last executing test programs:

5.274086903s ago: executing program 2:
socket$inet6(0xa, 0x1, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f0000000040)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
close(r0)
socket$netlink(0x10, 0x3, 0x0)
keyctl$search(0xa, 0x0, 0x0, 0x0, 0xffffffffffffffff)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x10)

4.719007399s ago: executing program 2:
r0 = syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000480)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5}, {0xd}, {0x6}}, {{0x9, 0x5, 0x81, 0x3, 0x200}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x200}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}}}]}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000077c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x207601a}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000340)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x20, 0x80, 0x1c, {0x0, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10, 0x10}}, 0x0, 0x0, 0x0, 0x0})
r4 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_int(r4, 0x0, 0x13, &(0x7f0000000040)=0x7, 0x4)
bind$inet(r4, &(0x7f0000000500)={0x2, 0x0, @private=0xa010101}, 0x10)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f00000000c0)='veth1_to_batadv\x00', 0x10)
sendmsg$inet(r4, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000180)="08001efbb07d586e", 0x8}], 0x1, 0x0, 0x0, 0x60000000}, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, &(0x7f0000000080)={0x14, 0x0, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x5, &(0x7f0000000140)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x7d}, @call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000100)={[{@numtail}, {@utf8no}, {@fat=@errors_remount}, {@utf8no}, {@iocharset={'iocharset', 0x3d, 'utf8'}}, {@shortname_lower}, {@uni_xlateno}, {@numtail}, {@utf8no}, {@rodir}]}, 0x1, 0x220, &(0x7f0000000b00)="$eJzs3T9rU18YB/Cnv/75lYIkg1AUwSsuTqGpOJsiFcSAomTQyWJTlCYWDAR0aN18E/oWdHQVHMTVNyCCVMHFbh2ESL2xaWtiI5hcMZ/P0od7zvfe59yGXDLk5NaJ+uryWmNla2szpqfHYqIUpdgei3z8F+ORehQAwL9ku9WKL61U1r0AAMPh+Q8Ao6fP5//VIbYEAAyYz/8AMHqu37h5eaFcXryWJNMR9cfNSrOS/k3HF1bibtSiGnORi68RrV1pffFSeXEu2fExH5X6Rju/0ayM788XIxf57vliktqfn4yZdv7dTFRjPnJxtHt+vmt+Ks6c3nP9QuTi7e1Yi1osx062k18vJsmFK+UD+f+/zwMAAAAAAAAAAAAAAAAAAAAAgEEoJLu67t9TKPQaT/P97w90cH+eiTg+ke3aAQAAAAAAAAAAAAAAAAAA4G/RePBwdalWq97/VXHvzbNXh835qZiKbkNj7ev2f55BFUdOfXjSa874792fP1u8PJnlbemzeL1559jZxuy5zNqYjIg9R86nR3q+tD7nIgbUz/NM/xc/Vn3o5NmnpaUX6+8/9Xvmob8VAQAAAAAAAAAAAAAAAADAyOt86TfrTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO53f/x9ckfUaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgWwAAAP//lbacqw==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r6 = syz_open_dev$loop(&(0x7f0000000180), 0x0, 0x0)
ioctl$LOOP_SET_FD(r6, 0x4c00, r5)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
syz_usb_ep_write(r0, 0x82, 0x5, &(0x7f0000002340)='hello')

1.819375029s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000003a7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a40)={&(0x7f0000000980)='sys_enter\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
setgid(0x0)

1.768994326s ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000002100b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

1.735235152s ago: executing program 0:
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000001ac0)='ext4_request_blocks\x00', r1}, 0x10)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)

1.718915764s ago: executing program 0:
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x3, 0x4, 0x2}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x67f6, &(0x7f0000000000), &(0x7f0000000080), &(0x7f00000000c0))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r5}, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8}]}}]}, 0x38}}, 0x0)
r7 = eventfd(0x0)
io_setup(0x7ff, &(0x7f0000000140)=<r8=>0x0)
io_submit(r8, 0x1, &(0x7f0000000740)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r7}])
close(r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='ext4_forget\x00', r0}, 0x10)
rmdir(&(0x7f0000000100)='./control\x00')

1.470556673s ago: executing program 0:
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x2000040, &(0x7f00000007c0)={[{@errors_remount}, {@nodiscard}, {@noquota}, {@init_itable}, {@stripe={'stripe', 0x3d, 0x79}}, {@resgid}, {@sysvgroups}, {@delalloc}, {@usrquota}]}, 0x10, 0x4d2, &(0x7f00000002c0)="$eJzs3c9rHG8ZAPBnJtlvf+VrUvVQC7bFVtKi3U0a2wYPtYLYU8Fa7zUmmxCyyYbspm1CkRTvCiIqePLkRfAPEKR/gggFvUsVRbTVgwd1ZWdnaxt3m0i3OzX5fGA67zvv7j7P27Az88687ARwaJ2LiJsRMRIRlyJiPN+e5sutdvudzutePH80316SaLXu/jmJJN/W/awkX5+IiJ2IOBoRX70V8Y3kv+M2trZX5mq16kZerzRX1yuNre3Ly6tzS9Wl6trMzPS12euzV2enBtLPiYi48aXff/87P/nyjV989sFv7/3x4jfbaY3l7a/2Y5A6XS9l/xddoxGx8S6CFWAkX5f6tH97ZIjJAACwp/Y5/kcj4lPZ+f94jGRnpwAAAMBB0vrCWPwjiWgBAAAAB1aazYFN0nI+F2As0rRc7szh/XgcT2v1RvMzi/XNtYXOXNmJKKWLy7XqVD5XeCJKSbs+nc+x7dav7KrPRMTJiPje+LGsXp6v1xaKvvgBAAAAh8SJXeP/v41n4/8jRecFAAAADNhE0QkAAAAA75zxPwAAABx8xv8AAABwoH3l9u320uo+/3rh/tbmSv3+5YVqY6W8ujlfnq9vrJeX6vWl7Df7Vvf6vFq9vv65WNt8WGlWG81KY2v73mp9c615b/m1R2ADAAAAQ3Ty7JPfJBGx8/lj2dL2QdFJAUOR7NGePSTkWV753RASAoZmpOgEgMKMFp0AUJhS0QkAhdvrOkDfyTu/HHwuAADAuzH5if73/10bgIMtLToBAGDo3P+Hw6v0+gzAq8VlAhTlI3u0v/39/1brf0oIAAAYuLFsSdJyfi9wLNK0XI74MHssQClZXK5Vp/Lxwa/HS0fa9ensncmec4YBAAAAAAAAAAAAAAAAAAAAAAAAgI5WK4kWAAAAcKBFpH9Isl/zj5gcvzC2+/rAB8nfx7N1RDz40d0fPJxrNjem29v/8nJ784f59itFXMEAAAAAduuO07vjeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYpBfPH813l2HG/dMXI2KiZ/yzR7PV0ShFxPG/JjH6yvuSiBgZQPydxxFxqlf8pJ1WTEQni17xjxUYP42IEwOID4fZk/b+52av718a57J17+/faL68rf77vzS6+7+RPvufD/cZ4/TTn1X6xn8ccXq09/6nGz/pE//8PuN//Wvb2/3aWj+OmOx5/Elei1Vprq5XGlvbl5dX55aqS9W1mZnpa7PXZ6/OTlUWl2vV/N+eMb77yZ//6039P94n/sQe/b+wz/7/8+nD5x/rFEu94l883/v4e6pP/DQ/9n06L7fbJ7vlnU75VWd++qszb+r/Qp/+v/z79zjQtmNe3Gf/L9351rN9vhQAGILG1vbKXK1W3fh/LKTxXqShMJDCkfcjDYVOoeg9EwAAMGj/OekvOhMAAAAAAAAAAAAAAAAAAAA4vIbxc2K7Y+4U01UAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDf6dwAAAP//sf7Zeg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x19)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x3, 0x0, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@abs, 0x6e)
getpid()
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000000)=@abs={0x1}, 0x6e, 0x0, 0x0, &(0x7f0000000400)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}}], 0x2, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x60342, 0x0)
open(&(0x7f0000000040)='./bus\x00', 0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000201005)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r4 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
write$binfmt_script(r4, &(0x7f0000000080), 0x208e24b)

777.10748ms ago: executing program 3:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0x9)
mount$bind(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0)

672.871146ms ago: executing program 3:
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x12, 0xc, 0x8, 0x3}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000000)=@udp6=r1}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000240)={r0, &(0x7f00000000c0), &(0x7f0000000540)=""/4096}, 0x20)

655.328869ms ago: executing program 3:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000440)={@broadcast, @random="18be8a0fa2fd", @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)

642.552841ms ago: executing program 3:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x2, 0x4, 0x10008, 0x1, 0x1000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000001000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008180000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='ext4_remove_blocks\x00', r2}, 0x10)
write$cgroup_int(r0, &(0x7f0000000100), 0x1001)
ioctl$SIOCSIFHWADDR(r0, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc}})

598.835918ms ago: executing program 3:
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000001480)={0x0, 0x0, &(0x7f0000001440)={&(0x7f00000012c0)={0x5c, 0x12, 0x201, 0x0, 0x0, {}, [@INET_DIAG_REQ_BYTECODE={0x10, 0x2, "0400aaa2040056c7f26e127f"}]}, 0x5c}}, 0x0)

534.655247ms ago: executing program 3:
r0 = epoll_create1(0x80000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x8, 0x0, 0x0, 0x0)

511.155351ms ago: executing program 0:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0xc, &(0x7f00000000c0)=ANY=[], 0x1, 0x25d, &(0x7f0000000c00)="$eJzs3E+LG2UcB/Cf27q73dJmDyIoiA960cvQ3b6CIC2IC8raiHoQpu6shh2TJRMiEbG9efV1FI/eBPUN7MWbd297Ebz0IEY2f7axRrRl11Hz+UB4fuHJlzyTTMJv5vAcv/3FRwf7Vbaf92NlPcVKxN24H7F5Uk09MR1XxvVqzLsbL1/++Yfn3nzn3deaOzs3dlO62bx1fTuldPX5bz7+9MsXvutffuurq1+vxdHme8c/bf949PTRM8e/3vqwXaV2lTrdfsrT7W539m7VQZbSG2WRV0Vqd6qiN53v57fLIu2X3cPDYco7e1c2DntFVaW8M0wHxTD1u6nfG6b8g7zdSVmWpSsbwV9p3dvdzZt1r4Lz1es18wsRcekPM60LtSwIAKjVWfX/q7P+/2T6Mfr/SX+/1/5H+//rZ/1p/tfo/5fBSf+/Mf39/l7rXi0LAgAAAAAAAAAAAAAAHsn90agxGo0as3H2WIuI9YiYPa97nZwP3/9ym9u4Yz2i/HzQGrQm42S+uR/tKKOIa9GIX8bnw9Skvvnqzo1raWwzvi3vTPN3BtOtBU7zW9GIzcX5rUk+zeej9WRszOe3oxFPLc5vL8gPWqvx0otz+Swa8f370Y0y9sbn9YP8Z1spvfL6zkP5S+PXAQAAwP9Blk4tvH7Psj+bn+Qf4f7AQ9fXF+PZi/UeOwAAACyLavjJQV6WRU+hUChOi7r/mQAAgLP2oOmveyUAAAAAAAAAAAAAAAAAAACwvB5rh7DR2iT8N1N1HyMAAAAAAAAAAAAAAAAAAAAAAAD8W/wWAAD//ySDKGU=")
open(&(0x7f0000000040)='./file1\x00', 0xc101, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, 0x0)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xffffffffa003e45c, 0x10000000000000)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000380)='./bus\x00', r2, &(0x7f0000000400)='./file1\x00', 0x2)

440.173472ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xb, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pI4   \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x24, 0x0)

417.872296ms ago: executing program 1:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000002100b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

407.660627ms ago: executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000003c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r2 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
mknodat$loop(r2, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x100000, &(0x7f0000000040)=ANY=[], 0x1, 0x0, 0x0)
linkat(r3, &(0x7f0000001180)='./file1\x00', r3, &(0x7f00000002c0)='./file0\x00', 0x0)
creat(&(0x7f0000000080)='./file0\x00', 0x0)

403.639338ms ago: executing program 0:
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x8, 0x3, 0x1f8, 0x220, 0x43, 0xa0, 0x0, 0x98, 0x3e8, 0x178, 0x178, 0x3e8, 0x178, 0x49, 0x0, {[{{@ip={@empty=0x5107, @local, 0x0, 0x0, 'veth0_to_bond\x00', 'ip6erspan0\x00'}, 0x12a, 0x70, 0x90, 0xc, {0x0, 0x7a010000}}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x258)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10000, 0x9, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x4, &(0x7f0000001800)={{r0}, &(0x7f0000001780)=0x4, 0x0}, 0x20)

399.975999ms ago: executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000080850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.time\x00', 0x26e1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000000)='jbd2_checkpoint_stats\x00', r0}, 0x10)
ioctl$TUNSETOFFLOAD(r1, 0x40086607, 0x20001412)

369.082923ms ago: executing program 0:
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x16, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="8500000005000000350000000000000085000000050000009500000000000000"], &(0x7f0000000140)='GPL\x00', 0x0, 0xa0, &(0x7f0000000180)=""/153}, 0x15)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000240)="f0ddf48ebaf931a4c0567a6d894a", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

362.891594ms ago: executing program 4:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff018400110800395032303030"], 0x15)
r3 = dup(r2)
write$FUSE_BMAP(r3, &(0x7f0000000080)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
lchown(&(0x7f0000000100)='./file0\x00', 0xffffffffffffffff, 0x0)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x0)
getdents64(r4, 0x0, 0x9)
mount$bind(0x0, &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x0)

343.239387ms ago: executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000080007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_begin_ordered_truncate\x00', r2}, 0x10)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xa)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='ext4_begin_ordered_truncate\x00', r3}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000500)='memory.events\x00', 0x7a05, 0x1700)

310.675753ms ago: executing program 4:
io_setup(0x9a23, &(0x7f0000000000)=<r0=>0x0)
io_getevents(r0, 0x7, 0x2, &(0x7f0000000040)=[{}, {}], &(0x7f0000000080))
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
getsockname$packet(r1, &(0x7f00000000c0), &(0x7f0000000100)=0x14)
io_destroy(r0)
clock_gettime(0x0, &(0x7f0000000200)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000140)={0x5, 0x80, 0x0, 0x0, 0x3, 0x100000001, 0x0, 0x4}, &(0x7f0000000180)={0x4000000000, 0x20, 0x3, 0x0, 0xe4, 0x9, 0x3f, 0xfba}, &(0x7f00000001c0)={0x6, 0x5, 0x2, 0x5, 0x1, 0x10001, 0x2, 0x2}, &(0x7f0000000240)={r2, r3+10000000}, &(0x7f00000002c0)={&(0x7f0000000280)={[0x5]}, 0x8})
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000340), r1)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r1, &(0x7f0000000440)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f0000000380)={0x44, r4, 0x100, 0x70bd2b, 0x25dfdbfb, {}, [@ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x10001}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0x8}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5}, @ETHTOOL_A_COALESCE_TX_USECS_IRQ={0x8, 0x8, 0x5}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES={0x8, 0x7, 0x4}, @ETHTOOL_A_COALESCE_TX_MAX_FRAMES_IRQ={0x8, 0x9, 0x10000000}]}, 0x44}, 0x1, 0x0, 0x0, 0x8805}, 0x1)
setuid(0xffffffffffffffff)
recvfrom$packet(r1, &(0x7f0000000480)=""/83, 0x53, 0x2021, 0x0, 0x0)
rt_sigaction(0x13, &(0x7f0000000580)={&(0x7f0000000500)="0fe8c9c4a17d5aebc4a2f91db4d00000000080163d8fa9d89511460fb19d9100000064f30fbd7f007800c481b5db4b05f30f01ea", 0xd0000007, &(0x7f0000000540)="66470f65dec4823db893003ff4b7430f766c697466da8c4e55000000660f5af1400fec2bc4a17563002e0f0f0d6fe50000a4c4a209910c8bc4c2519832", {[0x8]}}, &(0x7f0000000680)={&(0x7f00000005c0)="c482f5b7af6556666644defb64f343c02b0140c09100800000e26566460fd35c8c5ec441d5ec2bf2450fbfcfc4417c528802000000676526640faea82f000000c4c1d15d0500000000", 0x0, &(0x7f0000000640)="c422dd0a500046db99000810ff3ef867f02937c4a2b53fac7eed9ea1e2c4821193b4f236000000c4233d483271360f2e4e003e3e4783f3f0c4c17d5b343f"}, 0x8, &(0x7f00000006c0))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000700)={[0xfffffffffffffff8, 0x7, 0x0, 0x9, 0x9, 0x80, 0x3, 0x5, 0x9, 0x4, 0x90, 0x4, 0x0, 0x80, 0x9, 0x8], 0xd000, 0x4400})
socket$netlink(0x10, 0x3, 0x6)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000002980)={{{@in6=@private1, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@loopback}, 0x0, @in6=@mcast1}}, &(0x7f0000002a80)=0xe8)
r6 = geteuid()
r7 = geteuid()
stat(&(0x7f0000002b80)='./file0\x00', &(0x7f0000002bc0)={0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0})
lstat(&(0x7f0000002dc0)='./file0\x00', &(0x7f0000002e00)={0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000002e80)='./file0\x00', &(0x7f0000002ec0)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}, 0x6000)
setxattr$system_posix_acl(&(0x7f00000008c0)='./file0\x00', &(0x7f0000000900)='system.posix_acl_access\x00', &(0x7f0000002f40)={{}, {0x1, 0x3}, [{0x2, 0x1}, {0x2, 0x6, r5}, {0x2, 0x0, r6}, {0x2, 0x3, r7}], {0x4, 0xc}, [{0x8, 0x4, 0xee00}, {0x8, 0x4, r8}, {0x8, 0x2}, {0x8, 0x4}, {0x8, 0x0, r9}, {0x8, 0x0, r10}], {0x10, 0x4}, {0x20, 0x6}}, 0x74, 0x2)
socket$packet(0x11, 0x3, 0x300)
io_destroy(r0)

297.807014ms ago: executing program 1:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r2, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz1\x00', &(0x7f0000000540)=""/38, 0x26}}, 0x120)
readv(r2, &(0x7f0000002980)=[{&(0x7f0000000700)=""/163, 0xa3}], 0x1)

174.431733ms ago: executing program 4:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r0}, &(0x7f0000000080), &(0x7f0000000180)}, 0x20)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

145.481248ms ago: executing program 4:
pipe2(&(0x7f0000000340)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
ppoll(&(0x7f0000000000)=[{r1}], 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x18032, 0xffffffffffffffff, 0x0)
write$vga_arbiter(r1, &(0x7f0000000200)=@unlock_all, 0xb)
fcntl$setpipe(r1, 0x407, 0x0)
read$char_usb(r0, &(0x7f0000000100)=""/241, 0xf1)

128.4074ms ago: executing program 2:
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000800)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000740)='ext4_es_remove_extent\x00', r0}, 0x10)
unlink(&(0x7f0000000140)='./cgroup\x00')

104.618664ms ago: executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000b2e900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000002100b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1}, 0xc)

81.687457ms ago: executing program 2:
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000280)='./file0\x00', 0xc, &(0x7f00000000c0)=ANY=[], 0x1, 0x25d, &(0x7f0000000c00)="$eJzs3E+LG2UcB/Cf27q73dJmDyIoiA960cvQ3b6CIC2IC8raiHoQpu6shh2TJRMiEbG9efV1FI/eBPUN7MWbd297Ebz0IEY2f7axRrRl11Hz+UB4fuHJlzyTTMJv5vAcv/3FRwf7Vbaf92NlPcVKxN24H7F5Uk09MR1XxvVqzLsbL1/++Yfn3nzn3deaOzs3dlO62bx1fTuldPX5bz7+9MsXvutffuurq1+vxdHme8c/bf949PTRM8e/3vqwXaV2lTrdfsrT7W539m7VQZbSG2WRV0Vqd6qiN53v57fLIu2X3cPDYco7e1c2DntFVaW8M0wHxTD1u6nfG6b8g7zdSVmWpSsbwV9p3dvdzZt1r4Lz1es18wsRcekPM60LtSwIAKjVWfX/q7P+/2T6Mfr/SX+/1/5H+//rZ/1p/tfo/5fBSf+/Mf39/l7rXi0LAgAAAAAAAAAAAAAAHsn90agxGo0as3H2WIuI9YiYPa97nZwP3/9ym9u4Yz2i/HzQGrQm42S+uR/tKKOIa9GIX8bnw9Skvvnqzo1raWwzvi3vTPN3BtOtBU7zW9GIzcX5rUk+zeej9WRszOe3oxFPLc5vL8gPWqvx0otz+Swa8f370Y0y9sbn9YP8Z1spvfL6zkP5S+PXAQAAwP9Blk4tvH7Psj+bn+Qf4f7AQ9fXF+PZi/UeOwAAACyLavjJQV6WRU+hUChOi7r/mQAAgLP2oOmveyUAAAAAAAAAAAAAAAAAAACwvB5rh7DR2iT8N1N1HyMAAAAAAAAAAAAAAAAAAAAAAAD8W/wWAAD//ySDKGU=")
open(&(0x7f0000000040)='./file1\x00', 0xc101, 0x0)
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0xfea7)
getsockopt(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
ioctl$BTRFS_IOC_SEND(0xffffffffffffffff, 0x40489426, 0x0)
copy_file_range(r1, &(0x7f00000001c0), r0, 0x0, 0xffffffffa003e45c, 0x10000000000000)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat2(r2, &(0x7f0000000380)='./bus\x00', r2, &(0x7f0000000400)='./file1\x00', 0x2)

0s ago: executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xb, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000680)={{r0}, &(0x7f0000000540), &(0x7f0000000580)='%pI4   \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x24, 0x0)

kernel console output (not intermixed with test programs):

67295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4155 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe90667cea9 code=0x7ffc0000
[  116.629814][   T28] audit: type=1326 audit(1718191561.294:16967): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4155 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe90667cea9 code=0x7ffc0000
[  116.661149][ T4160] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  116.681338][ T4156] loop0: detected capacity change from 0 to 2048
[  116.688722][   T28] audit: type=1326 audit(1718191561.344:16968): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4155 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe90667cea9 code=0x7ffc0000
[  116.712926][  T758] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  116.721528][ T4156] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  116.724048][   T28] audit: type=1326 audit(1718191561.344:16969): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4155 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe90667cee3 code=0x7ffc0000
[  116.747601][ T4156] [EXT4 FS bs=2048, gc=1, bpg=262144, ipg=32, mo=a002e01c, mo2=0002]
[  116.776589][ T4156] System zones: 0-19
[  116.782490][ T4156] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  116.796895][ T4166] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  116.802127][   T28] audit: type=1326 audit(1718191561.374:16970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4155 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe90667bbef code=0x7ffc0000
[  116.862657][ T3258] EXT4-fs (loop0): unmounting filesystem.
[  116.927525][ T4181] overlayfs: failed to resolve './file0': -2
[  116.945518][ T4184] overlayfs: failed to resolve './file1': -2
[  116.952973][ T4184] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  117.047821][  T451] device bridge_slave_1 left promiscuous mode
[  117.053876][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[  117.061315][  T451] device bridge_slave_0 left promiscuous mode
[  117.067495][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[  117.075693][  T451] device veth1_macvtap left promiscuous mode
[  117.081738][  T451] device veth0_vlan left promiscuous mode
[  117.087510][  T758] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.103752][  T758] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  117.126494][  T758] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  117.141834][  T758] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.158499][  T758] usb 4-1: config 0 descriptor??
[  117.241251][ T4194] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  117.253725][ T4194] device macsec0 entered promiscuous mode
[  117.259425][ T4194] device macsec1 entered promiscuous mode
[  117.266225][ T4194] netlink: 'syz-executor.1': attribute type 27 has an invalid length.
[  117.275838][ T4194] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  117.299678][ T4197] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.1'.
[  117.647075][  T758] plantronics 0003:047F:FFFF.0019: unknown main item tag 0x0
[  117.654536][  T758] plantronics 0003:047F:FFFF.0019: No inputs registered, leaving
[  117.663260][  T758] plantronics 0003:047F:FFFF.0019: hiddev96,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  117.824506][ T4218] overlayfs: failed to resolve './file1': -2
[  117.832571][ T4218] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.0'.
[  117.956862][  T408] usb 4-1: USB disconnect, device number 13
[  118.048385][ T4225] loop2: detected capacity change from 0 to 256
[  118.385590][ T4229] loop1: detected capacity change from 0 to 1024
[  118.398932][ T4229] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  118.407394][ T4229] ext4 filesystem being mounted at /root/syzkaller-testdir2401952764/syzkaller.6vODF9/12/file1 supports timestamps until 2038 (0x7fffffff)
[  118.434237][ T4108] EXT4-fs (loop1): unmounting filesystem.
[  118.836465][  T348] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  119.076416][  T348] usb 1-1: Using ep0 maxpacket: 16
[  119.095914][ T4272] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  119.206457][  T348] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.217246][  T348] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.226878][  T348] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  119.239449][  T348] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  119.248465][  T348] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.258996][  T348] usb 1-1: config 0 descriptor??
[  119.270665][   T28] kauditd_printk_skb: 33 callbacks suppressed
[  119.270681][   T28] audit: type=1400 audit(1718191563.964:17004): avc:  denied  { write } for  pid=4278 comm="syz-executor.4" name="ppp" dev="devtmpfs" ino=138 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1
[  119.365949][ T4290] loop1: detected capacity change from 0 to 512
[  119.373675][ T4290] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #15: comm syz-executor.1: casefold flag without casefold feature
[  119.386725][ T4290] EXT4-fs error (device loop1): __ext4_iget:5046: inode #12: block 2: comm syz-executor.1: invalid block
[  119.397960][ T4290] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz-executor.1: error while reading EA inode 12 err=-117
[  119.410613][ T4290] EXT4-fs (loop1): 1 orphan inode deleted
[  119.416163][ T4290] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  119.476428][ T4290] loop1: detected capacity change from 512 to 0
[  119.482818][ T4283] EXT4-fs error (device loop1): ext4_get_inode_loc:4635: inode #19: block 9: comm syz-executor.1: unable to read itable block
[  119.495862][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  119.503902][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  119.512678][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.519990][ T4283] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: IO failure
[  119.528635][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  119.536728][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  119.544937][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.551653][ T4283] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #19: comm syz-executor.1: mark_inode_dirty error
[  119.563368][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  119.571400][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  119.579635][ T1947] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  119.580776][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.593879][ T4283] EXT4-fs error (device loop1): ext4_get_inode_loc:4635: inode #19: block 9: comm syz-executor.1: unable to read itable block
[  119.607005][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.613792][ T4283] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: IO failure
[  119.622528][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.629336][ T4283] EXT4-fs error (device loop1): ext4_dirty_inode:6074: inode #19: comm syz-executor.1: mark_inode_dirty error
[  119.642544][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.650023][ T4283] EXT4-fs error (device loop1): ext4_check_bdev_write_error:218: comm syz-executor.1: Error while async write back metadata
[  119.663059][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.669890][ T4283] EXT4-fs error (device loop1): ext4_check_bdev_write_error:218: comm syz-executor.1: Error while async write back metadata
[  119.682856][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.690780][ T4283] EXT4-fs error (device loop1): ext4_get_inode_loc:4635: inode #19: block 9: comm syz-executor.1: unable to read itable block
[  119.704223][ T4283] EXT4-fs (loop1): I/O error while writing superblock
[  119.711307][ T4283] EXT4-fs error (device loop1) in ext4_reserve_inode_write:5870: IO failure
[  119.747390][  T348] koneplus 0003:1E7D:2E22.001A: item fetching failed at offset 0/2
[  119.761259][  T348] koneplus 0003:1E7D:2E22.001A: parse failed
[  119.767418][  T348] koneplus: probe of 0003:1E7D:2E22.001A failed with error -22
[  119.846452][ T1947] usb 3-1: Using ep0 maxpacket: 32
[  119.889055][ T4325] device pim6reg1 entered promiscuous mode
[  119.959549][  T348] usb 1-1: USB disconnect, device number 12
[  119.976524][ T1947] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  119.987740][ T1947] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  119.997436][ T1947] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  120.008113][ T1947] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  120.017525][ T1947] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  120.030244][ T1947] usb 3-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  120.039082][ T1947] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.047783][ T1947] usb 3-1: config 0 descriptor??
[  120.153694][   T43] lo_write_bvec: 114 callbacks suppressed
[  120.153711][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.170378][    C0] blk_print_req_error: 391 callbacks suppressed
[  120.170397][    C0] I/O error, dev loop1, sector 72 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  120.171483][    C1] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[  120.178670][    C0] I/O error, dev loop1, sector 10 op 0x0:(READ) flags 0x3000 phys_seg 1 prio class 2
[  120.185868][    C1] buffer_io_error: 114 callbacks suppressed
[  120.185880][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.195162][    C0] I/O error, dev loop1, sector 26 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.205440][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.210175][    C0] I/O error, dev loop1, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.218448][    C1] I/O error, dev loop1, sector 2 op 0x1:(WRITE) flags 0x3800 phys_seg 1 prio class 2
[  120.227617][    C0] I/O error, dev loop1, sector 22 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.235508][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.244879][    C0] I/O error, dev loop1, sector 20 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.254322][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.263635][    C0] I/O error, dev loop1, sector 18 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.263658][    C0] I/O error, dev loop1, sector 16 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  120.265749][ T4342] input: syz0 as /devices/virtual/input/input27
[  120.273803][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.281337][ T4342] input: failed to attach handler leds to device input27, error: -6
[  120.289235][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.338033][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.348845][  T451] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.356743][ T4344] loop3: detected capacity change from 0 to 256
[  120.357245][ T4344] FAT-fs (loop3): Unrecognized mount option "nots" or missing value
[  120.362999][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.378964][  T451] loop: Write error at byte offset 9223372036854842367, length 4096.
[  120.387037][    C1] EXT4-fs warning (device loop1): ext4_end_bio:347: I/O error 10 writing to inode 19 starting block 65)
[  120.387622][  T451] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.397904][    C1] Buffer I/O error on device loop1, logical block 65
[  120.397917][    C1] Buffer I/O error on device loop1, logical block 66
[  120.397925][    C1] Buffer I/O error on device loop1, logical block 67
[  120.397934][    C1] Buffer I/O error on device loop1, logical block 68
[  120.397953][    C1] Buffer I/O error on device loop1, logical block 69
[  120.397964][    C1] Buffer I/O error on device loop1, logical block 70
[  120.397973][    C1] Buffer I/O error on device loop1, logical block 71
[  120.397982][    C1] Buffer I/O error on device loop1, logical block 72
[  120.458050][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.466317][  T451] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.474377][    C0] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.483459][   T43] loop: Write error at byte offset 9223372036854776831, length 1024.
[  120.491806][    C1] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  120.515752][ T4349] device pim6reg1 entered promiscuous mode
[  120.537477][ T1947] ntrig 0003:1B96:000A.001B: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.2-1/input0
[  120.640263][ T4362] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
[  120.682943][ T4365] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=4365 comm=syz-executor.4
[  120.742110][ T4365] sch_fq: defrate 0 ignored.
[  120.785157][ T4368] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.790881][ T4380] loop4: detected capacity change from 0 to 256
[  120.792392][ T4368] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.798878][ T4380] FAT-fs (loop4): Unrecognized mount option "nots" or missing value
[  120.805702][ T4368] device bridge_slave_0 entered promiscuous mode
[  120.821407][ T4368] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.828313][ T4368] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.835355][ T4368] device bridge_slave_1 entered promiscuous mode
[  120.879742][ T4368] bridge0: port 2(bridge_slave_1) entered blocking state
[  120.886645][ T4368] bridge0: port 2(bridge_slave_1) entered forwarding state
[  120.893704][ T4368] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.900533][ T4368] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.925526][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  120.932863][  T331] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.940650][  T331] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.947562][ T1995] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  120.966583][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  120.974549][  T758] bridge0: port 1(bridge_slave_0) entered blocking state
[  120.981393][  T758] bridge0: port 1(bridge_slave_0) entered forwarding state
[  120.988639][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  120.996592][ T1947] ntrig 0003:1B96:000A.001B: Firmware version: 1.10.24.46.2 (2b53 ca15)
[  120.996668][  T758] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.011618][  T758] bridge0: port 2(bridge_slave_1) entered forwarding state
[  121.019549][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  121.027576][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  121.044976][ T4368] device veth0_vlan entered promiscuous mode
[  121.051735][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  121.060091][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  121.068026][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  121.075268][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  121.085528][ T4387] device pim6reg1 entered promiscuous mode
[  121.097866][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  121.107090][ T4368] device veth1_macvtap entered promiscuous mode
[  121.116099][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  121.125490][   T43] device bridge_slave_1 left promiscuous mode
[  121.131587][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.138950][   T43] device bridge_slave_0 left promiscuous mode
[  121.144962][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.152613][   T43] device veth1_macvtap left promiscuous mode
[  121.158590][   T43] device veth0_vlan left promiscuous mode
[  121.206550][ T1995] usb 4-1: Using ep0 maxpacket: 16
[  121.224226][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  121.311371][ T4405] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=512 sclass=netlink_route_socket pid=4405 comm=syz-executor.4
[  121.324993][ T4405] sch_fq: defrate 0 ignored.
[  121.340628][ T4407] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  121.354846][ T4411] loop4: detected capacity change from 0 to 512
[  121.364358][ T4411] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz-executor.4: bg 0: block 5: invalid block bitmap
[  121.366447][ T1995] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.377375][ T4411] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6157: Corrupt filesystem
[  121.390121][ T1995] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.396737][ T4411] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz-executor.4: invalid indirect mapped block 3 (level 2)
[  121.406315][ T1995] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  121.419454][ T4411] EXT4-fs (loop4): 1 orphan inode deleted
[  121.431944][ T1995] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  121.438190][ T4411] EXT4-fs (loop4): 1 truncate cleaned up
[  121.446783][ T1995] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.452110][ T4411] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  121.461283][ T1995] usb 4-1: config 0 descriptor??
[  121.526448][ T4411] loop4: detected capacity change from 512 to 0
[  121.532674][  T354] loop: Write error at byte offset 9223372036854776831, length 1024.
[  121.540664][    C0] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  121.548846][ T4417] EXT4-fs error (device loop4) in ext4_update_primary_sb:90: IO failure
[  121.557089][ T4417] EXT4-fs (loop4): previous I/O error to superblock detected
[  121.564395][    C0] Buffer I/O error on dev loop4, logical block 1, lost sync page write
[  121.572480][ T4417] EXT4-fs (loop4): I/O error while writing superblock
[  121.579209][ T4417] EXT4-fs (loop4): Failed to update primary superblock
[  121.589602][ T4086] EXT4-fs warning (device loop4): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor.4: error -5 reading directory block
[  121.603968][ T4086] EXT4-fs error (device loop4): ext4_get_inode_loc:4635: inode #2: block 5: comm syz-executor.4: unable to read itable block
[  121.617079][ T4086] EXT4-fs (loop4): I/O error while writing superblock
[  121.623775][ T4086] EXT4-fs error (device loop4) in ext4_reserve_inode_write:5870: IO failure
[  121.632623][ T4086] EXT4-fs (loop4): I/O error while writing superblock
[  121.639615][ T4413] EXT4-fs error (device loop4): ext4_wait_block_bitmap:573: comm ext4lazyinit: Cannot read block bitmap - block_group = 0, block_bitmap = 8
[  121.653901][ T4086] EXT4-fs error (device loop4): ext4_dirty_inode:6074: inode #2: comm syz-executor.4: mark_inode_dirty error
[  121.665570][ T4413] EXT4-fs (loop4): I/O error while writing superblock
[  121.668828][ T4086] EXT4-fs (loop4): previous I/O error to superblock detected
[  121.679673][ T4086] EXT4-fs (loop4): I/O error while writing superblock
[  121.689231][   T43] EXT4-fs error (device loop4): __ext4_get_inode_loc_noinmem:4620: inode #2: block 5: comm kworker/u4:2: unable to read itable block
[  121.702999][   T43] EXT4-fs (loop4): I/O error while writing superblock
[  121.837125][ T4425] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  121.853724][ T4425] device macsec0 entered promiscuous mode
[  121.859434][ T4425] device macsec1 entered promiscuous mode
[  121.869897][ T4425] netlink: 'syz-executor.0': attribute type 27 has an invalid length.
[  121.878651][ T4425] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  121.904401][ T4428] loop0: detected capacity change from 0 to 128
[  121.932298][ T4426] bridge0: port 1(bridge_slave_0) entered blocking state
[  121.940084][ T1995] koneplus 0003:1E7D:2E22.001C: item fetching failed at offset 0/2
[  121.940371][ T4426] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.954921][ T1995] koneplus 0003:1E7D:2E22.001C: parse failed
[  121.955503][ T4426] device bridge_slave_0 entered promiscuous mode
[  121.960914][ T1995] koneplus: probe of 0003:1E7D:2E22.001C failed with error -22
[  121.977120][ T4426] bridge0: port 2(bridge_slave_1) entered blocking state
[  121.984044][ T4426] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.991529][ T4426] device bridge_slave_1 entered promiscuous mode
[  121.997784][  T348] usb 3-1: reset high-speed USB device number 7 using dummy_hcd
[  122.054729][ T4426] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.061590][ T4426] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.068683][ T4426] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.075466][ T4426] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.096018][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  122.103705][    T6] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.111173][    T6] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.120686][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  122.129961][ T1995] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.136841][ T1995] bridge0: port 1(bridge_slave_0) entered forwarding state
[  122.152256][  T408] usb 4-1: USB disconnect, device number 14
[  122.158970][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  122.167256][  T331] bridge0: port 2(bridge_slave_1) entered blocking state
[  122.174105][  T331] bridge0: port 2(bridge_slave_1) entered forwarding state
[  122.181450][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  122.189681][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  122.206436][  T348] usb 3-1: device descriptor read/64, error -32
[  122.221424][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  122.234429][ T4426] device veth0_vlan entered promiscuous mode
[  122.242668][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  122.250430][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  122.257790][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  122.271357][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  122.280318][ T4426] device veth1_macvtap entered promiscuous mode
[  122.291525][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  122.300999][ T1947] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  122.347323][   T43] device bridge_slave_1 left promiscuous mode
[  122.353358][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.361023][   T43] device bridge_slave_0 left promiscuous mode
[  122.367274][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.374884][   T43] device veth1_macvtap left promiscuous mode
[  122.380797][   T43] device veth0_vlan left promiscuous mode
[  122.486441][  T331] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  122.536429][  T348] usb 3-1: device descriptor read/64, error -32
[  122.557283][ T4457] device pim6reg1 entered promiscuous mode
[  122.730279][ T4472] loop4: detected capacity change from 0 to 256
[  122.737848][ T4472] FAT-fs (loop4): Unrecognized mount option "nots" or missing value
[  122.806428][  T348] usb 3-1: reset high-speed USB device number 7 using dummy_hcd
[  122.821756][   T28] audit: type=1400 audit(1718191567.514:17005): avc:  denied  { connect } for  pid=4478 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  122.842386][   T28] audit: type=1400 audit(1718191567.514:17006): avc:  denied  { getopt } for  pid=4478 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  122.886422][  T331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.897485][  T331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  122.907405][  T331] usb 1-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  122.920731][  T331] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.929810][  T331] usb 1-1: config 0 descriptor??
[  122.941757][   T28] audit: type=1400 audit(1718191567.634:17007): avc:  denied  { map } for  pid=4489 comm="syz-executor.3" path="socket:[37360]" dev="sockfs" ino=37360 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  122.992587][ T4501] loop2: detected capacity change from 0 to 16
[  122.999528][ T4501] erofs: (device loop2): mounted with root inode @ nid 36.
[  123.007572][   T28] audit: type=1400 audit(1718191567.704:17008): avc:  denied  { watch } for  pid=4500 comm="syz-executor.2" path="/root/syzkaller-testdir3915714164/syzkaller.hUM52W/23/file0/file0" dev="loop2" ino=46 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  123.045554][ T4505] loop2: detected capacity change from 0 to 512
[  123.054766][ T4505] EXT4-fs (loop2): 1 truncate cleaned up
[  123.060311][ T4505] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  123.077887][ T4042] EXT4-fs (loop2): unmounting filesystem.
[  123.196409][   T39] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  123.229403][ T4535] loop3: detected capacity change from 0 to 512
[  123.238509][ T4535] EXT4-fs (loop3): 1 truncate cleaned up
[  123.244181][ T4535] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  123.268709][ T3346] EXT4-fs (loop3): unmounting filesystem.
[  123.376429][ T1947] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  123.456392][   T39] usb 5-1: Using ep0 maxpacket: 16
[  123.528179][   T28] audit: type=1400 audit(1718191568.224:17009): avc:  denied  { bind } for  pid=4562 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  123.596747][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.615622][   T39] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.626727][   T39] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  123.639466][  T331] hid-led: probe of 0003:27B8:01ED.001D failed with error -71
[  123.646923][   T39] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  123.655778][   T39] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.665836][  T331] usb 1-1: USB disconnect, device number 13
[  123.673544][   T39] usb 5-1: config 0 descriptor??
[  123.696953][  T758] usb 3-1: USB disconnect, device number 7
[  123.699347][ T4567] loop3: detected capacity change from 0 to 512
[  123.710927][ T4567] EXT4-fs (loop3): 1 truncate cleaned up
[  123.716653][ T4567] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  123.732488][ T3346] EXT4-fs (loop3): unmounting filesystem.
[  123.766507][ T1947] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 255, using maximum allowed: 30
[  123.777277][ T1947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  123.788168][ T1947] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  123.797721][ T1947] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 255
[  123.810581][ T1947] usb 2-1: New USB device found, idVendor=044f, idProduct=b653, bcdDevice= 0.00
[  123.819714][ T1947] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.828775][ T1947] usb 2-1: config 0 descriptor??
[  123.833590][ T4577] mmap: syz-executor.3 (4577) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  124.155327][ T4600] loop2: detected capacity change from 0 to 512
[  124.163104][ T4600] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  124.176728][ T4600] EXT4-fs (loop2): orphan cleanup on readonly fs
[  124.178230][   T39] koneplus 0003:1E7D:2E22.001E: item fetching failed at offset 0/2
[  124.183348][ T4600] EXT4-fs error (device loop2): ext4_orphan_get:1396: inode #16: comm syz-executor.2: iget: immutable or append flags not allowed on symlinks
[  124.198808][   T39] koneplus 0003:1E7D:2E22.001E: parse failed
[  124.206252][ T4600] EXT4-fs error (device loop2): ext4_orphan_get:1401: comm syz-executor.2: couldn't read orphan inode 16 (err -117)
[  124.226494][ T4600] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  124.245339][   T39] koneplus: probe of 0003:1E7D:2E22.001E failed with error -22
[  124.253418][ T4600] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.2'.
[  124.327016][ T1947] thrustmaster 0003:044F:B653.001F: unbalanced delimiter at end of report description
[  124.336713][ T1947] thrustmaster 0003:044F:B653.001F: parse failed
[  124.342858][ T1947] thrustmaster: probe of 0003:044F:B653.001F failed with error -22
[  124.406962][   T39] usb 5-1: USB disconnect, device number 16
[  124.436374][   T28] audit: type=1400 audit(1718191569.124:17010): avc:  denied  { write } for  pid=758 comm="kworker/0:6" path="anon_inode:[io_uring]" dev="anon_inodefs" ino=38562 scontext=system_u:system_r:kernel_t tcontext=root:object_r:sysadm_t tclass=anon_inode permissive=1
[  124.530485][  T758] usb 2-1: USB disconnect, device number 15
[  124.583280][ T4645] syz-executor.3[4645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.583353][ T4645] syz-executor.3[4645] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  124.815273][ T4642] loop0: detected capacity change from 0 to 131072
[  124.833725][ T4642] F2FS-fs (loop0): Segment count (31) mismatch with total segments from devices (0)
[  124.843363][ T4642] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  124.852102][ T4642] F2FS-fs (loop0): invalid crc value
[  124.858816][ T4642] F2FS-fs (loop0): Found nat_bits in checkpoint
[  124.885049][ T4642] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  124.891967][ T4642] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  124.969339][ T4675] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'.
[  125.011268][ T4682] syz-executor.3[4682] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.011338][ T4682] syz-executor.3[4682] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.155152][ T4703] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'.
[  125.299815][ T4716] loop0: detected capacity change from 0 to 256
[  125.337705][ T4042] EXT4-fs (loop2): unmounting filesystem.
[  125.346483][  T758] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  125.381808][ T4710] loop4: detected capacity change from 0 to 40427
[  125.395008][ T4710] F2FS-fs (loop4): Wrong segment_count / block_count (64 > 16384)
[  125.402930][ T4710] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  125.414076][ T4710] F2FS-fs (loop4): Found nat_bits in checkpoint
[  125.530097][ T4725] loop2: detected capacity change from 0 to 512
[  125.650603][ T4725] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  125.665903][ T4725] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  125.679450][ T4725] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  125.693613][ T4725] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  125.707241][ T4725] EXT4-fs (loop2): 1 orphan inode deleted
[  125.712833][ T4725] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  125.797029][ T4710] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  125.834457][ T4710] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  125.956388][  T758] usb 2-1: Using ep0 maxpacket: 16
[  125.994476][ T4733] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.4'.
[  126.001489][ T4688] loop3: detected capacity change from 0 to 131072
[  126.017311][ T4688] F2FS-fs (loop3): Segment count (31) mismatch with total segments from devices (0)
[  126.026876][ T4688] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  126.036274][ T4688] F2FS-fs (loop3): invalid crc value
[  126.041575][ T4738] netem: change failed
[  126.043011][ T4688] F2FS-fs (loop3): Found nat_bits in checkpoint
[  126.052329][ T4729] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.066328][ T4729] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.076650][  T758] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.077532][ T4729] device bridge_slave_0 entered promiscuous mode
[  126.093600][  T758] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.103483][  T758] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  126.104018][  T451] device bridge_slave_1 left promiscuous mode
[  126.116148][  T758] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2e22, bcdDevice= 0.00
[  126.116174][  T758] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.124049][  T758] usb 2-1: config 0 descriptor??
[  126.131369][ T4688] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  126.131394][ T4688] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  126.132206][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.166323][  T451] device bridge_slave_0 left promiscuous mode
[  126.187149][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.205966][ T4749] loop4: detected capacity change from 0 to 256
[  126.213110][  T451] device veth1_macvtap left promiscuous mode
[  126.219132][  T451] device veth0_vlan left promiscuous mode
[  126.337862][ T4729] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.344845][ T4729] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.352196][ T4729] device bridge_slave_1 entered promiscuous mode
[  126.418966][ T4042] EXT4-fs (loop2): unmounting filesystem.
[  126.428114][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  126.435437][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  126.450877][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  126.462269][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  126.471377][  T408] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.478253][  T408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  126.495014][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  126.503326][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  126.511458][  T408] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.518340][  T408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  126.536163][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  126.544000][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  126.552264][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  126.560329][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  126.570654][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  126.578569][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  126.587014][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  126.608368][ T4729] device veth0_vlan entered promiscuous mode
[  126.619149][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  126.627401][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  126.635299][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  126.643212][  T758] koneplus 0003:1E7D:2E22.0020: item fetching failed at offset 0/2
[  126.659010][  T758] koneplus 0003:1E7D:2E22.0020: parse failed
[  126.665567][  T758] koneplus: probe of 0003:1E7D:2E22.0020 failed with error -22
[  126.673518][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  126.699054][ T4729] device veth1_macvtap entered promiscuous mode
[  126.707588][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  126.751685][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  126.760062][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  126.769554][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  126.777975][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  126.820124][ T4758] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.822184][   T28] audit: type=1326 audit(1718191571.514:17011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  126.827467][ T4758] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.859457][ T4758] device bridge_slave_0 entered promiscuous mode
[  126.866985][   T28] audit: type=1326 audit(1718191571.564:17012): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  126.893676][ T4758] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.902303][   T28] audit: type=1326 audit(1718191571.574:17013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  126.905034][ T4771] loop2: detected capacity change from 0 to 4096
[  126.926466][ T4758] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.939601][  T408] usb 2-1: USB disconnect, device number 16
[  126.946979][ T4758] device bridge_slave_1 entered promiscuous mode
[  126.954821][   T28] audit: type=1326 audit(1718191571.574:17014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  126.974811][ T4771] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  126.979387][   T28] audit: type=1326 audit(1718191571.574:17015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  127.011838][   T28] audit: type=1326 audit(1718191571.574:17016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  127.039024][   T28] audit: type=1326 audit(1718191571.574:17017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  127.077536][   T28] audit: type=1326 audit(1718191571.574:17018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4779 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f59ea27cea9 code=0x7ffc0000
[  127.140092][ T4791] loop3: detected capacity change from 0 to 512
[  127.196504][ T4791] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  127.211342][ T4791] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  127.224930][ T4791] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  127.239920][ T4791] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  127.253685][ T4791] EXT4-fs (loop3): 1 orphan inode deleted
[  127.259319][ T4791] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  127.488037][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  127.495360][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  127.512599][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  127.521438][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  127.529612][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.536928][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  127.544489][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  127.559473][ T4042] EXT4-fs (loop2): unmounting filesystem.
[  127.564760][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  127.573183][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  127.581144][   T24] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.587995][   T24] bridge0: port 2(bridge_slave_1) entered forwarding state
[  127.615433][ T4803] tipc: Failed to remove unknown binding: 66,1,1/0:1257282165/1257282167
[  127.616568][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  127.631944][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  127.655394][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  127.667989][ T4758] device veth0_vlan entered promiscuous mode
[  127.676705][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  127.687040][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  127.694584][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  127.721348][ T4797] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.728262][ T4797] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.735353][ T4797] device bridge_slave_0 entered promiscuous mode
[  127.742964][ T4797] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.750065][ T4797] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.759533][ T4797] device bridge_slave_1 entered promiscuous mode
[  127.773408][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  127.799873][ T4758] device veth1_macvtap entered promiscuous mode
[  128.012177][ T4818] loop2: detected capacity change from 0 to 256
[  128.035508][ T4818] FAT-fs (loop2): Directory bread(block 64) failed
[  128.042392][ T4818] FAT-fs (loop2): Directory bread(block 65) failed
[  128.051882][ T4818] FAT-fs (loop2): Directory bread(block 66) failed
[  128.058282][ T4818] FAT-fs (loop2): Directory bread(block 67) failed
[  128.066143][ T4818] FAT-fs (loop2): Directory bread(block 68) failed
[  128.072659][ T4818] FAT-fs (loop2): Directory bread(block 69) failed
[  128.079105][ T4818] FAT-fs (loop2): Directory bread(block 70) failed
[  128.085711][ T4818] FAT-fs (loop2): Directory bread(block 71) failed
[  128.092235][ T4818] FAT-fs (loop2): Directory bread(block 72) failed
[  128.098797][ T4818] FAT-fs (loop2): Directory bread(block 73) failed
[  128.109117][  T451] device bridge_slave_1 left promiscuous mode
[  128.115197][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.117940][ T4818] syz-executor.2: attempt to access beyond end of device
[  128.117940][ T4818] loop2: rw=2051, sector=1160, nr_sectors = 32 limit=256
[  128.136012][  T451] device bridge_slave_0 left promiscuous mode
[  128.150344][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.158117][   T28] audit: type=1326 audit(1718191572.854:17019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4819 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c5027cea9 code=0x7ffc0000
[  128.158515][ T3346] EXT4-fs (loop3): unmounting filesystem.
[  128.188168][  T451] device veth1_macvtap left promiscuous mode
[  128.194200][  T451] device veth0_vlan left promiscuous mode
[  128.311108][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  128.319317][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  128.581101][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  128.591305][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  128.603564][ T4837] tipc: Failed to remove unknown binding: 66,1,1/0:2884917434/2884917436
[  128.612750][ T4835] netlink: 'syz-executor.1': attribute type 30 has an invalid length.
[  128.629789][ T4839] loop4: detected capacity change from 0 to 256
[  128.641741][ T4841] loop1: detected capacity change from 0 to 512
[  128.668512][ T4843] loop2: detected capacity change from 0 to 256
[  128.677910][ T4841] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  128.681941][ T4843] FAT-fs (loop2): Directory bread(block 64) failed
[  128.687406][ T4841] EXT4-fs (loop1): orphan cleanup on readonly fs
[  128.692677][ T4843] FAT-fs (loop2): Directory bread(block 65) failed
[  128.699269][ T4841] EXT4-fs error (device loop1): ext4_orphan_get:1396: inode #16: comm syz-executor.1: iget: immutable or append flags not allowed on symlinks
[  128.704720][ T4843] FAT-fs (loop2): Directory bread(block 66) failed
[  128.725325][ T4841] EXT4-fs error (device loop1): ext4_orphan_get:1401: comm syz-executor.1: couldn't read orphan inode 16 (err -117)
[  128.726031][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  128.737423][ T4843] FAT-fs (loop2): Directory bread(block 67) failed
[  128.744785][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  128.750949][ T4843] FAT-fs (loop2): Directory bread(block 68) failed
[  128.758109][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  128.764100][ T4843] FAT-fs (loop2): Directory bread(block 69) failed
[  128.772348][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  128.778358][ T4843] FAT-fs (loop2): Directory bread(block 70) failed
[  128.786484][  T758] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.799292][  T758] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.806590][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  128.814592][ T4843] FAT-fs (loop2): Directory bread(block 71) failed
[  128.815151][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  128.829212][ T4843] FAT-fs (loop2): Directory bread(block 72) failed
[  128.835770][ T4843] FAT-fs (loop2): Directory bread(block 73) failed
[  128.844468][  T758] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.851353][  T758] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.872127][ T4843] syz-executor.2: attempt to access beyond end of device
[  128.872127][ T4843] loop2: rw=2051, sector=1160, nr_sectors = 32 limit=256
[  128.896783][ T4841] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  128.916661][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  128.924896][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  128.925470][ T4841] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.1'.
[  128.932875][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  128.951984][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  128.960575][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  128.984757][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  128.993078][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  129.000496][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  129.008363][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  129.016615][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  129.029061][ T4797] device veth0_vlan entered promiscuous mode
[  129.061336][ T4797] device veth1_macvtap entered promiscuous mode
[  129.094329][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  129.103628][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  129.111842][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  129.125664][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  129.133854][  T758] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  129.142118][ T4863] tipc: Failed to remove unknown binding: 66,1,1/0:1429464938/1429464940
[  129.161373][ T4866] loop2: detected capacity change from 0 to 256
[  129.178019][ T4873] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4873 comm=syz-executor.0
[  129.210460][ T4846] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.222378][ T4846] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.235308][ T4846] device bridge_slave_0 entered promiscuous mode
[  129.256879][ T4846] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.268368][ T4846] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.285787][ T4846] device bridge_slave_1 entered promiscuous mode
[  129.628595][ T4368] EXT4-fs (loop1): unmounting filesystem.
[  129.734525][ T4846] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.741418][ T4846] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.748706][ T4846] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.755463][ T4846] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.778372][  T408] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.786108][  T408] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.823434][ T4890] tipc: Failed to remove unknown binding: 66,1,1/0:4051648292/4051648294
[  129.853448][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  129.861531][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  129.888076][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  129.896562][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  129.904613][  T331] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.911495][  T331] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.919733][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  129.928011][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  129.936113][  T331] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.942985][  T331] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.975900][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  129.986000][ T4872] loop3: detected capacity change from 0 to 131072
[  129.987987][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  129.997018][ T4872] F2FS-fs (loop3): invalid crc value
[  130.000407][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  130.013855][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  130.021842][ T4872] F2FS-fs (loop3): Found nat_bits in checkpoint
[  130.051180][ T4846] device veth0_vlan entered promiscuous mode
[  130.055557][ T4902] SELinux: unrecognized netlink message: protocol=4 nlmsg_type=16 sclass=netlink_tcpdiag_socket pid=4902 comm=syz-executor.1
[  130.077402][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  130.081162][ T4872] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  130.085602][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  130.104981][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  130.113491][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  130.121618][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  130.128999][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  130.142571][ T4846] device veth1_macvtap entered promiscuous mode
[  130.156228][  T451] device bridge_slave_1 left promiscuous mode
[  130.213445][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.234212][  T451] device bridge_slave_0 left promiscuous mode
[  130.240403][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.249916][  T451] device bridge_slave_1 left promiscuous mode
[  130.255855][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.263800][  T451] device bridge_slave_0 left promiscuous mode
[  130.269865][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.278032][  T451] device veth1_macvtap left promiscuous mode
[  130.283867][  T451] device veth0_vlan left promiscuous mode
[  130.289841][  T451] device veth1_macvtap left promiscuous mode
[  130.295675][  T451] device veth0_vlan left promiscuous mode
[  130.305552][ T4916] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  130.367225][ T4926] loop3: detected capacity change from 0 to 512
[  130.375788][ T4926] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  130.390219][ T4926] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  130.403189][ T4926] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  130.416868][ T4926] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  130.429520][ T4926] EXT4-fs (loop3): 1 orphan inode deleted
[  130.435091][ T4926] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  130.450226][ T3346] EXT4-fs (loop3): unmounting filesystem.
[  130.513521][ T4935] loop3: detected capacity change from 0 to 256
[  130.522307][ T4935] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  130.530856][ T4935] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  130.539608][ T4935] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  130.548248][ T4935] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  130.561386][ T3346] FAT-fs (loop3): error, fat_free: invalid cluster chain (i_pos 196)
[  130.576431][    T6] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  130.610167][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  130.618313][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  130.626282][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  130.640577][ T4891] bridge0: port 1(bridge_slave_0) entered blocking state
[  130.649189][ T4891] bridge0: port 1(bridge_slave_0) entered disabled state
[  130.656581][ T4891] device bridge_slave_0 entered promiscuous mode
[  130.666153][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  130.666170][   T28] audit: type=1326 audit(1718191575.354:17038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fedc7a627 code=0x7ffc0000
[  130.669831][ T4891] bridge0: port 2(bridge_slave_1) entered blocking state
[  130.686637][   T28] audit: type=1326 audit(1718191575.364:17039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fedc40309 code=0x7ffc0000
[  130.695880][ T4891] bridge0: port 2(bridge_slave_1) entered disabled state
[  130.733477][   T28] audit: type=1326 audit(1718191575.394:17040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fedc7cea9 code=0x7ffc0000
[  130.758240][ T4891] device bridge_slave_1 entered promiscuous mode
[  130.764474][   T28] audit: type=1326 audit(1718191575.394:17041): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fedc7a627 code=0x7ffc0000
[  130.794148][ T4940] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  130.800413][   T28] audit: type=1326 audit(1718191575.394:17042): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fedc40309 code=0x7ffc0000
[  130.826619][ T4945] tipc: Failed to remove unknown binding: 66,1,1/0:2306448457/2306448459
[  130.827886][   T28] audit: type=1326 audit(1718191575.394:17043): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f1fedc7cea9 code=0x7ffc0000
[  130.836634][ T4945] tipc: Failed to remove unknown binding: 66,1,1/0:2306448457/2306448459
[  130.867588][    T6] usb 2-1: Using ep0 maxpacket: 8
[  130.880294][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  130.893606][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  130.906491][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  130.919959][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  130.928204][   T28] audit: type=1326 audit(1718191575.394:17044): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fedc7a627 code=0x7ffc0000
[  130.956801][   T28] audit: type=1326 audit(1718191575.394:17045): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f1fedc40309 code=0x7ffc0000
[  130.982374][   T28] audit: type=1326 audit(1718191575.394:17046): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1fedc7cea9 code=0x7ffc0000
[  130.986597][    T6] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  131.006660][   T28] audit: type=1326 audit(1718191575.394:17047): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=4936 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f1fedc7a627 code=0x7ffc0000
[  131.036415][    T6] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[  131.108765][    T6] usb 2-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  131.164663][ T4962] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  131.190892][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  131.202503][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  131.216504][    T6] usb 2-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  131.235511][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  131.255690][    T6] usb 2-1: SerialNumber: syz
[  131.262643][ T4891] device veth0_vlan entered promiscuous mode
[  131.271834][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  131.272754][ T4966] blk_print_req_error: 72 callbacks suppressed
[  131.272768][ T4966] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  131.280416][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  131.303866][ T4918] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  131.311635][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  131.319319][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  131.320358][ T4966] FAT-fs (loop1): unable to read boot sector
[  131.327050][    T6] hub 2-1:1.0: bad descriptor, ignoring hub
[  131.338867][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  131.356416][    T6] hub: probe of 2-1:1.0 failed with error -5
[  131.362913][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  131.371785][  T408] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.378666][  T408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.385960][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  131.394263][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  131.402933][  T408] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.409801][  T408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.417077][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  131.424945][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  131.436269][ T4956] loop4: detected capacity change from 0 to 40427
[  131.442053][ T4891] device veth1_macvtap entered promiscuous mode
[  131.454945][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  131.462914][ T4956] F2FS-fs (loop4): Wrong segment_count / block_count (64 > 16384)
[  131.463432][  T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  131.474428][ T4956] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  131.495635][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  131.504073][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  131.528442][ T4918] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  131.539557][ T4956] F2FS-fs (loop4): Found nat_bits in checkpoint
[  131.553190][ T4975] netlink: 8 bytes leftover after parsing attributes in process `syz-executor.0'.
[  131.576042][ T4979] tipc: Failed to remove unknown binding: 66,1,1/0:1980070334/1980070336
[  131.585445][ T4979] tipc: Failed to remove unknown binding: 66,1,1/0:1980070334/1980070336
[  131.614608][ T4983] syz-executor.0 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  131.619685][ T4956] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  131.632071][ T4956] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  131.640133][ T4985] tipc: Failed to remove unknown binding: 66,1,1/0:1495630109/1495630111
[  131.657823][ T4985] tipc: Failed to remove unknown binding: 66,1,1/0:1495630109/1495630111
[  131.807592][ T5002] loop3: detected capacity change from 0 to 512
[  131.888455][ T5004] tipc: Failed to remove unknown binding: 66,1,1/0:2222820798/2222820800
[  131.921716][ T5002] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  131.936208][ T5002] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  131.950558][ T5002] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: comm syz-executor.3: inode #1: comm syz-executor.3: iget: illegal inode #
[  131.965008][ T5002] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz-executor.3: error while reading EA inode 1 err=-117
[  131.979489][ T5002] EXT4-fs (loop3): 1 orphan inode deleted
[  131.985140][ T5002] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  132.123056][ T5009] tipc: Failed to remove unknown binding: 66,1,1/0:2222820798/2222820800
[  132.318169][    T6] cdc_ether 2-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.1-1, CDC Ethernet Device, 42:42:42:42:42:42
[  132.357497][ T3346] EXT4-fs (loop3): unmounting filesystem.
[  132.392086][ T5019] I/O error, dev loop9, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  132.406608][ T5019] FAT-fs (loop9): unable to read boot sector
[  132.626770][  T451] device bridge_slave_1 left promiscuous mode
[  132.632723][  T451] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.651229][  T451] device bridge_slave_0 left promiscuous mode
[  132.667795][  T451] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.687663][  T451] device veth1_macvtap left promiscuous mode
[  132.700999][  T451] device veth0_vlan left promiscuous mode
[  132.750897][ T5040] loop3: detected capacity change from 0 to 8192
[  133.240540][ T4918] loop1: detected capacity change from 0 to 256
[  133.250357][ T5044] loop2: detected capacity change from 0 to 512
[  133.278490][ T5044] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  133.292382][ T5044] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  133.305054][ T5044] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz-executor.2: inode #1: comm syz-executor.2: iget: illegal inode #
[  133.310901][ T5032] loop4: detected capacity change from 0 to 40427
[  133.318937][ T5044] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz-executor.2: error while reading EA inode 1 err=-117
[  133.332737][ T5049] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[  133.337421][ T5044] EXT4-fs (loop2): 1 orphan inode deleted
[  133.348698][ T5044] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  133.351792][ T5032] F2FS-fs (loop4): Wrong segment_count / block_count (64 > 16384)
[  133.382042][ T5032] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  133.392871][ T5051] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.0'.
[  133.411608][ T5032] F2FS-fs (loop4): Found nat_bits in checkpoint
[  133.455919][ T5058] rtc_cmos 00:00: Alarms can be up to one day in the future
[  133.466442][  T348] usb 2-1: USB disconnect, device number 17
[  133.473617][  T348] cdc_ether 2-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.1-1, CDC Ethernet Device
[  133.483610][ T5032] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  133.498661][ T5032] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  133.509844][ T4891] EXT4-fs (loop2): unmounting filesystem.
[  133.524292][ T5063] syz-executor.0[5063] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.524363][ T5063] syz-executor.0[5063] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.557214][ T5063] syz-executor.0[5063] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.584152][ T5063] syz-executor.0[5063] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.606656][ T5063] virtio-fs: tag <(null)> not found
[  133.627130][ T5077] loop4: detected capacity change from 0 to 256
[  133.639532][ T5077] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  133.652260][ T5079] netlink: 24 bytes leftover after parsing attributes in process `syz-executor.2'.
[  133.690631][ T5083] xt_CT: You must specify a L4 protocol and not use inversions on it
[  133.692344][ T5085] loop2: detected capacity change from 0 to 256
[  133.716446][ T5077] loop4: detected capacity change from 256 to 0
[  133.726695][    T8] lo_write_bvec: 7 callbacks suppressed
[  133.726710][    T8] loop: Write error at byte offset 9223372036854845439, length 512.
[  133.733694][ T5094] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x2
[  133.746225][    C1] I/O error, dev loop4, sector 136 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  133.755643][    C1] buffer_io_error: 6 callbacks suppressed
[  133.755663][    C1] Buffer I/O error on dev loop4, logical block 136, lost sync page write
[  133.770193][    T8] loop: Write error at byte offset 9223372036854882303, length 512.
[  133.772144][ T5097] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'.
[  133.787207][    C1] I/O error, dev loop4, sector 208 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  133.787374][ T5097] netlink: 76 bytes leftover after parsing attributes in process `syz-executor.2'.
[  133.805887][    T8] loop: Write error at byte offset 9223372036854857727, length 512.
[  133.816580][    C1] I/O error, dev loop4, sector 160 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  133.825985][    C1] Buffer I/O error on dev loop4, logical block 160, lost sync page write
[  133.834889][    T8] loop: Write error at byte offset 9223372036854858239, length 512.
[  133.848886][    C1] I/O error, dev loop4, sector 161 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[  133.858422][    C1] Buffer I/O error on dev loop4, logical block 161, lost sync page write
[  133.871010][    C0] I/O error, dev loop4, sector 160 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  133.880920][    C1] I/O error, dev loop4, sector 161 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  133.890437][    C1] I/O error, dev loop4, sector 160 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  133.899780][    C0] I/O error, dev loop4, sector 161 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  133.912026][  T355] loop: Write error at byte offset 9223372036854775807, length 512.
[  133.920065][    C0] Buffer I/O error on dev loop4, logical block 0, lost sync page write
[  133.929570][ T5113] loop3: detected capacity change from 0 to 256
[  133.971210][ T5120] loop1: detected capacity change from 0 to 512
[  134.052309][ T5126] netlink: 'syz-executor.0': attribute type 4 has an invalid length.
[  134.062890][ T5126] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  134.269445][  T348] rtc_cmos 00:00: Alarms can be up to one day in the future
[  134.308102][ T5120] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  134.320191][  T348] rtc_cmos 00:00: Alarms can be up to one day in the future
[  134.322560][ T5127] loop2: detected capacity change from 0 to 4096
[  134.330502][ T5120] ext4 filesystem being mounted at /root/syzkaller-testdir889497661/syzkaller.eEwOwP/25/file0 supports timestamps until 2038 (0x7fffffff)
[  134.353744][ T5127] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  134.357624][ T5133] tipc: Failed to remove unknown binding: 66,1,1/0:749683437/749683439
[  134.366599][  T348] rtc_cmos 00:00: Alarms can be up to one day in the future
[  134.376519][ T5133] tipc: Failed to remove unknown binding: 66,1,1/0:749683437/749683439
[  134.396836][  T348] rtc_cmos 00:00: Alarms can be up to one day in the future
[  134.412541][  T348] rtc rtc0: __rtc_set_alarm: err=-22
[  134.423349][ T5120] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor.1: path /root/syzkaller-testdir889497661/syzkaller.eEwOwP/25/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  134.459712][ T5140] loop3: detected capacity change from 0 to 256
[  134.470599][ T4368] EXT4-fs (loop1): unmounting filesystem.
[  134.482106][ T5140] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  134.512341][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.519299][ T5138] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.526659][ T5138] device bridge_slave_0 entered promiscuous mode
[  134.533538][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.540705][ T5140] loop3: detected capacity change from 256 to 0
[  134.547337][ T5138] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.554829][   T43] loop: Write error at byte offset 9223372036854845439, length 512.
[  134.562732][    C0] Buffer I/O error on dev loop3, logical block 136, lost sync page write
[  134.571054][   T43] loop: Write error at byte offset 9223372036854882303, length 512.
[  134.579551][ T5138] device bridge_slave_1 entered promiscuous mode
[  134.585850][   T43] loop: Write error at byte offset 9223372036854857727, length 512.
[  134.598818][    C0] Buffer I/O error on dev loop3, logical block 160, lost sync page write
[  134.607810][   T43] loop: Write error at byte offset 9223372036854858239, length 512.
[  134.619814][    C0] Buffer I/O error on dev loop3, logical block 161, lost sync page write
[  134.647480][    T8] loop: Write error at byte offset 9223372036854775807, length 512.
[  134.657434][    C0] Buffer I/O error on dev loop3, logical block 0, lost sync page write
[  134.709847][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.716742][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.723795][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.730617][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.759553][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  134.772020][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  134.801639][ T4891] EXT4-fs (loop2): unmounting filesystem.
[  134.816238][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.880024][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  134.888918][  T331] bridge0: port 1(bridge_slave_0) entered blocking state
[  134.895769][  T331] bridge0: port 1(bridge_slave_0) entered forwarding state
[  134.921224][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  134.931955][ T5158] xt_CT: You must specify a L4 protocol and not use inversions on it
[  134.947345][  T331] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.954192][  T331] bridge0: port 2(bridge_slave_1) entered forwarding state
[  134.976518][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  134.984379][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  135.004424][  T355] device bridge_slave_1 left promiscuous mode
[  135.016448][  T355] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.033967][  T355] device bridge_slave_0 left promiscuous mode
[  135.039984][  T355] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.054739][  T355] device veth1_macvtap left promiscuous mode
[  135.068079][  T355] device veth0_vlan left promiscuous mode
[  135.119976][ T5164] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted
[  135.192100][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  135.204476][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  135.213065][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  135.220483][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  135.236783][ T5138] device veth0_vlan entered promiscuous mode
[  135.269400][ T5138] device veth1_macvtap entered promiscuous mode
[  135.286011][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  135.303298][ T5156] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.334854][ T5156] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.344769][ T5156] device bridge_slave_0 entered promiscuous mode
[  135.352713][ T5156] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.359668][ T5156] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.367013][ T5156] device bridge_slave_1 entered promiscuous mode
[  135.374573][ T5179] loop0: detected capacity change from 0 to 16
[  135.382553][ T5179] erofs: Unknown parameter '����0xffffffffffffffff0177777777777777777777718446744073709551615�����������������K��D����\�l3����<��5���ԉr$B�kaF�3v0�̡A�2ͳ�v~*���44��I��P��g"���6��'
[  135.404430][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  135.412622][  T348] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  135.442521][ T5179] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  135.449658][ T5179] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  135.560895][ T5183] loop1: detected capacity change from 0 to 4096
[  135.594523][ T5183] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  135.709860][ T5197] loop0: detected capacity change from 0 to 256
[  135.731907][ T5197] FAT-fs (loop0): Directory bread(block 64) failed
[  135.738974][ T5197] FAT-fs (loop0): Directory bread(block 65) failed
[  135.745650][ T5197] FAT-fs (loop0): Directory bread(block 66) failed
[  135.753229][ T5197] FAT-fs (loop0): Directory bread(block 67) failed
[  135.760373][ T5197] FAT-fs (loop0): Directory bread(block 68) failed
[  135.767085][ T5197] FAT-fs (loop0): Directory bread(block 69) failed
[  135.773511][ T5197] FAT-fs (loop0): Directory bread(block 70) failed
[  135.779880][ T5197] FAT-fs (loop0): Directory bread(block 71) failed
[  135.786483][ T5197] FAT-fs (loop0): Directory bread(block 72) failed
[  135.792933][ T5197] FAT-fs (loop0): Directory bread(block 73) failed
[  135.795315][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_0: link becomes ready
[  135.807313][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  135.815366][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): bond_slave_1: link becomes ready
[  135.828904][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  135.837074][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  135.845091][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  135.853129][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  135.861262][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  135.873388][ T5190] device wireguard0 entered promiscuous mode
[  135.942221][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  135.950016][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  135.964680][ T5205] can0: slcan on ptm1.
[  135.969387][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  135.977868][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  135.986633][    T6] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.993492][    T6] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.006480][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  136.016715][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  136.026052][    T6] bridge0: port 2(bridge_slave_1) entered blocking state
[  136.032902][    T6] bridge0: port 2(bridge_slave_1) entered forwarding state
[  136.042744][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  136.061808][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  136.073387][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  136.091474][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  136.105248][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  136.113196][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  136.122505][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  136.140494][ T5156] device veth0_vlan entered promiscuous mode
[  136.150187][ T4368] EXT4-fs (loop1): unmounting filesystem.
[  136.153052][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  136.168063][ T5156] device veth1_macvtap entered promiscuous mode
[  136.179478][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  136.187982][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  136.207300][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  136.215633][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  136.270791][ T5214] syz-executor.4[5214] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.270861][ T5214] syz-executor.4[5214] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  136.318689][ T5216] kvm: vcpu 0: requested 12 ns lapic timer period limited to 200000 ns
[  136.369948][   T28] kauditd_printk_skb: 1227 callbacks suppressed
[  136.369965][   T28] audit: type=1326 audit(1718191581.064:18275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.403501][   T28] audit: type=1326 audit(1718191581.094:18276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.434454][   T28] audit: type=1326 audit(1718191581.094:18277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.461339][   T28] audit: type=1326 audit(1718191581.094:18278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.488901][   T28] audit: type=1326 audit(1718191581.094:18279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.514482][   T28] audit: type=1326 audit(1718191581.094:18280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.572540][   T28] audit: type=1326 audit(1718191581.094:18281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.597807][   T28] audit: type=1326 audit(1718191581.094:18282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.623360][   T28] audit: type=1326 audit(1718191581.094:18283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.647492][ T5233] device veth1_macvtap left promiscuous mode
[  136.655405][   T28] audit: type=1326 audit(1718191581.094:18284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5218 comm="syz-executor.3" exe="/root/syz-executor.3" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f05a087cea9 code=0x7ffc0000
[  136.744144][  T355] device bridge_slave_1 left promiscuous mode
[  136.756092][  T355] bridge0: port 2(bridge_slave_1) entered disabled state
[  136.780183][  T355] device bridge_slave_0 left promiscuous mode
[  136.783635][ T5239] input: syz1 as /devices/virtual/input/input28
[  136.800374][  T355] bridge0: port 1(bridge_slave_0) entered disabled state
[  136.834437][  T355] device veth1_macvtap left promiscuous mode
[  136.841705][  T355] device veth0_vlan left promiscuous mode
[  136.990392][ T5235] loop4: detected capacity change from 0 to 40427
[  137.003650][ T5235] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  137.018785][ T5235] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  137.073742][ T5235] F2FS-fs (loop4): Found nat_bits in checkpoint
[  137.104742][ T5235] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  137.122792][ T5235] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  137.129703][ T5235] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  137.137172][ T5203] can0 (unregistered): slcan off ptm1.
[  137.163448][ T5138] syz-executor.4: attempt to access beyond end of device
[  137.163448][ T5138] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  137.257549][ T5261] IPv6: addrconf: prefix option has invalid lifetime
[  137.294673][ T5270] input: syz1 as /devices/virtual/input/input29
[  137.306508][    T6] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  137.348235][ T5277] loop0: detected capacity change from 0 to 16
[  137.368827][ T5273] kvm: vcpu 0: requested 12 ns lapic timer period limited to 200000 ns
[  137.429719][ T5277] erofs: (device loop0): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  137.453197][ T5284] loop4: detected capacity change from 0 to 256
[  137.477279][ T5286] IPv6: addrconf: prefix option has invalid lifetime
[  137.546601][    T6] usb 2-1: Using ep0 maxpacket: 32
[  137.657774][ T5308] EXT4-fs warning (device sda1): ext4_group_extend:1869: can't shrink FS - resize aborted
[  137.666565][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.685162][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.705032][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  137.726795][    T6] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  137.755981][    T6] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  137.777555][    T6] usb 2-1: New USB device found, idVendor=1b96, idProduct=000a, bcdDevice= 0.00
[  137.789396][ T5318] loop0: detected capacity change from 0 to 16
[  137.803367][    T6] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.806088][ T5316] loop4: detected capacity change from 0 to 1024
[  137.816418][ T5318] erofs: (device loop0): erofs_read_inode: unsupported chunk format 7fff of nid 36
[  137.831604][    T6] usb 2-1: config 0 descriptor??
[  137.839967][ T5316] EXT4-fs: Ignoring removed orlov option
[  137.845457][ T5316] EXT4-fs: Ignoring removed nomblk_io_submit option
[  137.874250][ T5306] loop2: detected capacity change from 0 to 40427
[  137.889312][ T5316] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  137.892652][ T5306] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  137.906407][ T5306] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  137.920778][ T5138] EXT4-fs (loop4): unmounting filesystem.
[  137.934331][ T5306] F2FS-fs (loop2): Found nat_bits in checkpoint
[  138.001063][ T5306] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  138.031080][ T5306] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  138.044138][ T5306] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  138.088237][ T5340] loop4: detected capacity change from 0 to 2048
[  138.123802][ T5340] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  138.160225][ T5342] syz-executor.2: attempt to access beyond end of device
[  138.160225][ T5342] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  138.177477][ T5138] EXT4-fs (loop4): unmounting filesystem.
[  138.186381][ T5306] syz-executor.2: attempt to access beyond end of device
[  138.186381][ T5306] loop2: rw=2049, sector=77832, nr_sectors = 176 limit=40427
[  138.200177][ T5345] input: syz1 as /devices/virtual/input/input30
[  138.318021][    T6] ntrig 0003:1B96:000A.0021: hidraw0: USB HID v0.00 Device [HID 1b96:000a] on usb-dummy_hcd.1-1/input0
[  138.339527][ T5362] loop3: detected capacity change from 0 to 256
[  138.350444][ T5362] FAT-fs (loop3): Directory bread(block 64) failed
[  138.357133][ T5362] FAT-fs (loop3): Directory bread(block 65) failed
[  138.363544][ T5362] FAT-fs (loop3): Directory bread(block 66) failed
[  138.369844][ T5362] FAT-fs (loop3): Directory bread(block 67) failed
[  138.376198][ T5362] FAT-fs (loop3): Directory bread(block 68) failed
[  138.382563][ T5362] FAT-fs (loop3): Directory bread(block 69) failed
[  138.389013][ T5362] FAT-fs (loop3): Directory bread(block 70) failed
[  138.395335][ T5362] FAT-fs (loop3): Directory bread(block 71) failed
[  138.401865][ T5362] FAT-fs (loop3): Directory bread(block 72) failed
[  138.408204][ T5362] FAT-fs (loop3): Directory bread(block 73) failed
[  138.461086][ T5368] input: syz1 as /devices/virtual/input/input31
[  138.576457][  T331] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  138.636586][ T5389] loop2: detected capacity change from 0 to 256
[  138.638264][ T5382] loop3: detected capacity change from 0 to 40427
[  138.649871][ T5382] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  138.652757][ T5389] FAT-fs (loop2): Directory bread(block 64) failed
[  138.657685][ T5382] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  138.664268][ T5389] FAT-fs (loop2): Directory bread(block 65) failed
[  138.673885][ T5382] F2FS-fs (loop3): Found nat_bits in checkpoint
[  138.678815][ T5389] FAT-fs (loop2): Directory bread(block 66) failed
[  138.690882][ T5389] FAT-fs (loop2): Directory bread(block 67) failed
[  138.697182][ T5389] FAT-fs (loop2): Directory bread(block 68) failed
[  138.703964][ T5389] FAT-fs (loop2): Directory bread(block 69) failed
[  138.711178][ T5389] FAT-fs (loop2): Directory bread(block 70) failed
[  138.714200][ T5382] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  138.720640][ T5389] FAT-fs (loop2): Directory bread(block 71) failed
[  138.727361][ T5382] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  138.733823][ T5389] FAT-fs (loop2): Directory bread(block 72) failed
[  138.747555][ T5389] FAT-fs (loop2): Directory bread(block 73) failed
[  138.776455][    T6] ntrig 0003:1B96:000A.0021: Firmware version: 1.10.24.46.2 (2b53 ca15)
[  138.957200][ T5426] SELinux:  Context hyz: is not valid (left unmapped).
[  138.976645][  T331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  138.987444][  T331] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  138.997111][  T331] usb 1-1: New USB device found, idVendor=056a, idProduct=00e2, bcdDevice= 0.00
[  139.006068][  T331] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.007356][ T5420] loop2: detected capacity change from 0 to 4096
[  139.014666][  T331] usb 1-1: config 0 descriptor??
[  139.026760][ T5420] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  139.172654][ T5438] loop3: detected capacity change from 0 to 40427
[  139.179480][ T5438] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  139.187144][ T5438] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  139.195767][ T5438] F2FS-fs (loop3): invalid crc value
[  139.202179][ T5438] F2FS-fs (loop3): Found nat_bits in checkpoint
[  139.225085][ T5438] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  139.232029][ T5438] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  139.243122][ T5438] syz-executor.3: attempt to access beyond end of device
[  139.243122][ T5438] loop3: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  139.527250][  T331] wacom 0003:056A:00E2.0022: unknown main item tag 0x0
[  139.656946][  T331] wacom 0003:056A:00E2.0022: hidraw1: USB HID v0.00 Device [HID 056a:00e2] on usb-dummy_hcd.0-1/input0
[  139.726880][ T4891] EXT4-fs (loop2): unmounting filesystem.
[  139.737811][   T39] usb 1-1: USB disconnect, device number 14
[  139.806425][   T24] usb 2-1: reset high-speed USB device number 18 using dummy_hcd
[  140.046447][   T24] usb 2-1: device descriptor read/64, error -32
[  140.373116][ T5478] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.0'.
[  140.377842][ T5476] syz-executor.2 (5476) used greatest stack depth: 19184 bytes left
[  140.396658][   T24] usb 2-1: device descriptor read/64, error -32
[  140.530818][ T5495] loop2: detected capacity change from 0 to 512
[  140.537312][ T5495] EXT4-fs: Ignoring removed nobh option
[  140.548275][ T5495] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  140.557654][ T5495] ext4 filesystem being mounted at /root/syzkaller-testdir4127390294/syzkaller.P7ZsSY/61/file0 supports timestamps until 2038 (0x7fffffff)
[  140.575953][ T5495] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz-executor.2: bg 0: block 285: padding at end of block bitmap is not set
[  140.590848][ T5495] EXT4-fs (loop2): Remounting filesystem read-only
[  140.597262][ T5495] EXT4-fs error (device loop2) in ext4_evict_inode:254: Readonly filesystem
[  140.611219][ T4891] EXT4-fs (loop2): unmounting filesystem.
[  140.676383][   T24] usb 2-1: reset high-speed USB device number 18 using dummy_hcd
[  140.701024][ T5505] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  140.848651][ T5519] overlayfs: statfs failed on './file0'
[  140.890352][ T5525] tun0: tun_chr_ioctl cmd 1074025673
[  140.970557][ T5536] loop1: detected capacity change from 0 to 256
[  140.979725][ T5536] exfat: Unknown parameter '
'
[  141.086451][   T19] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  141.360630][ T5540] loop1: detected capacity change from 0 to 40427
[  141.367640][ T5540] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  141.375248][ T5540] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  141.385891][ T5540] F2FS-fs (loop1): Found nat_bits in checkpoint
[  141.421069][ T5540] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  141.428489][ T5540] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  141.456978][   T28] kauditd_printk_skb: 408 callbacks suppressed
[  141.457002][   T28] audit: type=1400 audit(1718191585.949:18691): avc:  denied  { reparent } for  pid=5539 comm="syz-executor.1" name="#64" dev="loop1" ino=22 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  141.487749][ T5554] overlayfs: statfs failed on './file0'
[  141.490318][ T4368] f2fs_fill_dentries: 4 callbacks suppressed
[  141.490334][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.499490][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.507042][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.514465][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.522440][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.529954][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.537596][ T4368] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  141.547107][   T19] usb 3-1: Using ep0 maxpacket: 32
[  141.576856][  T331] usb 2-1: USB disconnect, device number 18
[  141.641042][   T28] audit: type=1400 audit(1718191586.129:18692): avc:  denied  { read } for  pid=5561 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  141.673739][ T5565] loop0: detected capacity change from 0 to 1024
[  141.680056][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  141.681244][ T5565] EXT4-fs: Ignoring removed orlov option
[  141.691174][   T19] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  141.697345][ T5565] EXT4-fs: Ignoring removed nomblk_io_submit option
[  141.708037][   T19] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  141.723335][   T19] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.728195][ T5565] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  141.731787][   T19] usb 3-1: config 0 descriptor??
[  141.756479][ T5517] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  141.766735][ T4797] EXT4-fs (loop0): unmounting filesystem.
[  141.776824][   T19] hub 3-1:0.0: USB hub found
[  141.780516][ T5573] loop0: detected capacity change from 0 to 512
[  141.798243][ T5573] EXT4-fs (loop0): 1 orphan inode deleted
[  141.803835][ T5573] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  141.817090][ T5573] ext4 filesystem being mounted at /root/syzkaller-testdir2933284428/syzkaller.BNHAVa/81/file1 supports timestamps until 2038 (0x7fffffff)
[  142.007979][ T5590] syz-executor.0[5590] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.008300][ T5590] syz-executor.0[5590] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  142.224339][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  142.298614][    T8] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  142.320347][ T5584] loop4: detected capacity change from 0 to 40427
[  142.321476][    T8] kworker/u4:0: attempt to access beyond end of device
[  142.321476][    T8] loop3: rw=1, sector=45224, nr_sectors = 8 limit=40427
[  142.327506][ T5584] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  142.350986][ T5584] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  142.455216][ T5596] loop3: detected capacity change from 0 to 512
[  142.462263][ T5596] EXT4-fs: Ignoring removed nobh option
[  142.466233][ T5584] F2FS-fs (loop4): Found nat_bits in checkpoint
[  142.476478][   T19] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  142.487000][ T5596] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  142.495900][ T5596] ext4 filesystem being mounted at /root/syzkaller-testdir2072468942/syzkaller.w7Xn5a/15/file0 supports timestamps until 2038 (0x7fffffff)
[  142.503687][ T5584] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  142.514648][ T5596] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz-executor.3: bg 0: block 285: padding at end of block bitmap is not set
[  142.516793][ T5584] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  142.539218][ T5596] EXT4-fs (loop3): Remounting filesystem read-only
[  142.545667][ T5596] EXT4-fs error (device loop3) in ext4_evict_inode:254: Readonly filesystem
[  142.559870][ T5138] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  142.559889][ T5138] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  142.567450][ T5138] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  142.567953][ T5156] EXT4-fs (loop3): unmounting filesystem.
[  142.588181][    T8] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  142.600421][    T8] Quota error (device loop3): dquot_write_dquot: Can't write quota structure (error -30). Quota may get out of sync!
[  142.612802][   T19] usbhid 3-1:0.0: can't add hid device: -71
[  142.618990][   T19] usbhid: probe of 3-1:0.0 failed with error -71
[  142.653296][ T4797] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.0: lblock 0 mapped to illegal pblock 3 (length 1)
[  142.657057][   T19] usb 3-1: USB disconnect, device number 8
[  142.674371][ T4797] EXT4-fs (loop0): Remounting filesystem read-only
[  142.684838][ T4797] EXT4-fs (loop0): unmounting filesystem.
[  142.714603][ T5605] loop3: detected capacity change from 0 to 512
[  142.727502][ T5605] EXT4-fs error (device loop3): __ext4_fill_super:5386: inode #2: comm syz-executor.3: casefold flag without casefold feature
[  142.740923][ T5605] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  142.750912][ T5605] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  142.924367][ T5605] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  142.979858][ T5156] EXT4-fs (loop3): unmounting filesystem.
[  143.008785][ T5621] xt_CT: You must specify a L4 protocol and not use inversions on it
[  143.237672][ T5616] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.249693][ T5616] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.260280][ T5616] device bridge_slave_0 entered promiscuous mode
[  143.267395][ T5616] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.274283][ T5616] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.281801][ T5616] device bridge_slave_1 entered promiscuous mode
[  143.405758][ T5616] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.412657][ T5616] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.419753][ T5616] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.426525][ T5616] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.439622][ T5637] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  143.468518][ T5630] loop4: detected capacity change from 0 to 40427
[  143.475894][ T5630] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  143.483753][ T5630] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  143.494486][ T5630] F2FS-fs (loop4): Found nat_bits in checkpoint
[  143.510161][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  143.522667][   T24] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.533365][   T24] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.540954][ T5630] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  143.542522][   T28] audit: type=1400 audit(1718191588.029:18693): avc:  denied  { setopt } for  pid=5648 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  143.548078][ T5630] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  143.585895][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  143.604156][  T331] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.607249][ T5653] loop2: detected capacity change from 0 to 256
[  143.611150][  T331] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.623676][ T5653] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  143.626117][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  143.648472][  T331] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.655372][  T331] bridge0: port 2(bridge_slave_1) entered forwarding state
[  143.667187][  T354] device bridge_slave_1 left promiscuous mode
[  143.673698][  T354] bridge0: port 2(bridge_slave_1) entered disabled state
[  143.693371][  T354] device bridge_slave_0 left promiscuous mode
[  143.699661][  T354] bridge0: port 1(bridge_slave_0) entered disabled state
[  143.707497][  T354] device veth1_macvtap left promiscuous mode
[  143.718878][   T28] audit: type=1400 audit(1718191588.209:18694): avc:  denied  { bind } for  pid=5656 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  143.727048][  T354] device veth0_vlan left promiscuous mode
[  143.896140][ T5662] loop1: detected capacity change from 0 to 40427
[  143.903606][ T5662] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  143.913486][ T5662] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  143.927984][ T5662] F2FS-fs (loop1): Found nat_bits in checkpoint
[  143.956052][ T5676] loop4: detected capacity change from 0 to 256
[  143.967812][ T5676] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  143.974966][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  143.980655][ T5662] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  143.994818][ T5662] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  144.047968][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  144.056126][   T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  144.071377][ T5616] device veth0_vlan entered promiscuous mode
[  144.079610][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  144.087596][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  144.095478][ T5667] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  144.291705][ T5616] device veth1_macvtap entered promiscuous mode
[  144.360246][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  144.367799][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  144.376408][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  144.384329][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  144.392333][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  144.408530][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  144.416709][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  144.424886][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  144.433028][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  144.644968][ T5717] syzkaller0: default qdisc (pfifo_fast) fail, fallback to noqueue
[  144.647398][   T28] audit: type=1326 audit(1718191589.139:18695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f169867cea9 code=0x7ffc0000
[  144.676957][   T28] audit: type=1326 audit(1718191589.139:18696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f169867cea9 code=0x7ffc0000
[  144.701179][   T24] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  144.701237][   T28] audit: type=1326 audit(1718191589.139:18697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f169867cea9 code=0x7ffc0000
[  144.732588][   T28] audit: type=1326 audit(1718191589.139:18698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=5716 comm="syz-executor.0" exe="/root/syz-executor.0" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f169867cea9 code=0x7ffc0000
[  144.845898][ T5739] loop1: detected capacity change from 0 to 512
[  144.866585][ T5739] EXT4-fs error (device loop1): __ext4_fill_super:5386: inode #2: comm syz-executor.1: casefold flag without casefold feature
[  144.873002][ T5747] loop0: detected capacity change from 0 to 512
[  144.886787][ T5739] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  144.896747][ T5739] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  144.910939][ T5747] EXT4-fs (loop0): 1 orphan inode deleted
[  144.916993][ T5747] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  144.933323][ T5747] ext4 filesystem being mounted at /root/syzkaller-testdir2785311388/syzkaller.tUeOH3/8/file1 supports timestamps until 2038 (0x7fffffff)
[  145.006448][ T5742] loop4: detected capacity change from 0 to 40427
[  145.013542][ T5742] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  145.021347][ T5742] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  145.031674][ T5742] F2FS-fs (loop4): Found nat_bits in checkpoint
[  145.054733][ T5742] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  145.061710][ T5742] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  145.125167][ T5763] syz-executor.0[5763] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.125473][ T5763] syz-executor.0[5763] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.301505][ T5739] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
[  145.332632][ T4368] EXT4-fs (loop1): unmounting filesystem.
[  145.366548][   T24] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.385035][   T43] EXT4-fs error (device loop0): __ext4_get_inode_loc:4497: comm kworker/u4:2: Invalid inode table block 0 in block_group 0
[  145.398132][   T43] EXT4-fs (loop0): Remounting filesystem read-only
[  145.576552][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  145.585495][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.593291][   T24] usb 3-1: Product: syz
[  145.597272][   T24] usb 3-1: Manufacturer: syz
[  145.601752][   T24] usb 3-1: SerialNumber: syz
[  145.653274][ T5789] loop4: detected capacity change from 0 to 512
[  145.661189][ T5789] EXT4-fs error (device loop4): __ext4_fill_super:5386: inode #2: comm syz-executor.4: casefold flag without casefold feature
[  145.674746][ T5789] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  145.684919][ T5789] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  145.740542][ T5616] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.0: lblock 0 mapped to illegal pblock 3 (length 1)
[  145.758243][ T5616] EXT4-fs (loop0): unmounting filesystem.
[  145.852921][ T5789] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.4'.
[  145.879056][ T5816] loop1: detected capacity change from 0 to 512
[  145.902041][ T5138] EXT4-fs (loop4): unmounting filesystem.
[  145.954141][ T5816] EXT4-fs (loop1): 1 orphan inode deleted
[  145.961183][ T5816] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  145.981790][ T5816] ext4 filesystem being mounted at /root/syzkaller-testdir889497661/syzkaller.eEwOwP/73/file1 supports timestamps until 2038 (0x7fffffff)
[  146.010832][ T5819] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.017898][ T5819] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.025182][ T5819] device bridge_slave_0 entered promiscuous mode
[  146.121790][ T5829] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.3'.
[  146.543102][   T28] kauditd_printk_skb: 15 callbacks suppressed
[  146.543130][   T28] audit: type=1400 audit(1718191590.589:18714): avc:  denied  { accept } for  pid=5817 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  146.571195][ T5819] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.578118][ T5819] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.586502][ T5819] device bridge_slave_1 entered promiscuous mode
[  146.638508][ T5832] syz-executor.1[5832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.638801][ T5832] syz-executor.1[5832] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  146.909990][ T4368] EXT4-fs error (device loop1): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.1: lblock 0 mapped to illegal pblock 3 (length 1)
[  146.913395][ T5834] netlink: 172 bytes leftover after parsing attributes in process `syz-executor.3'.
[  146.921993][ T4368] EXT4-fs (loop1): Remounting filesystem read-only
[  146.958108][   T28] audit: type=1400 audit(1718191591.449:18715): avc:  denied  { lock } for  pid=5833 comm="syz-executor.3" path="socket:[45724]" dev="sockfs" ino=45724 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_stream_socket permissive=1
[  146.958681][ T4368] EXT4-fs (loop1): unmounting filesystem.
[  146.999335][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  147.006824][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  147.029652][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  147.037973][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  147.046286][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  147.053967][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  147.061322][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  147.069550][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  147.077733][   T39] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.084586][   T39] bridge0: port 1(bridge_slave_0) entered forwarding state
[  147.091804][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  147.100164][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  147.108244][   T39] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.115083][   T39] bridge0: port 2(bridge_slave_1) entered forwarding state
[  147.122412][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  147.130683][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  147.142315][ T5819] device veth0_vlan entered promiscuous mode
[  147.148641][   T28] audit: type=1400 audit(1718191591.649:18716): avc:  denied  { setopt } for  pid=5684 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  147.170544][   T28] audit: type=1400 audit(1718191591.669:18717): avc:  denied  { bind } for  pid=5684 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  147.191024][  T331] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  147.196415][   T28] audit: type=1400 audit(1718191591.669:18718): avc:  denied  { node_bind } for  pid=5684 comm="syz-executor.2" saddr=10.1.1.1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=icmp_socket permissive=1
[  147.229439][ T5819] device veth1_macvtap entered promiscuous mode
[  147.236742][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  147.244981][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  147.253695][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  147.270211][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  147.279565][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  147.288175][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  147.296257][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  147.373575][ T5856] sch_fq: defrate 0 ignored.
[  147.397499][   T43] device bridge_slave_1 left promiscuous mode
[  147.406435][   T24] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  147.412788][   T24] cdc_ncm 3-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  147.419854][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.427642][   T43] device bridge_slave_0 left promiscuous mode
[  147.433794][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.436395][   T24] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  147.447103][   T43] device veth1_macvtap left promiscuous mode
[  147.453053][   T43] device veth0_vlan left promiscuous mode
[  147.534062][ T5859] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.4'.
[  147.641999][ T5820] loop2: detected capacity change from 0 to 256
[  147.692513][ T5820] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  147.710848][ T5861] loop0: detected capacity change from 0 to 512
[  147.728793][ T5861] EXT4-fs (loop0): 1 orphan inode deleted
[  147.734364][ T5861] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  147.743273][ T5861] ext4 filesystem being mounted at /root/syzkaller-testdir4249290043/syzkaller.U66yfv/3/file1 supports timestamps until 2038 (0x7fffffff)
[  147.841212][ T5857] bridge0: port 1(bridge_slave_0) entered blocking state
[  147.848418][ T5857] bridge0: port 1(bridge_slave_0) entered disabled state
[  147.855588][ T5857] device bridge_slave_0 entered promiscuous mode
[  147.862262][ T5879] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  147.862777][ T5857] bridge0: port 2(bridge_slave_1) entered blocking state
[  147.876297][ T5857] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.884000][ T5857] device bridge_slave_1 entered promiscuous mode
[  147.886892][ T5881] syz-executor.3[5881] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.890329][ T5881] syz-executor.3[5881] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.927390][ T5881] syz-executor.3[5881] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.943319][ T5882] syz-executor.0[5882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.955256][ T5882] syz-executor.0[5882] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.048719][ T5881] syz-executor.3[5881] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  148.141272][ T5885] loop3: detected capacity change from 0 to 128
[  148.175661][ T5887] SELinux:  Context system_u:object_r:mouse_device_t:s0 is not valid (left unmapped).
[  148.191198][   T28] audit: type=1400 audit(1718191592.659:18719): avc:  denied  { relabelfrom } for  pid=5886 comm="syz-executor.3" name="NETLINK" dev="sockfs" ino=45974 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  148.228685][   T28] audit: type=1400 audit(1718191592.669:18720): avc:  denied  { relabelto } for  pid=5886 comm="syz-executor.3" name="NETLINK" dev="sockfs" ino=45974 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=netlink_netfilter_socket permissive=1 trawcon="system_u:object_r:mouse_device_t:s0"
[  148.230151][ T5891] loop3: detected capacity change from 0 to 256
[  148.258334][ T5890] sch_fq: defrate 0 ignored.
[  148.265858][ T5891] exfat: Deprecated parameter 'utf8'
[  148.275527][ T5891] exfat: Deprecated parameter 'namecase'
[  148.286047][ T5891] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  148.298398][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  148.305845][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  148.321740][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  148.330011][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  148.337954][ T1995] bridge0: port 1(bridge_slave_0) entered blocking state
[  148.344805][ T1995] bridge0: port 1(bridge_slave_0) entered forwarding state
[  148.352005][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  148.360443][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  148.368796][ T1995] bridge0: port 2(bridge_slave_1) entered blocking state
[  148.375676][ T1995] bridge0: port 2(bridge_slave_1) entered forwarding state
[  148.384033][ T1995] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  148.399579][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  148.408632][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  148.432124][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  148.451217][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  148.459004][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  148.466236][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  148.475210][ T5857] device veth0_vlan entered promiscuous mode
[  148.494927][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  148.503103][   T28] audit: type=1400 audit(1718191592.979:18721): avc:  denied  { setattr } for  pid=5897 comm="syz-executor.4" name="binder-control" dev="binder" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1
[  148.535497][   T28] audit: type=1400 audit(1718191593.019:18722): avc:  denied  { create } for  pid=5905 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  148.553480][ T5819] EXT4-fs error (device loop0): ext4_map_blocks:607: inode #2: block 3: comm syz-executor.0: lblock 0 mapped to illegal pblock 3 (length 1)
[  148.558290][   T28] audit: type=1400 audit(1718191593.019:18723): avc:  denied  { write } for  pid=5905 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  148.571062][ T5819] EXT4-fs (loop0): Remounting filesystem read-only
[  148.600730][ T5857] device veth1_macvtap entered promiscuous mode
[  148.600909][ T5819] EXT4-fs (loop0): unmounting filesystem.
[  148.624157][   T19] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  148.641186][    T6] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  148.809335][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.819428][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.827332][   T43] device bridge_slave_1 left promiscuous mode
[  148.832213][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.835898][   T43] bridge0: port 2(bridge_slave_1) entered disabled state
[  148.845997][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.854773][   T43] device bridge_slave_0 left promiscuous mode
[  148.861253][   T43] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.868526][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.877312][   T43] device veth1_macvtap left promiscuous mode
[  148.883243][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.890638][   T43] device veth0_vlan left promiscuous mode
[  148.896290][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.909227][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.927688][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.939147][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.955778][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.966220][   T24] cdc_ncm 3-1:1.0: setting tx_max = 88
[  148.982667][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  148.997825][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.008429][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.021323][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.024309][ T5940] loop2: detected capacity change from 0 to 128
[  149.029542][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.045639][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.055489][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.068970][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.076241][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.083951][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.091395][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.099241][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.109120][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.116432][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.125665][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.133418][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.142289][   T24] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  149.153991][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.165437][   T24] usb 3-1: USB disconnect, device number 9
[  149.172748][   T24] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  149.181884][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.189427][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.196830][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.205587][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.212985][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.224717][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.231923][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.239299][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.246277][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.254740][ T5928] device bridge_slave_0 entered promiscuous mode
[  149.261041][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.271487][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.278402][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.285782][ T5928] device bridge_slave_1 entered promiscuous mode
[  149.287059][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.299300][   T39] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[  149.313582][ T1995] ==================================================================
[  149.321462][ T1995] BUG: KASAN: use-after-free in __list_del_entry_valid+0xa6/0x130
[  149.329098][ T1995] Read of size 8 at addr ffff888119e58cf0 by task kworker/1:6/1995
[  149.336823][ T1995] 
[  149.338991][ T1995] CPU: 1 PID: 1995 Comm: kworker/1:6 Tainted: G        W          6.1.78-syzkaller-00003-gdda68b1657b1 #0
[  149.350099][ T1995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024
[  149.360007][ T1995] Workqueue: wg-crypt-wg0 wg_packet_encrypt_worker
[  149.366330][ T1995] Call Trace:
[  149.369454][ T1995]  <TASK>
[  149.372232][ T1995]  dump_stack_lvl+0x151/0x1b7
[  149.376748][ T1995]  ? nf_tcp_handle_invalid+0x3f1/0x3f1
[  149.382038][ T1995]  ? _printk+0xd1/0x111
[  149.386033][ T1995]  ? __virt_addr_valid+0x242/0x2f0
[  149.390983][ T1995]  print_report+0x158/0x4e0
[  149.395324][ T1995]  ? __virt_addr_valid+0x242/0x2f0
[  149.400269][ T1995]  ? kasan_complete_mode_report_info+0x90/0x1b0
[  149.406344][ T1995]  ? __list_del_entry_valid+0xa6/0x130
[  149.411641][ T1995]  kasan_report+0x13c/0x170
[  149.415977][ T1995]  ? __list_del_entry_valid+0xa6/0x130
[  149.421274][ T1995]  __asan_report_load8_noabort+0x14/0x20
[  149.426739][ T1995]  __list_del_entry_valid+0xa6/0x130
[  149.431861][ T1995]  process_one_work+0x4d7/0xcb0
[  149.436552][ T1995]  worker_thread+0xa60/0x1260
[  149.441071][ T1995]  kthread+0x26d/0x300
[  149.444964][ T1995]  ? worker_clr_flags+0x1a0/0x1a0
[  149.449828][ T1995]  ? kthread_blkcg+0xd0/0xd0
[  149.454252][ T1995]  ret_from_fork+0x1f/0x30
[  149.458509][ T1995]  </TASK>
[  149.461371][ T1995] 
[  149.463539][ T1995] Allocated by task 24:
[  149.467531][ T1995]  kasan_set_track+0x4b/0x70
[  149.471957][ T1995]  kasan_save_alloc_info+0x1f/0x30
[  149.476904][ T1995]  __kasan_kmalloc+0x9c/0xb0
[  149.481333][ T1995]  __kmalloc_node+0xb4/0x1e0
[  149.485756][ T1995]  kvmalloc_node+0x221/0x640
[  149.490182][ T1995]  alloc_netdev_mqs+0x8c/0xf90
[  149.494785][ T1995]  alloc_etherdev_mqs+0x36/0x40
[  149.499476][ T1995]  usbnet_probe+0x207/0x27c0
[  149.503899][ T1995]  usb_probe_interface+0x5b6/0xa90
[  149.508845][ T1995]  really_probe+0x2b8/0x920
[  149.513184][ T1995]  __driver_probe_device+0x1a0/0x310
[  149.518310][ T1995]  driver_probe_device+0x54/0x3d0
[  149.523165][ T1995]  __device_attach_driver+0x2e3/0x490
[  149.528374][ T1995]  bus_for_each_drv+0x183/0x200
[  149.533063][ T1995]  __device_attach+0x312/0x510
[  149.537659][ T1995]  device_initial_probe+0x1a/0x20
[  149.542517][ T1995]  bus_probe_device+0xbe/0x1e0
[  149.547117][ T1995]  device_add+0xb60/0xf10
[  149.551282][ T1995]  usb_set_configuration+0x190f/0x1e80
[  149.556578][ T1995]  usb_generic_driver_probe+0x8b/0x150
[  149.561871][ T1995]  usb_probe_device+0x144/0x260
[  149.566556][ T1995]  really_probe+0x2b8/0x920
[  149.570896][ T1995]  __driver_probe_device+0x1a0/0x310
[  149.576018][ T1995]  driver_probe_device+0x54/0x3d0
[  149.580877][ T1995]  __device_attach_driver+0x2e3/0x490
[  149.586085][ T1995]  bus_for_each_drv+0x183/0x200
[  149.590771][ T1995]  __device_attach+0x312/0x510
[  149.595371][ T1995]  device_initial_probe+0x1a/0x20
[  149.600233][ T1995]  bus_probe_device+0xbe/0x1e0
[  149.604833][ T1995]  device_add+0xb60/0xf10
[  149.608997][ T1995]  usb_new_device+0xf32/0x1810
[  149.613599][ T1995]  hub_event+0x2db1/0x4830
[  149.617854][ T1995]  process_one_work+0x73d/0xcb0
[  149.622537][ T1995]  worker_thread+0xa60/0x1260
[  149.627050][ T1995]  kthread+0x26d/0x300
[  149.631131][ T1995]  ret_from_fork+0x1f/0x30
[  149.635384][ T1995] 
[  149.637554][ T1995] Freed by task 24:
[  149.641200][ T1995]  kasan_set_track+0x4b/0x70
[  149.645631][ T1995]  kasan_save_free_info+0x2b/0x40
[  149.650487][ T1995]  ____kasan_slab_free+0x131/0x180
[  149.655433][ T1995]  __kasan_slab_free+0x11/0x20
[  149.660041][ T1995]  __kmem_cache_free+0x218/0x3b0
[  149.664808][ T1995]  kfree+0x7a/0xf0
[  149.668363][ T1995]  kvfree+0x35/0x40
[  149.672009][ T1995]  netdev_freemem+0x3f/0x60
[  149.676349][ T1995]  netdev_release+0x7f/0xb0
[  149.680688][ T1995]  device_release+0x95/0x1c0
[  149.685117][ T1995]  kobject_put+0x178/0x260
[  149.689369][ T1995]  put_device+0x1f/0x30
[  149.693361][ T1995]  free_netdev+0x393/0x480
[  149.697614][ T1995]  usbnet_disconnect+0x245/0x390
[  149.702387][ T1995]  usb_unbind_interface+0x1fa/0x8c0
[  149.707423][ T1995]  device_release_driver_internal+0x53e/0x870
[  149.713326][ T1995]  device_release_driver+0x19/0x20
[  149.718272][ T1995]  bus_remove_device+0x2fa/0x360
[  149.723045][ T1995]  device_del+0x663/0xe90
[  149.727212][ T1995]  usb_disable_device+0x380/0x720
[  149.732072][ T1995]  usb_disconnect+0x32a/0x890
[  149.736586][ T1995]  hub_event+0x1ed8/0x4830
[  149.740837][ T1995]  process_one_work+0x73d/0xcb0
[  149.745524][ T1995]  worker_thread+0xd71/0x1260
[  149.750035][ T1995]  kthread+0x26d/0x300
[  149.753943][ T1995]  ret_from_fork+0x1f/0x30
[  149.758197][ T1995] 
[  149.760364][ T1995] Last potentially related work creation:
[  149.765921][ T1995]  kasan_save_stack+0x3b/0x60
[  149.770432][ T1995]  __kasan_record_aux_stack+0xb4/0xc0
[  149.775641][ T1995]  kasan_record_aux_stack_noalloc+0xb/0x10
[  149.781284][ T1995]  insert_work+0x56/0x310
[  149.785448][ T1995]  __queue_work+0x9b6/0xd70
[  149.789788][ T1995]  queue_work_on+0x105/0x170
[  149.794215][ T1995]  usbnet_link_change+0xeb/0x100
[  149.798987][ T1995]  usbnet_probe+0x1dbe/0x27c0
[  149.803502][ T1995]  usb_probe_interface+0x5b6/0xa90
[  149.808449][ T1995]  really_probe+0x2b8/0x920
[  149.812788][ T1995]  __driver_probe_device+0x1a0/0x310
[  149.817907][ T1995]  driver_probe_device+0x54/0x3d0
[  149.822767][ T1995]  __device_attach_driver+0x2e3/0x490
[  149.827975][ T1995]  bus_for_each_drv+0x183/0x200
[  149.832664][ T1995]  __device_attach+0x312/0x510
[  149.837263][ T1995]  device_initial_probe+0x1a/0x20
[  149.842123][ T1995]  bus_probe_device+0xbe/0x1e0
[  149.846724][ T1995]  device_add+0xb60/0xf10
[  149.850888][ T1995]  usb_set_configuration+0x190f/0x1e80
[  149.856184][ T1995]  usb_generic_driver_probe+0x8b/0x150
[  149.861479][ T1995]  usb_probe_device+0x144/0x260
[  149.866167][ T1995]  really_probe+0x2b8/0x920
[  149.870504][ T1995]  __driver_probe_device+0x1a0/0x310
[  149.875624][ T1995]  driver_probe_device+0x54/0x3d0
[  149.880486][ T1995]  __device_attach_driver+0x2e3/0x490
[  149.885692][ T1995]  bus_for_each_drv+0x183/0x200
[  149.890382][ T1995]  __device_attach+0x312/0x510
[  149.894980][ T1995]  device_initial_probe+0x1a/0x20
[  149.899841][ T1995]  bus_probe_device+0xbe/0x1e0
[  149.904442][ T1995]  device_add+0xb60/0xf10
[  149.908606][ T1995]  usb_new_device+0xf32/0x1810
[  149.913207][ T1995]  hub_event+0x2db1/0x4830
[  149.917461][ T1995]  process_one_work+0x73d/0xcb0
[  149.922145][ T1995]  worker_thread+0xa60/0x1260
[  149.926660][ T1995]  kthread+0x26d/0x300
[  149.930565][ T1995]  ret_from_fork+0x1f/0x30
[  149.934824][ T1995] 
[  149.936987][ T1995] The buggy address belongs to the object at ffff888119e58000
[  149.936987][ T1995]  which belongs to the cache kmalloc-4k of size 4096
[  149.950877][ T1995] The buggy address is located 3312 bytes inside of
[  149.950877][ T1995]  4096-byte region [ffff888119e58000, ffff888119e59000)
[  149.964154][ T1995] 
[  149.966324][ T1995] The buggy address belongs to the physical page:
[  149.972587][ T1995] page:ffffea0004679600 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x119e58
[  149.982641][ T1995] head:ffffea0004679600 order:3 compound_mapcount:0 compound_pincount:0
[  149.990800][ T1995] flags: 0x4000000000010200(slab|head|zone=1)
[  149.996708][ T1995] raw: 4000000000010200 dead000000000100 dead000000000122 ffff888100043380
[  150.005127][ T1995] raw: 0000000000000000 0000000000040004 00000001ffffffff 0000000000000000
[  150.013716][ T1995] page dumped because: kasan: bad access detected
[  150.019970][ T1995] page_owner tracks the page as allocated
[  150.025521][ T1995] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 4846, tgid 4846 (syz-executor.4), ts 129827366448, free_ts 129732004465
[  150.047914][ T1995]  post_alloc_hook+0x213/0x220
[  150.052519][ T1995]  prep_new_page+0x1b/0x110
[  150.057036][ T1995]  get_page_from_freelist+0x27ea/0x2870
[  150.062408][ T1995]  __alloc_pages+0x3a1/0x780
[  150.066832][ T1995]  alloc_slab_page+0x6c/0xf0
[  150.071259][ T1995]  new_slab+0x90/0x3e0
[  150.075165][ T1995]  ___slab_alloc+0x6f9/0xb80
[  150.079590][ T1995]  __slab_alloc+0x5d/0xa0
[  150.083756][ T1995]  __kmem_cache_alloc_node+0x1af/0x250
[  150.089052][ T1995]  __kmalloc_node_track_caller+0xa2/0x1e0
[  150.094606][ T1995]  __alloc_skb+0x125/0x2d0
[  150.098857][ T1995]  rtmsg_ifinfo_build_skb+0x7f/0x180
[  150.103979][ T1995]  rtmsg_ifinfo+0x78/0x120
[  150.108231][ T1995]  __dev_notify_flags+0xdd/0x610
[  150.113010][ T1995]  dev_change_flags+0xf0/0x1a0
[  150.117613][ T1995]  do_setlink+0xdb8/0x4060
[  150.121867][ T1995] page last free stack trace:
[  150.126374][ T1995]  free_unref_page_prepare+0x83d/0x850
[  150.131666][ T1995]  free_unref_page+0xb2/0x5c0
[  150.136181][ T1995]  __free_pages+0x61/0xf0
[  150.140346][ T1995]  __free_slab+0xce/0x1a0
[  150.144510][ T1995]  __unfreeze_partials+0x165/0x1a0
[  150.149460][ T1995]  put_cpu_partial+0xa9/0x100
[  150.153974][ T1995]  __slab_free+0x1c8/0x280
[  150.158224][ T1995]  ___cache_free+0xc6/0xd0
[  150.162478][ T1995]  qlist_free_all+0xc5/0x140
[  150.166904][ T1995]  kasan_quarantine_reduce+0x15a/0x180
[  150.172198][ T1995]  __kasan_slab_alloc+0x24/0x80
[  150.176887][ T1995]  slab_post_alloc_hook+0x53/0x2c0
[  150.181831][ T1995]  __kmem_cache_alloc_node+0x191/0x250
[  150.187128][ T1995]  __kmalloc+0xa3/0x1e0
[  150.191118][ T1995]  fib_create_info+0x858/0x1f10
[  150.195807][ T1995]  fib_table_insert+0x1b7/0x20a0
[  150.200580][ T1995] 
[  150.202750][ T1995] Memory state around the buggy address:
[  150.208226][ T1995]  ffff888119e58b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.216118][ T1995]  ffff888119e58c00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.224188][ T1995] >ffff888119e58c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.232083][ T1995]                                                              ^
[  150.239640][ T1995]  ffff888119e58d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.247536][ T1995]  ffff888119e58d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  150.255433][ T1995] ==================================================================
[  150.263330][ T1995] Disabling lock debugging due to kernel taint
2024/06/12 11:26:34 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF
[  150.273033][   T39] hid-generic 0000:0000:0000.0023: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0