last executing test programs: 4.394216883s ago: executing program 4: symlink(&(0x7f0000000880)='.\x00', &(0x7f00000008c0)='./file0\x00') setxattr$system_posix_acl(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='system.posix_acl_access\x00', &(0x7f0000000800)={{}, {}, [{}, {0x2, 0x0, 0xffffffffffffffff}]}, 0x20000834, 0x0) 3.323319531s ago: executing program 0: mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) lsetxattr$trusted_overlay_upper(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), &(0x7f0000000340)={0x0, 0xfb, 0xebd, 0x0, 0x0, "18c21fb44a50080e3fd14dc59aee06e5", "c1e71874a0c33f609aa5e6fca5648965251b87105886447113c0de60a6c8054bc09c330f36bbf48466b299e0ab57eace802395fda627208774373692046d4fb7bd13620c5ddd37ab5d073a4d99eeca9a635a0caccbdfb19779c4616fa15140ad7b88c1c552ae970a2a1b3ba631b48aba7972cb406c40419c61361e5dd7d8dea93ab69174f56d76ebdf66dc18b19aa89ac505d331ade2fc2c0bbf125ae30c03a5b0acc89b06ba3c4e29d432b65895cabe4f84dcb6241127af53fd1389f2c326e1656bbda82544bc391f872c5ea542776c40d676540f7034ec8461945380aa2ba095fded653f19d3a6e600583e087bf38cb675f5c4b4c6bf0a7de5bb655e408201556c0b6f5a6eabaf63eb1ed41982ff5fc97428ee003c814b7b1c546e2ac02d523f8d76b62007479d75f70c7b8cfb5958118cdf4a57c3c6f0d5b938838abad0312989e9bc65ea0bd2f2ac8fec3ace72d26e415f053856f15ac94ed5cf5c46bfc81f6c795be76def322f52ca5255f71b50097a6941b63ee376fea42622c939bceff06e3a40c4ee7161a4274ac7f378af397f961d9fd9f57313995acff46822da51f85086cce8a63fff34f053006b395c9b30f4cd1f54847d0db893c7335db2de41e4b71fd81667c9d582fdb2b61a8cbc53afb53fdcb5a70e938ae9491d9f42d5aeda9999ce9f98d8554f8579de4e903ceeac850b9d4c94a9995e4264384f1de990de8800615af1db31ce18d616a48a54761356efda4e779e24bf3d626072b58d8dfbdb9191d1edeefc20dc6c4e18dfe0795519ba96c9281b79a161ebc3641972618fdaa2123c7d78b02b97d6f178a37cefe674d9f1caa5bb59978d9a96d18d3134ba86b500c878b78cffaf4b7b33e6ace5e4a67cd2e22cdf02f30eb3701a5b42dced3d89a0fcabc249299785d279b4073d13856be068e576e699daba4f3443306c4de1a27a7d10a0d01bd4a869e333bd3dab04fc51ab9a3eb8c49660f551abe6d824f2b91fcdec8fa829f33af9e7e76c58b4b0f88b1858032a0ba05b898ff935f709402935492b93eef96602fbb748dd9ab3adca46b09cc5e31462df5dea5136ec9b7420125789e2d26d91f8bdcd1adb3814bb3f257382a02f2ee2a1c9d9cb6bb9e1d1ff141e0ab1bdaceb9c07a2ea22ce63722fa00106d9725eb530edf843807676437efab09dcf017af99ff33f58a529d7859e57d9fb88f695e7fc3432fba4d25bf2e3336076551e44b561b419d1ecfba9e375b53d4ac333a8531e753b6138eb725a5d9dda29c954f9008a3f6c74b45469cc87e063c29b9802611a0f8c49e531c7fc41d1cb74b7699229c6f51da7159eadace6dbd16f6b6a1ff0a305afa3fcdda92560e4be9acd6e0b8fe8b6ec6dfbf0528e33705db1638d4d50160332a4d75cc6eef0bd7a89baa85156674e023e32b48d26e0022abd3f2c48c95b6a1d9199d5eb3979b3edf09cf9d468634a9647ec67e068947496d5979b6635c4566fac5bc0f03393568c3c57222ce099bc55951e1b6e21adb5bc2d9d3ba7f6083b4a7798fc67fc40cf39da5b29f7d7947e7e34322cfb82e0cb8e59362d43de32ef1129e884b2d8e7f948b42d570e6cfda1bf8671b8294bcc32abfe9b145ba615d469a75fe7d63a7447a22b46e40f15a137551bda8e042df127c5f6a36bb6e5c4ee59ded6432e0bdec45edc73c72fd95393b20838cba5a1ee0c7686cd4ef62cbf98824fdbd02563adaf5389fb6b1a6a6bd7eb5c88e08326f742109e9cc07cbeff03112f4ae92edb2e301b20fa8c24d2228fb73ae1eae232cf59a2f06f53820ca59c9132aa80962fa15e13cb8d5a00f1323e9edbce45dae78a254d2ba8608f355db5f67d1f11599a886261257dc08fa02eac3edc040f71e8bfabae8f6663c2886a28b58b8d285c9857f7e14f1b97a1a9f1c08427124ba93243f06bfebe708cd7347ecfb521cea11b943754702ca4bf3c9bff09ed61fd40f1fd5a7be8e45c39af36d76c2b405389285feb3c5cbc4700f7aeb7be8b75c25a06db764d7c9ea49a3f029a7bd59251d18327a2c494f71d6555d80346ff08adc9cc62b8c0e6d208ae2b0d868e57db94be89d54e83cca5110457e1d9696e4a84b39a18eaf917bca3be39e0a6382447fb3ae0c3d26cdaf396c106fe6b77c584b3b5b5bc92f3b7b8fdee3fe2aed89d6ba9e724039acd5959017c4901c343a7d0582d7c0a73cd7f35ad4ba4f6e2e29ab8786a3acb49bf1a99b4ef78ec4a22f16e719f8c0ae613c4b2cb10a5a460501539cafe62a639356838b8b92ad66c66e8401a4f3d9b82b4207c6460fd130f511dfcfd8523e530e107f893d8ef22cbc6bc1c023635902a0deb0b93d983930bac65ad5231d3478996d30b113dd26c8b6d8a46af7536dd1c18da98633d0933f82f5688ddbf9ad51450a9a6967c2ebe81ceae028dd3b24eb5fbfac23bfb9744ea2c2f83ba86b0c5ab6ded3de175abcccc0d000f04df8abb804c1ee001b8192b4a80c95621bf28e2bb163ffccbb8607035c212b34c282c0889c80f45a97b85f5574a4d09b2bf947a1a6e667ee7d642d395b71169114ad5307a219aa74f2e3ce283121f77f5bbda2c5efcc8ea5018b77be23e6b7a3c9e627cdce75cda1673ef7bfd7a6ddb9c4dcebc26060e51d79e32345c9a32001bfccdbb4829a5bcbbc45ec6689f1168d64af19baf4d427b7d55923cb2ea2063d7e50f48325c8a6888c835a41849e5ce759cbf97f2508bac9a34072fd1e7b0741f3bf07ff619fd36ce99a7fb2116fab3a347cc2dbf6c33713a0c2ec9b71f41a2310f028b41130e19336db1ad8d36f07ca3a967eaa326289e817897974dd78e2cc4ac830b419451497690ab8239f74d53992d3f75f8dd0866e1f966d1ead6f68bb0279a9e3038b4e4960bbbfaec0a556484cf50cecc1dc02dabfe54893b5652fbd37e224c3a01416e2c13e4c861ec92a6279b1f23b346c7acaca60f154cf15da32b90d4c52576b96ba989f85eb4068567b51d6134e8b6daf39c1d715bf3c3fe2090520960afddbe0c3f1780e10df906dbe73f006888a183a73804c5220a106f6995535564682e83efc7214c741e4ca398cd11b159084cf63e5800b47fc70ab8566e02a7a5abb60356bd40d86880e6217b7281e12ab55e51b5eff87014610a561402e0e24ee2dfe898d137203d1ad51c3f2855f5336c490ca1f2228f7d734a52f2b3d93a92f78e32bb77050ba244b385e15d98f30ca1149f628649fc36efc43dfcc9d00b5b8dd2756ca3ea2d5f00415ed34b4bfcafefd9de4b60c4c93cc99a0de337371d06cac6e0fc2943433eb66bda0d818344cdb9283e22e4d8e0b0d561fc9785b2579f70d127c864c5d25a9615487f6354728fdc6572852409f92d21c6b9d290e225eafdf8fc846f2112c8a640cdb0df24cd24cf155ca6e382ea16981e621826bc707a892249d2d675e6483529886525707fb3613018d3087f9c2eb38ac7df362f8e8d4065270cb1477cb2fa34e555a33cbfcdabb908daf4f0743403b3e63d78403d29545a1a0c794ebfd8b372732d5ef37b919c245b65ed6473d2283a38f324379e278ff6b1946a27c7a7c65818c88e73712ce2823bcdef7f35dd8af427a41c4e17ea269e4b6dfb2e441e4dea77e14395fdcac7c143b078d2b3e57f42e490e24ed73ec3fdf311b812715772b917b08d9f21c02cf2656274c0da911544979eb9048f85610a72b5b38f5b19a722b595c4c5274f7d793708c2cb97bd318ca1f8a6fdf3a3c7904a0991df04e638772a3ea1e0b0f108bd25a882c3aa4e1ff93ca02f01700726118488b9c74a4b022bc48ab445df23c151cff579e68a333a92cdb3f6f935a52a1a9cc15c00de503539f17cfd986476441b58c32922a36f75f85575a8ad9d6eab6ac648f175d1812d0a8fce7c78a9c5cbd70253113e70c9e923dc0980b358e4bf201423863ad9921eccd20605d591a674853509951ea78fb17fae87cb36181ce3e6d9f80dc8e8b6c3ab709a26fe79cd4877533a666b43a629a4fe7ac125e4e0aab05915e79910cdbb9c810ce6d8814387cf9fe534488fe5a1c5abcb89c731194f5faedd6880621f449b25f536ad11309a016df8ffb0c64bdde51f7f65cf20b522f2e5dbf2ef2b98fe905fec43a3ade27ca6dcabce5a1bcd80465a6275bee67ab8e9ba4eebc50261b9f906bd2473cf2a3064336861997720adffc24a3c0be550f5e81934bb4c412148821230086988110b9da0c0cb562eff17ee0b815e2283616f419fc7e53ceb49b043a8359975d26c840710a9cadc8b6aa09022b58aedf333e815aad8c8f887a6f3718901790067b914d8f41ca223688c1ce6ab09359363d20b9c92e75112d1a1c496d552c48a03c4d6ecc1cee981fdeb69aae8e8db6327cd276384cd892644f6199dd15d6d3cb781040516477a5b6b3908f48fa64484ff113a3864090dfcf0563dba8e3a3efbf4149c8b2c9d5c9d5ded146b3f42444e9738cfe56e682743cf143555c66214639ae87766a25eaea6d4aadae321423a1ae270e070b894bd40b18e8798f6e701977f136c1e4c2f0fc65618a55198c0c2b3f93035a21ae7f8bdb31f436395870f645b62c92df1dbff520972ade97ab82efb0c50a256a6319fcf3c6777422dac620f148c1f94e9228b908b0a42ece3d7360a7df87d0990ca7015278e95651ad6fa6a11b484b80a23be532bc138c0257ffaafa692d4b19a511d81749dc50e62a9a29a0aa8ed6460bc09f481479a190c7dff61f9af2f9c34b344ba032af5f87965618429f3a52ab6950cfaf02d1af5a65211c62077a218299d8153ed8a05dbfa957cd52a74967042f928b58ba2d5ec4259705617d7fa758339664554219884066640bd1be0af2320d5d46aeaf9b834cf8788f9434499d17b8af7be748f465cef071abc5e693f7f55eddd4c255353326380af33b0ce721afbb4af72e59ab3cb46ce6dd4e39431a29b1998bf08910462e2fa57301a7d55af09e3ca2bea08030cd5be5cdbdd89f77f01748cbb9dbdadd1a5a36b4889cd76d9e3d4e88df1450449aa074b0635ad5db172f164e735d58e58af57e2dfba069d9decc56fff7573444af02de883c1b22f757166a84b818c8cd090c1cc26fb79ea8d2b46f8f53e328a424ea6f2d1ce7db63f45fe8fd024a4bb18ad035254b712084f027f8e93a0e39ea3f72052797f354f9634cbc0eae00a70b1e43028e0a736102957930bf9574f39aa3e06e3741bedc3bc446cbb6330bdcc806de2ca688b434334f0aafb1961039689913dc4407a4849af19f6e563f77c83d602338b1acd99a2a48962e9cda3620ee16da17ba3474c5a9fb85852"}, 0xebd, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='system.posix_acl_default\x00', &(0x7f0000001880)={{}, {}, [{}, {}, {}, {}, {}, {0x2, 0x0, 0xee01}, {}, {}], {}, [{}, {}, {}]}, 0x7c, 0x0) lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000000180)={{}, {}, [{}, {0x2, 0x0, 0xee01}], {}, [{}, {}, {0x8, 0x0, 0xee00}, {}, {}, {}, {}, {0x8, 0x0, 0xee00}, {}, {}]}, 0x84, 0x0) llistxattr(&(0x7f00000012c0)='./file0\x00', 0x0, 0x0) 3.099524016s ago: executing program 0: socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0xcb8abed, 0xffbffffffffffff8, 0x4000000}) 3.032778186s ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="050000000000000071119300000000008510550002000000850000000500000095000000000000009500a50500000000e708800bd98f08d6267597b118b9120727dc3cacedfedfd68431b167c977a1d70ca9cb62be8ed20f76f90467288b5534b369be1e38ba374b175bf8b0db34da0fe025e046748916c8d5431abd40bdd01457d8bec5b8420c5e1386e44ae7e717133336cfa17e349188167c65536f0c999b6ee3cd9daa21d2c0f5e3f4be490b9159b01ea84e326c768b04c79c0aa008d01b762baa88ca914164eb27191362d8362584b5e2912b5ba84e8310c1fc6157db5a1e9069544de6d73ce0e4a52ea1fbbccbd37872c5272e6092cd51993ab12d73479ec76931b9037101dd800dc664d24b2adda89312aa9d07dad601d9e34943c6ead5d43613d66b600dc1a9ceb63f70"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) 2.633202418s ago: executing program 1: r0 = epoll_create(0xe2) r1 = socket$can_raw(0x1d, 0x3, 0x1) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000300)={0x80002014}) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000000)={0x15}) 2.604990443s ago: executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)=@getnetconf={0x14, 0x2e, 0x51697067a67f72f}, 0x14}}, 0x0) 2.577062997s ago: executing program 1: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000680)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@orlov}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x400}}, {@user_xattr}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) socket$nl_route(0x10, 0x3, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) r2 = memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy4\xa9\xf88C\xe3', 0x0) write(r2, &(0x7f0000000140)='/', 0x1) sendfile(r2, r2, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x11, r2, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0) mount$9p_unix(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x41000, 0x0) mount(&(0x7f0000000080)=@filename='\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x105043, 0x0) sendfile(r1, r0, 0x0, 0x8000000d) 2.401188285s ago: executing program 4: symlink(&(0x7f0000000880)='.\x00', &(0x7f00000008c0)='./file0\x00') setxattr$system_posix_acl(&(0x7f0000000440)='./file0\x00', &(0x7f0000000480)='system.posix_acl_access\x00', &(0x7f0000000800)={{}, {}, [{}, {0x2, 0x0, 0xffffffffffffffff}]}, 0x20000834, 0x0) 2.346271523s ago: executing program 4: bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f000000c3c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000cc0)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x202}}, 0x50) syz_fuse_handle_req(r0, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f00000041c0)="09c10df286a3136e7e2778fc1f022bf0c058a4b9f9654487e5ae378f9b145ad7603cae89f91c08c71a6c4f0a293bab0dc833c2fc94a350e53f2f52722ba7e8ff44aef7c3349301edc10a61f35c01d32a5d2eda807599b969387b7ebf974cc5b5913f7b5846127204c5d5e0f7321b36386f08f84becb9b85a325b83ec44f7f56535675b168b51ff2ac1ceca7015ed4f312c1023a993eb0e7a2d72a97fe7f20a92cae3da97b00e703557adcc3e081dd3f8b06bc9e6cb9e15b3448f54670dded49ed35f5882f3ee1c1d334c6e348cfda84db25b6a6d8a5fbc9cbaae01d08a51e30222cec0f3afbd207a5798e99304c9e482d2c9a50041ed76f7136b4c0aaa9bd3861c250e468c130ff09eb8a1bcf1a70b86483436f8af6a5f8a003bfac5d9ebfd550fbd77565e147ea2b2adeabf4cad062ac0b3bb43265fbdd2ff4add841368ba511ce4b0c65b51d5703c3b9a5672e836adf5944519fcfd2a9936bf5b7092c56b34f78bd88e4d853c11208035757c2034c21a76b51820a7b842cd8e6dd7db2ebf4320a075d47c62a8f15ebaa5998aef069aab8b5b7b7b52ae198cf43c4b711feeb6ab0a3ccecdb030c195117875cf7e22b719bd02bcd9f8d7c78af469e87a231acaebda0078262505274ec75de9914ae79661e73572fed8b33575e8a8e6e4e9fe1fd46a0ea25fc86b6fa25d954240648ae89227aa1f5bb861f0751d0a5c987b743e6c6263518122bb863ecb104976685edd435be712637ae06ae0d1e0d5d7ce980a07e0e61a7b33dea38586860905b87aafa3589e602a1522c74b9966496a52121f9846aaf18159d50746d6c95b7b634dae46a69bc16437a294bc6671edc0cdb5406f0287cbbd0f6ca8c1afbc7b73beb52b8c9c45d2f4910c21bf5710d189d7f894ffc800ae34296fd2af1d999712863b8777e39d0a78cd47e821b02dd14072ef4b48a34f8f0f7d406f24ede8984d444a4be5868ab2678619693c13d00fc29534b4f6941648cf4bfc9d9d6bec9c04b05c8ad2e425ed31df803782d1b4a2e187b01dfdbdfec0c3fe0275033f59bdd3331b2b2ff713a28e6d4299e14bdd7c344bf754cb6dbe5b2ecbedb99d415b12796b7325a935482ef097d6001692321e274a06313c9cdddb017f9713b64e066dd3801b4b66724e707a38d098528656115be8ba9d7d634b4d1e4b8f7960342d6a124ed4e5e93e47ebdef751e87292e074f64fea6ad454ec28d57328414d5e236295cc54fe74a6fb36351c9a6ce3bb7595667014c5e804f3a4e77233becfa9175c7e9001b848bb0c270ef2fc6e1d8ca2ac00ccd7586c27a9f85b4e3e8424bc07a0b97720e4e08dbc4b8d3917772f7f5e7a5eb87942d7be14d737a49839e972894d2ff6584e2babad37f087a6ca2b0a42c7cac3f47d2a48b8a24fdad0def2286b3e91e7215ca859387a1372178e6a3f8acbddc2eac6356cc6e152bf2ed8aa59c1adfb57021112ce299753069278ae072ad63694365fffa9ae6f53f5be24c7747cc4680fe16819720edcb3b5b40cfc5e35ea56d2a0efb57514ad39e6a872f6e7c89675e5d04dc42883a605803b04976a90c5e6878c41484c90c80e9a7e8fb483db57dc552c2ec5bb674fa2b5dd09122d33fa312ed75bdf5ac0776a14c01ff36ac57b4de020b71d86651eb9093a7f5735f381af91b09afef2ac8d80e3f94245e7e71e0f4d7b1efe08e90d30fee3faea95aac86d6eb890e66758795bf9e2d826ecfbd13914e306de1c91096943c55791f9441324278b57162b5ae2605f5a3ce7c4a2554d064a6c60c752316f96c2f28f20faabb1803369fff8e847f753e13c7c52d8d710280ed04cbf1f2e686c286bec7b6983422f0cf8a62816f9e250a32fe39aa32e87931e09432596e04ed32d41f67b165d4c192cdf251833d2dab52bb84b561c091e71fdd0e7c817a31b7c7f8abed364fde16d3a9cba8384b171f339d946f37d0a315aac3677917b805fe59a9422e7a103a2e38668caa29668cf39c99357189a067b4c793ece2dcb3baf3aad12a5497b2063087d9e1b68d3836948839ab485a006cf84779ad945de8b85d2cc6cd4255bdd6df9b85072eb30be80583f30580ef83f94c16d2c36e29e8e96f566c6949c8161414dd9cc0ad2c1787b9d019501a956c2a326dfd313225268d45cce78c98a71a222255fb7930ac0ae7fae1ae6ae96c0b323d26413f7bc4476810fca11bcdacd368f896ae58e619656d200a611de75c899799b7d37a3535f0781701acf3a25626ef17b104951fcc7e5ba1fb2206a61baa8456d76d5385e924644f24495f8d621facb0838323caea969624a542ae47f815f55e37e4c6ae41ad7b8046be7e170cab49e68b9acdf2600cf761d0a62099fab0912834ba0dbd97f491d8446c5f18d03f1d81b3c2eb3e3db042157ada3fa6ee0f106345541c79f0fd903a54d1b05454a878d5cc5bfe6690eec25036281efb07d373399287d0bd93bd2745e61515e8c08296d6c1d4c87f65908a3571459305a17cf426205f6526ff07a82b51c59cbf42a065354c1dec6bfb0d34ccd9f135fb0a881f09d435ebf7d18f0ad62a9057c585e2d22db624b7b4f369f6f63e7f1fdb7ab064b738f49021f6a009a9857380b2288edc104f29463fe35c066dbad0294dc7aaf753ce77111a42d367c7d114140640d6c2878d775cd21a68a99262ec0e8d0ad3122d9d885f25cdc11d68ab641a64d03c38f61dc247481ddfd275b344e82849e5147bd71fcd176064fa3a45e00dd1ffdf7233e6271b90eac59ff483c921c0e972163d6eb24f6ca86f781a1e16c775f6cc15e40d110c44b5080cc3c7f940f824f7ce13a923d5062ea6dd2c098846890b41f1bba02f220a2420a0c3df1b96af9938476e6aaeb79523208435069baa2ab7a7bd8bf00205f26f359c30650d1de6cfafa8acbee9a24a44a35a619397439ba8e157ba8edb64aef3c9948ec9301137598f3ef8f08982d19decd95d5297c8d7f18ed53243f9a1cc397e69d9c2e59e162e42c13a0d806b7b666091d3453768c057e9cd5d5f37b7cd252ace59764bfd70017303e8d8cce32119727996438ea9ab5073dbb8dbf67e789b2ae127c9c94b76fe77d5e0c998078d4885e6e422a6e74e4f390cd5807c2f9985cc16e55c4c86298c8426599139bcf4b55f04c43de34683d08622a9c0928d2a034e841d6cbc5ecf8bfc2a5dd8c3bf4df23088537246004d936eee49ae772635131618bdc22a124149ac6a3675addcc9fec5f8f5303e3466deb6ca0b2155ecf55575460f0f36429829c80b02d01c8bf6e00f6ff1121551629f38856508ad50432917039089a2924b6f2c1afa325f98f85c2b0f7aa3ef28e1c9f055f0cdb8f8f87228124aa2e5ad6a54f5b4f581a920a0c3e1a9cbaf6f94d0b683881d47f9fc5678ab3d7bc48b22635866e3a1933b3f894c2000f8e9de118352e390ca0d9071e68b1068b815535a145bb52b04ad6c18652894d4769b4a7b6405ca88251a1fc7ead94ef3a1c44bf4bee9469cdb5c9196726cfd93e8096052d6f04f0bb3c0fe1bc75d6ef177a03c605156e2b3c0322fb84aeb20b72f7177113efbc4e23810201bcd1dd4b64b986a6e5a32a7eab5597b9e86aa0d405eadd00c1210cbd0505d813ec78f9eba7cce51ff1de8e4f428bd60c29554cd8f5425d6bc39544fbc1813ec61310efcc327ea530d865a6d4c3e88ddb38eea06330d18d03b9d8d50d7bb195469cd290cfeee863a8ec21a115ec0af855e2c19066d28e65d1055121271a507979b8fd660120ed0500654805f204706fa343109d30cc1131816db54b011728cf7da2342d0beca28fb156b0291dc914390721fc3547dcb4fee2b5ba330f76efe5f2851e3827e975c396099b6d70485a5758b3e5b7b1248e92d1c4c98b6a3ec13045ebb9d2b470a2406d0644a0427e470a41f2539d6f534f649d7b0d532ab8fc6a0985375cc4870f8ccfe0fa6c1b5bbd017ad545304c8d8f28fa8bd834f7d6b3189051452b0f29cab340988963715719a0a85f4169452f85014d5dfa41b8eb4bb4a8ac5d3e8eaec10749638257e9d84dbd32a63619740457deaa090f538a6fab5bf12c694f2c405373b117539f7974d68f62e688311f22f2ccaa16d78d41c80168c7ab3a15f057c6f28e54a2d2d1551c1839e8b9f365134242a1fe59d15c428e4673d6d580d738673a55375f76faa43d225f0365e524b62b951ecdf5b6882aa4a4c88e447e5af10a0ed488041583679181efffc338d5e1df6f11a271d4ee44c8f91dc03d988f6e6c40b9074a38c583727429daaeb9e1420e8458a3347eade3584f29aaa35a28f1a88506e3375f03748fbef15b0e84a42e3cb6420f3da2ee6dfcba7f276a346a68d24e73e9204201aca0cc7fb7211e6a8fc0cfe0af9d7a1fae66fa5d1e353181bf334c0663cc267dbc0d4738575f68b186c6331b3820d17b6bda4e7a0483827d2e8bfec34d348dffe00764445ccd3e55171e5334d22311a57e4de97bdbdf74d9eb0712be88a427cfcd9f0d911df8130b32b431b624989e935393e22c49d78526e4b8721b06a52d9545d06a7e627739b1a9c56af42e0d6cf1ab3a83be319334d40d19d4813f6f0ba29323f9868a1eaa50e857dc1426a92b30d4e10b3aec65c559c26cb4d459a864d85eb46c3d2d5d6d65a19fedad6e524c4fee52ef175e07b9a684d2bfda09cc5147c11c5f7026e0ea36ddef8b3ac11746d6f35982431094366e19f1d3c0de7cadeb49c5546d64df1c59f8faa4123d758a80c3dde5b73989d68f0dcf2dd52550dff966b9a8ecb1bba484d024d1c713b6f6de7a2617cc70b423f0c012951415a53b2c396d5524bf34d00f0d56858a9c822c63b2f998b68987dc681fca5eecbe369568be1ff549bd4424a45fed556fb9c95d121b8148baef5c86c1cc3afd94397c8276e110c58963634b8a7dc2627c2a5a2f9d40a0c297e8b2a479051c778247ce86e1c73a9c694663b356c6dac4ea59cdb0d3a4fbeaa4c0a00f0216dbe630b7f97b814dec1af3f3dfcbd89b040eb32e2b04a767a5284312ae34a6ccdbf5240de44cf08c10b2f37c432c6fd21af18dd0bf557ceb65e4eeb4a43adc41ecc4133ed79aae67754981074969174d88027532b26af2b343e214aafd6e8ac539b4ab5d763b0df23707c066f36b189d9127d109a3fdc351b5e252900ce3952c552bb4fe73ba6b6e381872dbf558522d7755a551b893a828f3ed7d8ef49f38e25bca6faade84d8037f784fd7a8f26b28eeab0e89385543cfb97d137eeec5e4d7abf3b93bdf47192062ba9f19580d0d88ff5636b40af8ee512f8ac90de5e17a157c86b0b1b85910a4a5e41e642607bb9758514aa65973052eb1b67749bb3c9f5ed8984d8f819d7d72b28d089cd3ab41b648920ac9558cce14301964ca7905af910e2015585bc14977d1238aba4b60dd6b37d024327ad6f82b10cee386b0183989a69c30fcdb61e89fe5ec6f0d5ff523331d00eabd6a086e8f73af35e7cda22b84025d5c1d968ac9a62080107217620f2ab2e722fda9c62960e24e65c71f9af0eb5c6c319d5beabfdfb12608327a42c185b88feccc4549aec5f07c28071163724300373321fea4dd6d7d60525caa4d9833866e08e4345f47b6e936b2d9ad37ff3b56c4d05e6931bcfd77a52ecf23729609a873076f32bec240372e2a533d48ce201e136bdbf036315ba65449feddf5eed19b062233dd1b0c093c5b6ea6418f2685f6450f803bc1322524fa74bc6d5f9b8cb3485217ec93b8ffba6c7c642395787cb4ddcb874bcc6ededab97cc816048372f48b4a6f88f801ea3a680c3c5ec565fae3b918f2b85b9e33c77a15463a07de144e91f6feadae06e48a8aad0f1c610cff194eb8e338eb555baa66a315b3a53d3092b58b88213df16ece6393bfa6bd2feb1fd7f4074a9a533912d5caa9f38f6c0adce93cf0f3d8d625c49fdaac6d5684ad49cbcec466f3b1230e7284727029b1fa46756ae68cf1582050920a4fcb3513d1e732cb7f2041527ebda99da544c6d4906327ce735c2c8372dfca363ab3b99feb345d727a2a9d2cfa59aa0920ab8f764576c365246f985f244824e23e9d15d74a9b0bb001b7b61f8b828c321699adb8153004ce48d67f91eba238796282523647806c84315f06b41ab95985d572311e77d2ea92d5803a1e9d68a4c662a99019fff8a43c02c9989da7ce59cd3344195dbe4b2d607166be8a50e93fc3d183da65b7ac9b20779b2a21b871922781ba5e18549124170e7007ff86740f311c1b62374c50a70de7496bb5c392591ddf1f842967bb44096ede42c56308f65c7ac12d1913a70de61752db77bb1133ad3aa2908aa2ae338938ccd58324d2435a51149badb358a2920070569778a1600422b2db5fc6b90a30754549a235cd2371bc3f35b231fc94c52a5e1b0c3498e7fcb07d743e577b2129b7c3d9621d7682b11b841dd2767da9e464c84c06dd849a808c8c36485db8a4f0e461fe6c09c23465e04d98e80ed90162377a937c0991d1089dd5185bdfba87dcb6ef2147eb49e4adc21d40513c8b3ec5820cb195c5f1b2a2a3579861b5051ad8191ed5a2da023d000fc26a9f53035bae9b3398e3af4b5dfc31301f661900feb20d0b5329dc24eef74b1732dacc315cac62dadee5d93ff1d747209ed42bd79b1796e04b55f02b9e967ca4847e0d21d337c2ca7d768ddd1d3d9782a04168a59d0b93c658c00146be42c99cae8fa4f06617c22322302d8b75580df752cc4068e42ab43e61c566db341fabe0e1c67f9ead127a0f9883b40b97cc654cac408f1b3984b8023440d0d4739469070222872349e590ab75fc7090faf42244351818ece78f7155206c576f8fea4cc19f07309084231026b37d2ab35fd9aaa722294b36a775be64fd055cd3c70cbb567403903c2d0107541c1ba196520458529486c7fff162351b6cd5dee9d4f140b92ee2fdc1b61c8fcf3e612466355399bd7a7fd058d1a4851bc48486e7c4c07e836766e78684301114bf6de335aac3697c35aaadb7c3322c9df87c4e7d065480d73a9eccd0139ee02e7df22449f9d1da960242ca3a81459d8054cd5fcda0eec071e757ee03c515a6bee81131946d40fd28b40321c9077488c923a8a53cbc9273702e9e1ce876cb731ff42457c0f9133f30094982c3a81cf1bdd4fb8bab68128e9266c0e79c0151d69479f0520481ad37f992a4d0bbac81b2652e99cfb4eb4c09bef2e871bb7fe700c7ed990eb874b19c272166c13ac0f9695ac8e94a4d251c19df595426e0fbd1d3da70319d43cf78893095cc7fb165e5c5e0b63a9224486e8876240b0371e4552b8122495a796a607d76018c9ba2b19a7d8e3c472359cc15a131a58959d1ba091e1898cd1557ef619697df46216e633b1f335cabb6c7e26de1aace7136eb7d463fde32be6e0120aaab1939f0a4e7a82dbcb6d157f4614909944436564526e91d7836630318bdc9d11fdfd80157edb6d320fae8c435208cb8572f0281357d766a4f66affce8971304b212445975b8000cabbe75e450f65676b8c3ae176a56fb6ae66e3361d9a9e8ff942ed4ce6585a894182f547b3611464b4ae689369437d36fa4d4965c25440cf8435b8a335155e63426628c537442d81f917eeea0046e4c3a0802dd7df4e21a8a69c61fe86f5f64b4d4071a400610d8397f8c521defc897f5903add27ca8d186ab2be8f3df7ea0155ab4cee79b8e963b6221d7e311d1fc6c2c1300b66fb833376bdc45bf1bf0046796d1c1df4a0dd63abb80b9a6f834e706b8f3c4efe4209cc3bbf75309670274eb261abb311a742f36063dafc36b15a0338fdfb17f6be29b5e2c60ec407ae17cb6e383cbae9ebdd7e48548746bf87dc1dc8e8df67cbfae0e4f6358cdab039f8b0a20748e3fe7aeeeb94dcedb0112a8956e03b29b0992e4ac7300dbb067951eb9b98eb3a3c932e7998a8717c86c2d22b9a4f5300408610a3514373ffe9aa009bac5b38c77d3b98e1d77f6971faa71bc82059541b87e4146e56174f9bc77164ac8a3df8dcfd69285cf4a81dcf86078570b03b494df86c4487be0f33113022d89c49495bbfd4acdbb5d92229a4a600f977d2011c98e5fc312d9bffdd43833f6cdd192f1c891956b4209f4d55161881d1bbd21a53dd4ebb387055eddb4dd71a21e834354b4676e1228a7855b2e4813307557d7a3483f50e8a11a371d7646797d863f580c63a433b4f8a3f56146c971dd96820e986d10ad041da3f14df34ce672dea173dfb448b1e93dd4ec5a003fe109bb63eef803a0651009b9997ae15dd55f9d2b613970d81a5fb78545b7543114ca03b0813cf4e3e5551f84bb788497ddeaf88feba493bc576a69c5ca87376811e287606fcc2e8c465d3ace68a92aecb6f601bd5cc18c9ffd8da6ae40fdbfeb231c75f1671ac2c3ed712105c89d7f19eeb8c2e05c96a9ec92e7d8bd209f5bc48c45aac0bee1ef11bf9f1e8ae1c7db3d8f855dfabf863a9ec5a3f094c2c7dcce487aeb8182131fa060e38ceaa081375ff88e03670a6226e1d54cc10a9d5792d6ac7e2b8dec46f296d416e3af52a134122781e08aa28c622fcaef8edc8c68e569684b79f26b6b1d2a03ebe8200fd1b6f5d561e1fe28e06a4c6abada585f81f7aa351b69d55a7794a42cd285f190d3bd1996f38ea69a09b344bae94f3fcfc72aa4c8faffc0ab40eaf0340cfb05b1a6a3a4abf646ba9415089382932cf40a03ece0804bacc51e69ab107bf568a9291344d26ba17d9180d44a5e63f54be41c27742bff5f8b6fc11f6c9632e22a29bf1cae278041d63f701abe8bf6d50aab9cd055db37017267d0000ab24d9d2cecf4508df674860060844b69b2db4dbc868178e775bf3c17639ff13ea8d00c895209cc8453d483339f610fe2f632f6b2d77c7d89a7c85f89171b9f41ada62dc8a20dce7aa5043642c023a8344d549f6475c1ecfba421bf0f00ac6c0ac1e2ddb93eda60911960262d0ce4240cb28545f5ecf561434f02f12f03a366b545ffe1b02936146f794c43aead3a1edef2b6557a0b5cbf2bc05a1c4b6659d239043d5c03764d361d94225f3a57dd1ee51ea53ca0f076f8702572328855530135b5a7a0472e31fd40c3636efd20a4c2b25d09a9da4503395335ec27156c899474bf6e6daed56efd75598b9c8afca931e776f5fa677fe1134db2e183f2677c750ea3d10659b624116823b63f915e1c6948e21cb752e7742bb89fe8fbf6702ca2c7b010061c152fac55ae7bb0f964351c913c2686baca5fb9b7a7705a74aaaa33c3d06753fc7b74eb9768608b3fe5adc58bd4858eeae9315992f6eaaf0701b212b9f3dc631a564dad1a7b398fa9ce96d70ad065e3627c06a72ee9944bb7af2003c47d961230a67e3cb13bcd16582975ca489a92b0fc4d80c8eb1be777d18af42ca5b3099a04dcbc80d143523a96ede2bc0203e3bc288fdf22af85efac4195c2fa38f90a9d5cb0c23dee55876430a135bd4d906071f896b039a775eecd3457983966ef3f8fab6b28c042ea296acdaf664ce92f98bdad6eac89a23e547b6d364d84321b73e0f0191694b7f9b9384e968c851891370dfa53ca10f1f87f62f4afc7b779b4e775608c0ac90e2431568d874476f13ba55bfa283ca3c8550e0720ca7391b2d42e50b079d70dd137f94689f4c568bfcaa5720f894bcab6ce79d2f305724877c971a26bdf49cf50078cfb1f8b4d1bc5853198e99bdf3522d9b740f349bfd58fdadcef357c488b0b036cd7eb28bf130a076448f9ad23f7d4899b563d73c8b767fec85b62fa1bfb6dff423a380523387a0a527e1fd6b9a8350302514b3359fd8df4d1aceaf2e0704c0fac0ca925c9dfacce4ef08a5222057cf146a667d417eb033d7220ab2eab1fa2e3c98d7a6e76773c2d34b99af81a5490acf664d12781af51167bac23eaa4ca2dc48d8ed33a4522a2d74824e1771196ba3a2c318d9197b23ab0317e2c3c510ae455577c83a9528a14836eb1ca73b56dfeea4b56c3171bc9266f9954315925b1fd43f18903ca0c5b08a8ce95c0a18d24c0c2cbebbe0669c41c80c0ff38239ab3fe7cfe0b310f7ebb3a8480d499d00b025f3903836b4c2e14dbe58b5dae194834e39e8ab0a528665101b66187a99535f0227b5dd172955c82e3616b60c46e88bb603514cb3beb39449bfd7da344a453aef2589e593bfa17ed2c566d7cd46d73d4236e82bc1fd21a54cde3d84428f1aa1f69e05b63abd9399e4d42e07f96f88ee3413a17aedfedae508595ee7e6e2bf7962b9a5b9b186e9b2c3a45b739865788fb97e2d79d42b3e383a344c2a42c031d44400d60df2496348e1bad74a4d5a3a50fec419e6ce2b35ed552ab223a14ec75f870c3228bc42bd2e96944130a2cf3340848185518f62963f4f8cf1d36c2edd2c7e041cf5ebf414e3e768c99cebee736451e7a0b0a723a8b7265438ecb52f2349cac7ddff2aaf8c6f8702209f150a4a90926908f910abfc32f4081317575eabd1099e1a5ab7b18ca192530071201809317281bc1e7c6380e0c4d88e36aea10294f79da0807d0be23a11e1d9fe9729e63a3a67f53bdd48905dd626def5718a392a6adeaaf75f5dfa79a3faad30dc0617ca512c6b8468c5aec3395b19bda2cbaf0636cdc80451298a5065f4de141688a1765857dd493904b9715268cc3d700300fbdfeaa4422d09cb1617884e1bda71c836953fc0a19f4ee75d15c6aae0f0707b911f122f806410aae5202c4cbcd68cffc28ec4a409cfa4aa31f06ae0dae023747c4b54e7d263087d8b50b746b412177a7f08c7dd0a2990463f115cea17b35c07de08f4abb88ac09fcc62296c1bb07a3fd28f1f3ea639c2d82eb7bded3c465160297f371e752b81688f99ee9d572de9b9cba648b7aa9657773d2c1e3c5d7b39eb553e9e4077fee300c1a9d1e881b9e84c427bc77d539175f795e259ee239c98d90c2dcba02cf0a029de1c2fdbb9d7050d88645389b54ae5c30b94091327ca2f6519f2060983adbe8eddfa4f1225048a57660a881a7cc205bdd30f3cce135e5cc2909ce23c7008da828c36b940998348414231c815663f4eaf18f5540d90aaf412bed49af5fb5e33e7cb3143cda350795eafa5c08d1c7f3ef5b23f7f13339f9506617c337d558fb9566dd54cde784058b32efb78cebcfea140b8bf9de1897543ebbf80dfd4cf548cd828fae8a73872eeac05a222db79e4bfaef4f6154d0e6978dac7dec148fbe8f7f06fc2f8ed900c7a92e5aa0488aed7c1c1b71b8ac20a850b1538cfc23da39eab3a5fa5f5bb274cee9d3d3cde4fe89ba79a2616e2be9eb1dd31170958c7a8031de47e9802f9042ee6286c7536c4b0d8ecd21ee62f47331882d617267ead4067d687555e957b3340d360d89bae2586e72d9e52b68886c0c6071f4e04aa089887a53fceb4e93a663c4497fdf8921e1ab8993859b215afb123bd72ab21dcbf74c43ac85212a285e996c1bf64eb401e5ec10df621274a016f6fff7f957d6dc5df45098f5ba61e932abb400c5fb9597db759492aa8d6a1894f7c40539218a0bbfbc5c9b857400eb8bcfb3e7981fe4080741e3be9eeeea4c997a8ed80cc18d1a33f898ea5ce2143d2239b693a688b83ca189f9228e0d9a3d3cdb380f7dd", 0x2000, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)={0x28, 0x0, 0x0, {{0x0, 0x0, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x0) r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0) fcntl$lock(r2, 0x24, &(0x7f0000000200)) 2.135286506s ago: executing program 4: bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000002eb10007020000f8ffffffb703000008000004b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x3f, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000000020000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000024"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000100)={0xa003a5b4, 0x0, &(0x7f00000000c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="0201008002"], 0x11}}, 0x0) 2.034397852s ago: executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) bind$vsock_stream(r1, &(0x7f0000000000)={0x10}, 0x10) r2 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x2, 0x9, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, [@sadb_address={0x2, 0x17, 0x0, 0x0, 0x0, @in={0x2, 0x0, @private}}]}, 0x28}}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000003c0)={'wlan1\x00'}) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@ipv4_newnexthop={0x18, 0x68, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x4}}, 0x18}}, 0x0) write(0xffffffffffffffff, &(0x7f0000000800)="240000001e005f0314f90408faac47000a000000010000000000", 0x1a) pipe(&(0x7f0000000180)) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc}, 0x90) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000005c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2}, 0x48) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r6, &(0x7f0000000380), 0x0}, 0x20) r7 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000140)=0x20, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r7, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000000180)=0x8, 0x4) setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000100)=0x20, 0x4) bind$xdp(r5, &(0x7f00000002c0)={0x2c, 0x0, r8}, 0x10) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000500)={0x0}, 0x20) ioctl$FITRIM(r0, 0xc0185879, 0x0) 1.969499172s ago: executing program 4: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 1.85740893s ago: executing program 3: ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000440)=ANY=[@ANYBLOB="030000000000000002000000000000000600000000", @ANYRES32]) r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000400)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x12e, 0x0) 1.723534731s ago: executing program 3: syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='smaps\x00') seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]}) openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_open_procfs(0x0, &(0x7f0000000180)='fd/3\x00') 1.582291943s ago: executing program 1: r0 = socket$packet(0x11, 0x2, 0x300) getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000500)=0x14) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x18, r1}, 0x14) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000002c0)={&(0x7f0000000940)=ANY=[@ANYBLOB="3c0000002100000225bd70abb503c1aa02d5bcf8295b2fd125db000100000809003400080002007f80000108000200ac1e010108000200ac14142008000b00060000005b8db751644226d0c489028dfd6539b8859c0b7ccb74485f226bee6c377871a44e00d19985b8ffccd2339325a43258ff93a0ed7e16e9ff19f6bc4bbb1d8100d0c6be85134796334153ed4b70624d9538d8ffffffffc99ccd4fc58389a5c54909c1f035d27602c18cf59b769558a0ec8cc53c4fff001a00accac04c6fc5af92d0cde682915bfc66d630b18cfd7f1ce446179e3726cc9d40ea83e6630b139d431677b0cb0d0b9733fc8b287f64377c21818ffeac80192a2f3f8a609cab321c7918ac05651ecbdf84223d3c2910fe95f6"], 0x3c}, 0x1, 0x0, 0x0, 0x400c000}, 0x10880) r3 = socket(0x1, 0x803, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000740)={&(0x7f0000000600)=@newqdisc={0x7c, 0x24, 0x10, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x4, 0x5}, {0x1, 0x3}, {0xfff3, 0xfff1}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0x1}, @qdisc_kind_options=@q_choke, @qdisc_kind_options=@q_fq_pie={{0x8}, {0x14, 0x2, [@TCA_FQ_PIE_BYTEMODE={0x8}, @TCA_FQ_PIE_DQ_RATE_ESTIMATOR={0x8, 0xc, 0x1}]}}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x93}, @TCA_RATE={0x6, 0x5, {0xb9, 0x3f}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x1000}]}, 0x7c}, 0x1, 0x0, 0x0, 0x44081}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x8) getsockname$packet(r3, &(0x7f00000005c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000800)=0x14) r5 = socket$netlink(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@delneigh={0x30, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r7, 0x0, 0x2}, [@NDA_LLADDR={0xa, 0x2, @dev}, @NDA_VLAN={0x6, 0x5, 0x3}]}, 0x30}}, 0x0) sendmsg$nl_route(r4, &(0x7f0000000780)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000280)={&(0x7f0000000680)=@ipv6_delrule={0x9c, 0x21, 0x100, 0x70bd25, 0x25dfdbff, {0xa, 0x80, 0x80, 0x38, 0x8, 0x0, 0x0, 0x4, 0x10}, [@FRA_DST={0x14, 0x1, @mcast2}, @FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0x3}, @FRA_DST={0x14, 0x1, @dev={0xfe, 0x80, '\x00', 0x3d}}, @FRA_SRC={0x14, 0x2, @local}, @FRA_DST={0x14, 0x1, @private0={0xfc, 0x0, '\x00', 0x1}}, @FRA_DST={0x14, 0x1, @loopback}, @FIB_RULE_POLICY=@FRA_PRIORITY={0x8, 0x6, 0x9}, @FIB_RULE_POLICY=@FRA_UID_RANGE={0xc, 0x14, {0x0, 0xffffffffffffffff}}]}, 0x9c}, 0x1, 0x0, 0x0, 0x40008000}, 0x4004) r8 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_inet6_SIOCSIFADDR(r8, 0x8916, &(0x7f0000000240)={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x7d, r1}) setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000d80)=ANY=[@ANYBLOB="32030000000000000100c20400000020c2040000000400010000001479a0c14a515c8f84ad86e46ba6aa5e14d85340280ffa4a44a61718b9b04057f0b74e1774d33e4806592418ccfbffffff7fcd8362325d6b39000000000000000000000000006cc536b2f8f5a67d86a504136eec56ec824f9a23089cce2a235a93e6fd4795da13c7da884890fb1774cc434e5700399ad0797ec02e4000579c89d101e17bc186851aa97173a07d5505f905ae9659810d26f97f27bfa8165010cf246c9da9188ae863f0ff07731b98ce30277731c1740ce779b50c16bce1b9c10e6f9d26d2094ac4ef7b1fc7c994c691608a9c456afbad600e2535f42ccb84118496055be139d50a090a921f8c9c2262fdc8d89c3a5d975ce7add657bbd42b2ecbcdfbbf6b979a001439d9fc29ebaab3f2c5f9a8c08448d80071f2f622c3ac41e86cd42af8ec106aaa591db3f7d368b12514eef8c41f4d13bba3fcb4b7f38da701dcd3e1d06326c90f58d1005aac94b3559bdf13a3311179f5527295e3f68306000000000000007622dd2c80855e505703f7b2a2275b159dd5d1e5434a0683798316155a942d677d7622e61384742f53b8bc73f01375291fae35e1a73dafb06779778787ee6e04f0692eb54d2f468d9e598683917742007516c5e0d6767f2e1e0ba9cd337d7160eaebb43cb348a0ca9e8a547157ff3d9cbafc6bf05f9ca341e427641751f48a0c307dac0927842a80180795551df1b5bb3c5b1a1ad5f220f056acaacf4d20c8d200091e1fcb1e04f83b4b7d19ff457cf8c8b41d548eb824edc82818f1a684ad9d31a76d57007f4911df15a56c78f3f6d547aee69ad82adb3b1756099a09db69fa5b59"], 0x28) setsockopt$packet_int(r3, 0x107, 0x11, &(0x7f00000001c0)=0x6, 0x4) pipe(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) close(r9) r10 = dup(r9) read(r10, 0x0, 0x0) getsockname$packet(r0, &(0x7f0000000880)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000008c0)=0x14) sendmsg$nl_route_sched(r10, &(0x7f0000000b00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000900)={&(0x7f0000000a80), 0x54}, 0x1, 0x0, 0x0, 0xc091}, 0x4000000) sendmsg$nl_route(r3, &(0x7f0000000580)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000540)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000e721ccb0dc27bd7200fcdbdffa01000000"], 0x14}, 0x1, 0x0, 0x0, 0x20000000}, 0x10) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=@newlink={0xe4, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x22822}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r11}, @IFLA_WEIGHT={0x8, 0xf, 0xfe000000}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0x40ea}, @IFLA_IFALIAS={0x14, 0x14, 'veth1\x00'}, @IFLA_ADDRESS={0xa, 0x1, @remote}, @IFLA_PROP_LIST={0x68, 0x34, 0x0, 0x1, [{0x14, 0x35, 'vlan0\x00'}, {0x14, 0x35, 'vxcan1\x00'}, {0x14, 0x35, 'bond_slave_1\x00'}, {0x14, 0x35, 'veth0_to_bridge\x00'}, {0x14, 0x35, 'veth0_vlan\x00'}]}]}, 0xe4}}, 0x0) 1.530339961s ago: executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) symlink(&(0x7f0000000080)='./file0\x00', 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000106d049cc200000000000109022400010000000009040000010300000009210000000122050009058103000000000092674aa7ae49cf903c9ab300269ee340c9a8f100df966ad1289f9f7b25552bcc67b5ffb8213c0152423e11d6d003be57d029353eaef4434fbfa00751a666495a55a20a715da6f02f77966996c109844ae28d79b3c3bdfdf4222f81e14d84457111541ef72236c26627b82ea0f66760dcb629911ef3a13f78143aaf58ca3bf2402c5d99bc7b4110c144fcc9df67447ee275a37413f65d9d583138b9ee9dbee2d63b54e500452722e7eaa214158cc96ff39554f27db642252c57107e8759c01d3cb69565f656bcbd2b1b7f74edc447f87a3e923f5400a6e4c734d07edda7fb47bb0b242592104149ce0f87014735ee7560b14275b693f808137e"], 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) syz_usb_control_io$hid(r2, &(0x7f0000001440)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x0, "1d670d6f"}]}}, 0x0}, 0x0) syz_usb_control_io$hid(r2, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000008385000000710000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000001c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00'}, 0x10) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'lo\x00'}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r3}, 0x10) 1.332636962s ago: executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETS(r1, 0x5416, 0x0) 1.268947122s ago: executing program 1: socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x45, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@initr0]}, 0x0}, 0x90) r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c) recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0) setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x1e79, 0x4) sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c) 1.199835052s ago: executing program 2: socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0) ioctl$FITRIM(r0, 0xc0185879, &(0x7f0000000000)={0xcb8abed, 0xffbffffffffffff8, 0x4000000}) 1.132245203s ago: executing program 2: mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@nfs_export_off, 0x0}], [], 0x2c}) 1.107383617s ago: executing program 2: mknodat(0xffffffffffffff9c, 0x0, 0x0, 0x0) syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x1810714, &(0x7f0000000100)={[{@jqfmt_vfsold}, {@noblock_validity}, {@usrquota}, {@prjquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@jqfmt_vfsold}, {@usrjquota, 0x5}, {@min_batch_time={'min_batch_time', 0x3d, 0xa9f}}, {@nodiscard}]}, 0xff, 0x467, &(0x7f0000000780)="$eJzs289vFFUcAPDvzG7LL6EVEQVBqmhs/NHSgsrBi0YTD5qY6AGPtS0EWaihNRFCtBqDR0Pi3Xg08S/w5MmoJxOvejckRIkJ6IU1szvTdpfd0h9blnQ/n2S67+28nXnfvnkzb+btBtCzhrI/ScR9EfF7RAzUs40FhuovN69fmvz3+qXJJKrVt//qr5W7cf3SZFG0+NyOPDOcRqSfJ/lOGs1euHhmolKZPp/nR+fOfjA6e+Hic6fPTpyaPjV9bvz48WNHx158Yfz5jsSZxXdj/8czB/a9/u6VNydPXHnv5++y+u49WF+/NI5OGcoC/7ta07zuyU7vrMtuVRfjTMrdrg0rVYqIrLn6av1/IEqx2HgD8dpnXa0csKGyc/aWFm/nr/NVYBNLots1ALqjuOBn97/FcheHH1137eX6DVAW9818qa8pR5qX6dvA/Q9FxIn5/77Olmh6DrHQPv0bWAEAoOf8kI1/nm01/ktj75Jyu/K5ocGIuD8idkfEAxGxJyIejKiVfSgiHl7l/punhm4ff6ZX1xTYCmXjv5fyua3G8V8x+ovBUp7bWYu/Lzl5ujJ9JP+fDEffliw/1mrjxSZe/e3LdvtfOv7Llmz/xVgw38jVctMDuqmJuYlODUqvfRqxv9wq/mRhJiCJiH0RsX91m95VJE4//e2BdoXuHP8yOjDPVP0m4ql6+89HU/yFZPn5ydGtUZk+MlocFbf75dfLb7Xbf8v4b+1cf2ArlLX/9sbjf2FdqfZ34J9k6XztbKz6huTyH1+0vacsr/H470/eqc3pFjX5aGJu7vxYRH/yRkTz++OLny3yRfks/uHDrfv/7vwzWfyPRER2EB+MiEcj4lDedo9FxOMRcXiZ+H965Yn3261b1/EfsW2F5drK4p9qef5bOP4HG9t/9YnSmR+/X3v8Wfsfq6WG83dq5787aF+drXmJxaMZAAAANru09t34JB1ZSKfpyEj9O/x7YntamZmde+bkzIfnpurfoR+MvrR40jWw5HnoWDKfb7GeH8+fFRfrj+bPjb8qbavlRyZnKlNdjh163Y7G/n+o6P+ZP0vdrh2w4fxeC3pXc/9Pu1QP4O5z/Yfepf9D79L/oXe16v+fNOXNBcDm5PoPvUv/h96l/0Pv0v+hJ63nd/0blSgv8+t9iXslEek9UQ2JFonsgr5lnb2722cmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvg/AAD//7K/8i4=") r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0) fsconfig$FSCONFIG_SET_FLAG(r0, 0x0, &(0x7f0000000080)='ro\x00', 0x0, 0x0) open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0) 978.368407ms ago: executing program 2: ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000440)=ANY=[@ANYBLOB="030000000000000002000000000000000600000000", @ANYRES32]) r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000400)={0x0, {{0xa, 0x0, 0x0, @mcast2}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108) r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00') preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x12e, 0x0) 874.974764ms ago: executing program 2: bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000020000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000580)={{r0}, 0x0, &(0x7f0000000540)}, 0x20) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='ext4_request_blocks\x00', r1}, 0x10) mkdir(&(0x7f0000000100)='./file0\x00', 0x0) 852.169867ms ago: executing program 3: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000006, &(0x7f0000000680)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@jqfmt_vfsv1}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@orlov}, {@bsdgroups}, {@max_batch_time={'max_batch_time', 0x3d, 0x400}}, {@user_xattr}, {@quota}]}, 0x1, 0x54f, &(0x7f0000000b00)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbZdnamc8HbnvOvTc995t7v6fn5iQkgKE1kf0oRLwcEd8kEQfbto1GvnFibb/V+1dnsyWJRuPTv5JI8nWt/ZP89/688lJE/PZVxPHCxnZryysLpXI5Xczrk/XKpcna8sqJC5XSfDqfXpyemTn19sz0e+++M7BY3zj7z/ef3P7w1NdHV7/75e6hm0mcjgP5tvY4nsC19spETOTPyVicfmTHqQE0tpMk230A9GUkz/OxyPqAgzGSZz3w//dlRDSAIZXIfxhSrXFA695+QPfBz417H6zdAG2Mf3TttZHY07w32reaPHRnlN3vjg+g/ayNX/+8dTNbYnCvQwBs6dr1iDg5Orqx/0vy/q9/J3vY59E29H/w7NzOxj9vdhr/FNbHP9Fh/LO/Q+72Y+v8L9wdQDNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq19/JctWfutsWB+HHdHdz/8mLlSvfQkMbe7dz3ilY7j32T9/Ccdzn/2fJztsY0j6a3Xum3bOv6nq/FTxOsdz/+DGa1k8/nJyeb1MNm6Kjb6+8aR37u1v93xZ+d/3+bxjyft87W1x2/jxz3/pt229Xv970o+a5Z35euulOr1xamIXcnHG9dPP3hsq97aP4v/2NHN+79O1//eiPi8x/hvHP751f7jf7qy+Oce6/w/fuHOR1/80K393s7/W83SsXxNL/1frwf4JM8dAAAAAAAA7DSFiDgQSaG4Xi4UisW193ccjn2FcrVWP36+unRxLpqflR2PsUJrpvtg2/shpvL3w7bq04/UZyLiUER8O7K3WS/OVstz2x08AAAAAAAAAAAAAAAAAAAA7BD7u3z+P/PHyHYfHfDU+cpvGF5b5v8gvukJ2JH8/4fhJf9heMl/GF7yH4aX/IfhJf9heMl/GF7yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbq7Jkz2dJYvX91NqvPXV5eWqhePjGX1haKlaXZ4mx18VJxvlqdL6fF2Wplq79XrlYvTU3H0pXJelqrT9aWV85VqksX6+cuVErz6bl07JlEBQAAAAAAAAAAAAAAAAAAAM+X2vLKQqlcThcVFPoqjO6Mw1AYcGG7eyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeOC/AAAA///ktDiZ") r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mounts\x00') r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) open(&(0x7f00000004c0)='./bus\x00', 0x143042, 0x0) socket$nl_route(0x10, 0x3, 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0) r2 = memfd_create(&(0x7f0000000180)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2>\xa1\x9c\x86x\x1c\x9f\x97\x87\xd9c\xecR\xd6\xe8\xf3Y\x121p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xb0\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\b`\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fX\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \xe2\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2t\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xaf\tC\x1cq\xaa\x92,Li\r\x95Z\x89\"\xaf]\x95\xb9b_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b\x8f\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca`<_}\'\xce\x81\xb3O\xae\xa1\xbfwcN,\xf2#\x16\xc4\xad\a&\xb1U\x83w\xd0K\xaa\xdf\x84\xe5\xe4\xdb\xa3G(\x7fv\x93\xb8m\x96\xd89Kb\xa9\x852\xb9\xcaG\x8b\x11\x16\x16\xeeI\x14\xcb\xe4\x9a\x1e\xb6^\xa3\xaa^\xdc\xcfo\xfb\xd6<\xa2\xc6\xbdj\xc4\xb1B\xf3S}\xfeI\xe2e\xec}o\xcfB\xa6\x877\'\x80\x82\t\xec\xc1&\xb8\xa9\x82&\xb8XQ8M@\xaa\x1f\vj\x9aW\xec\x92\x19\xdb^\x9d\x94\x87-&\x00/z\xa2\xd7\x01\\\t\xae~\xed\no\x1a\x9cKG^+\xc9\xe0v\xc0\x96\xc4\xcc\xb7\xdd\xdf\xf9\x01\x91\xe5\to[\x97\xbe\x110\x93\x14\xf8\x8a\x8d\xeb\t\xe7?/C\xaa\xd9\xc4\xc9\xbe\x12\xed\xb3*f\xd1J\x14\x80Iy4\xa9\xf88C\xe3', 0x0) write(r2, &(0x7f0000000140)='/', 0x1) sendfile(r2, r2, &(0x7f0000001000), 0xfec) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x100000c, 0x11, r2, 0x0) mount$9p_unix(&(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x1000, 0x0) mount$9p_unix(&(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x41000, 0x0) mount(&(0x7f0000000080)=@filename='\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x105043, 0x0) sendfile(r1, r0, 0x0, 0x8000000d) 771.083119ms ago: executing program 2: ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x1}) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) bpf$MAP_CREATE(0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@bloom_filter={0x1e, 0x1, 0x200, 0x7fff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0xc}, 0x48) r0 = socket(0x0, 0x803, 0x0) r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00') ioctl$NS_GET_USERNS(r1, 0xb701, 0x0) r2 = socket(0x0, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00'}) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) r3 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r3, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000640)=@allocspi={0x12c, 0x16, 0x401, 0x0, 0x0, {{{@in=@local, @in6=@mcast1, 0x0, 0xfd1, 0x0, 0x2, 0x2, 0x0, 0x0, 0xc}, {@in=@broadcast, 0x0, 0x33}, @in6=@loopback, {0x0, 0x0, 0x0, 0x0, 0x8000000000000000, 0x80000001}, {0x101, 0x0, 0x0, 0x800}, {0x4, 0x6, 0x400}, 0x0, 0x0, 0xa, 0x0, 0x0, 0x94}, 0x0, 0x4ad}, [@XFRMA_IF_ID={0x8}, @lastused={0xc, 0xf, 0xee}, @coaddr={0x14, 0xe, @in6=@dev}, @mark={0xc, 0x15, {0x0, 0xfffff329}}]}, 0x12c}, 0x1, 0x0, 0x0, 0x20040080}, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000080)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, {{0x5}, {0x5}, {0xd}}}}]}}]}}, &(0x7f0000000300)={0x0, 0x0, 0xf, &(0x7f0000000000)=ANY=[@ANYBLOB="050feefd010a10030000000000000057f3dbb84c2e097c4591e49b19adf3c7f92cfb3149225d606f0e830564c5e20df933cc5f927050c84ff05c5228b539dcc77a94cad77c9dccb16e18c42325a4719cdb8a658a970fd5be5fba6830e43bf9ffffff"]}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f00000017c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546000677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5467a932b77674e802a0d42bc6099ad238af770b5ed8925161729298700000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809b5b9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed3957f813567f7a95435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac559eaf39027ceb379a902d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff7a1ef3282830689da6b53b263339863297771429d120000003341bf4abacac94500fca0493cf29b33dcc9ffffffffffffffd39f6ce0c6ff01589646efd1cf870cd7bb2366fdf870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1293b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd000c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301fb997316dbf17866fb84d4173731efe895ff2e1c55ef08235a0126e01254c44060926e90109b598502d3e959efc71f665c4d75cf2458e3542c9062ece84c99a861887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc74aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7ad333545794f37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea139376f24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff070000001e48418046c216c1f895778cb25122a2a998de0842a486721737390cbf3a74cb2003016f1514216bdf57d2a40dddb51ab63e96ec84ac3571f02f647b3385b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba2f58ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df986741517abf11389b751f4e109b60000000000000000d6d5210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288d139bd3da230ed05a8fe64680b0a3f9f2dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30235b9100000000a55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c776f4b4ce07e1c6fa66fcfc7a228805f76785efc0ceb1c8e5729c66418d169fc03aa18854693ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7e478950aa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab848753203b458b97ec1afb079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7db3c4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af932cd6db49a47613808bad959719c0000000000378ac2e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6ca0400966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e3030108000000000000c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bffef97dcecc467ace456597685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c0000000000000000000000bfb0bba79344643b1d8daa9f38e4b62c1e2af68c6f5054b078acd74b4a9c944e4505da485a3a4154387a0a88370d9ed9467b09c5888a06431df3f68abf0b366c4d5f8bea7b29c257ed756dff7a21c6b661cbdd43de65afd7f661d5c84f915c90e3d6ea012b68b787eb01d8320000000000000060176dacba0ec503a37fae6b472ec369c79ee6a420c0fd8d8d82fe136d5af6c30bfeb0a7275babfdb96a127aa9386e0671c6454245a18c1c8c49552cff5d27b547cdc34c0858c77a47a9ff86ee9fbd9ceda428716a4218821176d8067997527230fa67d26950d3e4f2750fa7c872874ad3a2d11f9f6eb08e6d7b6fa257b04d8ce36360f524e3dfd2211641f3d2637d86b80681eca50ce0eecafdd22d41fa515c15591e70ded4b70efac3cb42fb352d82e8f7573e8ed8248da356fa91a252976d3a4d8c1843a8d5bb7f5f1028453a0562a3ea93117076dd4940b7df50d78289fe66197525f6095f8662d232970bef61b03fa83027963a1a2e07cfee30c0d0b4c5877f93b3637ca21eab5afcf5d4638dfe8f9202aaad51c979049dd76d65368cbd4187d9f74257c7c4a23ac4a34eec5aa17e78c5167216f5e72138d20f8325dd5f8f96c32189c904eaef580987f1ce601a7cdc35461db9981ac42f9e24b0699bbe4e3d986e38952b0b7938eefd9e7a292bbb66367ad77045fdc18855c81c031dedd185c723238373fc698d676791d04f1ff5f0825a6619e844882f31ed190233d58ecee949e310bf2b1a51b8a33ae65a06d2b6ad386bf8dc49dd328bcd75d1843a13d68560175a18af7efc3c0f20e32f84f6aaaf000000000000000000000013a6c66bce74a8fb9092023df695da2714a7933d699d42de2bc4a85e0a0e22228290a7a7553ab93a16e42553ed86869a02df2f47d4088fac1772d3cd955c81cbf91c2ca7942942f61723b558079b82547844f92df2499c4b2c2ef2539e5daa8d8727baaa6b5755e6f83bbfca000000000000000000000509619f5f0cbc72eebc653946d3552236f0dfe485cfa71bd69f4ded6e131128c3875b785875addfcbd5931c12adbef75535e694f3a19f28f9f99fa32e8ff66e7b1ff674434fb63ba0e28aadccf77d387525c98e81476058c958eaccfa7d251d0671222dc9d06485f7f690d3d4227bd21bd7ff8338617705b7faec47c86789a488b43d0fedf1b0ee05d65c677ced1e8214b2f6cb74d73886"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000080)='sys_enter\x00', r5}, 0x10) r6 = gettid() socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r7, 0x5452, &(0x7f0000b28000)=0x3) fcntl$setsig(r7, 0xa, 0x12) poll(&(0x7f0000b2c000)=[{r8}], 0x2c, 0xffffffffffbffff8) dup2(r7, r8) fcntl$setown(r7, 0x8, r6) tkill(r6, 0x16) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) r9 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x530, 0x348, 0x18c, 0x203, 0x348, 0x19030000, 0x460, 0x2e0, 0x2e0, 0x460, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x300, 0x348, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13}}, @common=@hl={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x590) syz_emit_ethernet(0x46, &(0x7f00000000c0)={@local, @random="7f0a00030011", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x1, 0x0, 0x12, 0x0, 0x2802, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33, 0x0, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}}, "000022ebffff0000"}}}}}, 0x0) 414.343896ms ago: executing program 0: bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x13, 0x6, &(0x7f00000007c0)=ANY=[@ANYBLOB="050000000000000071119300000000008510550002000000850000000500000095000000000000009500a50500000000e708800bd98f08d6267597b118b9120727dc3cacedfedfd68431b167c977a1d70ca9cb62be8ed20f76f90467288b5534b369be1e38ba374b175bf8b0db34da0fe025e046748916c8d5431abd40bdd01457d8bec5b8420c5e1386e44ae7e717133336cfa17e349188167c65536f0c999b6ee3cd9daa21d2c0f5e3f4be490b9159b01ea84e326c768b04c79c0aa008d01b762baa88ca914164eb27191362d8362584b5e2912b5ba84e8310c1fc6157db5a1e9069544de6d73ce0e4a52ea1fbbccbd37872c5272e6092cd51993ab12d73479ec76931b9037101dd800dc664d24b2adda89312aa9d07dad601d9e34943c6ead5d43613d66b600dc1a9ceb63f70"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) 351.568786ms ago: executing program 0: syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f0000000280)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@errors_continue}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f0000000680)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") chdir(&(0x7f0000000000)='./file0\x00') creat(&(0x7f0000000040)='./bus\x00', 0x0) mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0) r0 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0) mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r0, 0x0) readv(0xffffffffffffffff, &(0x7f0000001f80)=[{0x0}, {0x0}, {0xffffffffffffffff}], 0x3) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) 173.806473ms ago: executing program 3: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newsa={0x140, 0x10, 0x713, 0x0, 0x0, {{@in=@loopback, @in=@dev}, {@in=@remote, 0x0, 0x32}, @in=@local, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}, @tfcpad={0x8}]}, 0x140}}, 0x0) 61.04µs ago: executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000100)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETS(r1, 0x5416, 0x0) 0s ago: executing program 3: r0 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000406a05014000000000000109022d000100000000090400000103000000092100000001220b0009058103"], 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) syz_usb_control_io$hid(r0, &(0x7f0000000e40)={0x24, 0x0, 0x0, &(0x7f0000000dc0)={0x0, 0x22, 0xb, {[@global=@item_012={0x1, 0x1, 0x0, 't'}, @local, @local=@item_012={0x2, 0x2, 0x0, 'au'}, @main=@item_4={0x3, 0x0, 0xb, "e6ff8373"}]}}, 0x0}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '10.128.0.57' (ED25519) to the list of known hosts. 2024/06/16 02:55:29 fuzzer started 2024/06/16 02:55:29 dialing manager at 10.128.0.163:30000 [ 32.548449][ T23] audit: type=1400 audit(1718506529.770:66): avc: denied { node_bind } for pid=350 comm="syz-fuzzer" saddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=tcp_socket permissive=1 [ 32.569578][ T23] audit: type=1400 audit(1718506529.770:67): avc: denied { name_bind } for pid=350 comm="syz-fuzzer" src=6060 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unreserved_port_t tclass=tcp_socket permissive=1 [ 32.672680][ T23] audit: type=1400 audit(1718506529.890:68): avc: denied { mounton } for pid=362 comm="syz-executor" path="/proc/sys/fs/binfmt_misc" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=dir permissive=1 [ 32.718257][ T360] cgroup1: Unknown subsys name 'net' [ 32.724557][ T360] cgroup1: Unknown subsys name 'net_prio' [ 32.730860][ T360] cgroup1: Unknown subsys name 'devices' [ 32.737043][ T23] audit: type=1400 audit(1718506529.900:69): avc: denied { mount } for pid=362 comm="syz-executor" name="/" dev="binfmt_misc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:binfmt_misc_fs_t tclass=filesystem permissive=1 [ 32.765056][ T23] audit: type=1400 audit(1718506529.920:70): avc: denied { mounton } for pid=360 comm="syz-executor" path="/syzcgroup/unified" dev="sda1" ino=1925 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:root_t tclass=dir permissive=1 [ 32.788083][ T23] audit: type=1400 audit(1718506529.930:71): avc: denied { mount } for pid=360 comm="syz-executor" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 32.811398][ T23] audit: type=1400 audit(1718506529.960:72): avc: denied { setattr } for pid=364 comm="syz-executor" name="raw-gadget" dev="devtmpfs" ino=820 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=chr_file permissive=1 [ 32.824327][ T369] SELinux: Context root:object_r:swapfile_t is not valid (left unmapped). [ 32.835367][ T23] audit: type=1400 audit(1718506529.980:73): avc: denied { unmount } for pid=360 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1 [ 32.862828][ T23] audit: type=1400 audit(1718506530.010:74): avc: denied { read } for pid=145 comm="syslogd" name="log" dev="sda1" ino=1915 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:var_t tclass=lnk_file permissive=1 [ 32.885513][ T23] audit: type=1400 audit(1718506530.070:75): avc: denied { relabelto } for pid=369 comm="mkswap" name="swap-file" dev="sda1" ino=1927 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 trawcon="root:object_r:swapfile_t" [ 32.951375][ T360] cgroup1: Unknown subsys name 'hugetlb' [ 32.957672][ T360] cgroup1: Unknown subsys name 'rlimit' [ 32.974128][ T363] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k 2024/06/16 02:55:30 starting 5 executor processes [ 34.080878][ T379] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.087966][ T379] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.096279][ T379] device bridge_slave_0 entered promiscuous mode [ 34.104168][ T379] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.111212][ T379] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.119612][ T379] device bridge_slave_1 entered promiscuous mode [ 34.226020][ T376] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.233121][ T376] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.241092][ T376] device bridge_slave_0 entered promiscuous mode [ 34.248314][ T382] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.255257][ T382] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.264015][ T382] device bridge_slave_0 entered promiscuous mode [ 34.294228][ T376] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.301104][ T376] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.309303][ T376] device bridge_slave_1 entered promiscuous mode [ 34.316449][ T382] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.323729][ T382] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.331947][ T382] device bridge_slave_1 entered promiscuous mode [ 34.429159][ T380] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.436199][ T380] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.444566][ T380] device bridge_slave_0 entered promiscuous mode [ 34.478707][ T380] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.485631][ T380] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.493962][ T380] device bridge_slave_1 entered promiscuous mode [ 34.593957][ T381] bridge0: port 1(bridge_slave_0) entered blocking state [ 34.600832][ T381] bridge0: port 1(bridge_slave_0) entered disabled state [ 34.609029][ T381] device bridge_slave_0 entered promiscuous mode [ 34.647525][ T381] bridge0: port 2(bridge_slave_1) entered blocking state [ 34.654525][ T381] bridge0: port 2(bridge_slave_1) entered disabled state [ 34.662751][ T381] device bridge_slave_1 entered promiscuous mode [ 35.247573][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.255993][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.272017][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.281084][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.290068][ T125] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.297136][ T125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.306342][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 35.340210][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.349388][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.357903][ T125] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.364861][ T125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.404088][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 35.412631][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 35.422505][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.431154][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.439084][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.446901][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.463012][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 35.471395][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 35.505737][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.515815][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.524449][ T383] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.531295][ T383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.538735][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.547433][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.556080][ T383] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.563161][ T383] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.570745][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.578640][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.586457][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 35.608388][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.617485][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.629410][ T383] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.636309][ T383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.643937][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.652698][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.661838][ T383] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.669142][ T383] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.677247][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 35.685490][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 35.693508][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 35.701740][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 35.733092][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 35.742253][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 35.753613][ T125] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.760647][ T125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 35.769386][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.778464][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.787129][ T125] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.794224][ T125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.801904][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.811158][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.819688][ T125] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.826843][ T125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.834311][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 35.843061][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 35.851605][ T125] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.858878][ T125] bridge0: port 2(bridge_slave_1) entered forwarding state [ 35.867195][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 35.916788][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 35.925907][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 35.934363][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 35.942554][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 35.951419][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 35.960671][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 35.969608][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 35.992476][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.014636][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.024139][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 36.032168][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.052997][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 36.062536][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.087049][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 36.097314][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 36.106370][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 36.114685][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 36.155420][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 36.166042][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.201002][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 36.209962][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.242767][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 36.253487][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.262716][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 36.272544][ T383] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.315483][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 36.325152][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.334611][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 36.343667][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.352605][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 36.362431][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.371376][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 36.380161][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.388970][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 36.397471][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.405711][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 36.414782][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 36.469916][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 36.478572][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.498649][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 36.508697][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 36.540420][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 36.549704][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.559776][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 36.568763][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.583750][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 36.592248][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.606706][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 36.615961][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.651751][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 36.662098][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 36.671200][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 36.680326][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.689656][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 36.698579][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.783640][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 36.792216][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.819269][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 36.819943][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.859335][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 36.860068][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 36.886966][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 36.887655][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 36.959332][ T420] mmap: syz-executor.1 (420) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst. [ 36.994229][ T417] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.994621][ T417] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.010541][ T417] device bridge_slave_1 left promiscuous mode [ 37.037963][ T423] xt_ecn: cannot match TCP bits for non-tcp packets [ 37.082260][ T417] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.103600][ T417] device bridge_slave_0 left promiscuous mode [ 37.117943][ T417] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.196630][ T411] syz-executor.4 (411) used greatest stack depth: 23064 bytes left [ 37.356363][ T433] EXT4-fs (loop0): mounted filesystem without journal. Opts: user_xattr,nombcache,noblock_validity,norecovery,debug_want_extra_isize=0x0000000000000080,lazytime,nodelalloc,usrquota,noauto_da_alloc,,errors=continue [ 39.597873][ T23] kauditd_printk_skb: 36 callbacks suppressed [ 39.597903][ T23] audit: type=1400 audit(1718506535.190:112): avc: denied { create } for pid=454 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 39.650826][ T473] xt_ecn: cannot match TCP bits for non-tcp packets [ 39.734285][ T23] audit: type=1400 audit(1718506535.700:113): avc: denied { connect } for pid=454 comm="syz-executor.1" lport=7 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 39.756773][ T433] syz-executor.0 (433) used greatest stack depth: 22616 bytes left [ 39.865346][ T23] audit: type=1400 audit(1718506535.800:114): avc: denied { write } for pid=454 comm="syz-executor.1" laddr=::1 lport=7 faddr=::1 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1 [ 39.888078][ T23] audit: type=1400 audit(1718506536.310:115): avc: denied { write } for pid=432 comm="syz-executor.0" name="file0" dev="loop0" ino=12 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 39.953965][ T23] audit: type=1400 audit(1718506536.310:116): avc: denied { remove_name } for pid=432 comm="syz-executor.0" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 40.022987][ T23] audit: type=1400 audit(1718506536.310:117): avc: denied { unlink } for pid=432 comm="syz-executor.0" name="file0" dev="loop0" ino=13 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 40.055626][ T23] audit: type=1400 audit(1718506536.310:118): avc: denied { setopt } for pid=454 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 40.075223][ T23] audit: type=1400 audit(1718506536.980:119): avc: denied { unmount } for pid=380 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1 [ 40.143267][ T465] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 40.189687][ T23] audit: type=1400 audit(1718506537.410:120): avc: denied { create } for pid=463 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 40.223739][ T465] incfs: ino conflict with backing FS 4 [ 40.262977][ T23] audit: type=1400 audit(1718506537.430:121): avc: denied { bind } for pid=463 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1 [ 40.342338][ T503] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 40.366935][ T503] EXT4-fs (loop4): orphan cleanup on readonly fs [ 40.375865][ T503] EXT4-fs error (device loop4): ext4_orphan_get:1260: comm syz-executor.4: bad orphan inode 15 [ 40.393820][ T503] ext4_test_bit(bit=14, block=18) = 1 [ 40.399069][ T503] is_bad_inode(inode)=0 [ 40.408290][ T503] NEXT_ORPHAN(inode)=1023 [ 40.412451][ T503] max_ino=32 [ 40.416387][ T503] i_nlink=0 [ 40.419672][ T503] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2930: inode #15: comm syz-executor.4: corrupted xattr block 19 [ 40.432819][ T503] EXT4-fs warning (device loop4): ext4_evict_inode:321: xattr delete (err -117) [ 40.436598][ T507] EXT4-fs (sda1): Can't set test_dummy_encryption on remount [ 40.442394][ T503] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,grpjquota=,grpquota,,errors=continue [ 40.766283][ T499] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path /root/syzkaller-testdir2509856707/syzkaller.Rmfiqa/10/éq‰Y’3aK: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=4096 fake=0 [ 41.015056][ T491] F2FS-fs (loop1): invalid crc value [ 41.023727][ T491] F2FS-fs (loop1): Found nat_bits in checkpoint [ 41.053921][ T537] EXT4-fs (sda1): Can't set test_dummy_encryption on remount [ 41.090762][ T534] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 41.113043][ T534] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 41.144577][ T534] EXT4-fs (loop2): failed to initialize system zone (-117) [ 41.151738][ T534] EXT4-fs (loop2): mount failed [ 41.177284][ T491] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 41.286766][ T491] F2FS-fs (loop1): Unexpected flush for atomic writes: ino=10, npages=1 [ 41.306400][ T382] attempt to access beyond end of device [ 41.306400][ T382] loop1: rw=2049, want=45104, limit=40427 [ 41.444410][ T534] netlink: 'syz-executor.2': attribute type 27 has an invalid length. [ 41.663077][ T558] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem [ 41.683933][ T558] EXT4-fs (loop4): orphan cleanup on readonly fs [ 41.691732][ T558] EXT4-fs error (device loop4): ext4_orphan_get:1260: comm syz-executor.4: bad orphan inode 15 [ 41.704204][ T558] ext4_test_bit(bit=14, block=18) = 1 [ 41.709513][ T558] is_bad_inode(inode)=0 [ 41.714883][ T571] EXT4-fs (loop3): Ignoring removed orlov option [ 41.730206][ T558] NEXT_ORPHAN(inode)=1023 [ 41.736119][ T558] max_ino=32 [ 41.739703][ T558] i_nlink=0 [ 41.749992][ T558] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2930: inode #15: comm syz-executor.4: corrupted xattr block 19 [ 41.782587][ T571] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 41.813483][ T558] EXT4-fs warning (device loop4): ext4_evict_inode:321: xattr delete (err -117) [ 41.832213][ T558] EXT4-fs (loop4): mounted filesystem without journal. Opts: usrquota,grpjquota=,grpquota,,errors=continue [ 41.917129][ T558] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor.4: path /root/syzkaller-testdir2509856707/syzkaller.Rmfiqa/15/éq‰Y’3aK: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=4096 fake=0 [ 41.947727][ T580] ====================================================== [ 41.947727][ T580] WARNING: the mand mount option is being deprecated and [ 41.947727][ T580] will be removed in v5.15! [ 41.947727][ T580] ====================================================== [ 42.082234][ T583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=583 comm=syz-executor.2 [ 42.132889][ T583] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=583 comm=syz-executor.2 [ 42.173722][ T585] EXT4-fs (sda1): Can't set test_dummy_encryption on remount [ 42.457134][ T586] syz-executor.3 (586) used greatest stack depth: 21688 bytes left [ 43.316335][ T611] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.323636][ T611] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.347245][ T611] device bridge_slave_1 left promiscuous mode [ 43.353684][ T611] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.361559][ T611] device bridge_slave_0 left promiscuous mode [ 43.368624][ T611] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.483410][ T381] syz-executor.3 (381) used greatest stack depth: 20760 bytes left [ 43.527406][ T617] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 43.605214][ T617] incfs: ino conflict with backing FS 7 [ 43.895457][ T638] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details. [ 43.938497][ T630] EXT4-fs (loop0): Ignoring removed orlov option [ 43.979502][ T630] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 44.032710][ T9] device bridge_slave_1 left promiscuous mode [ 44.039585][ T9] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.047634][ T9] device bridge_slave_0 left promiscuous mode [ 44.053903][ T9] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.065965][ T635] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem [ 44.094570][ T635] EXT4-fs (loop1): orphan cleanup on readonly fs [ 44.104196][ T635] EXT4-fs error (device loop1): ext4_orphan_get:1260: comm syz-executor.1: bad orphan inode 15 [ 44.143516][ T635] ext4_test_bit(bit=14, block=18) = 1 [ 44.149126][ T635] is_bad_inode(inode)=0 [ 44.154332][ T635] NEXT_ORPHAN(inode)=1023 [ 44.158577][ T635] max_ino=32 [ 44.161627][ T635] i_nlink=0 [ 44.183273][ T635] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2930: inode #15: comm syz-executor.1: corrupted xattr block 19 [ 44.213256][ T635] EXT4-fs warning (device loop1): ext4_evict_inode:321: xattr delete (err -117) [ 44.227058][ T635] EXT4-fs (loop1): mounted filesystem without journal. Opts: usrquota,grpjquota=,grpquota,,errors=continue [ 44.242990][ T408] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 44.302536][ T635] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz-executor.1: path /root/syzkaller-testdir2131232878/syzkaller.SRSIvJ/13/éq‰Y’3aK: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=4096 fake=0 [ 44.483151][ T408] usb 5-1: Using ep0 maxpacket: 16 [ 44.630371][ T646] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.708406][ T646] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.788114][ T646] device bridge_slave_0 entered promiscuous mode [ 44.884498][ T646] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.971124][ T646] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.074449][ T646] device bridge_slave_1 entered promiscuous mode [ 45.348333][ T408] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 45.380506][ T408] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 45.392059][ T408] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 45.401462][ T408] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 45.437614][ T408] usb 5-1: config 0 descriptor?? [ 45.542081][ T666] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.549496][ T666] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.576325][ T666] device bridge_slave_1 left promiscuous mode [ 45.584577][ T666] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.599369][ T666] device bridge_slave_0 left promiscuous mode [ 45.616548][ T666] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.823787][ T23] kauditd_printk_skb: 32 callbacks suppressed [ 45.823818][ T23] audit: type=1400 audit(1718506543.050:154): avc: denied { read } for pid=677 comm="syz-executor.2" name="ppp" dev="devtmpfs" ino=9280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 45.873916][ T23] audit: type=1400 audit(1718506543.090:155): avc: denied { open } for pid=677 comm="syz-executor.2" path="/dev/ppp" dev="devtmpfs" ino=9280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 45.898312][ T23] audit: type=1400 audit(1718506543.090:156): avc: denied { write } for pid=677 comm="syz-executor.2" name="ppp" dev="devtmpfs" ino=9280 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ppp_device_t tclass=chr_file permissive=1 [ 45.966592][ T408] logitech 0003:046D:C29C.0001: unknown main item tag 0x0 [ 45.995296][ T408] logitech 0003:046D:C29C.0001: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.4-1/input0 [ 46.103856][ T676] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.111134][ T676] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.119604][ T676] device bridge_slave_0 entered promiscuous mode [ 46.127323][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.136088][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.144570][ T676] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.151433][ T676] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.159880][ T676] device bridge_slave_1 entered promiscuous mode [ 46.209296][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 46.218449][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 46.227963][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.234898][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 46.242624][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 46.276257][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 46.285477][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 46.294156][ T662] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.301156][ T662] bridge0: port 2(bridge_slave_1) entered forwarding state [ 46.403284][ T408] logitech 0003:046D:C29C.0001: no inputs found [ 46.413960][ T408] usb 5-1: USB disconnect, device number 2 [ 46.484685][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 46.493626][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 46.508193][ T415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 46.516891][ T415] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 46.579993][ T415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 46.589433][ T415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 46.613035][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 46.621196][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 46.695521][ T415] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 46.712059][ T415] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 46.764964][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 46.774597][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 46.794887][ T23] audit: type=1400 audit(1718506544.020:157): avc: denied { remove_name } for pid=684 comm="syz-executor.2" name="bus" dev="incremental-fs" ino=1951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1 [ 46.839015][ T376] ------------[ cut here ]------------ [ 46.844371][ T376] WARNING: CPU: 1 PID: 376 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 46.853009][ T23] audit: type=1400 audit(1718506544.020:158): avc: denied { unlink } for pid=684 comm="syz-executor.2" name="bus" dev="incremental-fs" ino=1951 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 46.853452][ T376] Modules linked in: [ 46.879162][ T23] audit: type=1400 audit(1718506544.060:159): avc: denied { unmount } for pid=376 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=filesystem permissive=1 [ 46.880288][ T376] CPU: 1 PID: 376 Comm: syz-executor.2 Not tainted 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 46.910293][ T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 46.920220][ T376] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 46.925662][ T376] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 46.945105][ T376] RSP: 0018:ffff8881d8b5fb48 EFLAGS: 00010293 [ 46.951006][ T376] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: ffff8881da8b0000 [ 46.958812][ T376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 46.966631][ T376] RBP: ffff8881e907c550 R08: ffffffff81e5e376 R09: ffffed103a498819 [ 46.974529][ T376] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 46.982347][ T376] R13: ffff8881d24c4020 R14: ffff8881d24c4070 R15: ffff8881e907c580 [ 46.990275][ T376] FS: 0000555556026480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 47.000157][ T376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.006561][ T376] CR2: 000055555602f818 CR3: 00000001d8b42000 CR4: 00000000003406a0 [ 47.014454][ T376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.022262][ T376] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.030264][ T376] Call Trace: [ 47.033406][ T376] ? __warn+0x162/0x250 [ 47.037397][ T376] ? report_bug+0x3a1/0x4e0 [ 47.041823][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.046697][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.051536][ T376] ? do_invalid_op+0x6e/0x110 [ 47.056049][ T376] ? invalid_op+0x1e/0x30 [ 47.060221][ T376] ? ovl_dir_modified+0x1e6/0x570 [ 47.065250][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.070114][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.074973][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.079977][ T376] ? ovl_path_type+0x18e/0x2f0 [ 47.084523][ T376] ovl_do_remove+0x6f0/0xc80 [ 47.088959][ T376] ? ovl_set_redirect+0x5f0/0x5f0 [ 47.093815][ T376] ? security_inode_rmdir+0xca/0x110 [ 47.098930][ T376] vfs_rmdir+0x285/0x3c0 [ 47.103028][ T376] incfs_kill_sb+0x105/0x200 [ 47.107612][ T376] deactivate_locked_super+0xa8/0x110 [ 47.112829][ T376] deactivate_super+0x1e2/0x2a0 [ 47.117659][ T376] ? vfs_submount+0xb0/0xb0 [ 47.121991][ T376] ? deactivate_locked_super+0x110/0x110 [ 47.127468][ T376] ? fast_dput+0x7a/0x280 [ 47.131651][ T376] cleanup_mnt+0x44e/0x500 [ 47.135911][ T376] task_work_run+0x140/0x170 [ 47.140315][ T376] exit_to_usermode_loop+0x190/0x1a0 [ 47.145514][ T376] prepare_exit_to_usermode+0x199/0x200 [ 47.150990][ T376] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.156907][ T376] RIP: 0033:0x7fdf0333d1d7 [ 47.161163][ T376] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 47.180813][ T376] RSP: 002b:00007ffe78d69fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 47.189041][ T376] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdf0333d1d7 [ 47.196867][ T376] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe78d6a080 [ 47.204661][ T376] RBP: 00007ffe78d6a080 R08: 0000000000000000 R09: 0000000000000000 [ 47.212563][ T376] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe78d6b130 [ 47.220459][ T376] R13: 00007fdf03398636 R14: 000000000000b660 R15: 0000000000000006 [ 47.228483][ T376] ---[ end trace e5d12c41a169d4b6 ]--- [ 47.240883][ T376] ------------[ cut here ]------------ [ 47.246307][ T376] WARNING: CPU: 1 PID: 376 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 47.248187][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 47.255385][ T376] Modules linked in: [ 47.255426][ T376] CPU: 1 PID: 376 Comm: syz-executor.2 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 47.255459][ T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 47.265776][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 47.266828][ T376] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 47.280385][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 47.288406][ T376] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 47.288423][ T376] RSP: 0018:ffff8881d8b5fb48 EFLAGS: 00010293 [ 47.288470][ T376] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: ffff8881da8b0000 [ 47.297952][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 47.301691][ T376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 47.310891][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.329033][ T376] RBP: ffff8881e907c550 R08: ffffffff81e5e376 R09: ffffed103a498819 [ 47.329054][ T376] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 47.329077][ T376] R13: ffff8881d24c4020 R14: ffff8881d24c4070 R15: ffff8881e907c580 [ 47.329126][ T376] FS: 0000555556026480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 47.334961][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 47.342758][ T376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 47.353417][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.358381][ T376] CR2: 000055555602f818 CR3: 00000001d8b42000 CR4: 00000000003406a0 [ 47.366251][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.373900][ T376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 47.373918][ T376] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 47.373926][ T376] Call Trace: [ 47.373961][ T376] ? __warn+0x162/0x250 [ 47.374009][ T376] ? report_bug+0x3a1/0x4e0 [ 47.384366][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.389642][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.399936][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.405415][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.405446][ T376] ? do_invalid_op+0x6e/0x110 [ 47.405493][ T376] ? invalid_op+0x1e/0x30 [ 47.413623][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 47.419826][ T376] ? ovl_dir_modified+0x1e6/0x570 [ 47.428679][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 47.435560][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.435592][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.435641][ T376] ? ovl_dir_modified+0x45c/0x570 [ 47.445334][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.451558][ T376] ? ovl_path_type+0x18e/0x2f0 [ 47.454711][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 47.458754][ T376] ovl_do_remove+0x6f0/0xc80 [ 47.464481][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 47.470924][ T376] ? ovl_set_redirect+0x5f0/0x5f0 [ 47.476768][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 47.483653][ T376] ? security_inode_rmdir+0xca/0x110 [ 47.483683][ T376] vfs_rmdir+0x285/0x3c0 [ 47.483731][ T376] incfs_kill_sb+0x18d/0x200 [ 47.490582][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 47.493107][ T376] deactivate_locked_super+0xa8/0x110 [ 47.493139][ T376] deactivate_super+0x1e2/0x2a0 [ 47.493183][ T376] ? vfs_submount+0xb0/0xb0 [ 47.498980][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 47.505179][ T376] ? deactivate_locked_super+0x110/0x110 [ 47.505215][ T376] ? fast_dput+0x7a/0x280 [ 47.505262][ T376] cleanup_mnt+0x44e/0x500 [ 47.511978][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 47.518063][ T376] task_work_run+0x140/0x170 [ 47.518097][ T376] exit_to_usermode_loop+0x190/0x1a0 [ 47.518129][ T376] prepare_exit_to_usermode+0x199/0x200 [ 47.518192][ T376] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 47.524892][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 47.527838][ T376] RIP: 0033:0x7fdf0333d1d7 [ 47.534445][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 47.539835][ T376] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 47.545502][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 47.551715][ T376] RSP: 002b:00007ffe78d69fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 47.558066][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 47.563937][ T376] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdf0333d1d7 [ 47.563955][ T376] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe78d6a080 [ 47.563974][ T376] RBP: 00007ffe78d6a080 R08: 0000000000000000 R09: 0000000000000000 [ 47.564012][ T376] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe78d6b130 [ 47.570744][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 47.576522][ T376] R13: 00007fdf03398636 R14: 000000000000b660 R15: 0000000000000006 [ 47.576549][ T376] ---[ end trace e5d12c41a169d4b7 ]--- [ 47.806552][ T687] EXT4-fs (loop1): Ignoring removed orlov option [ 47.858366][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 47.880314][ T23] audit: type=1400 audit(1718506545.100:160): avc: denied { mounton } for pid=646 comm="syz-executor.3" path="/dev/binderfs" dev="devtmpfs" ino=11240 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1 [ 47.883709][ T687] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 48.035232][ T699] xt_ecn: cannot match TCP bits for non-tcp packets [ 48.050485][ T23] audit: type=1400 audit(1718506545.270:161): avc: denied { create } for pid=696 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 48.106054][ T23] audit: type=1400 audit(1718506545.270:162): avc: denied { write } for pid=696 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 48.197745][ T23] audit: type=1400 audit(1718506545.420:163): avc: denied { read } for pid=705 comm="syz-executor.3" name="event2" dev="devtmpfs" ino=850 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1 [ 48.952965][ T24] usb 4-1: new high-speed USB device number 2 using dummy_hcd [ 49.058367][ T737] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.065499][ T737] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.076641][ T737] device bridge_slave_0 entered promiscuous mode [ 49.083981][ T7] device bridge_slave_1 left promiscuous mode [ 49.090985][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.099051][ T7] device bridge_slave_0 left promiscuous mode [ 49.105661][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.222963][ T24] usb 4-1: Using ep0 maxpacket: 16 [ 49.256743][ T737] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.265310][ T737] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.281992][ T737] device bridge_slave_1 entered promiscuous mode [ 49.315369][ T736] F2FS-fs (loop2): invalid crc value [ 49.333268][ T736] F2FS-fs (loop2): Found nat_bits in checkpoint [ 49.503563][ T24] usb 4-1: New USB device found, idVendor=1199, idProduct=0025, bcdDevice=1e.64 [ 49.512463][ T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 49.526332][ T736] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 49.567855][ T24] usb 4-1: Product: syz [ 49.572562][ T24] usb 4-1: Manufacturer: syz [ 49.584155][ T24] usb 4-1: SerialNumber: syz [ 49.606157][ T24] usb 4-1: config 0 descriptor?? [ 49.628050][ T737] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.634950][ T737] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.642281][ T737] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.649214][ T737] bridge0: port 1(bridge_slave_0) entered forwarding state [ 49.691587][ T736] F2FS-fs (loop2): Unexpected flush for atomic writes: ino=10, npages=1 [ 49.748294][ T376] attempt to access beyond end of device [ 49.748294][ T376] loop2: rw=2049, want=45104, limit=40427 [ 49.748311][ T754] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.748748][ T754] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.799786][ T757] device bridge_slave_1 left promiscuous mode [ 49.807285][ T757] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.815742][ T757] device bridge_slave_0 left promiscuous mode [ 49.823530][ T756] EXT4-fs (loop4): Ignoring removed orlov option [ 49.830417][ T757] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.864764][ T756] EXT4-fs (loop4): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 49.916006][ T401] usb 4-1: USB disconnect, device number 2 [ 49.955286][ T662] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.963627][ T662] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.020929][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 50.037241][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 50.064953][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 50.074111][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 50.097722][ T370] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.104755][ T370] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.128225][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 50.137381][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 50.152040][ T370] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.159061][ T370] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.182520][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 50.191583][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 50.211996][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 50.220615][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 50.289078][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 50.300080][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 50.330498][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 50.347749][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 50.396651][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 50.408783][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 50.483589][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 50.495336][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 50.525704][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 50.547049][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 50.728707][ T376] ------------[ cut here ]------------ [ 50.734059][ T376] WARNING: CPU: 0 PID: 376 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 50.743134][ T376] Modules linked in: [ 50.746898][ T376] CPU: 0 PID: 376 Comm: syz-executor.2 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 50.758327][ T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 50.769316][ T376] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 50.775030][ T376] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 50.794813][ T376] RSP: 0018:ffff8881d8b5fb48 EFLAGS: 00010293 [ 50.800721][ T376] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: ffff8881da8b0000 [ 50.808598][ T376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 50.816419][ T376] RBP: ffff8881d254e880 R08: ffffffff81e5e376 R09: ffffed103a4bdb81 [ 50.824228][ T376] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 50.832045][ T376] R13: ffff8881d25edb60 R14: ffff8881d25edbb0 R15: ffff8881d254e8b0 [ 50.840158][ T376] FS: 0000555556026480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 50.849381][ T376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 50.855879][ T376] CR2: 000055555602f818 CR3: 00000001d8b42000 CR4: 00000000003406b0 [ 50.863858][ T376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 50.872460][ T376] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 50.880258][ T376] Call Trace: [ 50.883411][ T376] ? __warn+0x162/0x250 [ 50.887792][ T376] ? report_bug+0x3a1/0x4e0 [ 50.892265][ T376] ? ovl_dir_modified+0x45c/0x570 [ 50.897133][ T376] ? ovl_dir_modified+0x45c/0x570 [ 50.902174][ T376] ? do_invalid_op+0x6e/0x110 [ 50.906763][ T376] ? invalid_op+0x1e/0x30 [ 50.910929][ T376] ? ovl_dir_modified+0x1e6/0x570 [ 50.915783][ T376] ? ovl_dir_modified+0x45c/0x570 [ 50.920829][ T376] ? ovl_dir_modified+0x45c/0x570 [ 50.925772][ T376] ? ovl_dir_modified+0x45c/0x570 [ 50.930629][ T376] ? ovl_path_type+0x18e/0x2f0 [ 50.935236][ T376] ovl_do_remove+0x6f0/0xc80 [ 50.939670][ T376] ? ovl_set_redirect+0x5f0/0x5f0 [ 50.944515][ T376] ? security_inode_rmdir+0xca/0x110 [ 50.949636][ T376] vfs_rmdir+0x285/0x3c0 [ 50.953840][ T376] incfs_kill_sb+0x105/0x200 [ 50.958852][ T376] deactivate_locked_super+0xa8/0x110 [ 50.964218][ T376] deactivate_super+0x1e2/0x2a0 [ 50.968905][ T376] ? vfs_submount+0xb0/0xb0 [ 50.973268][ T376] ? deactivate_locked_super+0x110/0x110 [ 50.979137][ T376] ? fast_dput+0x7a/0x280 [ 50.983420][ T376] cleanup_mnt+0x44e/0x500 [ 50.987732][ T376] task_work_run+0x140/0x170 [ 50.992153][ T376] exit_to_usermode_loop+0x190/0x1a0 [ 50.997488][ T376] prepare_exit_to_usermode+0x199/0x200 [ 51.003121][ T376] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 51.008821][ T376] RIP: 0033:0x7fdf0333d1d7 [ 51.013158][ T376] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 51.032765][ T376] RSP: 002b:00007ffe78d69fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 51.041361][ T376] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdf0333d1d7 [ 51.049743][ T376] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe78d6a080 [ 51.058036][ T376] RBP: 00007ffe78d6a080 R08: 0000000000000000 R09: 0000000000000000 [ 51.066319][ T376] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe78d6b130 [ 51.074365][ T376] R13: 00007fdf03398636 R14: 000000000000c5c4 R15: 0000000000000006 [ 51.082459][ T376] ---[ end trace e5d12c41a169d4b8 ]--- [ 51.117152][ T376] ------------[ cut here ]------------ [ 51.122601][ T376] WARNING: CPU: 1 PID: 376 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 51.131673][ T376] Modules linked in: [ 51.135524][ T376] CPU: 1 PID: 376 Comm: syz-executor.2 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 51.146808][ T376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 51.156952][ T376] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 51.162427][ T376] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 51.182301][ T376] RSP: 0018:ffff8881d8b5fb48 EFLAGS: 00010293 [ 51.188284][ T376] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: ffff8881da8b0000 [ 51.196272][ T376] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 51.204515][ T376] RBP: ffff8881d254e880 R08: ffffffff81e5e376 R09: ffffed103a4bdb81 [ 51.212676][ T376] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 51.220500][ T376] R13: ffff8881d25edb60 R14: ffff8881d25edbb0 R15: ffff8881d254e8b0 [ 51.228304][ T376] FS: 0000555556026480(0000) GS:ffff8881f6f00000(0000) knlGS:0000000000000000 [ 51.237076][ T376] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 51.243491][ T376] CR2: 00007f909099ffe0 CR3: 00000001d8b42000 CR4: 00000000003406a0 [ 51.251301][ T376] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 51.259112][ T376] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 51.266995][ T376] Call Trace: [ 51.270243][ T376] ? __warn+0x162/0x250 [ 51.274330][ T376] ? report_bug+0x3a1/0x4e0 [ 51.278665][ T376] ? ovl_dir_modified+0x45c/0x570 [ 51.283533][ T376] ? ovl_dir_modified+0x45c/0x570 [ 51.288399][ T376] ? do_invalid_op+0x6e/0x110 [ 51.292909][ T376] ? invalid_op+0x1e/0x30 [ 51.297180][ T376] ? ovl_dir_modified+0x1e6/0x570 [ 51.302110][ T376] ? ovl_dir_modified+0x45c/0x570 [ 51.307160][ T376] ? ovl_dir_modified+0x45c/0x570 [ 51.312005][ T376] ? ovl_dir_modified+0x45c/0x570 [ 51.316867][ T376] ? ovl_path_type+0x18e/0x2f0 [ 51.321467][ T376] ovl_do_remove+0x6f0/0xc80 [ 51.325900][ T376] ? ovl_set_redirect+0x5f0/0x5f0 [ 51.330749][ T376] ? security_inode_rmdir+0xca/0x110 [ 51.335872][ T376] vfs_rmdir+0x285/0x3c0 [ 51.339955][ T376] incfs_kill_sb+0x18d/0x200 [ 51.344381][ T376] deactivate_locked_super+0xa8/0x110 [ 51.349586][ T376] deactivate_super+0x1e2/0x2a0 [ 51.354372][ T376] ? vfs_submount+0xb0/0xb0 [ 51.358701][ T376] ? deactivate_locked_super+0x110/0x110 [ 51.364258][ T376] ? fast_dput+0x7a/0x280 [ 51.368517][ T376] cleanup_mnt+0x44e/0x500 [ 51.372776][ T376] task_work_run+0x140/0x170 [ 51.377207][ T376] exit_to_usermode_loop+0x190/0x1a0 [ 51.382310][ T376] prepare_exit_to_usermode+0x199/0x200 [ 51.387873][ T376] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 51.393585][ T376] RIP: 0033:0x7fdf0333d1d7 [ 51.397846][ T376] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 51.417818][ T376] RSP: 002b:00007ffe78d69fc8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 51.426239][ T376] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fdf0333d1d7 [ 51.434054][ T376] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe78d6a080 [ 51.441949][ T376] RBP: 00007ffe78d6a080 R08: 0000000000000000 R09: 0000000000000000 [ 51.450026][ T376] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe78d6b130 [ 51.458056][ T376] R13: 00007fdf03398636 R14: 000000000000c5c4 R15: 0000000000000006 [ 51.465952][ T376] ---[ end trace e5d12c41a169d4b9 ]--- [ 51.604721][ T379] syz-executor.4 (379) used greatest stack depth: 19576 bytes left [ 51.625920][ T23] kauditd_printk_skb: 7 callbacks suppressed [ 51.625949][ T23] audit: type=1400 audit(1718506548.850:171): avc: denied { create } for pid=789 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.663583][ T23] audit: type=1400 audit(1718506548.880:172): avc: denied { setopt } for pid=789 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1 [ 51.769675][ T23] audit: type=1400 audit(1718506548.990:173): avc: denied { read } for pid=796 comm="syz-executor.2" name=".pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 51.828055][ T788] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock [ 51.848464][ T23] audit: type=1400 audit(1718506549.020:174): avc: denied { open } for pid=796 comm="syz-executor.2" path="/root/syzkaller-testdir3827568271/syzkaller.1Ar15N/21/file0/.pending_reads" dev="incremental-fs" ino=2 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 51.872590][ T788] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors [ 51.907904][ T23] audit: type=1400 audit(1718506549.020:175): avc: denied { ioctl } for pid=796 comm="syz-executor.2" path="/root/syzkaller-testdir3827568271/syzkaller.1Ar15N/21/file0/.pending_reads" dev="incremental-fs" ino=2 ioctlcmd=0x6726 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1 [ 51.951148][ T788] EXT4-fs (loop3): failed to initialize system zone (-117) [ 51.959241][ T788] EXT4-fs (loop3): mount failed [ 52.297359][ T798] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.304261][ T798] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.312312][ T798] device bridge_slave_0 entered promiscuous mode [ 52.320896][ T798] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.328467][ T798] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.337297][ T798] device bridge_slave_1 entered promiscuous mode [ 52.355913][ T800] F2FS-fs (loop1): invalid crc value [ 52.421008][ T800] F2FS-fs (loop1): Found nat_bits in checkpoint [ 52.493869][ T788] netlink: 'syz-executor.3': attribute type 27 has an invalid length. [ 52.537478][ T800] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4 [ 52.617076][ T676] ------------[ cut here ]------------ [ 52.622425][ T676] WARNING: CPU: 0 PID: 676 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 52.631514][ T676] Modules linked in: [ 52.635252][ T676] CPU: 0 PID: 676 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 52.646522][ T676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 52.656445][ T676] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 52.661904][ T676] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 52.681339][ T676] RSP: 0018:ffff8881d823fb48 EFLAGS: 00010293 [ 52.687242][ T676] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: ffff8881d58fbf00 [ 52.695055][ T676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 52.702859][ T676] RBP: ffff8881e93bb990 R08: ffffffff81e5e376 R09: ffffed103a498c5b [ 52.710679][ T676] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 52.718503][ T676] R13: ffff8881d24c6230 R14: ffff8881d24c6280 R15: ffff8881e93bb9c0 [ 52.726307][ T676] FS: 0000555556088480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 52.735238][ T676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 52.741660][ T676] CR2: 00007ffcaa9d9db8 CR3: 00000001d8220000 CR4: 00000000003406b0 [ 52.749694][ T676] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 52.757653][ T676] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 52.765465][ T676] Call Trace: [ 52.768601][ T676] ? __warn+0x162/0x250 [ 52.772595][ T676] ? report_bug+0x3a1/0x4e0 [ 52.776959][ T676] ? ovl_dir_modified+0x45c/0x570 [ 52.781885][ T676] ? ovl_dir_modified+0x45c/0x570 [ 52.786734][ T676] ? do_invalid_op+0x6e/0x110 [ 52.791368][ T676] ? invalid_op+0x1e/0x30 [ 52.795523][ T676] ? ovl_dir_modified+0x1e6/0x570 [ 52.800381][ T676] ? ovl_dir_modified+0x45c/0x570 [ 52.805241][ T676] ? ovl_dir_modified+0x45c/0x570 [ 52.810100][ T676] ? ovl_dir_modified+0x45c/0x570 [ 52.814963][ T676] ? ovl_path_type+0x18e/0x2f0 [ 52.819580][ T676] ovl_do_remove+0x6f0/0xc80 [ 52.824001][ T676] ? ovl_set_redirect+0x5f0/0x5f0 [ 52.828853][ T676] ? security_inode_rmdir+0xca/0x110 [ 52.834156][ T676] vfs_rmdir+0x285/0x3c0 [ 52.838228][ T676] incfs_kill_sb+0x105/0x200 [ 52.842657][ T676] deactivate_locked_super+0xa8/0x110 [ 52.847869][ T676] deactivate_super+0x1e2/0x2a0 [ 52.852631][ T676] ? vfs_submount+0xb0/0xb0 [ 52.856987][ T676] ? deactivate_locked_super+0x110/0x110 [ 52.862447][ T676] ? fast_dput+0x7a/0x280 [ 52.866696][ T676] cleanup_mnt+0x44e/0x500 [ 52.870971][ T676] task_work_run+0x140/0x170 [ 52.875381][ T676] exit_to_usermode_loop+0x190/0x1a0 [ 52.880500][ T676] prepare_exit_to_usermode+0x199/0x200 [ 52.885892][ T676] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 52.891600][ T676] RIP: 0033:0x7fa2e2bab1d7 [ 52.895857][ T676] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 52.915425][ T676] RSP: 002b:00007ffcaa9da568 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 52.923684][ T676] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa2e2bab1d7 [ 52.931483][ T676] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcaa9da620 [ 52.939297][ T676] RBP: 00007ffcaa9da620 R08: 0000000000000000 R09: 0000000000000000 [ 52.947201][ T676] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcaa9db6d0 [ 52.955017][ T676] R13: 00007fa2e2c06636 R14: 000000000000cd04 R15: 0000000000000006 [ 52.962826][ T676] ---[ end trace e5d12c41a169d4ba ]--- [ 52.974713][ T676] ------------[ cut here ]------------ [ 52.980048][ T676] WARNING: CPU: 0 PID: 676 at fs/overlayfs/util.c:450 ovl_dir_modified+0x45c/0x570 [ 52.989126][ T676] Modules linked in: [ 52.992881][ T676] CPU: 0 PID: 676 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 53.004147][ T676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 53.014080][ T676] RIP: 0010:ovl_dir_modified+0x45c/0x570 [ 53.019538][ T676] Code: c1 e8 03 42 80 3c 20 00 74 08 4c 89 ef e8 5c 3b ae ff 49 ff 45 00 48 83 c4 20 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 34 56 7e ff <0f> 0b e9 91 fd ff ff 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c 30 fc ff [ 53.038963][ T676] RSP: 0018:ffff8881d823fb48 EFLAGS: 00010293 [ 53.045308][ T676] RAX: ffffffff81e5e5ec RBX: 0000000000000000 RCX: ffff8881d58fbf00 [ 53.053203][ T676] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 53.061116][ T676] RBP: ffff8881e93bb990 R08: ffffffff81e5e376 R09: ffffed103a498c5b [ 53.069009][ T676] R10: 0000000000000000 R11: dffffc0000000001 R12: dffffc0000000000 [ 53.077006][ T676] R13: ffff8881d24c6230 R14: ffff8881d24c6280 R15: ffff8881e93bb9c0 [ 53.084816][ T676] FS: 0000555556088480(0000) GS:ffff8881f6e00000(0000) knlGS:0000000000000000 [ 53.093580][ T676] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 53.100084][ T676] CR2: 00007ffcaa9d9db8 CR3: 00000001d8220000 CR4: 00000000003406b0 [ 53.107897][ T676] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 53.115794][ T676] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 53.124063][ T676] Call Trace: [ 53.127188][ T676] ? __warn+0x162/0x250 [ 53.131186][ T676] ? report_bug+0x3a1/0x4e0 [ 53.135809][ T676] ? ovl_dir_modified+0x45c/0x570 [ 53.140642][ T676] ? ovl_dir_modified+0x45c/0x570 [ 53.145506][ T676] ? do_invalid_op+0x6e/0x110 [ 53.150136][ T676] ? invalid_op+0x1e/0x30 [ 53.154284][ T676] ? ovl_dir_modified+0x1e6/0x570 [ 53.159143][ T676] ? ovl_dir_modified+0x45c/0x570 [ 53.164103][ T676] ? ovl_dir_modified+0x45c/0x570 [ 53.169056][ T676] ? ovl_dir_modified+0x45c/0x570 [ 53.173987][ T676] ? ovl_path_type+0x18e/0x2f0 [ 53.178593][ T676] ovl_do_remove+0x6f0/0xc80 [ 53.183219][ T676] ? ovl_set_redirect+0x5f0/0x5f0 [ 53.188071][ T676] ? security_inode_rmdir+0xca/0x110 [ 53.193190][ T676] vfs_rmdir+0x285/0x3c0 [ 53.197267][ T676] incfs_kill_sb+0x18d/0x200 [ 53.201690][ T676] deactivate_locked_super+0xa8/0x110 [ 53.206896][ T676] deactivate_super+0x1e2/0x2a0 [ 53.211670][ T676] ? vfs_submount+0xb0/0xb0 [ 53.216022][ T676] ? deactivate_locked_super+0x110/0x110 [ 53.221485][ T676] ? fast_dput+0x7a/0x280 [ 53.225651][ T676] cleanup_mnt+0x44e/0x500 [ 53.229903][ T676] task_work_run+0x140/0x170 [ 53.234416][ T676] exit_to_usermode_loop+0x190/0x1a0 [ 53.239540][ T676] prepare_exit_to_usermode+0x199/0x200 [ 53.245049][ T676] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 53.250755][ T676] RIP: 0033:0x7fa2e2bab1d7 [ 53.255049][ T676] Code: b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 b0 ff ff ff f7 d8 64 89 02 b8 [ 53.274616][ T676] RSP: 002b:00007ffcaa9da568 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 53.283028][ T676] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007fa2e2bab1d7 [ 53.291012][ T676] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcaa9da620 [ 53.298818][ T676] RBP: 00007ffcaa9da620 R08: 0000000000000000 R09: 0000000000000000 [ 53.306734][ T676] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcaa9db6d0 [ 53.314536][ T676] R13: 00007fa2e2c06636 R14: 000000000000cd04 R15: 0000000000000006 [ 53.322359][ T676] ---[ end trace e5d12c41a169d4bb ]--- [ 53.339806][ T737] attempt to access beyond end of device [ 53.339806][ T737] loop1: rw=2049, want=45104, limit=40427 [ 53.414234][ T788] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=788 comm=syz-executor.3 [ 53.467940][ T788] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=788 comm=syz-executor.3 [ 53.739731][ T834] FAT-fs (loop2): Directory bread(block 64) failed [ 53.746722][ T834] FAT-fs (loop2): Directory bread(block 65) failed [ 53.754761][ T834] FAT-fs (loop2): Directory bread(block 66) failed [ 53.762746][ T834] FAT-fs (loop2): Directory bread(block 67) failed [ 53.770311][ T834] FAT-fs (loop2): Directory bread(block 68) failed [ 53.782580][ T834] FAT-fs (loop2): Directory bread(block 69) failed [ 53.789725][ T834] FAT-fs (loop2): Directory bread(block 70) failed [ 53.801851][ T834] FAT-fs (loop2): Directory bread(block 71) failed [ 53.809215][ T834] FAT-fs (loop2): Directory bread(block 72) failed [ 53.820032][ T834] FAT-fs (loop2): Directory bread(block 73) failed [ 53.846181][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 53.854527][ T23] audit: type=1400 audit(1718506551.080:176): avc: denied { ioctl } for pid=838 comm="syz-executor.0" path="socket:[13914]" dev="sockfs" ino=13914 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1 [ 53.880491][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 53.887911][ T834] attempt to access beyond end of device [ 53.887911][ T834] loop2: rw=2049, want=1228, limit=256 [ 53.899123][ T18] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 53.912956][ T839] bridge_slave_0: vlans aren't supported yet for dev_uc|mc_add() [ 53.920665][ T23] audit: type=1400 audit(1718506551.120:177): avc: denied { create } for pid=838 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1 [ 53.942158][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 53.951579][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 53.960430][ T5] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.967334][ T5] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.975519][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 53.985176][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 53.993893][ T5] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.001154][ T5] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.025282][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 54.045801][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 54.057565][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 54.074527][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 54.082873][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 54.153158][ T18] usb 4-1: Using ep0 maxpacket: 16 [ 54.166873][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 54.205918][ T662] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 54.245532][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 54.271178][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 54.281096][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 54.293205][ T18] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 54.309530][ T18] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 54.324543][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 54.335189][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 54.344762][ T18] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 54.358861][ T18] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 54.369685][ T18] usb 4-1: config 0 descriptor?? [ 54.470019][ T846] EXT4-fs warning (device loop0): ext4_fill_super:3783: metadata_csum and uninit_bg are redundant flags; please run fsck. [ 54.501063][ T846] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 54.508625][ T23] audit: type=1400 audit(1718506551.720:178): avc: denied { create } for pid=856 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 54.533175][ T23] audit: type=1400 audit(1718506551.720:179): avc: denied { write } for pid=856 comm="syz-executor.4" path="socket:[13987]" dev="sockfs" ino=13987 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1 [ 54.644726][ T23] audit: type=1400 audit(1718506551.870:180): avc: denied { create } for pid=861 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1 [ 54.789434][ T866] EXT4-fs (loop1): Ignoring removed orlov option [ 54.828152][ T866] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 54.846683][ T18] logitech 0003:046D:C29C.0002: unknown main item tag 0x0 [ 54.881162][ T18] logitech 0003:046D:C29C.0002: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.3-1/input0 [ 54.912284][ T873] FAT-fs (loop4): Directory bread(block 64) failed [ 54.919401][ T873] FAT-fs (loop4): Directory bread(block 65) failed [ 54.926450][ T873] FAT-fs (loop4): Directory bread(block 66) failed [ 54.942094][ T873] FAT-fs (loop4): Directory bread(block 67) failed [ 54.950509][ T873] FAT-fs (loop4): Directory bread(block 68) failed [ 54.957746][ T873] FAT-fs (loop4): Directory bread(block 69) failed [ 54.965229][ T873] FAT-fs (loop4): Directory bread(block 70) failed [ 54.972311][ T873] FAT-fs (loop4): Directory bread(block 71) failed [ 54.979204][ T873] FAT-fs (loop4): Directory bread(block 72) failed [ 54.990463][ T873] FAT-fs (loop4): Directory bread(block 73) failed [ 55.147042][ T873] attempt to access beyond end of device [ 55.147042][ T873] loop4: rw=2049, want=1228, limit=256 [ 55.313105][ T18] logitech 0003:046D:C29C.0002: no inputs found [ 55.339323][ T18] usb 4-1: USB disconnect, device number 3 [ 55.543471][ T900] EXT4-fs warning (device loop0): ext4_fill_super:3783: metadata_csum and uninit_bg are redundant flags; please run fsck. [ 55.564547][ T900] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 55.711678][ T907] netlink: 'syz-executor.4': attribute type 27 has an invalid length. [ 55.713487][ T408] usb 3-1: new high-speed USB device number 2 using dummy_hcd [ 55.834757][ T907] bridge0: port 2(bridge_slave_1) entered disabled state [ 55.843130][ T907] bridge0: port 1(bridge_slave_0) entered disabled state [ 55.993003][ T408] usb 3-1: Using ep0 maxpacket: 16 [ 56.024728][ T912] FAT-fs (loop0): Directory bread(block 64) failed [ 56.031174][ T912] FAT-fs (loop0): Directory bread(block 65) failed [ 56.043642][ T912] FAT-fs (loop0): Directory bread(block 66) failed [ 56.059904][ T912] FAT-fs (loop0): Directory bread(block 67) failed [ 56.091765][ T912] FAT-fs (loop0): Directory bread(block 68) failed [ 56.110232][ T912] FAT-fs (loop0): Directory bread(block 69) failed [ 56.126366][ T912] FAT-fs (loop0): Directory bread(block 70) failed [ 56.132744][ T912] FAT-fs (loop0): Directory bread(block 71) failed [ 56.140944][ T912] FAT-fs (loop0): Directory bread(block 72) failed [ 56.152447][ T912] FAT-fs (loop0): Directory bread(block 73) failed [ 56.289145][ T912] attempt to access beyond end of device [ 56.289145][ T912] loop0: rw=2049, want=1228, limit=256 [ 56.309886][ T408] usb 3-1: New USB device found, idVendor=1199, idProduct=0025, bcdDevice=1e.64 [ 56.325719][ T408] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.334059][ T408] usb 3-1: Product: syz [ 56.338103][ T408] usb 3-1: Manufacturer: syz [ 56.342492][ T408] usb 3-1: SerialNumber: syz [ 56.382100][ T408] usb 3-1: config 0 descriptor?? [ 56.412463][ T910] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.420134][ T910] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.440886][ T910] device bridge_slave_0 entered promiscuous mode [ 56.448961][ T910] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.456327][ T910] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.464592][ T910] device bridge_slave_1 entered promiscuous mode [ 56.548466][ T935] EXT4-fs (loop3): Ignoring removed orlov option [ 56.564026][ T7] device bridge_slave_1 left promiscuous mode [ 56.570127][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.597267][ T7] device bridge_slave_0 left promiscuous mode [ 56.604972][ T935] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 56.611037][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.737240][ T941] EXT4-fs warning (device loop0): ext4_fill_super:3783: metadata_csum and uninit_bg are redundant flags; please run fsck. [ 56.753124][ T941] EXT4-fs (loop0): VFS: Found ext4 filesystem with invalid superblock checksum. Run e2fsck? [ 56.887885][ T408] usb 3-1: USB disconnect, device number 2 [ 57.074473][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 57.082864][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 57.123421][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 57.137233][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 57.149998][ T125] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.157007][ T125] bridge0: port 1(bridge_slave_0) entered forwarding state [ 57.186414][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 57.200014][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 57.210265][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 57.218748][ T408] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.225634][ T408] bridge0: port 2(bridge_slave_1) entered forwarding state [ 57.248096][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 57.253249][ T5] usb 1-1: new high-speed USB device number 2 using dummy_hcd [ 57.263706][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 57.350835][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 57.371360][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 57.435583][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 57.525527][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 57.545641][ T5] usb 1-1: Using ep0 maxpacket: 16 [ 57.577037][ T968] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 57.595872][ T23] kauditd_printk_skb: 49 callbacks suppressed [ 57.595916][ T23] audit: type=1400 audit(2000000000.410:230): avc: denied { ioctl } for pid=969 comm="syz-executor.4" path="net:[4026532534]" dev="nsfs" ino=4026532534 ioctlcmd=0xb701 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nsfs_t tclass=file permissive=1 [ 57.596038][ T964] FAT-fs (loop2): Directory bread(block 64) failed [ 57.608233][ T968] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 57.627917][ T964] FAT-fs (loop2): Directory bread(block 65) failed [ 57.638094][ T23] audit: type=1400 audit(2000000000.450:231): avc: denied { write } for pid=969 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 57.646240][ T964] FAT-fs (loop2): Directory bread(block 66) failed [ 57.649173][ T23] audit: type=1400 audit(2000000000.450:232): avc: denied { nlmsg_write } for pid=969 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1 [ 57.698114][ T5] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 57.701956][ T964] FAT-fs (loop2): Directory bread(block 67) failed [ 57.709801][ T5] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 57.716453][ T964] FAT-fs (loop2): Directory bread(block 68) failed [ 57.726505][ T5] usb 1-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 57.732516][ T964] FAT-fs (loop2): Directory bread(block 69) failed [ 57.741821][ T5] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.747913][ T964] FAT-fs (loop2): Directory bread(block 70) failed [ 57.758629][ T5] usb 1-1: config 0 descriptor?? [ 57.762832][ T964] FAT-fs (loop2): Directory bread(block 71) failed [ 57.773269][ T964] FAT-fs (loop2): Directory bread(block 72) failed [ 57.779666][ T964] FAT-fs (loop2): Directory bread(block 73) failed [ 57.881733][ T23] audit: type=1400 audit(2000000000.690:233): avc: denied { create } for pid=972 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1 [ 57.922988][ T408] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 58.020664][ T971] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.028216][ T971] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.037277][ T971] device bridge_slave_0 entered promiscuous mode [ 58.052855][ T971] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.059830][ T971] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.077649][ T971] device bridge_slave_1 entered promiscuous mode [ 58.085166][ T23] audit: type=1400 audit(2000000000.900:234): avc: denied { mounton } for pid=979 comm="syz-executor.1" path="/root/syzkaller-testdir877260673/syzkaller.TPoUTY/2/file0/file0/bus" dev="loop1" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=file permissive=1 [ 58.123438][ T980] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 82) [ 58.131877][ T980] FAT-fs (loop1): Filesystem has been set read-only [ 58.138528][ T980] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 82) [ 58.146922][ T980] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 82) [ 58.156237][ T980] FAT-fs (loop1): error, clusters badly computed (1 != 2) [ 58.202972][ T408] usb 5-1: Using ep0 maxpacket: 8 [ 58.260185][ T5] logitech 0003:046D:C29C.0003: unknown main item tag 0x0 [ 58.270704][ T5] logitech 0003:046D:C29C.0003: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.0-1/input0 [ 58.323378][ T408] usb 5-1: unable to get BOS descriptor set [ 58.333254][ T7] device bridge_slave_1 left promiscuous mode [ 58.339369][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.347386][ T7] device bridge_slave_0 left promiscuous mode [ 58.353953][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.403167][ T408] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 58.573452][ T408] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 58.584083][ T408] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.591910][ T408] usb 5-1: Product: syz [ 58.618946][ T408] usb 5-1: Manufacturer: syz [ 58.630909][ T408] usb 5-1: SerialNumber: syz [ 58.689512][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 58.699496][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 58.708602][ T408] cdc_ether: probe of 5-1:1.0 failed with error -22 [ 58.738051][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 58.753393][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 58.761872][ T370] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.768883][ T370] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.778080][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 58.789218][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 58.798705][ T370] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.805702][ T370] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.822495][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 58.833196][ T5] logitech 0003:046D:C29C.0003: no inputs found [ 58.857720][ T5] usb 1-1: USB disconnect, device number 2 [ 58.868751][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 58.878919][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 58.887567][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 58.895895][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 58.939268][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 58.951284][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 58.974835][ T970] xt_bpf: check failed: parse error [ 58.983678][ T401] usb 5-1: USB disconnect, device number 3 [ 59.020899][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 59.029817][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 59.135004][ T994] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.141900][ T994] bridge0: port 1(bridge_slave_0) entered disabled state [ 59.148947][ T370] usb 3-1: new high-speed USB device number 3 using dummy_hcd [ 59.157766][ T994] device bridge_slave_0 entered promiscuous mode [ 59.171837][ T994] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.179355][ T994] bridge0: port 2(bridge_slave_1) entered disabled state [ 59.187620][ T994] device bridge_slave_1 entered promiscuous mode [ 59.195875][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 59.206074][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 59.292991][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 59.301657][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 59.341028][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 59.350097][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 59.403134][ T370] usb 3-1: Using ep0 maxpacket: 16 [ 59.494387][ T23] audit: type=1400 audit(2000000000.870:235): avc: denied { read } for pid=1005 comm="syz-executor.0" name="binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 59.534181][ T23] audit: type=1400 audit(2000000000.870:236): avc: denied { open } for pid=1005 comm="syz-executor.0" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 59.570915][ T1006] binder: 1005:1006 ioctl c0306201 200011c0 returned -14 [ 59.620661][ T23] audit: type=1400 audit(2000000000.890:237): avc: denied { ioctl } for pid=1005 comm="syz-executor.0" path="/dev/binderfs/binder0" dev="binder" ino=7 ioctlcmd=0x620d scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 59.675307][ T23] audit: type=1400 audit(2000000000.890:238): avc: denied { set_context_mgr } for pid=1005 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=binder permissive=1 [ 59.683469][ T370] usb 3-1: New USB device found, idVendor=1199, idProduct=0025, bcdDevice=1e.64 [ 59.710580][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 59.718337][ T23] audit: type=1400 audit(2000000000.940:239): avc: denied { map } for pid=1005 comm="syz-executor.0" path="/dev/binderfs/binder0" dev="binder" ino=7 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=chr_file permissive=1 [ 59.734094][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 59.762002][ T370] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 59.778979][ T370] usb 3-1: Product: syz [ 59.784159][ T370] usb 3-1: Manufacturer: syz [ 59.788783][ T370] usb 3-1: SerialNumber: syz [ 59.798194][ T370] usb 3-1: config 0 descriptor?? [ 59.815021][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 59.823944][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 59.832332][ T408] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.839242][ T408] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.882026][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 59.905994][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 59.923221][ T1019] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 82) [ 59.931482][ T1019] FAT-fs (loop4): Filesystem has been set read-only [ 59.943255][ T1019] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 82) [ 59.945027][ T408] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.958405][ T408] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.966669][ T1019] FAT-fs (loop4): error, fat_bmap_cluster: request beyond EOF (i_pos 82) [ 59.974212][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 59.989410][ T1019] FAT-fs (loop4): error, clusters badly computed (1 != 2) [ 60.064501][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready [ 60.065173][ T18] usb 3-1: USB disconnect, device number 3 [ 60.073879][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 60.098153][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 60.107278][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 60.145682][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 60.156696][ T408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 60.174812][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 60.184393][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 60.203671][ T7] device bridge_slave_1 left promiscuous mode [ 60.209826][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.224636][ T7] device bridge_slave_0 left promiscuous mode [ 60.230718][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.344164][ T408] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 60.445873][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 60.454366][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 60.480893][ T1036] EXT4-fs (loop0): Ignoring removed orlov option [ 60.495959][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 60.505645][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 60.514713][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 60.523686][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 60.526951][ T1036] EXT4-fs (loop0): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 60.583199][ T408] usb 4-1: Using ep0 maxpacket: 16 [ 60.703504][ T408] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 60.734967][ T408] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 60.765583][ T408] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 60.785767][ T408] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 60.805054][ T408] usb 4-1: config 0 descriptor?? [ 60.898623][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state [ 60.938654][ T1039] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.953152][ T1039] device bridge_slave_0 entered promiscuous mode [ 60.962162][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state [ 60.969638][ T1039] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.986067][ T1039] device bridge_slave_1 entered promiscuous mode [ 61.285912][ T408] logitech 0003:046D:C29C.0004: unknown main item tag 0x0 [ 61.314270][ T408] logitech 0003:046D:C29C.0004: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.3-1/input0 [ 61.317009][ T1039] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.332258][ T1039] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.339615][ T1039] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.346477][ T1039] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.425778][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 61.433562][ T24] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 61.443881][ T108] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.452585][ T108] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.481707][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 61.490901][ T18] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.497804][ T18] bridge0: port 1(bridge_slave_0) entered forwarding state [ 61.505638][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 61.514426][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.521272][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 61.587780][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 61.612002][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready [ 61.677265][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 61.713324][ T24] usb 3-1: Using ep0 maxpacket: 8 [ 61.753325][ T408] logitech 0003:046D:C29C.0004: no inputs found [ 61.760772][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready [ 61.775255][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 61.794686][ T408] usb 4-1: USB disconnect, device number 4 [ 61.806270][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 61.819465][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 61.833427][ T24] usb 3-1: unable to get BOS descriptor set [ 61.854416][ T7] device bridge_slave_1 left promiscuous mode [ 61.860496][ T7] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.871765][ T7] device bridge_slave_0 left promiscuous mode [ 61.878287][ T7] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.923092][ T24] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0 [ 61.973281][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 61.981746][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 62.054291][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 62.074277][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 62.090774][ T1095] EXT4-fs (loop1): Ignoring removed orlov option [ 62.098632][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 62.103633][ T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 62.108106][ T125] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 62.121827][ T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 62.142337][ T1095] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 62.170320][ T24] usb 3-1: Product: syz [ 62.174595][ T24] usb 3-1: Manufacturer: syz [ 62.179036][ T24] usb 3-1: SerialNumber: syz [ 62.224544][ T24] cdc_ether: probe of 3-1:1.0 failed with error -22 [ 62.441894][ T1087] bridge0: port 1(bridge_slave_0) entered blocking state [ 62.449040][ T1087] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.458770][ T1087] device bridge_slave_0 entered promiscuous mode [ 62.467031][ T1087] bridge0: port 2(bridge_slave_1) entered blocking state [ 62.480116][ T1087] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.507700][ T1087] device bridge_slave_1 entered promiscuous mode [ 62.552269][ T1065] xt_bpf: check failed: parse error [ 62.565155][ T1118] syz-executor.4[1118] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 62.565265][ T1118] syz-executor.4[1118] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 62.580632][ T24] usb 3-1: USB disconnect, device number 4 [ 62.625981][ T23] kauditd_printk_skb: 6 callbacks suppressed [ 62.626009][ T23] audit: type=1400 audit(2000000004.000:246): avc: denied { write } for pid=1116 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1 [ 62.677619][ T23] audit: type=1400 audit(2000000004.030:247): avc: denied { bind } for pid=1122 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1 [ 62.823788][ T1125] EXT4-fs (loop4): Ignoring removed orlov option [ 62.831237][ T1125] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option [ 62.880822][ T1125] EXT4-fs (loop4): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 62.939372][ T23] audit: type=1400 audit(2000000004.310:248): avc: denied { map } for pid=1124 comm="syz-executor.4" path="/root/syzkaller-testdir3226914311/syzkaller.UvTjlX/3/file1/file0/bus" dev="devtmpfs" ino=9214 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fixed_disk_device_t tclass=blk_file permissive=1 [ 62.988338][ T23] audit: type=1326 audit(2000000004.350:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=1131 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcc9c19dea9 code=0x0 [ 62.989384][ T1125] EXT4-fs error (device loop4): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.4: corrupt xattr in inline inode [ 63.034588][ T1125] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.4: corrupted in-inode xattr [ 63.107963][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 63.119251][ T23] audit: type=1400 audit(2000000004.500:250): avc: denied { unmount } for pid=1039 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1 [ 63.142084][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 63.151550][ T23] audit: type=1400 audit(2000000004.500:251): avc: denied { unlink } for pid=1039 comm="syz-executor.4" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1 [ 63.183280][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 63.192193][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready [ 63.201015][ T24] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.201640][ T1136] binder: 1135:1136 ioctl c0306201 200011c0 returned -14 [ 63.208028][ T24] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.209383][ T24] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready [ 63.253971][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 63.264922][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready [ 63.277888][ T18] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.284988][ T18] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.356578][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready [ 63.432100][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready [ 63.514566][ T1148] overlayfs: missing 'lowerdir' [ 63.603001][ T24] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 63.626533][ T1150] EXT4-fs (loop2): Unsupported blocksize for fs encryption [ 63.699876][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready [ 63.729091][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready [ 63.738231][ T18] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready [ 63.843186][ T24] usb 5-1: Using ep0 maxpacket: 16 [ 63.852222][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready [ 63.865929][ T108] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready [ 63.901535][ T1157] EXT4-fs (loop3): Ignoring removed orlov option [ 63.938127][ T1157] EXT4-fs (loop3): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000001000,data_err=abort,barrier=0x0000000000000002,jqfmt=vfsv1,block_validity,max_dir_size_kb=0x00000000000007b1,orlov,bsdgroups,max_batch_time=0x0000000000000400,user_xattr,quota,,errors=continue [ 63.960387][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.973962][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 63.991317][ T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 64.001552][ T1146] bridge0: port 1(bridge_slave_0) entered disabled state [ 64.010075][ T1146] device bridge_slave_0 entered promiscuous mode [ 64.017486][ T24] usb 5-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00 [ 64.027474][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready [ 64.033648][ T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 64.043723][ T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready [ 64.054368][ T24] usb 5-1: config 0 descriptor?? [ 64.073380][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.080263][ T1146] bridge0: port 2(bridge_slave_1) entered disabled state [ 64.104849][ T1146] device bridge_slave_1 entered promiscuous mode [ 64.132158][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready [ 64.143644][ T370] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready [ 64.233608][ T5] usb 3-1: new high-speed USB device number 5 using dummy_hcd [ 64.398886][ T1170] EXT4-fs (loop0): Ignoring removed orlov option [ 64.423167][ T1170] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option [ 64.451473][ T1146] bridge0: port 2(bridge_slave_1) entered blocking state [ 64.458381][ T1146] bridge0: port 2(bridge_slave_1) entered forwarding state [ 64.465644][ T1146] bridge0: port 1(bridge_slave_0) entered blocking state [ 64.469563][ T1170] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,errors=continue,noauto_da_alloc,nomblk_io_submit,,errors=continue [ 64.472530][ T1146] bridge0: port 1(bridge_slave_0) entered forwarding state [ 64.502972][ T5] usb 3-1: Using ep0 maxpacket: 8 [ 64.539390][ T24] logitech 0003:046D:C29C.0005: unknown main item tag 0x0 [ 64.561886][ T24] logitech 0003:046D:C29C.0005: hidraw0: USB HID v0.00 Device [HID 046d:c29c] on usb-dummy_hcd.4-1/input0 [ 64.571284][ T1170] EXT4-fs error (device loop0): get_max_inline_xattr_value_size:68: inode #12: comm syz-executor.0: corrupt xattr in inline inode [ 64.587701][ T1170] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2221: inode #12: comm syz-executor.0: corrupted in-inode xattr [ 64.617843][ T1075] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 64.633112][ T5] usb 3-1: unable to get BOS descriptor set [ 64.642646][ T1087] ================================================================== [ 64.650600][ T1087] BUG: KASAN: use-after-free in ext4_xattr_delete_inode+0xc1f/0xc30 [ 64.658521][ T1087] Read of size 4 at addr ffff8881ed4ab000 by task syz-executor.0/1087 [ 64.666471][ T1087] [ 64.668685][ T1087] CPU: 0 PID: 1087 Comm: syz-executor.0 Tainted: G W 5.4.274-syzkaller-00002-g6f97bd951d82 #0 [ 64.680034][ T1087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024 [ 64.689914][ T1087] Call Trace: 2033/05/18 03:33:26 SYZFATAL: failed to recv *flatrpc.HostMessageRaw: EOF [ 64.693064][ T1087] dump_stack+0x1d8/0x241 [ 64.697317][ T1087] ? nf_ct_l4proto_log_invalid+0x258/0x258 [ 64.702962][ T1087] ? printk+0xd1/0x111 [ 64.706859][ T1087] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 64.712332][ T1087] print_address_description+0x8c/0x600 [ 64.717825][ T1087] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 64.723351][ T1087] __kasan_report+0xf3/0x120 [ 64.727786][ T1087] ? ext4_xattr_delete_inode+0xc1f/0xc30 [ 64.733439][ T1087] kasan_report+0x30/0x60 [ 64.737699][ T1087] ext4_xattr_delete_inode+0xc1f/0xc30 [ 64.743187][ T1087] ? check_preemption_disabled+0x9f/0x320 [ 64.748721][ T1087] ? ext4_expand_extra_isize_ea+0x1bb0/0x1bb0 [ 64.754745][ T1087] ? __ext4_journal_start_sb+0x295/0x460 [ 64.760188][ T1087] ext4_evict_inode+0x1378/0x1ac0 [ 64.765059][ T1087] ? ext4_truncate_restart_trans+0xe0/0xe0 [ 64.770680][ T1087] ? wb_io_lists_depopulated+0x85/0x170 [ 64.776241][ T1087] ? ext4_truncate_restart_trans+0xe0/0xe0 [ 64.781969][ T1087] evict+0x29b/0x6a0 [ 64.785846][ T1087] vfs_rmdir+0x24b/0x3c0 [ 64.789925][ T1087] do_rmdir+0x2c1/0x580 [ 64.793929][ T1087] ? d_delete_notify+0xc0/0xc0 [ 64.798626][ T1087] ? _raw_spin_unlock_irq+0x4a/0x60 [ 64.803667][ T1087] do_syscall_64+0xca/0x1c0 [ 64.808011][ T1087] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 64.813816][ T1087] RIP: 0033:0x7fbbf205f687 [ 64.818151][ T1087] Code: 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48 [ 64.837788][ T1087] RSP: 002b:00007fff87748db8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107 [ 64.846115][ T1087] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007fbbf205f687 [ 64.854100][ T1087] RDX: 0000000000000200 RSI: 00007fff87749f60 RDI: 00000000ffffff9c [ 64.862006][ T1087] RBP: 00007fbbf20bc636 R08: 0000000000000000 R09: 0000000000000000 [ 64.870056][ T1087] R10: 0000000000000100 R11: 0000000000000207 R12: 00007fff87749f60 [ 64.877860][ T1087] R13: 00007fbbf20bc636 R14: 000000000000fb37 R15: 0000000000000009 [ 64.885750][ T1087] [ 64.887913][ T1087] Allocated by task 905: [ 64.892016][ T1087] __kasan_kmalloc+0x171/0x210 [ 64.896609][ T1087] kmem_cache_alloc+0xd9/0x250 [ 64.901217][ T1087] skb_clone+0x1c0/0x360 [ 64.905295][ T1087] ip6_finish_output2+0x316/0x18e0 [ 64.910238][ T1087] ip6_output+0x1b3/0x430 [ 64.914495][ T1087] ip6_local_out+0x1ff/0x490 [ 64.918909][ T1087] ip6_send_skb+0x7f/0x160 [ 64.923204][ T1087] udp_v6_send_skb+0xa3d/0x1440 [ 64.927952][ T1087] udpv6_sendmsg+0x2268/0x3150 [ 64.932547][ T1087] ____sys_sendmsg+0x5ac/0x8f0 [ 64.937163][ T1087] __sys_sendmmsg+0x3c3/0x700 [ 64.941678][ T1087] __x64_sys_sendmmsg+0x9c/0xb0 [ 64.946350][ T1087] do_syscall_64+0xca/0x1c0 [ 64.951030][ T1087] entry_SYSCALL_64_after_hwframe+0x5c/0xc1 [ 64.957090][ T1087] [ 64.959361][ T1087] Freed by task 905: [ 64.963102][ T1087] __kasan_slab_free+0x1b5/0x270 [ 64.967965][ T1087] kmem_cache_free+0x10b/0x2c0 [ 64.972561][ T1087] __udp6_lib_mcast_deliver+0xae4/0xb80 [ 64.977945][ T1087] __udp6_lib_rcv+0x60a/0xcd0 [ 64.982448][ T1087] ip6_protocol_deliver_rcu+0xa91/0x13c0 [ 64.988000][ T1087] ip6_input+0xdc/0x270 [ 64.991994][ T1087] ip6_mc_input+0x20e/0x2a0 [ 64.996334][ T1087] ipv6_rcv+0xee/0x280 [ 65.000244][ T1087] __netif_receive_skb+0x1c6/0x530 [ 65.005196][ T1087] process_backlog+0x34f/0x680 [ 65.009792][ T1087] net_rx_action+0x53f/0x1160 [ 65.014388][ T1087] __do_softirq+0x23b/0x6b7 [ 65.018880][ T1087] [ 65.021068][ T1087] The buggy address belongs to the object at ffff8881ed4ab000 [ 65.021068][ T1087] which belongs to the cache skbuff_head_cache of size 240 [ 65.035835][ T1087] The buggy address is located 0 bytes inside of [ 65.035835][ T1087] 240-byte region [ffff8881ed4ab000, ffff8881ed4ab0f0) [ 65.048742][ T1087] The buggy address belongs to the page: [ 65.054249][ T1087] page:ffffea0007b52ac0 refcount:1 mapcount:0 mapping:ffff8881f1ccd900 index:0x0 [ 65.063168][ T1087] flags: 0x8000000000000200(slab) [ 65.068051][ T1087] raw: 8000000000000200 dead000000000100 dead000000000122 ffff8881f1ccd900 [ 65.076464][ T1087] raw: 0000000000000000 00000000000c000c 00000001ffffffff 0000000000000000 [ 65.084862][ T1087] page dumped because: kasan: bad access detected [ 65.091115][ T1087] page_owner tracks the page as allocated [ 65.096675][ T1087] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY) [ 65.108406][ T1087] prep_new_page+0x18f/0x370 [ 65.112821][ T1087] get_page_from_freelist+0x2d13/0x2d90 [ 65.118204][ T1087] __alloc_pages_nodemask+0x393/0x840 [ 65.123409][ T1087] alloc_slab_page+0x39/0x3c0 [ 65.127925][ T1087] new_slab+0x97/0x440 [ 65.131831][ T1087] ___slab_alloc+0x2fe/0x490 [ 65.136255][ T1087] __slab_alloc+0x62/0xa0 [ 65.140418][ T1087] kmem_cache_alloc+0x109/0x250 [ 65.145109][ T1087] __alloc_skb+0x7a/0x4d0 [ 65.149277][ T1087] alloc_skb_with_frags+0x92/0x550 [ 65.154224][ T1087] sock_alloc_send_pskb+0x831/0x950 [ 65.159259][ T1087] __ip6_append_data+0x2862/0x3e50 [ 65.164207][ T1087] ip6_make_skb+0x442/0x7c0 [ 65.168547][ T1087] udpv6_sendmsg+0x2236/0x3150 [ 65.173143][ T1087] ____sys_sendmsg+0x5ac/0x8f0 [ 65.177747][ T1087] __sys_sendmmsg+0x3c3/0x700 [ 65.182242][ T1087] page last free stack trace: [ 65.186778][ T1087] free_unref_page_prepare+0x297/0x380 [ 65.192072][ T1087] free_unref_page_list+0x10a/0x590 [ 65.197102][ T1087] release_pages+0xad8/0xb20 [ 65.201529][ T1087] pagevec_lru_move_fn+0x1cb/0x250 [ 65.206474][ T1087] lru_add_drain_cpu+0x105/0x600 [ 65.211260][ T1087] __pagevec_release+0x6e/0x150 [ 65.215940][ T1087] write_cache_pages+0xbd4/0xe60 [ 65.220718][ T1087] generic_writepages+0xf8/0x160 [ 65.225482][ T1087] do_writepages+0x12b/0x270 [ 65.229931][ T1087] __filemap_fdatawrite_range+0x33c/0x3f0 [ 65.235472][ T1087] sync_filesystem+0x131/0x200 [ 65.240170][ T1087] generic_shutdown_super+0x6b/0x2a0 [ 65.245273][ T1087] kill_block_super+0x7a/0xe0 [ 65.249875][ T1087] deactivate_locked_super+0xa8/0x110 [ 65.255791][ T1087] deactivate_super+0x1e2/0x2a0 [ 65.260482][ T1087] cleanup_mnt+0x44e/0x500 [ 65.264818][ T1087] [ 65.266990][ T1087] Memory state around the buggy address: [ 65.272463][ T1087] ffff8881ed4aaf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.280357][ T1087] ffff8881ed4aaf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 65.288269][ T1087] >ffff8881ed4ab000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb