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  127.707827][ T1465] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  127.715791][ T1465] Call Trace:
[  127.718970][ T1465]  ? show_regs+0x58/0x60
[  127.723114][  T314] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  127.730673][ T1465]  ? __warn+0x160/0x2f0
[  127.734730][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.739758][ T1465]  ? report_bug+0x3d9/0x5b0
[  127.744155][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.748953][ T1465]  ? handle_bug+0x41/0x70
[  127.753432][ T1465]  ? exc_invalid_op+0x1b/0x50
[  127.758005][ T1465]  ? asm_exc_invalid_op+0x12/0x20
[  127.763003][ T1465]  ? ovl_dir_modified+0x201/0x3e0
[  127.767859][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.773135][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.777999][ T1465]  ? ovl_dir_modified+0x2f4/0x3e0
[  127.783139][ T1465]  ovl_do_remove+0x656/0xc90
[  127.787570][ T1465]  ? ovl_set_redirect+0x630/0x630
[  127.792631][ T1465]  ? down_write+0xd7/0x150
[  127.796953][ T1465]  ? selinux_inode_rmdir+0x22/0x30
[  127.802023][ T1465]  ovl_rmdir+0x1a/0x20
[  127.805929][ T1465]  vfs_rmdir+0x2b7/0x3f0
[  127.810260][ T1465]  incfs_kill_sb+0x1a2/0x220
[  127.814962][ T1465]  deactivate_locked_super+0xad/0x110
[  127.820440][ T1465]  deactivate_super+0xbe/0xf0
[  127.856490][ T1066] Bluetooth: hci0: command 0x1003 tx timeout
[  127.862617][ T1465]  cleanup_mnt+0x45c/0x510
[  127.866972][  T860] Bluetooth: hci0: sending frame failed (-49)
[  127.873135][ T1465]  __cleanup_mnt+0x19/0x20
[  127.877445][ T1465]  task_work_run+0x129/0x190
[  127.882120][ T1465]  exit_to_user_mode_loop+0xbf/0xd0
[  127.887136][ T1465]  syscall_exit_to_user_mode+0xa2/0x1a0
[  127.892943][ T1465]  do_syscall_64+0x40/0x70
[  127.897171][ T1465]  entry_SYSCALL_64_after_hwframe+0x61/0xc6
[  127.903116][ T1465] RIP: 0033:0x7f5ea7e42257
[  127.907442][ T1465] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8
[  127.927075][ T1465] RSP: 002b:00007ffedcde7af8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  127.935468][ T1465] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f5ea7e42257
[  127.943574][ T1465] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffedcde7bb0
[  127.951540][ T1465] RBP: 00007ffedcde7bb0 R08: 0000000000000000 R09: 0000000000000000
[  127.959582][ T1465] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffedcde8c60
[  127.967369][ T1465] R13: 00007f5ea7e9d6c6 R14: 000000000001eae4 R15: 0000000000000015
[  127.975548][ T1465] ---[ end trace aab53bae897603b0 ]---
[  128.149338][  T314] usb 4-1: New USB device found, idVendor=077b, idProduct=2226, bcdDevice=ca.8b
[  128.163056][  T314] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.205072][  T314] usb 4-1: config 0 descriptor??
[  128.480198][ T2472] udc-core: couldn't find an available UDC or it's busy
[  128.487082][ T2472] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  128.509184][   T15] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  128.519747][ T1441] device bridge_slave_1 left promiscuous mode
[  128.525875][ T1441] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.534183][ T1441] device bridge_slave_0 left promiscuous mode
[  128.540462][ T1441] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.549667][ T1441] device veth1_macvtap left promiscuous mode
[  128.555530][ T1441] device veth0_vlan left promiscuous mode
[  128.570643][ T2489] overlayfs: missing 'lowerdir'
[  128.764226][   T15] usb 5-1: Using ep0 maxpacket: 8
[  128.921414][   T15] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  129.520340][   T15] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[  129.531858][   T15] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[  129.539903][   T15] usb 5-1: SerialNumber: syz
[  129.545742][   T15] usb 5-1: config 0 descriptor??
2024/06/18 14:28:47 SYZFATAL: executor 1 failed 11 times: executor 1: EOF
remote cover enable write trace failed (errno 17)

[  129.779306][  T314] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  129.794447][  T314] asix: probe of 4-1:0.0 failed with error -71
[  129.804004][  T314] usb 4-1: USB disconnect, device number 16
[  129.859451][   T15] uvcvideo: Found UVC 0.00 device <unnamed> (05ac:8501)
[  129.867012][   T15] uvcvideo: No valid video chain found.
[  129.879594][   T15] usb 5-1: USB disconnect, device number 18
[