last executing test programs:

12.621822452s ago: executing program 3 (id=4013):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x2}, 0xffffffffffffffee)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7ffffdc0}]})
r1 = timerfd_create(0x0, 0x0)
timerfd_gettime(r1, &(0x7f0000000580))
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xfffffffffffffe2f}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MTU={0x8, 0x4, 0x4ac}]}, 0x44}}, 0x0)
r5 = socket$inet(0x2, 0x3, 0x1)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000480)={0x2c, 0x2, 0x6, 0x301, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4}, 0x4c0c1)
setsockopt$sock_int(r5, 0x1, 0x5, &(0x7f0000001140)=0x8000, 0x4)
sendmmsg$inet(r5, &(0x7f0000000780)=[{{&(0x7f0000000040)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f00000002c0)=[@ip_retopts={{0xc4, 0x0, 0x7, {[@ra={0x94, 0x4}, @generic={0xc2, 0x11, "455c4b2685c5fe7b8cc7cd3f24857a"}, @timestamp_addr={0x44, 0x1c, 0xce, 0x1, 0x7, [{@empty, 0x3}, {@broadcast}, {@multicast2, 0x4}]}, @rr={0x7, 0x7, 0x91, [@multicast1]}, @timestamp={0x44, 0x8, 0x18, 0x0, 0x9, [0x2]}, @timestamp_addr={0x44, 0x14, 0x90, 0x1, 0x1, [{@empty, 0x4}, {@private=0xa010102, 0x9}]}, @ra={0x94, 0x4, 0x1}, @noop, @timestamp_addr={0x44, 0x54, 0x73, 0x1, 0x0, [{@multicast1, 0x6}, {@multicast1, 0x2}, {@broadcast, 0x9}, {@multicast2, 0x5}, {@rand_addr=0x64010102, 0x41}, {@local, 0x9469}, {@rand_addr=0x64010101, 0x4}, {@broadcast, 0x80000001}, {@broadcast, 0x6}, {@private=0xa010100, 0x6}]}, @lsrr={0x83, 0x7, 0xaa, [@broadcast]}]}}}], 0xc8}}], 0x1, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=<r6=>0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r8=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r8, 0x0)
keyctl$setperm(0x5, 0x0, 0x20001900)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r9 = syz_genetlink_get_family_id$gtp(&(0x7f0000000700), 0xffffffffffffffff)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000000))
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="34100000", @ANYRES16=r9, @ANYBLOB="100027bd7000fedbdf25010000000800090000000000080005006401010208000500ac1414aa0800080002000000"], 0x34}, 0x1, 0x0, 0x0, 0x4000050}, 0x4000000)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r10)
sendmsg$NFC_CMD_DEV_UP(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYRES16, @ANYBLOB="01000000000000000000020000000800", @ANYRES32=r6], 0x1c}}, 0x0)
write$nci(0xffffffffffffffff, &(0x7f0000000240)=ANY=[], 0x119)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, &(0x7f00000003c0)={0x5, &(0x7f0000000200)=[{0x3, 0xde, 0xe7, 0x1}, {0x95, 0x9, 0x8, 0x5}, {0x137, 0x6, 0xff, 0x5}, {0x2bc6, 0xb, 0x8, 0xa}, {0xc66, 0x4, 0x8, 0x1}]})
r11 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r11, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)

11.41320967s ago: executing program 3 (id=4031):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, &(0x7f0000000040)=@framed={{}, [@call]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) (async)
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000000))

9.052976423s ago: executing program 3 (id=4061):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
lseek(0xffffffffffffffff, 0x3f00, 0x0)

7.00567302s ago: executing program 3 (id=4084):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0x0, &(0x7f00000000c0), 0x4)
sync_file_range(0xffffffffffffffff, 0xfffffff000000000, 0x0, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000006c0), 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)=@generic={&(0x7f0000000000)='./file0\x00', 0x0, 0x10}, 0x18)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000700)={{0xfd}})
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="dbf0cad03cbe51829b3483c55bf006885e2d1048833b91c1542314c6109420d04d65a7e267871547ee1a54a6ef467dfc4d3ea15a8d1ba99e6d63ba390ab46982ba05aa5cfeb5774eb4ab2748f7c45618f8588870fd58000e9fea6b9af8fe2186180f266e6e2a9239f290222416d05376f16d6732be2d87f8f3b97f42"], &(0x7f0000000040)='GPL\x00', 0x0, 0x1a, 0x0, 0x0, 0x64, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
r3 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x4e22, @loopback}, {0x1, @multicast}, 0x4a, {0x2, 0x4e22, @loopback}, 'veth1_vlan\x00'})
ioctl$sock_inet_SIOCSARP(r3, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @broadcast}, 'syz_tun\x00'})
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e24, @local}, 0x10)
sendto$inet(r0, &(0x7f0000001a80)="10cd9207e6314f9ea40e7dcb07c1185c329176f1c54d1bef2b546474d025b1804ead109121fddb88b8216b56779cb8249950c9442cf7a1b79cedb7faeddab701fd47c097547c371b520a45cb668c6dfe1d8d6a71b883166f2c5399866ac29292b22e5d359e35eb498da16f53384625f822e6519f427fd1f0dfdf8ea93a650c1339b828e4b8e4113a5ed9072e1a0c4b19b3175e54296c0871010a011486fa36459e7fc646e969ea18510e984f17ced2ca064ba8f73e7c84a1c90cec5cbb988b5f47bb946fea8810a1392c8203f0802466f53a605f56e0b5965d986f739dda01a87c3f8d1a1330e44957e5882ccffa59e0c4a4d056b5227464ef5a2303cb168924c800f3b8258fda47da52f55dd237d53804e77a60be9c3c2ba769fab14ccabec788722a3f35dacdbd218f8031dd4252cb798acca9d7260d9740de5d4db5606d1fe36a4febf358b46a6b678e6dd2fa0780f7fbc70ef1eeb5199d19d4df78e6dfb045695a8322b06b2becc043452f6a99e1d38cdd4add44adfa981667dc98f257d6dcd6b7265c87e51f759599f6e17a9bb3d8109b24497bf605ffdacf7c3eae0ec751a4cc6bc11ec4ab21d1a427269be38101888758585d0c939f1e9272b9370076c2a20d1eb6ed7ce167e3b83827a751a6c4493015a5e451004830986e4b65021619abb5001a8f23dd3cca5da665965c24e5ba4df19383f659f56aa804c72118545d046ab37aa72c2cace5d74d155ad59facae906bf2b07194cff2c447b699a25efa00eca97a77f958675fe6efc845f3fb412f332a7f3e291e20f4bb62c778e0cfeefb850358f3da1b", 0x248, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r4, 0x0)
setsockopt(r4, 0xadf, 0xa, &(0x7f0000000200)="03", 0x1)
socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000000)=ANY=[@ANYBLOB="54010000100001000000000000000000ffffffff000000000000000000000000ac1414aa00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="7f00000100000000000000000000000000000000320000000000000000000000000000000000000000000000000000000000000000000000000000000000000036fd66905ed64f3c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001c00040001000000000000007f00000100"/268], 0x154}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
socket$packet(0x11, 0x3, 0x300)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32, @ANYBLOB="000000000000000014001a80100004800c000380"], 0x34}}, 0x0)
sendmsg$DCCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x20000004)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wpan3\x00'})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wpan0\x00'})
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

3.373575405s ago: executing program 3 (id=4144):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x80, &(0x7f0000000340)=ANY=[], 0x40, 0x2f5, &(0x7f0000000a40)="$eJzs3M9rE1sUwPGTNG3TlDZZPB68J9KLbnQztHGvBGlBDCi1EX+AMG0mGjImIRMqEbERF279NwxddlfQ+gd0486VG3HTjeCmoHUkmamd1kk7KaZpyPcD5Z7MvaczN3cmnARmtu68flzIWVpOr0pUlIRF6rIjkmhGXiEJOc2I8zrqNHW5OP7t41klIql0enZeqbnUwqWkUmpy6u2TZ6vnNqrjt9cm10dlM/Fg62vy8+a/m/9t/Vx4lLdU3lLFUlXparH0qaovmobK5q2CptRN09AtQ+WLllFx+ktVd7dSLteUXsxOxMoVw7KUXqypglFT1ZKqjonIQz1fVJqmqYmYDI7tqVZTFtu2O8nLNObn9dQxd7p0zDz8dRuH9lYquxfP+wNnR6bRvWMCAACnlbf+D0fd+n97f/0fEqf2D3vrf1dd6s36/9bde9cD1P/rI23q/1Lb+v+Ktz9nlg6p/ys1pQ9m/R9I9M9NmcbQ8et/9InKmEhjVfau6Bf3V6dbAfU/AAAAAAAAAAAAAAAAAAAAAAD9YNu247Ztx5ttWJy4+Tfq3jCy+7rXx4nu8K6/s9aR5qqz/gPCc+NeVMR8tZxZzjit05/KSV5MMWRa4vKjdT64nHjuWno2pFoS8s5ccfNXljND+/NnJC4J//wZJ1/tzx+WmDc/KXH5xz8/6Zs/IhfOe/I1icuHJSmJKdnWeb2X/3xGqas30gfyxyTrc8ccAAAAAAD9SFO/+X5/17R2/U5+kN8Hpn2/n0fk/0hv5w4AAAAAwKCwak8LumkalSODN27GkYO/uAMD/2f/4GXgwcMBZxHq+DBCHbw/JxuE3De583T355mV0zCLvggizZPesyXWdvDkkLsqgXcx6j6Vubllxz4w5vLame9dn6Dd7jo98Y8iAAAAAF22V/T3+kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABhcJ/EEtV7PEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgtfgUAAP//WEUfcw==")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000001080)=@broute={'broute\x00', 0x9a02, 0x0, 0x90, [0x0, 0x200007b0], 0x0, 0x0, &(0x7f0000000780)=[{}, {}, {}]}, 0x108)
r2 = openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(r2, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000080)={0x6, 0x3, &(0x7f0000000d80)=ANY=[@ANYBLOB], 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r3 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000040)={'gre0\x00', {0x2, 0x0, @rand_addr=0x64010101}})

3.347660848s ago: executing program 3 (id=4145):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
write$cgroup_int(r2, &(0x7f0000000200), 0xf000)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
getsockopt$nfc_llcp(r0, 0x118, 0x0, &(0x7f0000000140)=""/192, 0x20000057)

2.309436852s ago: executing program 2 (id=4169):
mkdirat(0xffffffffffffff9c, 0x0, 0x104)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000007c0)={'wlan1\x00'})
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x36, 0x0, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000a80)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_io_uring_setup(0x0, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={0x0}, 0x10)
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
unlinkat(0xffffffffffffffff, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$9p_rdma(&(0x7f0000000500), &(0x7f0000000540)='./file1\x00', &(0x7f0000000580), 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x8052, &(0x7f0000000280)={[{@noauto_da_alloc}, {@init_itable_val={'init_itable', 0x3d, 0x2}}, {@nolazytime}, {@resuid}, {@nouid32}, {@grpjquota}]}, 0x3, 0x4d9, &(0x7f0000001100)="$eJzs3E1sFFUcAPD/bLe0fMmKiIKoRTQ2ElsoIBy8YDTxoIkRD3ps2kKQQg2tiRA0S2LwaEi8G49ePXhVL8Z4MvGKRxNDQgwXPi6umd2Zdne7289t19rfL1n2vZk3897bN2/2zXtdAti0BtJ/klr4VkTsiohCc4KB2tv9u9fGHty9NhblSuXM30n1sHtpPJOdJrZnkcFCROHzZG5HnekrVy+MTk5OXM7iwzMXPxqevnL15fMXR89NnJu4NHLq1PFjR0++MnJi+ZVqkV9ar3v7P5s6sO/ND26+PVbMt/dn7/X16JSBGGhVlKoXOp1Zl+2sCyfFtsl2rUthWLL0+k+bq7fa/3dFT7RvPOD/pVKpVPra7y5Xml2ftwXYsJLodgmA7si/6NPn3/xV3fCwbmdEbFnTUUj33DldewBK630/e0U8W92Yz4P0Nj3fdtJARLxffvh1+oo1mocAAKj34+l8JNg0/iv1N6R7JJu8L0XEoxGxOyIei4g9EfF4ROyNiCci4smm8/dERGWB/Aea4vPHP4Xbq6nfYtLx36vZ2tbc+C/qV8FKPVlsZ0Q+Jp44kn0mg9Hbd/b85MTRhiI35vHT679/2S7/+vFf+krzz8eC2cluF5sm6MZHZ0ZXVek6d65H7C821z8pRiSzKwFJROyLiP3LOG+pLnz+pW8PzEZ6G9MtXv+qSst1tA4sVVS+iXix1v7laGj/uRyTluuTef84MdwfkxNHhtOr4EjLPH797cY77fJftP7f/9l8yBsnfziT9azVS9t/W931H/n67Vz9S0lEMrteO738PG788UXbZ5qVXv9bkveq4fy59JPRmZnLRyO2JG/N3z4yd2weT9+jXKv/4KHW/X93dkz6STwVEelF/HREPBO1J8S07Acj4rmIOLRA/X957fkPV17/tZXWf7zl/a+h/efW69sFknItdYtdPRcO3nrQ5uaxtPY/Xg0NZlta3/+ShltEu5Lm33bpln9W++EBAADABlGIiB11c0k7olAYGqrNAe2JbYXJqemZw2enPr40nu6LKEVvIZ/pqs0H9yb5/GepLj7SFD+WzRt/1bO1Gh8am5oc72rNge3VPp8UhmbvBbX+n/qrM1PMwH+Zn/zA5rVY/997c50KAqy7pX////zpmhYEWHd1/b/cJkl5BX/3BWwAnv9h85rf/6vDgAV/8+ueARtfRV+GTW1Z/f9wuykCYCMqxruz4UJXSwKsN+N/2JQW/V3/qgKVvta7+mN+4uhf+IQ9sbJibG2RV1cC6ciqK7lvXclR+f+m0DZNFJZ3wr5YbpsWo9Wus6v/WM7t7fjFX8n+Vr7TLfjduvTTVoGu3I4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA67t8AAAD//2zP4ag=") (fail_nth: 33)

1.689314633s ago: executing program 2 (id=4175):
sched_setscheduler(0x0, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=<r1=>0x0)
r2 = syz_open_dev$sg(&(0x7f0000000100), 0x9, 0x14d000)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={'\x00', 0xb, 0x2, 0x2, 0x1, 0x4add, r1})
getsockopt$bt_hci(r0, 0x84, 0x10, &(0x7f0000003140)=""/4111, &(0x7f0000000000)=0x100f)

1.640324906s ago: executing program 2 (id=4176):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x5)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x1, 0x5}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1)
readv(r1, &(0x7f0000000280), 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r2, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)

1.545493694s ago: executing program 2 (id=4177):
socket$packet(0x11, 0x3, 0x300)
syz_emit_ethernet(0x32, &(0x7f0000000000)={@local, @remote, @val, {@arp={0x806, @ether_ipv4={0x1, 0x800, 0x6, 0x4, 0x0, @empty, @empty, @local, @broadcast}}}}, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f288476d2610054c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet_udp(0x2, 0x2, 0x0)
close(r3)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff00000500000000000000", @ANYRES32=0x0, @ANYBLOB="0092"], 0x3}}, 0x0)
write$binfmt_misc(r2, &(0x7f0000000000)=ANY=[], 0xfffffecc)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
setitimer(0x0, &(0x7f0000000040)={{}, {0x0, 0x1}}, 0x0)
splice(r1, 0x0, r3, 0x0, 0x4ffe2, 0x0)

1.385368557s ago: executing program 1 (id=4180):
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f00000000c0)={[{@nomblk_io_submit}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@jqfmt_vfsv1}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', &(0x7f00000000c0)='nfs\x00', 0x0, &(0x7f0000000000)='\x06\x00\x00\x00\x04\xb0\xfe\x98\x9a!s\x91]\xab\xc9\xa2IV\xb6-\xd9z\x81\x91\x8aP}h\xc6\x0e\xd9\v\xda\xbfS\x16 \x04\r\xcd\xdb\x9a\xd4\xaf\r\x11\xa0\xd7\xd7\xb6\x9bz\x99\xaf\xfd\x87fN\xad\x90U\xb4A\xdf\xabB\xbba\x7f\xb8\x96\x1a\xe7\xc1\xab\x16\x02\x00<r\xe9\x9cD\x90\xce\xe1\xc5\x85=\\!\xbbQ\xde\xc3\xe3\x7f\xcf\x1f\x17G\xa6\x13\xae\x92 \x1c\xbf\xfa\xe8e\x8cD\"\xa3w')
r0 = socket(0x0, 0x0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(r1, 0x7f)
syz_emit_ethernet(0x4a, &(0x7f0000000400)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a843500140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00004e22", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="38020044ef83fa7de600000000000000000000000000006348aeda800316bc69a0df671fb41560f324b3a70ec0d6fcc0489741bae03bcedffda4e5732cf8df2c4b891c27e41063456d2fb84e61c2c6aa40a923262019faed"], 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd6000004e00180600fe800000000000000000000000000000c500004e22000000000000000000001000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="640000009078000002040000"], 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x200400c1}, 0x2042811)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_EXTTS_REQUEST(r2, 0x40603d10, &(0x7f0000000180))
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000002400)=0xc)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)={0x18, 0x16, 0xa01}, 0x78}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r6=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000004c0)=@newlink={0x68, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x40, 0x12, 0x0, 0x1, @sit={{0x8}, {0x34, 0x2, 0x0, 0x1, [@IFLA_IPTUN_PMTUDISC={0x5}, @IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0x5}, @IFLA_IPTUN_ENCAP_TYPE={0x6, 0xf, 0x2}, @IFLA_IPTUN_6RD_PREFIXLEN={0x6, 0xd, 0x3}, @IFLA_IPTUN_6RD_RELAY_PREFIX={0x8, 0xc, 0x8001}, @IFLA_IPTUN_ENCAP_DPORT={0x6, 0x12, 0x4e24}]}}}, @IFLA_LINK={0x8, 0x5, r6}]}, 0x68}}, 0x0)
recvmmsg(r3, &(0x7f0000003700)=[{{0x0, 0x0, 0x0}}], 0x6, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r7 = socket(0x2b, 0x1, 0x0)
listen(r7, 0x0)
sendmsg$nl_route(r7, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@ipv6_newnexthop={0x3c, 0x68, 0x200, 0x70bd29, 0x25dfdbfc, {0xa, 0x0, 0x4, 0x0, 0x3}, [@NHA_GROUP_TYPE={0x6, 0x3, 0x1}, @NHA_GROUP_TYPE={0x6, 0x3, 0xb48e3c28c9709b40}, @NHA_GATEWAY={0x14, 0x6, @ip4=@initdev={0xac, 0x1e, 0x0, 0x0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x20008004)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)

1.35323176s ago: executing program 0 (id=4182):
socket$packet(0x11, 0x3, 0x300)
r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='memory.high\x00', 0x2, 0x0)
ioctl$FIOCLEX(r0, 0x5451)
r1 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3}, 0x0, 0x20000000, 0xffffffffffffffff, 0x0)
unshare(0x26020280)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f00000002c0)={0x1100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000280)=[r4], 0x1}, 0x58)
pipe2(&(0x7f0000000000)={<r5=>0x0, <r6=>0x0}, 0x0)
r7 = socket(0x2c, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r8, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r7}, 0x20)
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0)=<r10=>0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r11)
sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r10, @ANYBLOB="733e5ef0b47ae1aea02e1be1acc0a7362af0de3c"], 0x1c}}, 0x0)
write$nci(r9, &(0x7f0000000580)=ANY=[@ANYBLOB="6109010805"], 0x5)
r13 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r13, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0xb4}}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000340)={0xfffffff9, <r15=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380)=r15, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x13, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000006000000000000000600000018420000010000000000000000000000185700000c000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703001d00000000850000000c000000b70000000000000018210000790e97e92831618bfff4fed7bdfe98571d18d193a1fedde8f9fc8b5f947bb32d472acb86ea24", @ANYRES32=r6, @ANYBLOB="000000000b000000183a0000010000000000000000000000185100000d000000000000000000000055460000010000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x400, 0x97, &(0x7f0000000680)=""/151, 0x41000, 0x2, '\x00', 0x0, 0x22, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x3, 0x6, 0x80f8, 0xc070}, 0x10, 0x0, r6, 0x8, &(0x7f0000000780)=[r6, r5, r5], &(0x7f00000007c0)=[{0x0, 0x1, 0xe, 0x3}, {0x5, 0x5, 0x6, 0x9}, {0x2, 0x1, 0x0, 0xb}, {0x1, 0x5, 0x3, 0xc}, {0x5, 0x2, 0x10, 0x9}, {0x4, 0x2, 0x4}, {0x4, 0x5, 0x2, 0x6}, {0x0, 0x5, 0x0, 0x1}]}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xb0, 0x2, 0x3}, 0x48)
close_range(r6, 0xffffffffffffffff, 0x0)

1.22547238s ago: executing program 4 (id=4184):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4b, &(0x7f0000000040)=0x4, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xb}, 0x1c)
ftruncate(0xffffffffffffffff, 0x2000009)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB="000000000000000014001a80100005800c000780080002"], 0x34}}, 0x0)
ioperm(0x0, 0xab4d, 0x8)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a0000000000", @ANYRES32=r6], 0x4c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r7, 0x40047451, 0x20000015)
semop(0x0, &(0x7f0000000000)=[{0x4}, {0x4}], 0x2)
ioperm(0x6, 0x23, 0x3ff)
semctl$GETPID(0x0, 0x0, 0xb, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0x4, 0xffffffffffffffff, 0x0)

1.134690447s ago: executing program 0 (id=4185):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_inet_SIOCGARP(r0, 0x8954, &(0x7f0000000240)={{0x2, 0xb00, @multicast2}, {0x306, @local}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'veth1_to_team\x00'})

1.1070298s ago: executing program 1 (id=4186):
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, 0x0, 0x3}, 0x18)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[], 0x14}}, 0x0)
open(&(0x7f0000000280)='./bus\x00', 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x19, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f00000000c0)='P', &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r0, &(0x7f0000000100), &(0x7f0000000000)=""/8, 0x2}, 0x20)
bpf$MAP_DELETE_ELEM(0x2, &(0x7f00000003c0)={r0, &(0x7f0000000300)='@', 0x20000000}, 0x20)
bpf$MAP_DELETE_ELEM(0x4, &(0x7f0000000340)={r0, &(0x7f0000000400), 0x20000000}, 0x20)
socket$inet_sctp(0x2, 0x400000000001, 0x84)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x2d)
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
prctl$PR_SET_KEEPCAPS(0x8, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = signalfd4(r3, &(0x7f0000000140), 0x8, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
renameat2(r5, &(0x7f0000000000)='./mnt\x00', r5, &(0x7f0000000100)='./mnt\x00', 0x1)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0, 0x0)
sendfile(r4, r6, 0x0, 0x1000000000006)
getpriority(0x0, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1000000000006)
socket(0x2c, 0x2, 0x0)

1.029585836s ago: executing program 0 (id=4187):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x5)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x1, 0x5}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1)
readv(r1, &(0x7f0000000280)=[{0x0}], 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r2, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)

1.025176397s ago: executing program 0 (id=4188):
r0 = socket$netlink(0x10, 0x3, 0x10)
writev(r0, &(0x7f0000000180)=[{&(0x7f0000000040)="39000000120003474cbb65e1c3e4ffff07000d0001000000070000002500000004003d000c0014000000001f000006060400180000008cdb25", 0x39}, {&(0x7f0000000080)}, {&(0x7f00000000c0)="4867ed69ee5f3554822387d585dbf707599344bb00000d2a0aee3559ca9c41fbd1b9fec83446fd30624aa17919d035e88f000078bc1ad082069ff1f6258f6278637e662246a5b89a38f97f3356e8f5428295c352e596309cab738136f5e871cde840729f4a35e64865d26fbc520c108c9074c88299503eb9c71a2894d10322ce711ad827d33ea31e07046d6f92fc5ce7b11a819ff48a2e3b5624e182e7c465268f31821ab7b9b44d816260007727bba7fad290227df662a8996671a29c", 0xbd}], 0x3)

1.000955948s ago: executing program 4 (id=4189):
r0 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x25, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010600000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff1b000000020000000900010073797a30000001000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a3c000000120a01020000000000100000020000000900020073797a310000000008000440000000000900010073797a3000000000080003400000000a14000000110001"], 0x64}}, 0x0)

918.174925ms ago: executing program 1 (id=4190):
r0 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000240)={0x20, 0x17, 0x0, 0xccb, 0x0, 0x0, 0x0})
r1 = socket$inet(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x61, &(0x7f0000000280)={'filter\x00', 0x4}, 0x68)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
perf_event_open(&(0x7f00000003c0)={0x2, 0x80, 0x90, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lsm_set_self_attr(0x0, 0x0, 0xd1, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x200000, &(0x7f00000005c0), 0x1, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
setsockopt$sock_int(r3, 0x1, 0x1d, &(0x7f0000000200)=0x10001, 0x4)
ioctl$FS_IOC_MEASURE_VERITY(r2, 0xc0046686, &(0x7f00000002c0)={0x1, 0x86, "376823468566e3b48a0309e77991980357229b52ce4c1e8633a1be70a5b3c4908cbc110baa9eb8dea3e744d88daa3bfa980cc2696175ef85c933c95814564969d402ac25b8c35a33db6b3e61b292168babebdb70f8f62237daaf63f925b0f3a2291097c1fe58c250c12d9fdacc94eac55f236a37ff75a19a0d29fe41c7cf41370ee91c7c2aa2"})
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000480)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg(r4, &(0x7f00000057c0)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000004c0)='k', 0x1}], 0x1}}], 0x1, 0x0)
shutdown(r4, 0x1)
recvmmsg(r4, &(0x7f00000048c0)=[{{0x0, 0x0, &(0x7f0000004a00)=[{&(0x7f0000001a00)=""/4099, 0x1003}], 0x1}}], 0x1, 0x10122, 0x0)
socket(0x0, 0x0, 0x0)
ioctl(0xffffffffffffffff, 0x8916, &(0x7f0000000500)="d34c2ed4331d83f8462ee1d82ee468dfa975785c4d419961c2888af5f6e41656dddca28bd12817242b0b8c246491c7eb565f0914ac08256cf9356ab1ef5031d02b0f54379554bcda245ca16fdb015d03000000000000003b23e2cd52ced1e1a2e06007ee6ec9fbd03bfb517852c8a617b44e44a34da1d9389b651b94440a4ce7846ac67184ce142b20d0eec2ea09c9cd5cf6b8cea593a46f611e965ab38700c280160b488923000000000000")
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000037c0)={0x0, 0x0, 0x0}, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB="240000030f1409000000000100000000080001000000000009004500756d616400000000"], 0x24}}, 0x0)

917.792135ms ago: executing program 0 (id=4191):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
futex(&(0x7f000000cffc)=0x3, 0x0, 0x0, 0x0, 0x0, 0x0)
futex(0x0, 0x0, 0x0, 0x0, &(0x7f0000000300), 0x1fffffc)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000010700000000000000f9000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_BLANKSCREEN(r6, 0x5609, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0xffff, 0x81, 0x40, 0x7c4}, {0x1796}, {0x0, 0x40}, {0x0, 0x1, 0x4, 0x4}]})
getpid()
ioctl$TUNSETOFFLOAD(0xffffffffffffffff, 0xc004743e, 0x20001400)
r7 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r8 = ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)
timer_gettime(0x0, &(0x7f0000000300))
ioctl$LOOP_CTL_REMOVE(r7, 0x4c81, r8)
ioctl$LOOP_CTL_GET_FREE(r7, 0x4c82)

601.762211ms ago: executing program 2 (id=4192):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x882)
r0 = syz_io_uring_setup(0x4072, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_io_uring_submit(r1, r2, 0x0)
io_uring_enter(r0, 0x567, 0x0, 0x0, 0x0, 0x0)

338.021632ms ago: executing program 2 (id=4193):
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010005fff00000500000000000000", @ANYRES32=0x0, @ANYBLOB="0092"], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0xa00)

307.939395ms ago: executing program 4 (id=4194):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r0, 0xc020660b, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

233.608681ms ago: executing program 4 (id=4195):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x400e, &(0x7f00000002c0)={[{@init_itable}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@block_validity}, {@nobarrier}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), &(0x7f0000000900)=ANY=[], 0xfeeb, 0x0)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000080)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1c)

233.174141ms ago: executing program 1 (id=4196):
socket$packet(0x11, 0x3, 0x300)
r0 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000000)='memory.high\x00', 0x2, 0x0)
ioctl$FIOCLEX(r0, 0x5451)
r1 = perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x3, 0xffffffffffffffff, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0x1}, 0x62)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x5, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7020000f3ffffb0150000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r3)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x26, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x3}, 0x0, 0x20000000, 0xffffffffffffffff, 0x0)
unshare(0x26020280)
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_clone3(&(0x7f00000002c0)={0x1100, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000000280)=[r4], 0x1}, 0x58)
pipe2(&(0x7f0000000000)={<r5=>0x0, <r6=>0x0}, 0x0)
r7 = socket(0x2c, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r8, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r7}, 0x20)
r9 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r9, 0x0, &(0x7f00000000c0)=<r10=>0x0)
r11 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$nfc(&(0x7f00000003c0), r11)
sendmsg$NFC_CMD_DEV_UP(r11, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c40)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r12, @ANYBLOB="010000000000000000000200000008000100", @ANYRES32=r10, @ANYBLOB="733e5ef0b47ae1aea02e1be1acc0a7362af0de3c"], 0x1c}}, 0x0)
write$nci(r9, &(0x7f0000000580)=ANY=[@ANYBLOB="6109010805"], 0x5)
r13 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r13, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r14 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r14, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0xb4}}, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000340)={0xfffffff9, <r15=>0x0}, 0x8)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000380)=r15, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x13, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000006000000000000000600000018420000010000000000000000000000185700000c000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703001d00000000850000000c000000b70000000000000018210000790e97e92831618bfff4fed7bdfe98571d18d193a1fedde8f9fc8b5f947bb32d472acb86ea24", @ANYRES32=r6, @ANYBLOB="000000000b000000183a0000010000000000000000000000185100000d000000000000000000000055460000010000009500000000000000"], &(0x7f0000000540)='GPL\x00', 0x400, 0x97, &(0x7f0000000680)=""/151, 0x41000, 0x2, '\x00', 0x0, 0x22, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000740)={0x3, 0x6, 0x80f8, 0xc070}, 0x10, 0x0, r6, 0x8, &(0x7f0000000780)=[r6, r5, r5], &(0x7f00000007c0)=[{0x0, 0x1, 0xe, 0x3}, {0x5, 0x5, 0x6, 0x9}, {0x2, 0x1, 0x0, 0xb}, {0x1, 0x5, 0x3, 0xc}, {0x5, 0x2, 0x10, 0x9}, {0x4, 0x2, 0x4}, {0x4, 0x5, 0x2, 0x6}, {0x0, 0x5, 0x0, 0x1}]}, 0x90)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)={0x2, 0x4, 0x8, 0x1, 0x80, r6, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xb0, 0x2, 0x3}, 0x48)
close_range(r6, 0xffffffffffffffff, 0x0)

141.169598ms ago: executing program 4 (id=4197):
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000100)={'ip6tnl0\x00', &(0x7f0000000080)={'ip6gre0\x00', <r0=>0x0, 0x4, 0x5, 0x1, 0x5, 0x34, @private2, @private2={0xfc, 0x2, '\x00', 0x5}, 0x20, 0x8000, 0x2, 0x6}})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x8, '\x00', r0}, 0x90)
r1 = socket(0x6, 0x4, 0x8)
getsockopt$inet_tcp_buf(r1, 0x6, 0xd, &(0x7f0000000140)=""/105, &(0x7f0000000040)=0x69)

71.631524ms ago: executing program 1 (id=4198):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000540)=ANY=[], 0x5)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[@ANYBLOB], 0x5)
fcntl$setownex(0xffffffffffffffff, 0xf, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x1, 0x5}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_SET_FORCE_PACK_ID(r1, 0x227b, &(0x7f00000000c0)=0x1)
readv(r1, &(0x7f0000000280)=[{0x0}], 0x1)
r2 = fcntl$dupfd(r1, 0x0, r1)
write$sndseq(r2, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)

13.400509ms ago: executing program 1 (id=4199):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x400e, &(0x7f0000000280)={[{@i_version}, {@nobh}, {@data_err_ignore}, {@nolazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}, {@acl}]}, 0x1, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x4b, &(0x7f0000000040)=0x4, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xb}, 0x1c)
ftruncate(0xffffffffffffffff, 0x2000009)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000013000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB="000000000000000014001a80100005800c000780080002"], 0x34}}, 0x0)
ioperm(0x0, 0xab4d, 0x8)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a0000000000", @ANYRES32=r6], 0x4c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r7, 0xc004743e, 0x20001400)
ioctl$TUNSETOFFLOAD(r7, 0x40047451, 0x20000015)
semop(0x0, &(0x7f0000000000)=[{0x4}, {0x4}], 0x2)
ioperm(0x6, 0x23, 0x3ff)
semctl$GETPID(0x0, 0x0, 0xb, 0x0)
perf_event_open(&(0x7f0000000240)={0x2, 0x80, 0x27, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_config_ext}, 0x0, 0x4, 0xffffffffffffffff, 0x0)

12.978189ms ago: executing program 4 (id=4200):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
socket$inet_udp(0x2, 0x2, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r0 = accept$unix(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
setsockopt$sock_int(r0, 0x1, 0x2d, &(0x7f0000000100)=0x4, 0x4)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x6, 0x10000)
sendmmsg$unix(r1, 0x0, 0xffffffc7, 0x40000d1)
ioctl$BTRFS_IOC_LOGICAL_INO(0xffffffffffffffff, 0xc0389424, &(0x7f0000000180)={0x0, 0x0, '\x00', 0x1, 0x0})
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r1)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000280)=ANY=[@ANYBLOB="08000000000000000000000000000000010000002000000032057e68d5d647f4ed243c9d097db4c7bae657e0049450457902f8d4c84b1325f3d737ab1c3ebe2901b056ac84d04eb9d8bfd4772dfe3f74c591e4f19f3f234d340e6dd9a3a91499d4440ce0f52d0693ec028597719a911bffc60554e8950e91e1a8209818b4eb3440ae351192db83c2b3ba6743f2db330481aac17f0961506d7ebd78a999cf4e148c1ef2880f63696150cab0d17de455cbcb3dfee2a6f2fafec2c0"])
syz_read_part_table(0x593, &(0x7f00000005c0)="$eJzs0r1LK2kUB+A3A5c0e4lcLli4hWCwigqx0CIpRGJIY0RcsbAWLLQQLCwkEq39+AcUv0BsxD6lGEEUYiUpxXpBsUmVZdfZxmplUdnleZrhPefMHF5+E/hPi8Lv7XY7EUJoJ9//9m+nhbFS98TI5FQIiTAbQij8+stfnUQ88fdXz+NzOT6XktnG/vXo82nHTc9dPX0Yxf1aFMJaCGHh4Sj1b+/G/99Z/jK1vrFU3FzJz98XVx8H5/oKXVuFxZ2hg1xlujM3E/9Ytehz9qcbw8e37fLT7vf+b/VGK3sVz2USH7Ofr/U2/72f1Wa1Nd57sjyQ+dG8qGzHub/IHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+GBn+cvU+sZScXMlP39fXH0cnOsrdG0VFneGDnKV6c7cTPQ6V4s+Z3+6MXx82y4/7X7v/1ZvtLJX8Vwm8TH7+Vpv89/7WW1WW+O9J8sDmR/Ni8p2nPuL/AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf6gwVuqeGJmcCiERZkMIo1HH0Z/1dvK1n4jnzuNnOa6XktnG/vXo82nHTc9dPX04EddrUQhrIYSFh6PUp1+Gd/sjAAD///tch0s=")
r2 = socket(0x10, 0x802, 0x0)
write(r2, &(0x7f0000000140)="fc00000018003f03ab092500040007000a0700ffffff9e020000369321000100ff2500000005d00000000000000398996c92773411419da79bb94b46fe000000bc00020000036c6c256f1a272f2e117c22ebc205214000000000008934d07302ad031720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70c9ddefefe082038f4f8b29d3ef3d92c83170e5bba4a463ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48f6f0000080548deac270e33429fd3000175e63fb8d38a873cf1587c3b41", 0xfc)
r3 = creat(&(0x7f0000000240)='./file0\x00', 0x0)
fallocate(r3, 0x100000011, 0x0, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xa, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0xb4}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
ioctl$BLKALIGNOFF(r3, 0x127a, &(0x7f0000000080))

0s ago: executing program 0 (id=4201):
perf_event_open(&(0x7f0000000200)={0x2, 0x80, 0x40, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f00000001c0), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
setsockopt$PNPIPE_HANDLE(r0, 0x113, 0x3, 0x0, 0x0)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000000)="6c821cfe83f07e0bbc7066", 0xb}, {&(0x7f00000000c0)="c2e2338dce386f48071a9d61f2d13a7131c9c255eab6e834e9311e222e9fce2347747e20b423be341f8e353ad01f801dea030de9738cb2ef13a956a36f92f1a7d24a2862663f77c1523556b22498f2690f0e16eb4fe4d9a2df439f66c3c97959764d96dc11332a4a1864fb3c670c2d9782759f1e1191fa173d40538727ddaabe96bfd3e91d9bab05205fd04384070d7e2ddcdde13b662957835ece6025858f400d87aa08ba3d5cc667f79ed3515b4ad5bdf9bce21f56a2fedbcf7b468196e48dd3bea5b3148d5f3478c1f3af08f55235da5b64a9cadca4b79e047feffe32f73131e8a80a16d98d8991386d3fea47", 0xee}], 0x2)
unshare(0x0)
socket$unix(0x1, 0x0, 0x0)
bind$unix(0xffffffffffffffff, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000cc0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000003c0)="8ec1cc54649640be1983f79c5bfe88cd6a6afd5570ab59578db363f4892559f334d436138406b699de69db13fd73742880", 0x31}, {&(0x7f0000001380)="b0fef28adda655a00a8ce0bb7d504206000000000000001abe0a88f67472c3cd975c9884ae01084ff2b7f556e2a043b74efe85a30267fae395e8a051934cefd1a1f19f89180ab1fe20a7e408068a3f4304feafe592c403cb5d1991683fcbda9a1404998bc92cb28946223165c906e2bed23adce7939d37148e79c6b485db91083de9905e7de49fd8837cf3792d697bf8b79b9c6e8daee80e86778a4a2426e6459d4a30ad36b138b31570d8342f7094ca640633ba7e0593a6020000000000000029ba4de97b84ed9acc88b314c189bc3635a719808a7bceeb9206a3d29ef68cd6d32fc4398429c472891f8e244d27a4b6241083efd4ecd2c92d91399de6ddcafbcd07000000000000009d1b7d60c898340102268c474bf8b7db27c8787b34cae8a9c67617733c1ece82e11b99a4bdc74c8d9d1871be6af0fef62b529af9ab1f37d60a2f967d715b301856b033a7e7dac74416447a090f7b6693bbd2deaf5eebbfc9adff299bafcf57774d0c993f5524409672b4f35409a8720dc2b78f83198096c60126f911ed42c29cd6fa311e2c8daef3927ccdc90436b2b6ee4c79ff80f6938e0560d9d8e925bdc4fffffffffffffff8d9b7977fff6c4293065de2ff26a041e67954f68871d010d377f9ba1ee447b5bfd5b9d3711b3ea5c6361a97d4d46b8b406091be9433f950613083805aa4ae31e3aef57eb8d299548df54dffb7c4af7f00a869c6bdbc6c2bd1a83262981638ae365b2611d2b50c5f000000d620e2a52db4283dc9", 0x224}, {&(0x7f0000000300)="1b3b351333f3a3b13679144b7cd8a483d6dbc75ded5829aceff163e19496e9ba6875841285b877facd7b183e950017761d4433127df4ffeab47d3545970ac2571b8775e05a2ec30dbc2154f17ddb1de319411d093471a30c77ca0d06d1576a43cbd48ecc22dd81c5aeeef4a0a53a5d93a9b5b000bba7223848aa6b97abe164077f7737311f", 0x85}], 0x3}, 0x0)
recvmsg(r3, &(0x7f0000000240)={0x0, 0xfffffeb8, &(0x7f0000000200)=[{&(0x7f0000000000)=""/233, 0xe9}], 0x1, &(0x7f0000001d00)=""/4080, 0xff0}, 0x0)
close(r2)
socket$unix(0x1, 0x2, 0x0)
ioperm(0x0, 0x1, 0x8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r7, 0x10e, 0xc, &(0x7f0000000180)={0x80000020}, 0x10)
sendmsg$nl_route(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000002c0)=@ipv6_newnexthop={0x20, 0x68, 0x20, 0x70bd26, 0x25dfdbff, {0xa, 0x0, 0x4, 0x0, 0x12}}, 0x77}}, 0x0)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000100)={0x20000014})
epoll_wait(r4, &(0x7f0000000040)=[{}], 0x2, 0xfffff001)
epoll_wait(0xffffffffffffffff, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

[  318.366642][T17874] RSP: 002b:00007fd127ad3048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  318.382251][T17874] RAX: ffffffffffffffda RBX: 00007fd1289dff60 RCX: 00007fd128851bd9
[  318.390261][T17874] RDX: 0000000000000000 RSI: 00000000200009c0 RDI: 0000000000000003
[  318.398226][T17874] RBP: 00007fd127ad30a0 R08: 0000000000000000 R09: 0000000000000000
[  318.406192][T17874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  318.409440][T17705] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.414166][T17874] R13: 000000000000000b R14: 00007fd1289dff60 R15: 00007ffdb8cc0658
[  318.414185][T17874]  </TASK>
[  318.434141][T17705] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.442874][T17705] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.451648][T17705] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  318.538900][ T1520] bridge_slave_1: left allmulticast mode
[  318.544623][ T1520] bridge_slave_1: left promiscuous mode
[  318.550403][ T1520] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.572375][   T29] audit: type=1400 audit(3441709373.721:2526): avc:  denied  { mount } for  pid=17881 comm="syz.2.3921" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  318.574833][T17884] loop4: detected capacity change from 0 to 512
[  318.594814][   T29] audit: type=1400 audit(3441709373.721:2527): avc:  denied  { remount } for  pid=17881 comm="syz.2.3921" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  318.621386][ T1520] bridge_slave_0: left allmulticast mode
[  318.627040][ T1520] bridge_slave_0: left promiscuous mode
[  318.632867][ T1520] bridge0: port 1(bridge_slave_0) entered disabled state
[  318.694052][T17884] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2234: inode #12: comm syz.4.3922: corrupted in-inode xattr: invalid ea_ino
[  318.711983][T17884] EXT4-fs error (device loop4): ext4_orphan_get:1399: comm syz.4.3922: couldn't read orphan inode 12 (err -117)
[  318.725236][T17884] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.773635][T17570] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  318.803647][ T1520] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  318.815761][ T1520] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  318.839296][ T1520] bond0 (unregistering): Released all slaves
[  318.846699][T17897] loop4: detected capacity change from 0 to 256
[  318.874009][T17892] netlink: 48 bytes leftover after parsing attributes in process `syz.0.3883'.
[  318.880580][T17897] FAT-fs (loop4): Directory bread(block 64) failed
[  318.889812][T17897] FAT-fs (loop4): Directory bread(block 65) failed
[  318.905500][T17897] FAT-fs (loop4): Directory bread(block 66) failed
[  318.919685][T17897] FAT-fs (loop4): Directory bread(block 67) failed
[  318.926218][T17897] FAT-fs (loop4): Directory bread(block 68) failed
[  318.943956][T17897] FAT-fs (loop4): Directory bread(block 69) failed
[  318.950560][T17897] FAT-fs (loop4): Directory bread(block 70) failed
[  318.970027][T17897] FAT-fs (loop4): Directory bread(block 71) failed
[  318.983009][T17897] FAT-fs (loop4): Directory bread(block 72) failed
[  318.995551][T17897] FAT-fs (loop4): Directory bread(block 73) failed
[  319.028044][T17897] vfat filesystem being mounted at /15/bus supports timestamps until 2107-12-31 (0x10391447e)
[  319.098360][ T1520] hsr_slave_0: left promiscuous mode
[  319.108139][ T1520] hsr_slave_1: left promiscuous mode
[  319.137746][ T1520] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  319.145173][ T1520] batman_adv: batadv0: Removing interface: batadv_slave_0
[  319.163658][T17910] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  319.166519][ T1520] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  319.170184][T17910] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  319.170251][T17910] vhci_hcd vhci_hcd.0: Device attached
[  319.177747][ T1520] batman_adv: batadv0: Removing interface: batadv_slave_1
[  319.256819][ T1520] veth1_macvtap: left promiscuous mode
[  319.262347][ T1520] veth0_macvtap: left promiscuous mode
[  319.267868][ T1520] veth1_vlan: left promiscuous mode
[  319.273132][ T1520] veth0_vlan: left promiscuous mode
[  319.343823][T17916] loop0: detected capacity change from 0 to 512
[  319.454274][ T1520] team0 (unregistering): Port device team_slave_1 removed
[  319.478453][ T1520] team0 (unregistering): Port device team_slave_0 removed
[  319.483160][   T35] usb 9-1: new low-speed USB device number 2 using vhci_hcd
[  319.750625][T17911] vhci_hcd: connection reset by peer
[  319.758275][   T11] vhci_hcd: stop threads
[  319.762547][   T11] vhci_hcd: release socket
[  319.766998][   T11] vhci_hcd: disconnect device
[  319.812991][T17745] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  319.831774][T17745] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  319.851244][T17936] loop2: detected capacity change from 0 to 512
[  319.852545][T17745] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  319.866322][T17936] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.891287][T17745] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  320.003631][T17534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.049044][T17745] 8021q: adding VLAN 0 to HW filter on device bond0
[  320.074563][T17745] 8021q: adding VLAN 0 to HW filter on device team0
[  320.086591][ T6641] bridge0: port 1(bridge_slave_0) entered blocking state
[  320.093670][ T6641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  320.120356][ T3142] bridge0: port 2(bridge_slave_1) entered blocking state
[  320.127426][ T3142] bridge0: port 2(bridge_slave_1) entered forwarding state
[  320.155879][T17745] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  320.280197][T17745] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.379214][T17745] veth0_vlan: entered promiscuous mode
[  320.387818][T17745] veth1_vlan: entered promiscuous mode
[  320.401692][T17745] veth0_macvtap: entered promiscuous mode
[  320.416219][T17745] veth1_macvtap: entered promiscuous mode
[  320.441438][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.451931][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.461832][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.472339][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.482247][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.492678][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.502501][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.513495][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.523404][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  320.533841][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.571551][T17745] batman_adv: batadv0: Interface activated: batadv_slave_0
[  320.581969][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  320.592569][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.602485][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  320.613015][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.622900][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  320.633369][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.643219][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  320.653698][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.663592][T17745] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  320.674089][T17745] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  320.699402][T17745] batman_adv: batadv0: Interface activated: batadv_slave_1
[  320.711716][T17745] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  320.720596][T17745] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  320.729374][T17745] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  320.738189][T17745] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  320.865099][T17988] loop0: detected capacity change from 0 to 512
[  320.914065][T17995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3951'.
[  320.993016][T17999] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3952'.
[  321.035890][T17999] loop0: detected capacity change from 0 to 512
[  321.046198][T17999] EXT4-fs: Ignoring removed i_version option
[  321.056853][T17999] EXT4-fs: Ignoring removed nobh option
[  321.063149][T17999] EXT4-fs: test_dummy_encryption option not supported
[  321.197165][T18003] loop1: detected capacity change from 0 to 1024
[  321.204229][T18003] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  321.220545][T18003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  321.711454][T18009] loop2: detected capacity change from 0 to 128
[  321.733751][T18009] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  321.769280][T18009] ext4 filesystem being mounted at /29/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  321.879474][T17534] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  321.995225][T18022] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3960'.
[  322.006660][    C0] vcan0: j1939_session_tx_dat: 0xffff88812ad87c00: queue data error: -100
[  322.050531][T18024] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3954'.
[  322.129102][T17745] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.256764][T18035] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3963'.
[  322.390514][T18043] loop1: detected capacity change from 0 to 2048
[  322.410932][T18043] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  322.885052][   T29] audit: type=1400 audit(3441709377.710:2528): avc:  denied  { getopt } for  pid=18050 comm="syz.2.3969" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[  322.972129][T18053] xt_l2tp: missing protocol rule (udp|l2tpip)
[  322.985755][T17851] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  322.995608][T17851] CPU: 0 PID: 17851 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  323.005873][T17851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  323.016040][T17851] Call Trace:
[  323.019389][T17851]  <TASK>
[  323.022307][T17851]  dump_stack_lvl+0xf2/0x150
[  323.026905][T17851]  dump_stack+0x15/0x20
[  323.031061][T17851]  dump_header+0x83/0x2d0
[  323.035391][T17851]  oom_kill_process+0x33e/0x4c0
[  323.040335][T17851]  out_of_memory+0x9af/0xbe0
[  323.044926][T17851]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  323.051002][T17851]  mem_cgroup_out_of_memory+0x13e/0x190
[  323.056553][T17851]  try_charge_memcg+0x745/0xcd0
[  323.061412][T17851]  ? __alloc_pages_noprof+0x194/0x360
[  323.066788][T17851]  ? __rcu_read_unlock+0x4e/0x70
[  323.071771][T17851]  __mem_cgroup_charge+0x63/0x100
[  323.076916][T17851]  shmem_get_folio_gfp+0x480/0xb70
[  323.082039][T17851]  shmem_write_begin+0xa0/0x1c0
[  323.086944][T17851]  generic_perform_write+0x1d5/0x410
[  323.092337][T17851]  shmem_file_write_iter+0xc8/0xf0
[  323.097454][T17851]  __kernel_write_iter+0x24f/0x4e0
[  323.102604][T17851]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  323.108439][T17851]  dump_user_range+0x3a7/0x550
[  323.113223][T17851]  elf_core_dump+0x1aeb/0x1c30
[  323.118016][T17851]  ? 0xffffffffff600000
[  323.122175][T17851]  do_coredump+0xff6/0x1860
[  323.126737][T17851]  ? __rcu_read_unlock+0x4e/0x70
[  323.131692][T17851]  get_signal+0xdc1/0x1080
[  323.131727][T17851]  arch_do_signal_or_restart+0x95/0x4b0
[  323.131750][T17851]  irqentry_exit_to_user_mode+0x94/0x130
[  323.147368][T17851]  irqentry_exit+0x12/0x50
[  323.151843][T17851]  asm_exc_page_fault+0x26/0x30
[  323.156685][T17851] RIP: 0033:0xc376
[  323.160392][T17851] Code: Unable to access opcode bytes at 0xc34c.
[  323.166764][T17851] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  323.172842][T17851] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  323.180844][T17851] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  323.188831][T17851] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  323.196835][T17851] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  323.204790][T17851] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  323.212750][T17851]  </TASK>
[  323.216330][T17851] memory: usage 307200kB, limit 307200kB, failcnt 14556
[  323.223698][T17851] memory+swap: usage 431100kB, limit 9007199254740988kB, failcnt 0
[  323.231632][T17851] kmem: usage 5060kB, limit 9007199254740988kB, failcnt 0
[  323.238827][T17851] Memory cgroup stats for /syz3:
[  323.244218][T17851] cache 307564544
[  323.252235][T18061] sock: sock_timestamping_bind_phc: sock not bind to device
[  323.252819][T17851] rss 700416
[  323.263314][T17851] shmem 307478528
[  323.266934][T17851] mapped_file 77824
[  323.268948][T18061] xt_l2tp: invalid flags combination: 8
[  323.270716][T17851] dirty 77824
[  323.279570][T17851] writeback 0
[  323.279766][T18061] loop4: detected capacity change from 0 to 512
[  323.282833][T17851] workingset_refault_anon 0
[  323.294262][T17851] workingset_refault_file 0
[  323.298774][T17851] swap 126873600
[  323.302305][T17851] swapcached 1122304
[  323.303297][T18061] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.306196][T17851] pgpgin 419976
[  323.306205][T17851] pgpgout 344441
[  323.306212][T17851] pgfault 415675
[  323.306218][T17851] pgmajfault 10
[  323.306273][T17851] inactive_anon 306380800
[  323.306279][T17851] active_anon 2920448
[  323.306286][T17851] inactive_file 0
[  323.306292][T17851] active_file 90112
[  323.306299][T17851] unevictable 0
[  323.306306][T17851] hierarchical_memory_limit 314572800
[  323.306314][T17851] hierarchical_memsw_limit 9223372036854771712
[  323.318744][T18061] ext4 filesystem being mounted at /19/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  323.322128][T17851] total_cache 307564544
[  323.330276][T18061] Quota error (device loop4): dq_insert_tree: Quota tree root isn't allocated!
[  323.332667][T17851] total_rss 700416
[  323.332676][T17851] total_shmem 307478528
[  323.332683][T17851] total_mapped_file 77824
[  323.332740][T17851] total_dirty 77824
[  323.332746][T17851] total_writeback 0
[  323.332753][T17851] total_workingset_refault_anon 0
[  323.332762][T17851] total_workingset_refault_file 0
[  323.332770][T17851] total_swap 126873600
[  323.332777][T17851] total_swapcached 1122304
[  323.332783][T17851] total_pgpgin 419977
[  323.332789][T17851] total_pgpgout 344442
[  323.332795][T17851] total_pgfault 415676
[  323.332801][T17851] total_pgmajfault 10
[  323.332808][T17851] total_inactive_anon 306380800
[  323.332815][T17851] total_active_anon 2920448
[  323.332821][T17851] total_inactive_file 0
[  323.332860][T17851] total_active_file 90112
[  323.332867][T17851] total_unevictable 0
[  323.332874][T17851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17846,uid=0
[  323.332939][T17851] Memory cgroup out of memory: Killed process 17846 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:41088kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[  323.496691][T18061] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[  323.506431][T18061] EXT4-fs error (device loop4): ext4_acquire_dquot:6860: comm syz.4.3973: Failed to acquire dquot type 0
[  323.519662][T18056] gretap0: refused to change device tx_queue_len
[  323.531492][T17745] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.543281][T18056] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  323.562399][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  323.664251][T18068] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3975'.
[  323.676402][T18072] loop2: detected capacity change from 0 to 512
[  323.685903][T18072] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #12: comm syz.2.3977: corrupted in-inode xattr: invalid ea_ino
[  323.696113][T18066] usb usb8: usbfs: process 18066 (syz.1.3974) did not claim interface 0 before use
[  323.699848][T18072] EXT4-fs error (device loop2): ext4_orphan_get:1399: comm syz.2.3977: couldn't read orphan inode 12 (err -117)
[  323.725219][T18072] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  323.751190][T18066] nfs: Unknown parameter 'À'
[  323.764331][T18072] FAULT_INJECTION: forcing a failure.
[  323.764331][T18072] name failslab, interval 1, probability 0, space 0, times 0
[  323.777094][T18072] CPU: 0 PID: 18072 Comm: syz.2.3977 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  323.787234][T18072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  323.797389][T18072] Call Trace:
[  323.800683][T18072]  <TASK>
[  323.803608][T18072]  dump_stack_lvl+0xf2/0x150
[  323.808211][T18072]  dump_stack+0x15/0x20
[  323.812435][T18072]  should_fail_ex+0x229/0x230
[  323.817125][T18072]  ? security_file_alloc+0x32/0xe0
[  323.822256][T18072]  __should_failslab+0x92/0xa0
[  323.827018][T18072]  should_failslab+0x9/0x20
[  323.831641][T18072]  kmem_cache_alloc_noprof+0x4c/0x290
[  323.837027][T18072]  security_file_alloc+0x32/0xe0
[  323.841969][T18072]  alloc_empty_file_noaccount+0x85/0x1d0
[  323.847656][T18072]  alloc_file_pseudo_noaccount+0xc3/0x140
[  323.853373][T18072]  bdev_file_open_by_dev+0x185/0x230
[  323.858653][T18072]  blkdev_bszset+0xf4/0x170
[  323.863168][T18072]  blkdev_ioctl+0x250/0x450
[  323.867717][T18072]  ? __pfx_blkdev_ioctl+0x10/0x10
[  323.872746][T18072]  __se_sys_ioctl+0xd3/0x150
[  323.877413][T18072]  __x64_sys_ioctl+0x43/0x50
[  323.882007][T18072]  x64_sys_call+0x1581/0x2d70
[  323.886731][T18072]  do_syscall_64+0xc9/0x1c0
[  323.891368][T18072]  ? clear_bhb_loop+0x55/0xb0
[  323.896044][T18072]  ? clear_bhb_loop+0x55/0xb0
[  323.900761][T18072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.906752][T18072] RIP: 0033:0x7f83464d7bd9
[  323.911255][T18072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.930902][T18072] RSP: 002b:00007f8345759048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  323.939330][T18072] RAX: ffffffffffffffda RBX: 00007f8346665f60 RCX: 00007f83464d7bd9
[  323.947299][T18072] RDX: 0000000020000000 RSI: 0000000040081271 RDI: 0000000000000004
[  323.955258][T18072] RBP: 00007f83457590a0 R08: 0000000000000000 R09: 0000000000000000
[  323.963317][T18072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.971314][T18072] R13: 000000000000000b R14: 00007f8346665f60 R15: 00007ffc6b960fc8
[  323.979368][T18072]  </TASK>
[  323.985715][T18079] loop4: detected capacity change from 0 to 512
[  323.992260][T18079] EXT4-fs: Ignoring removed i_version option
[  323.998267][T18079] EXT4-fs: Ignoring removed nobh option
[  324.010687][T17534] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  324.021927][T18079] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  324.043796][T18079] EXT4-fs (loop4): 1 truncate cleaned up
[  324.055311][T18079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.143307][T18079] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3979'.
[  324.220982][T18094] loop2: detected capacity change from 0 to 512
[  324.235195][T18094] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  324.249807][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.270043][T18094] EXT4-fs (loop2): orphan cleanup on readonly fs
[  324.276655][T18094] EXT4-fs warning (device loop2): ext4_enable_quotas:7078: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  324.328565][T18094] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  324.348262][T18094] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.3983: bg 0: block 40: padding at end of block bitmap is not set
[  324.416282][T18094] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6551: Corrupt filesystem
[  324.428952][T17856] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  324.438779][T17856] CPU: 1 PID: 17856 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  324.444025][T18102] loop4: detected capacity change from 0 to 128
[  324.449081][T17856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  324.449094][T17856] Call Trace:
[  324.449101][T17856]  <TASK>
[  324.449107][T17856]  dump_stack_lvl+0xf2/0x150
[  324.455605][T18094] EXT4-fs (loop2): 1 truncate cleaned up
[  324.465389][T17856]  dump_stack+0x15/0x20
[  324.465420][T17856]  dump_header+0x83/0x2d0
[  324.485318][T18086] chnl_net:caif_netlink_parms(): no params data found
[  324.485890][T17856]  oom_kill_process+0x33e/0x4c0
[  324.485915][T17856]  out_of_memory+0x9af/0xbe0
[  324.506396][T17856]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  324.512482][T17856]  mem_cgroup_out_of_memory+0x13e/0x190
[  324.518061][T17856]  try_charge_memcg+0x745/0xcd0
[  324.518745][T18094] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  324.522946][T17856]  ? __alloc_pages_noprof+0x194/0x360
[  324.540637][T17856]  ? __rcu_read_unlock+0x4e/0x70
[  324.545635][T17856]  __mem_cgroup_charge+0x63/0x100
[  324.550827][T17856]  shmem_get_folio_gfp+0x480/0xb70
[  324.555974][T17856]  shmem_write_begin+0xa0/0x1c0
[  324.560836][T17856]  generic_perform_write+0x1d5/0x410
[  324.566144][T17856]  shmem_file_write_iter+0xc8/0xf0
[  324.571251][T17856]  __kernel_write_iter+0x24f/0x4e0
[  324.576475][T17856]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  324.582286][T17856]  dump_user_range+0x3a7/0x550
[  324.587144][T17856]  elf_core_dump+0x1aeb/0x1c30
[  324.591942][T17856]  ? 0xffffffffff600000
[  324.596093][T17856]  do_coredump+0xff6/0x1860
[  324.600661][T17856]  ? __rcu_read_unlock+0x4e/0x70
[  324.605674][T17856]  get_signal+0xdc1/0x1080
[  324.607940][T18094] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #16: comm syz.2.3983: corrupted xattr block 31: invalid header
[  324.610141][T17856]  arch_do_signal_or_restart+0x95/0x4b0
[  324.626767][T18102] vfat filesystem being mounted at /23/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  324.628811][T17856]  irqentry_exit_to_user_mode+0x94/0x130
[  324.644827][T17856]  irqentry_exit+0x12/0x50
[  324.648538][T18094] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  324.649243][T17856]  asm_exc_page_fault+0x26/0x30
[  324.658156][T18094] EXT4-fs error (device loop2): ext4_xattr_block_get:596: inode #16: comm syz.2.3983: corrupted xattr block 31: invalid header
[  324.662964][T17856] RIP: 0033:0xc376
[  324.662985][T17856] Code: Unable to access opcode bytes at 0xc34c.
[  324.662993][T17856] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  324.692236][T17856] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  324.700233][T17856] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  324.708206][T17856] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  324.715082][T18094] SELinux: inode_doinit_use_xattr:  getxattr returned 117 for dev=loop2 ino=16
[  324.716174][T17856] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  324.733076][T17856] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  324.735142][T18094] EXT4-fs error (device loop2): ext4_get_link:106: inode #16: comm syz.2.3983: bad symlink.
[  324.741042][T17856]  </TASK>
[  324.754297][T17856] memory: usage 307200kB, limit 307200kB, failcnt 16912
[  324.761250][T17856] memory+swap: usage 430992kB, limit 9007199254740988kB, failcnt 0
[  324.769210][T17856] kmem: usage 4900kB, limit 9007199254740988kB, failcnt 0
[  324.776773][T17856] Memory cgroup stats for /syz3:
[  324.777939][T17856] cache 307040256
[  324.786593][T17856] rss 688128
[  324.789828][T17856] shmem 306954240
[  324.793487][T17856] mapped_file 77824
[  324.797621][T17856] dirty 77824
[  324.801679][T17856] writeback 749568
[  324.805457][T17856] workingset_refault_anon 0
[  324.810778][T17856] workingset_refault_file 0
[  324.815710][T17856] swap 124461056
[  324.819247][T17856] swapcached 1585152
[  324.823138][T17856] pgpgin 420581
[  324.826627][T17856] pgpgout 345064
[  324.830153][T17856] pgfault 415713
[  324.833700][T17856] pgmajfault 10
[  324.837151][T17856] inactive_anon 3084288
[  324.841304][T17856] active_anon 304828416
[  324.845462][T17856] inactive_file 0
[  324.849150][T17856] active_file 90112
[  324.852937][T17856] unevictable 0
[  324.856447][T17856] hierarchical_memory_limit 314572800
[  324.861812][T17856] hierarchical_memsw_limit 9223372036854771712
[  324.868011][T17856] total_cache 307040256
[  324.872161][T17856] total_rss 688128
[  324.875906][T17856] total_shmem 306954240
[  324.880044][T17856] total_mapped_file 77824
[  324.884371][T17856] total_dirty 77824
[  324.888255][T17856] total_writeback 749568
[  324.892481][T17856] total_workingset_refault_anon 0
[  324.897514][T17856] total_workingset_refault_file 0
[  324.902666][T17856] total_swap 124461056
[  324.906929][T17856] total_swapcached 1585152
[  324.911377][T17856] total_pgpgin 420582
[  324.915924][T17856] total_pgpgout 345065
[  324.920609][T17856] total_pgfault 415714
[  324.924668][T17856] total_pgmajfault 10
[  324.928631][T17856] total_inactive_anon 3084288
[  324.933400][T17856] total_active_anon 304828416
[  324.938109][T17856] total_inactive_file 0
[  324.942346][T17856] total_active_file 90112
[  324.946754][T17856] total_unevictable 0
[  324.950801][T17856] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17834,uid=0
[  324.965760][T17856] Memory cgroup out of memory: Killed process 17834 (syz.3.3909) total-vm:76912kB, anon-rss:472kB, file-rss:41088kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[  324.983241][   T35] usb 9-1: enqueue for inactive port 0
[  324.989688][   T35] usb 9-1: enqueue for inactive port 0
[  324.995953][T17534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.012275][T18086] bridge0: port 1(bridge_slave_0) entered blocking state
[  325.019535][T18086] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.038242][T18086] bridge_slave_0: entered allmulticast mode
[  325.048409][T18086] bridge_slave_0: entered promiscuous mode
[  325.073391][T18086] bridge0: port 2(bridge_slave_1) entered blocking state
[  325.080510][T18086] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.092579][   T35] vhci_hcd: vhci_device speed not set
[  325.100788][T18086] bridge_slave_1: entered allmulticast mode
[  325.116479][T18086] bridge_slave_1: entered promiscuous mode
[  325.135563][T18115] loop2: detected capacity change from 0 to 1024
[  325.148181][T18115] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.175148][T18086] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  325.209644][T18086] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  325.235065][T18086] team0: Port device team_slave_0 added
[  325.242213][T17534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.257125][T18086] team0: Port device team_slave_1 added
[  325.311248][T18086] batman_adv: batadv0: Adding interface: batadv_slave_0
[  325.318503][T18086] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  325.344508][T18086] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  325.388852][ T3194] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.406485][T18086] batman_adv: batadv0: Adding interface: batadv_slave_1
[  325.413425][T18086] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  325.439389][T18086] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  325.467443][ T3194] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.508798][T18086] hsr_slave_0: entered promiscuous mode
[  325.516928][T18086] hsr_slave_1: entered promiscuous mode
[  325.528293][T18133] loop2: detected capacity change from 0 to 512
[  325.538542][ T3194] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.550156][T18133] EXT4-fs (loop2): invalid inodes per group: 8323104
[  325.550156][T18133] 
[  325.616911][T18133] loop2: detected capacity change from 0 to 2048
[  325.630058][ T3194] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.651124][T18133] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.693033][T17534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.781339][T18086] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.810565][T18145] loop2: detected capacity change from 0 to 128
[  325.822908][ T3194] bridge_slave_1: left allmulticast mode
[  325.828557][ T3194] bridge_slave_1: left promiscuous mode
[  325.834272][ T3194] bridge0: port 2(bridge_slave_1) entered disabled state
[  325.861673][T18145] vfat filesystem being mounted at /44/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  325.874802][   T29] audit: type=1326 audit(3441709380.471:2529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  325.898310][   T29] audit: type=1326 audit(3441709380.471:2530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f83464d99f7 code=0x7ffc0000
[  325.921700][   T29] audit: type=1326 audit(3441709380.471:2531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  325.964197][ T3194] bridge_slave_0: left allmulticast mode
[  325.970291][ T3194] bridge_slave_0: left promiscuous mode
[  325.975425][   T29] audit: type=1326 audit(3441709380.545:2532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  325.975902][ T3194] bridge0: port 1(bridge_slave_0) entered disabled state
[  325.999310][   T29] audit: type=1326 audit(3441709380.545:2533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  326.029841][   T29] audit: type=1326 audit(3441709380.545:2534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  326.053349][   T29] audit: type=1326 audit(3441709380.545:2535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  326.076902][   T29] audit: type=1326 audit(3441709380.545:2536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  326.100413][   T29] audit: type=1326 audit(3441709380.545:2537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  326.123973][   T29] audit: type=1326 audit(3441709380.545:2538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18144 comm="syz.2.3995" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f83464d7bd9 code=0x7ffc0000
[  326.346677][ T3194] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  326.362822][ T3194] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  326.380789][ T3194] bond0 (unregistering): Released all slaves
[  326.408133][T18121] chnl_net:caif_netlink_parms(): no params data found
[  326.477406][T18121] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.484604][T18121] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.498708][T18121] bridge_slave_0: entered allmulticast mode
[  326.513873][T18121] bridge_slave_0: entered promiscuous mode
[  326.541010][T18121] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.548100][T18121] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.570873][T18121] bridge_slave_1: entered allmulticast mode
[  326.597677][T18121] bridge_slave_1: entered promiscuous mode
[  326.611562][ T3194] hsr_slave_0: left promiscuous mode
[  326.617342][ T3194] hsr_slave_1: left promiscuous mode
[  326.627756][T17851] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  326.637649][T17851] CPU: 1 PID: 17851 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  326.647793][T17851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  326.657840][T17851] Call Trace:
[  326.661111][T17851]  <TASK>
[  326.664036][T17851]  dump_stack_lvl+0xf2/0x150
[  326.668646][T17851]  dump_stack+0x15/0x20
[  326.672809][T17851]  dump_header+0x83/0x2d0
[  326.677143][T17851]  oom_kill_process+0x33e/0x4c0
[  326.682003][T17851]  out_of_memory+0x9af/0xbe0
[  326.686607][T17851]  ? mem_cgroup_out_of_memory+0xc3/0x190
[  326.692346][T17851]  mem_cgroup_out_of_memory+0x13e/0x190
[  326.697905][T17851]  try_charge_memcg+0x745/0xcd0
[  326.702771][T17851]  ? __alloc_pages_noprof+0x194/0x360
[  326.708195][T17851]  ? __rcu_read_unlock+0x4e/0x70
[  326.713216][T17851]  __mem_cgroup_charge+0x63/0x100
[  326.718473][T17851]  shmem_get_folio_gfp+0x480/0xb70
[  326.723600][T17851]  shmem_write_begin+0xa0/0x1c0
[  326.728450][T17851]  generic_perform_write+0x1d5/0x410
[  326.733761][T17851]  shmem_file_write_iter+0xc8/0xf0
[  326.738980][T17851]  __kernel_write_iter+0x24f/0x4e0
[  326.744123][T17851]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  326.749999][T17851]  dump_user_range+0x3a7/0x550
[  326.754768][T17851]  elf_core_dump+0x1aeb/0x1c30
[  326.759533][T17851]  ? 0xffffffffff600000
[  326.763742][T17851]  do_coredump+0xff6/0x1860
[  326.768242][T17851]  ? __rcu_read_unlock+0x4e/0x70
[  326.773257][T17851]  get_signal+0xdc1/0x1080
[  326.777702][T17851]  arch_do_signal_or_restart+0x95/0x4b0
[  326.783245][T17851]  irqentry_exit_to_user_mode+0x94/0x130
[  326.788941][T17851]  irqentry_exit+0x12/0x50
[  326.793382][T17851]  asm_exc_page_fault+0x26/0x30
[  326.798281][T17851] RIP: 0033:0xc376
[  326.802048][T17851] Code: Unable to access opcode bytes at 0xc34c.
[  326.808424][T17851] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  326.814530][T17851] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  326.822493][T17851] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  326.830462][T17851] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  326.838428][T17851] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  326.846422][T17851] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  326.854460][T17851]  </TASK>
[  326.858036][T17851] memory: usage 307200kB, limit 307200kB, failcnt 18260
[  326.864980][T17851] memory+swap: usage 430432kB, limit 9007199254740988kB, failcnt 0
[  326.872972][T17851] kmem: usage 4956kB, limit 9007199254740988kB, failcnt 0
[  326.880089][T17851] Memory cgroup stats for /syz3:
[  326.880995][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  326.893425][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_0
[  326.902994][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  326.910488][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_1
[  326.926871][ T3194] veth1_macvtap: left promiscuous mode
[  326.932405][ T3194] veth0_macvtap: left promiscuous mode
[  326.938018][ T3194] veth1_vlan: left promiscuous mode
[  326.943226][ T3194] veth0_vlan: left promiscuous mode
[  326.984016][T17851] cache 306958336
[  326.987770][T17851] rss 737280
[  326.990962][T17851] shmem 306872320
[  326.994686][T17851] mapped_file 77824
[  326.998639][T17851] dirty 77824
[  327.001920][T17851] writeback 1798144
[  327.005833][T17851] workingset_refault_anon 0
[  327.010429][T17851] workingset_refault_file 125
[  327.015099][T17851] swap 126197760
[  327.018633][T17851] swapcached 1798144
[  327.022703][T17851] pgpgin 440607
[  327.026151][T17851] pgpgout 365046
[  327.029763][T17851] pgfault 416731
[  327.033454][T17851] pgmajfault 10
[  327.036920][T17851] inactive_anon 39403520
[  327.041286][T17851] active_anon 268431360
[  327.045537][T17851] inactive_file 0
[  327.049320][T17851] active_file 90112
[  327.053387][T17851] unevictable 0
[  327.056828][T17851] hierarchical_memory_limit 314572800
[  327.062180][T17851] hierarchical_memsw_limit 9223372036854771712
[  327.068487][T17851] total_cache 306958336
[  327.072630][T17851] total_rss 737280
[  327.076456][T17851] total_shmem 306872320
[  327.080603][T17851] total_mapped_file 77824
[  327.085090][T17851] total_dirty 77824
[  327.088890][T17851] total_writeback 1798144
[  327.093204][T17851] total_workingset_refault_anon 0
[  327.098328][T17851] total_workingset_refault_file 125
[  327.103579][T17851] total_swap 126197760
[  327.107794][T17851] total_swapcached 1798144
[  327.112246][T17851] total_pgpgin 440608
[  327.116215][T17851] total_pgpgout 365047
[  327.120478][T17851] total_pgfault 416732
[  327.124556][T17851] total_pgmajfault 10
[  327.128744][T17851] total_inactive_anon 39403520
[  327.133495][T17851] total_active_anon 268431360
[  327.138267][T17851] total_inactive_file 0
[  327.142575][T17851] total_active_file 90112
[  327.146892][T17851] total_unevictable 0
[  327.151028][T17851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17844,uid=0
[  327.166171][T17851] Memory cgroup out of memory: Killed process 17844 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:43744kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[  327.276249][ T3194] team0 (unregistering): Port device team_slave_1 removed
[  327.289002][ T3194] team0 (unregistering): Port device team_slave_0 removed
[  327.357872][T18184] FAULT_INJECTION: forcing a failure.
[  327.357872][T18184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  327.370965][T18184] CPU: 0 PID: 18184 Comm: syz.2.4005 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  327.381122][T18184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  327.391224][T18184] Call Trace:
[  327.394494][T18184]  <TASK>
[  327.397434][T18184]  dump_stack_lvl+0xf2/0x150
[  327.402120][T18184]  dump_stack+0x15/0x20
[  327.406355][T18184]  should_fail_ex+0x229/0x230
[  327.411023][T18184]  should_fail+0xb/0x10
[  327.415174][T18184]  should_fail_usercopy+0x1a/0x20
[  327.420195][T18184]  _copy_to_user+0x1e/0xa0
[  327.424635][T18184]  simple_read_from_buffer+0xa0/0x110
[  327.430005][T18184]  proc_fail_nth_read+0xfc/0x140
[  327.435018][T18184]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  327.440563][T18184]  vfs_read+0x1a2/0x6e0
[  327.444757][T18184]  ? __rcu_read_unlock+0x4e/0x70
[  327.449761][T18184]  ? __fget_files+0x1da/0x210
[  327.454519][T18184]  ksys_read+0xeb/0x1b0
[  327.458688][T18184]  __x64_sys_read+0x42/0x50
[  327.463203][T18184]  x64_sys_call+0x27e5/0x2d70
[  327.467889][T18184]  do_syscall_64+0xc9/0x1c0
[  327.472408][T18184]  ? clear_bhb_loop+0x55/0xb0
[  327.477096][T18184]  ? clear_bhb_loop+0x55/0xb0
[  327.481811][T18184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  327.487772][T18184] RIP: 0033:0x7f83464d66bc
[  327.492218][T18184] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  327.511917][T18184] RSP: 002b:00007f8345759040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  327.520328][T18184] RAX: ffffffffffffffda RBX: 00007f8346665f60 RCX: 00007f83464d66bc
[  327.528397][T18184] RDX: 000000000000000f RSI: 00007f83457590b0 RDI: 0000000000000006
[  327.536399][T18184] RBP: 00007f83457590a0 R08: 0000000000000000 R09: 0000000000000000
[  327.544391][T18184] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  327.552349][T18184] R13: 000000000000000b R14: 00007f8346665f60 R15: 00007ffc6b960fc8
[  327.560367][T18184]  </TASK>
[  327.573996][T18121] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.584574][T18121] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.618080][T18121] team0: Port device team_slave_0 added
[  327.629341][T18121] team0: Port device team_slave_1 added
[  327.669892][T18121] batman_adv: batadv0: Adding interface: batadv_slave_0
[  327.676874][T18121] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.702896][T18121] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.714606][T18121] batman_adv: batadv0: Adding interface: batadv_slave_1
[  327.714617][T18121] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.714644][T18121] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  327.780532][T18121] hsr_slave_0: entered promiscuous mode
[  327.781056][T18121] hsr_slave_1: entered promiscuous mode
[  327.781450][T18121] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  327.781462][T18121] Cannot create hsr debugfs directory
[  327.818965][T18196] loop4: detected capacity change from 0 to 128
[  327.819491][T18196] vfat filesystem being mounted at /31/bus supports timestamps until 2107-12-31 (0x10391447e)
[  327.913878][T18203] loop2: detected capacity change from 0 to 512
[  327.944914][T18086] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  327.970429][T17852] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  327.980277][T17852] CPU: 0 PID: 17852 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  327.990419][T17852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  328.000500][T17852] Call Trace:
[  328.003772][T17852]  <TASK>
[  328.006689][T17852]  dump_stack_lvl+0xf2/0x150
[  328.011331][T17852]  dump_stack+0x15/0x20
[  328.015535][T17852]  dump_header+0x83/0x2d0
[  328.019862][T17852]  oom_kill_process+0x33e/0x4c0
[  328.024714][T17852]  out_of_memory+0x9af/0xbe0
[  328.029374][T17852]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  328.035453][T17852]  mem_cgroup_out_of_memory+0x13e/0x190
[  328.041093][T17852]  try_charge_memcg+0x745/0xcd0
[  328.046004][T17852]  ? __alloc_pages_noprof+0x194/0x360
[  328.051370][T17852]  ? __rcu_read_unlock+0x4e/0x70
[  328.056309][T17852]  __mem_cgroup_charge+0x63/0x100
[  328.061370][T17852]  shmem_get_folio_gfp+0x480/0xb70
[  328.066508][T17852]  shmem_write_begin+0xa0/0x1c0
[  328.071366][T17852]  generic_perform_write+0x1d5/0x410
[  328.076657][T17852]  shmem_file_write_iter+0xc8/0xf0
[  328.081830][T17852]  __kernel_write_iter+0x24f/0x4e0
[  328.086947][T17852]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  328.092758][T17852]  dump_user_range+0x3a7/0x550
[  328.097547][T17852]  elf_core_dump+0x1aeb/0x1c30
[  328.102321][T17852]  ? 0xffffffffff600000
[  328.106473][T17852]  do_coredump+0xff6/0x1860
[  328.111018][T17852]  ? __rcu_read_unlock+0x4e/0x70
[  328.115985][T17852]  get_signal+0xdc1/0x1080
[  328.120407][T17852]  arch_do_signal_or_restart+0x95/0x4b0
[  328.126784][T17852]  irqentry_exit_to_user_mode+0x94/0x130
[  328.132428][T17852]  irqentry_exit+0x12/0x50
[  328.136920][T17852]  asm_exc_page_fault+0x26/0x30
[  328.141773][T17852] RIP: 0033:0xc376
[  328.145503][T17852] Code: Unable to access opcode bytes at 0xc34c.
[  328.151879][T17852] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  328.157954][T17852] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  328.165979][T17852] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  328.174024][T17852] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  328.182025][T17852] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  328.189989][T17852] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  328.197962][T17852]  </TASK>
[  328.201051][T17852] memory: usage 306872kB, limit 307200kB, failcnt 19921
[  328.207977][T17852] memory+swap: usage 430636kB, limit 9007199254740988kB, failcnt 0
[  328.215885][T17852] kmem: usage 4828kB, limit 9007199254740988kB, failcnt 0
[  328.223095][T17852] Memory cgroup stats for /syz3:
[  328.224245][T17852] cache 306950144
[  328.232805][T17852] rss 806912
[  328.235988][T17852] shmem 306864128
[  328.239616][T17852] mapped_file 77824
[  328.243415][T17852] dirty 77824
[  328.246804][T17852] writeback 1781760
[  328.250607][T17852] workingset_refault_anon 0
[  328.255196][T17852] workingset_refault_file 140
[  328.259858][T17852] swap 125444096
[  328.263390][T17852] swapcached 1867776
[  328.267380][T17852] pgpgin 442133
[  328.270834][T17852] pgpgout 366540
[  328.274405][T17852] pgfault 416861
[  328.278013][T17852] pgmajfault 10
[  328.281465][T17852] inactive_anon 134959104
[  328.285811][T17852] active_anon 171958272
[  328.289969][T17852] inactive_file 0
[  328.293598][T17852] active_file 90112
[  328.297522][T17852] unevictable 0
[  328.300991][T17852] hierarchical_memory_limit 314572800
[  328.306441][T17852] hierarchical_memsw_limit 9223372036854771712
[  328.312702][T17852] total_cache 306950144
[  328.316906][T17852] total_rss 806912
[  328.320630][T17852] total_shmem 306864128
[  328.323258][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x7
[  328.324794][T17852] total_mapped_file 77824
[  328.332197][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.336471][T17852] total_dirty 77824
[  328.343836][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.347607][T17852] total_writeback 1781760
[  328.355014][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.359275][T17852] total_workingset_refault_anon 0
[  328.359283][T17852] total_workingset_refault_file 140
[  328.359290][T17852] total_swap 125444096
[  328.359295][T17852] total_swapcached 1867776
[  328.366672][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.366695][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.366715][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.366737][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.371714][T17852] total_pgpgin 442134
[  328.376904][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.380930][T17852] total_pgpgout 366541
[  328.385334][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.392659][T17852] total_pgfault 416862
[  328.400085][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.407361][T17852] total_pgmajfault 10
[  328.407369][T17852] total_inactive_anon 134959104
[  328.414710][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.418665][T17852] total_active_anon 171958272
[  328.426032][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.430133][T17852] total_inactive_file 0
[  328.430140][T17852] total_active_file 90112
[  328.430147][T17852] total_unevictable 0
[  328.437502][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.441548][T17852] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  328.448899][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.452849][T17852] ,cpuset=syz3,mems_allowed=0
[  328.457700][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.465042][T17852] ,oom_memcg=
[  328.469698][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.477041][T17852] /syz3
[  328.481169][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.481189][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.481208][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.485578][T17852] ,task_memcg=
[  328.489485][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.496832][T17852] /syz3
[  328.503713][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.511046][T17852] ,task=syz.3.3909,pid=17852,uid=0
[  328.515691][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.523040][T17852] Memory cgroup out of memory: Killed process 17852 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:41088kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[  328.526399][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.623614][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.631838][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.639504][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.646888][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.654265][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.661693][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.669081][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.676477][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.683874][   T35] hid-generic 0000:0000:0000.0001: unknown main item tag 0x0
[  328.693970][   T35] hid-generic 0000:0000:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  328.801602][T18086] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.857054][T18086] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.913010][ T3194] bridge_slave_1: left allmulticast mode
[  328.919009][ T3194] bridge_slave_1: left promiscuous mode
[  328.924701][ T3194] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.938243][T18224] loop4: detected capacity change from 0 to 256
[  328.947133][ T3194] bridge_slave_0: left allmulticast mode
[  328.952859][ T3194] bridge_slave_0: left promiscuous mode
[  328.958612][ T3194] bridge0: port 1(bridge_slave_0) entered disabled state
[  328.970789][T18224] msdos filesystem being mounted at /35/file1 supports timestamps until 2108-01-01 (0x103928a0a)
[  328.995429][ T3194] bridge_slave_1: left allmulticast mode
[  329.001073][ T3194] bridge_slave_1: left promiscuous mode
[  329.006804][ T3194] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.021053][T18224] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  329.045605][ T3194] bridge_slave_0: left allmulticast mode
[  329.051254][ T3194] bridge_slave_0: left promiscuous mode
[  329.056975][ T3194] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.175872][T18237] loop4: detected capacity change from 0 to 256
[  329.188606][T18237] FAT-fs (loop4): Unrecognized mount option "sho" or missing value
[  329.265922][T18239] 9pnet_fd: Insufficient options for proto=fd
[  329.309733][T18241] loop4: detected capacity change from 0 to 1024
[  329.330902][T18241] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.361923][ T3194] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.382775][ T3194] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.404994][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.422488][ T3194] bond0 (unregistering): Released all slaves
[  329.443723][ T3194] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  329.459092][ T3194] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  329.484275][ T3194] bond0 (unregistering): Released all slaves
[  329.505733][T18251] loop4: detected capacity change from 0 to 1024
[  329.514291][T18228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4013'.
[  329.516722][T17856] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  329.532976][T17856] CPU: 1 PID: 17856 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  329.543167][T17856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  329.553220][T17856] Call Trace:
[  329.556489][T17856]  <TASK>
[  329.559591][T17856]  dump_stack_lvl+0xf2/0x150
[  329.564316][T17856]  dump_stack+0x15/0x20
[  329.568540][T17856]  dump_header+0x83/0x2d0
[  329.572926][T17856]  oom_kill_process+0x33e/0x4c0
[  329.577930][T17856]  out_of_memory+0x9af/0xbe0
[  329.582521][T17856]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  329.588599][T17856]  mem_cgroup_out_of_memory+0x13e/0x190
[  329.594234][T17856]  try_charge_memcg+0x745/0xcd0
[  329.599087][T17856]  ? __alloc_pages_noprof+0x194/0x360
[  329.604539][T17856]  ? __rcu_read_unlock+0x4e/0x70
[  329.609486][T17856]  __mem_cgroup_charge+0x63/0x100
[  329.614555][T17856]  shmem_get_folio_gfp+0x480/0xb70
[  329.619735][T17856]  shmem_write_begin+0xa0/0x1c0
[  329.624705][T17856]  generic_perform_write+0x1d5/0x410
[  329.629996][T17856]  shmem_file_write_iter+0xc8/0xf0
[  329.635297][T17856]  __kernel_write_iter+0x24f/0x4e0
[  329.640529][T17856]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  329.646346][T17856]  dump_user_range+0x3a7/0x550
[  329.651170][T17856]  elf_core_dump+0x1aeb/0x1c30
[  329.655992][T17856]  ? 0xffffffffff600000
[  329.660146][T17856]  do_coredump+0xff6/0x1860
[  329.664650][T17856]  ? __rcu_read_unlock+0x4e/0x70
[  329.669597][T17856]  get_signal+0xdc1/0x1080
[  329.674054][T17856]  arch_do_signal_or_restart+0x95/0x4b0
[  329.679612][T17856]  irqentry_exit_to_user_mode+0x94/0x130
[  329.685290][T17856]  irqentry_exit+0x12/0x50
[  329.689786][T17856]  asm_exc_page_fault+0x26/0x30
[  329.694706][T17856] RIP: 0033:0xc376
[  329.698422][T17856] Code: Unable to access opcode bytes at 0xc34c.
[  329.704810][T17856] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  329.710874][T17856] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  329.718846][T17856] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  329.726875][T17856] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  329.728913][T18251] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.734838][T17856] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  329.734853][T17856] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  329.762763][T17856]  </TASK>
[  329.766083][T17856] memory: usage 306092kB, limit 307200kB, failcnt 20517
[  329.775341][T17856] memory+swap: usage 428560kB, limit 9007199254740988kB, failcnt 0
[  329.783283][T17856] kmem: usage 4820kB, limit 9007199254740988kB, failcnt 0
[  329.790398][T17856] Memory cgroup stats for /syz3:
[  329.809360][T17856] cache 307945472
[  329.818095][T17856] rss 626688
[  329.821318][T17856] shmem 307855360
[  329.824971][T17856] mapped_file 77824
[  329.828822][T17856] dirty 77824
[  329.832112][T17856] writeback 1019904
[  329.835930][T17856] workingset_refault_anon 12
[  329.840500][T17856] workingset_refault_file 476
[  329.845159][T17856] swap 126939136
[  329.848752][T17856] swapcached 1056768
[  329.852646][T17856] pgpgin 460891
[  329.856094][T17856] pgpgout 385298
[  329.859646][T17856] pgfault 418093
[  329.863239][T17856] pgmajfault 21
[  329.866693][T17856] inactive_anon 272384000
[  329.871043][T17856] active_anon 35577856
[  329.875102][T17856] inactive_file 77824
[  329.879092][T17856] active_file 12288
[  329.882915][T17856] unevictable 0
[  329.886363][T17856] hierarchical_memory_limit 314572800
[  329.891741][T17856] hierarchical_memsw_limit 9223372036854771712
[  329.897929][T17856] total_cache 307945472
[  329.902091][T17856] total_rss 626688
[  329.905792][T17856] total_shmem 307855360
[  329.910006][T17856] total_mapped_file 77824
[  329.914381][T17856] total_dirty 77824
[  329.918167][T17856] total_writeback 1019904
[  329.922699][T17856] total_workingset_refault_anon 12
[  329.927942][T17856] total_workingset_refault_file 476
[  329.933291][T17856] total_swap 126939136
[  329.937351][T17856] total_swapcached 1056768
[  329.941830][T17856] total_pgpgin 460892
[  329.945836][T17856] total_pgpgout 385299
[  329.949921][T17856] total_pgfault 418094
[  329.953981][T17856] total_pgmajfault 21
[  329.958960][T17856] total_inactive_anon 272384000
[  329.963831][T17856] total_active_anon 35577856
[  329.968769][T17856] total_inactive_file 77824
[  329.973264][T17856] total_active_file 12288
[  329.977667][T17856] total_unevictable 0
[  329.981654][T17856] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17856,uid=0
[  329.996703][T17856] Memory cgroup out of memory: Killed process 17856 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:41088kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[  330.021779][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.044602][T18255] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4029'.
[  330.142199][ T3194] hsr_slave_0: left promiscuous mode
[  330.148355][ T3194] hsr_slave_1: left promiscuous mode
[  330.154548][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.161997][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.169602][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.177016][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.187309][ T3194] hsr_slave_0: left promiscuous mode
[  330.204019][ T3194] hsr_slave_1: left promiscuous mode
[  330.209795][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.217212][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.224677][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.232164][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_1
[  330.251092][ T3194] veth1_macvtap: left promiscuous mode
[  330.256610][ T3194] veth0_macvtap: left promiscuous mode
[  330.262124][ T3194] veth1_vlan: left promiscuous mode
[  330.267343][ T3194] veth0_vlan: left promiscuous mode
[  330.280893][ T3194] veth1_macvtap: left promiscuous mode
[  330.286361][ T3194] veth0_macvtap: left promiscuous mode
[  330.292017][ T3194] veth1_vlan: left promiscuous mode
[  330.297357][ T3194] veth0_vlan: left promiscuous mode
[  330.455500][ T3194] team0 (unregistering): Port device team_slave_1 removed
[  330.476313][ T3194] team0 (unregistering): Port device team_slave_0 removed
[  330.553016][ T3194] team0 (unregistering): Port device team_slave_1 removed
[  330.576680][ T3194] team0 (unregistering): Port device team_slave_0 removed
[  330.715941][T18284] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4039'.
[  330.724873][T18284] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4039'.
[  330.787501][T18287] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4040'.
[  330.805391][T18121] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  330.825243][T18121] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  330.856674][T18121] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  330.877049][T18121] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  330.893470][T18086] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  330.909093][T18086] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  330.915926][T18297] FAULT_INJECTION: forcing a failure.
[  330.915926][T18297] name failslab, interval 1, probability 0, space 0, times 0
[  330.928664][T18297] CPU: 0 PID: 18297 Comm: syz.4.4044 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  330.938856][T18297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  330.948910][T18297] Call Trace:
[  330.949292][T18121] 8021q: adding VLAN 0 to HW filter on device bond0
[  330.952174][T18297]  <TASK>
[  330.952182][T18297]  dump_stack_lvl+0xf2/0x150
[  330.966428][T18297]  dump_stack+0x15/0x20
[  330.970259][T18121] 8021q: adding VLAN 0 to HW filter on device team0
[  330.970622][T18297]  should_fail_ex+0x229/0x230
[  330.979961][T17864] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  330.981856][T18297]  ? ipv6_flowlabel_opt+0x702/0x11e0
[  330.996968][T18297]  __should_failslab+0x92/0xa0
[  331.001743][T18297]  should_failslab+0x9/0x20
[  331.006364][T18297]  kmalloc_trace_noprof+0x4b/0x2a0
[  331.011469][T18297]  ipv6_flowlabel_opt+0x702/0x11e0
[  331.016568][T18297]  ? mntput_no_expire+0x70/0x3c0
[  331.021506][T18297]  ? mntput+0x49/0x70
[  331.025618][T18297]  ? _raw_spin_unlock_bh+0x36/0x40
[  331.030802][T18297]  ? lock_sock_nested+0x10f/0x140
[  331.035816][T18297]  ? should_fail_ex+0xd7/0x230
[  331.040567][T18297]  do_ipv6_setsockopt+0xc33/0x2250
[  331.045773][T18297]  ? avc_has_perm_noaudit+0x1cc/0x210
[  331.051138][T18297]  ? selinux_netlbl_socket_setsockopt+0xd0/0x2c0
[  331.057506][T18297]  ipv6_setsockopt+0x57/0x140
[  331.062259][T18297]  rawv6_setsockopt+0x21e/0x410
[  331.067103][T18297]  sock_common_setsockopt+0x64/0x80
[  331.072356][T18297]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  331.078238][T18297]  __sys_setsockopt+0x1d8/0x250
[  331.083079][T18297]  __x64_sys_setsockopt+0x66/0x80
[  331.088144][T18297]  x64_sys_call+0x1183/0x2d70
[  331.092872][T18297]  do_syscall_64+0xc9/0x1c0
[  331.097385][T18297]  ? clear_bhb_loop+0x55/0xb0
[  331.102198][T18297]  ? clear_bhb_loop+0x55/0xb0
[  331.106867][T18297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.112752][T18297] RIP: 0033:0x7fd128851bd9
[  331.117205][T18297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  331.136875][T18297] RSP: 002b:00007fd127ad3048 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  331.145344][T18297] RAX: ffffffffffffffda RBX: 00007fd1289dff60 RCX: 00007fd128851bd9
[  331.153370][T18297] RDX: 0000000000000020 RSI: 0000000000000029 RDI: 0000000000000003
[  331.161384][T18297] RBP: 00007fd127ad30a0 R08: 000000000000009e R09: 0000000000000000
[  331.169348][T18297] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001
[  331.177303][T18297] R13: 000000000000000b R14: 00007fd1289dff60 R15: 00007ffdb8cc0658
[  331.185261][T18297]  </TASK>
[  331.188263][T17864] CPU: 1 PID: 17864 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  331.198480][T17864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  331.208595][T17864] Call Trace:
[  331.211878][T17864]  <TASK>
[  331.214910][T17864]  dump_stack_lvl+0xf2/0x150
[  331.219546][T17864]  dump_stack+0x15/0x20
[  331.223718][T17864]  dump_header+0x83/0x2d0
[  331.228062][T17864]  oom_kill_process+0x33e/0x4c0
[  331.232967][T17864]  out_of_memory+0x9af/0xbe0
[  331.237556][T17864]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  331.243719][T17864]  mem_cgroup_out_of_memory+0x13e/0x190
[  331.249352][T17864]  try_charge_memcg+0x745/0xcd0
[  331.254211][T17864]  ? __alloc_pages_noprof+0x194/0x360
[  331.259629][T17864]  ? __rcu_read_unlock+0x4e/0x70
[  331.264576][T17864]  __mem_cgroup_charge+0x63/0x100
[  331.269665][T17864]  shmem_get_folio_gfp+0x480/0xb70
[  331.274779][T17864]  shmem_write_begin+0xa0/0x1c0
[  331.279630][T17864]  generic_perform_write+0x1d5/0x410
[  331.284947][T17864]  shmem_file_write_iter+0xc8/0xf0
[  331.290141][T17864]  __kernel_write_iter+0x24f/0x4e0
[  331.295302][T17864]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  331.301139][T17864]  dump_user_range+0x3a7/0x550
[  331.305962][T17864]  elf_core_dump+0x1aeb/0x1c30
[  331.309520][T18086] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  331.310803][T17864]  ? 0xffffffffff600000
[  331.310823][T17864]  do_coredump+0xff6/0x1860
[  331.310842][T17864]  ? __rcu_read_unlock+0x4e/0x70
[  331.331104][T17864]  get_signal+0xdc1/0x1080
[  331.335548][T17864]  arch_do_signal_or_restart+0x95/0x4b0
[  331.341157][T17864]  irqentry_exit_to_user_mode+0x94/0x130
[  331.346802][T17864]  irqentry_exit+0x12/0x50
[  331.351235][T17864]  asm_exc_page_fault+0x26/0x30
[  331.356158][T17864] RIP: 0033:0xc376
[  331.359924][T17864] Code: Unable to access opcode bytes at 0xc34c.
[  331.366238][T17864] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  331.372375][T17864] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  331.380461][T17864] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  331.388425][T17864] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  331.396393][T17864] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  331.404466][T17864] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  331.412434][T17864]  </TASK>
[  331.415923][T17864] memory: usage 302380kB, limit 307200kB, failcnt 22401
[  331.417520][T18086] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  331.424683][T17864] memory+swap: usage 423304kB, limit 9007199254740988kB, failcnt 0
[  331.437440][T17864] kmem: usage 4436kB, limit 9007199254740988kB, failcnt 0
[  331.444618][T17864] Memory cgroup stats for /syz3:
[  331.446155][T17864] cache 301625344
[  331.454726][T17864] rss 450560
[  331.457908][T17864] shmem 301281280
[  331.461580][T17864] mapped_file 77824
[  331.462547][T18307] xt_CT: You must specify a L4 protocol and not use inversions on it
[  331.465376][T17864] dirty 77824
[  331.465384][T17864] writeback 1593344
[  331.465391][T17864] workingset_refault_anon 12
[  331.485645][T17864] workingset_refault_file 539
[  331.490309][T17864] swap 125145088
[  331.494422][T17864] swapcached 1871872
[  331.498342][T17864] pgpgin 463890
[  331.501868][T17864] pgpgout 389684
[  331.505601][T17864] pgfault 418297
[  331.509155][T17864] pgmajfault 21
[  331.512694][T17864] inactive_anon 246480896
[  331.517185][T17864] active_anon 55767040
[  331.521243][T17864] inactive_file 0
[  331.524932][T17864] active_file 348160
[  331.528810][T17864] unevictable 0
[  331.532257][T17864] hierarchical_memory_limit 314572800
[  331.537707][T17864] hierarchical_memsw_limit 9223372036854771712
[  331.543853][T17864] total_cache 301625344
[  331.548075][T17864] total_rss 450560
[  331.551775][T17864] total_shmem 301281280
[  331.555921][T17864] total_mapped_file 77824
[  331.560293][T17864] total_dirty 77824
[  331.564083][T17864] total_writeback 1593344
[  331.568454][T17864] total_workingset_refault_anon 12
[  331.573553][T17864] total_workingset_refault_file 539
[  331.578870][T17864] total_swap 125145088
[  331.582957][T17864] total_swapcached 1871872
[  331.587356][T17864] total_pgpgin 463891
[  331.591474][T17864] total_pgpgout 389685
[  331.595529][T17864] total_pgfault 418298
[  331.599667][T17864] total_pgmajfault 21
[  331.604978][T17864] total_inactive_anon 246480896
[  331.609858][T17864] total_active_anon 55767040
[  331.614447][T17864] total_inactive_file 0
[  331.618584][T17864] total_active_file 348160
[  331.623113][T17864] total_unevictable 0
[  331.627084][T17864] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17854,uid=0
[  331.642629][T17864] Memory cgroup out of memory: Killed process 17854 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:41088kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[  331.687001][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.694091][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.727780][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.734883][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.771958][T18121] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  331.819744][T18315] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4050'.
[  331.844009][T18086] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.845708][T18310] loop4: detected capacity change from 0 to 8192
[  331.873095][T18086] 8021q: adding VLAN 0 to HW filter on device team0
[  331.902908][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.909988][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.926004][T18310]  loop4: p1 p2 p3 p4
[  331.930094][T18310] loop4: p1 size 108922248 extends beyond EOD, truncated
[  331.937934][T18310] loop4: p2 start 861536256 is beyond EOD, truncated
[  331.938294][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.944602][T18310] loop4: p3 start 4286644224 is beyond EOD, truncated
[  331.944618][T18310] loop4: p4 start 4194304 is beyond EOD, 
[  331.951648][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.971441][T18310] truncated
[  331.980297][T18121] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.123296][T18086] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.131397][T18341] loop4: detected capacity change from 0 to 128
[  332.171068][   T29] kauditd_printk_skb: 35 callbacks suppressed
[  332.171080][   T29] audit: type=1400 audit(3441709386.280:2574): avc:  denied  { remount } for  pid=18340 comm="syz.4.4054" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  332.197383][T18341] msdos filesystem being remounted at /56/file1 supports timestamps until 2107-12-31 (0x10391447e)
[  332.257121][T18121] veth0_vlan: entered promiscuous mode
[  332.299539][T18086] veth0_vlan: entered promiscuous mode
[  332.316075][T18121] veth1_vlan: entered promiscuous mode
[  332.325348][T18086] veth1_vlan: entered promiscuous mode
[  332.341941][T18355] loop2: detected capacity change from 0 to 128
[  332.349564][T18358] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4060'.
[  332.359639][T18355] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (39871!=39978)
[  332.374513][T18086] veth0_macvtap: entered promiscuous mode
[  332.382908][T18355] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  332.396631][T18086] veth1_macvtap: entered promiscuous mode
[  332.401597][T18355] netlink: 104 bytes leftover after parsing attributes in process `syz.2.4059'.
[  332.417258][T18363] loop4: detected capacity change from 0 to 256
[  332.425571][T17534] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  332.436360][T18121] veth0_macvtap: entered promiscuous mode
[  332.443510][T18121] veth1_macvtap: entered promiscuous mode
[  332.462088][T18363] FAT-fs (loop4): Directory bread(block 64) failed
[  332.481434][T18121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.492042][T18121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.499313][T18363] FAT-fs (loop4): Directory bread(block 65) failed
[  332.501991][T18121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.509304][T18363] FAT-fs (loop4): Directory bread(block 66) failed
[  332.518855][T18121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.518870][T18121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.543547][T18363] FAT-fs (loop4): Directory bread(block 67) failed
[  332.545626][T18121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.552103][T18363] FAT-fs (loop4): Directory bread(block 68) failed
[  332.563773][T18121] batman_adv: batadv0: Interface activated: batadv_slave_0
[  332.582728][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.593235][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.597998][T18363] FAT-fs (loop4): Directory bread(block 69) failed
[  332.603091][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.620186][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.630051][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.640620][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.645794][T18363] FAT-fs (loop4): Directory bread(block 70) failed
[  332.650471][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  332.667437][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.678755][T18363] FAT-fs (loop4): Directory bread(block 71) failed
[  332.689737][T18363] FAT-fs (loop4): Directory bread(block 72) failed
[  332.695122][T18086] batman_adv: batadv0: Interface activated: batadv_slave_0
[  332.706660][T18121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.717127][T18121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.727387][T18121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.738161][T18121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.747985][T18121] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.758412][T18121] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.770100][T18363] FAT-fs (loop4): Directory bread(block 73) failed
[  332.787184][T18363] vfat filesystem being mounted at /59/bus supports timestamps until 2107-12-31 (0x10391447e)
[  332.814524][T18121] batman_adv: batadv0: Interface activated: batadv_slave_1
[  332.822483][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.833001][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.842886][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.853317][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.863166][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.873958][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.883798][T18086] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  332.894399][T18086] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  332.908291][T18086] batman_adv: batadv0: Interface activated: batadv_slave_1
[  332.922869][T18121] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.931623][T18121] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  332.940432][T18121] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  332.949165][T18121] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.986455][T18363] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  332.987122][T18086] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.992958][T18363] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  333.001629][T18086] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  333.009264][T18363] vhci_hcd vhci_hcd.0: Device attached
[  333.017723][T18086] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  333.017754][T18086] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  333.042299][T18385] vhci_hcd: connection closed
[  333.053040][   T11] vhci_hcd: stop threads
[  333.061951][   T11] vhci_hcd: release socket
[  333.066374][   T11] vhci_hcd: disconnect device
[  333.104370][T18391] team0: Device ipvlan2 is already an upper device of the team interface
[  333.123818][T18394] netlink: 'syz.0.3989': attribute type 4 has an invalid length.
[  333.130689][T18396] loop1: detected capacity change from 0 to 512
[  333.149228][T18396] EXT4-fs: Ignoring removed i_version option
[  333.155288][T18396] EXT4-fs: Ignoring removed nobh option
[  333.171094][T18396] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  333.183866][T18398] loop0: detected capacity change from 0 to 512
[  333.193460][T18396] EXT4-fs (loop1): 1 truncate cleaned up
[  333.199499][T18396] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  333.216839][T18396] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3982'.
[  333.228834][T18398] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  333.256746][T18398] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  333.266002][T18398] System zones: 1-12
[  333.274032][T18398] EXT4-fs (loop0): 1 truncate cleaned up
[  333.281664][T18398] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  333.300600][T18086] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.310195][T18121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.365280][T18402] loop1: detected capacity change from 0 to 256
[  333.371960][T18402] FAT-fs (loop1): Unrecognized mount option "" or missing value
[  333.393972][T17860] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  333.403844][T17860] CPU: 1 PID: 17860 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  333.414048][T17860] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  333.424185][T17860] Call Trace:
[  333.427450][T17860]  <TASK>
[  333.430372][T17860]  dump_stack_lvl+0xf2/0x150
[  333.434984][T17860]  dump_stack+0x15/0x20
[  333.439142][T17860]  dump_header+0x83/0x2d0
[  333.443469][T17860]  oom_kill_process+0x33e/0x4c0
[  333.448321][T17860]  out_of_memory+0x9af/0xbe0
[  333.452910][T17860]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  333.458976][T17860]  mem_cgroup_out_of_memory+0x13e/0x190
[  333.464579][T17860]  try_charge_memcg+0x745/0xcd0
[  333.469490][T17860]  ? __alloc_pages_noprof+0x194/0x360
[  333.474867][T17860]  ? __rcu_read_unlock+0x4e/0x70
[  333.479839][T17860]  __mem_cgroup_charge+0x63/0x100
[  333.484887][T17860]  shmem_get_folio_gfp+0x480/0xb70
[  333.490052][T17860]  shmem_write_begin+0xa0/0x1c0
[  333.494941][T17860]  generic_perform_write+0x1d5/0x410
[  333.500285][T17860]  shmem_file_write_iter+0xc8/0xf0
[  333.505404][T17860]  __kernel_write_iter+0x24f/0x4e0
[  333.510570][T17860]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  333.513825][T18406] loop0: detected capacity change from 0 to 256
[  333.516375][T17860]  dump_user_range+0x3a7/0x550
[  333.527359][T17860]  elf_core_dump+0x1aeb/0x1c30
[  333.532156][T17860]  ? 0xffffffffff600000
[  333.536347][T17860]  do_coredump+0xff6/0x1860
[  333.540884][T17860]  ? __rcu_read_unlock+0x4e/0x70
[  333.545873][T17860]  get_signal+0xdc1/0x1080
[  333.550352][T17860]  arch_do_signal_or_restart+0x95/0x4b0
[  333.555911][T17860]  irqentry_exit_to_user_mode+0x94/0x130
[  333.561544][T17860]  irqentry_exit+0x12/0x50
[  333.565977][T17860]  asm_exc_page_fault+0x26/0x30
[  333.570890][T17860] RIP: 0033:0xc376
[  333.574621][T17860] Code: Unable to access opcode bytes at 0xc34c.
[  333.580966][T17860] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  333.587019][T17860] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  333.594974][T17860] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  333.602973][T17860] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  333.610979][T17860] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  333.618939][T17860] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  333.626969][T17860]  </TASK>
[  333.630303][T17860] memory: usage 307200kB, limit 307200kB, failcnt 23689
[  333.637362][T17860] memory+swap: usage 430368kB, limit 9007199254740988kB, failcnt 0
[  333.645435][T17860] kmem: usage 4488kB, limit 9007199254740988kB, failcnt 0
[  333.647777][T18406] vfat filesystem being mounted at /3/file0 supports timestamps until 2107-12-31 (0x103901ffe)
[  333.652621][T17860] Memory cgroup stats for /syz3:
[  333.669592][   T29] audit: type=1400 audit(3441709387.665:2575): avc:  denied  { write } for  pid=18405 comm="syz.0.4072" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[  333.720377][T17860] cache 307798016
[  333.723375][T18408] netlink: 104 bytes leftover after parsing attributes in process `syz.1.4074'.
[  333.724063][T17860] rss 577536
[  333.736347][T17860] shmem 307707904
[  333.739972][T17860] mapped_file 1200128
[  333.743935][T17860] dirty 77824
[  333.747247][T17860] writeback 1576960
[  333.751041][T17860] workingset_refault_anon 12
[  333.755707][T17860] workingset_refault_file 1895
[  333.760528][T17860] swap 126394368
[  333.764061][T17860] swapcached 1601536
[  333.768177][T17860] pgpgin 482366
[  333.771753][T17860] pgpgout 406688
[  333.775311][T17860] pgfault 419620
[  333.778875][T17860] pgmajfault 29
[  333.782442][T17860] inactive_anon 290926592
[  333.786902][T17860] active_anon 18690048
[  333.791004][T17860] inactive_file 77824
[  333.794982][T17860] active_file 16384
[  333.798807][T17860] unevictable 0
[  333.802280][T17860] hierarchical_memory_limit 314572800
[  333.807791][T17860] hierarchical_memsw_limit 9223372036854771712
[  333.811572][T18417] loop1: detected capacity change from 0 to 512
[  333.814023][T17860] total_cache 307798016
[  333.824482][T17860] total_rss 577536
[  333.828253][T17860] total_shmem 307707904
[  333.832415][T17860] total_mapped_file 1200128
[  333.836976][T17860] total_dirty 77824
[  333.840820][T17860] total_writeback 1576960
[  333.845265][T17860] total_workingset_refault_anon 12
[  333.850365][T17860] total_workingset_refault_file 1895
[  333.855718][T17860] total_swap 126394368
[  333.859827][T17860] total_swapcached 1601536
[  333.864305][T17860] total_pgpgin 482367
[  333.868272][T17860] total_pgpgout 406689
[  333.872359][T17860] total_pgfault 419621
[  333.876486][T17860] total_pgmajfault 29
[  333.880459][T17860] total_inactive_anon 290926592
[  333.885336][T17860] total_active_anon 18690048
[  333.889963][T17860] total_inactive_file 77824
[  333.894473][T17860] total_active_file 16384
[  333.898818][T17860] total_unevictable 0
[  333.902786][T17860] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17845,uid=0
[  333.917842][T17860] Memory cgroup out of memory: Killed process 17845 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:41440kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[  333.941887][T18417] EXT4-fs error (device loop1): mb_free_blocks:1948: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  334.005545][T18417] EXT4-fs (loop1): Remounting filesystem read-only
[  334.037162][T18417] EXT4-fs (loop1): 1 truncate cleaned up
[  334.060969][T18417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.079743][T18430] loop2: detected capacity change from 0 to 512
[  334.114081][T18417] SELinux: (dev loop1, type ext4) getxattr errno 5
[  334.123278][T18430] EXT4-fs: Ignoring removed i_version option
[  334.129343][T18430] EXT4-fs: Ignoring removed nobh option
[  334.146590][T18417] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.155106][T18430] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  334.190342][T18430] EXT4-fs (loop2): 1 truncate cleaned up
[  334.198812][T18430] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.232713][T18417] loop1: detected capacity change from 0 to 512
[  334.304535][T17534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.408737][T18438] loop2: detected capacity change from 0 to 256
[  334.445475][T18438] FAT-fs (loop2): Directory bread(block 64) failed
[  334.460926][T18438] FAT-fs (loop2): Directory bread(block 65) failed
[  334.479562][T18438] FAT-fs (loop2): Directory bread(block 66) failed
[  334.495039][T18438] FAT-fs (loop2): Directory bread(block 67) failed
[  334.510096][T18438] FAT-fs (loop2): Directory bread(block 68) failed
[  334.525446][T18438] FAT-fs (loop2): Directory bread(block 69) failed
[  334.533476][T17851] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  334.539500][T18438] FAT-fs (loop2): Directory bread(block 70) failed
[  334.543400][T17851] CPU: 0 PID: 17851 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  334.559991][T17851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  334.563512][T18438] FAT-fs (loop2): Directory bread(block 71) failed
[  334.570117][T17851] Call Trace:
[  334.570124][T17851]  <TASK>
[  334.570131][T17851]  dump_stack_lvl+0xf2/0x150
[  334.587435][T17851]  dump_stack+0x15/0x20
[  334.590014][T18438] FAT-fs (loop2): Directory bread(block 72) failed
[  334.591681][T17851]  dump_header+0x83/0x2d0
[  334.600571][T18438] FAT-fs (loop2): Directory bread(block 73) failed
[  334.602456][T17851]  oom_kill_process+0x33e/0x4c0
[  334.613821][T17851]  out_of_memory+0x9af/0xbe0
[  334.618404][T17851]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  334.624483][T17851]  mem_cgroup_out_of_memory+0x13e/0x190
[  334.630065][T17851]  try_charge_memcg+0x745/0xcd0
[  334.634935][T17851]  ? __alloc_pages_noprof+0x194/0x360
[  334.640351][T17851]  ? __rcu_read_unlock+0x4e/0x70
[  334.645291][T17851]  __mem_cgroup_charge+0x63/0x100
[  334.650308][T17851]  shmem_get_folio_gfp+0x480/0xb70
[  334.655421][T17851]  shmem_write_begin+0xa0/0x1c0
[  334.660284][T17851]  generic_perform_write+0x1d5/0x410
[  334.665563][T17851]  shmem_file_write_iter+0xc8/0xf0
[  334.670812][T17851]  __kernel_write_iter+0x24f/0x4e0
[  334.675918][T17851]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  334.681808][T17851]  dump_user_range+0x3a7/0x550
[  334.686563][T17851]  elf_core_dump+0x1aeb/0x1c30
[  334.691323][T17851]  ? 0xffffffffff600000
[  334.695500][T17851]  do_coredump+0xff6/0x1860
[  334.700121][T17851]  ? __rcu_read_unlock+0x4e/0x70
[  334.705164][T17851]  get_signal+0xdc1/0x1080
[  334.709596][T17851]  arch_do_signal_or_restart+0x95/0x4b0
[  334.715131][T17851]  irqentry_exit_to_user_mode+0x94/0x130
[  334.720758][T17851]  irqentry_exit+0x12/0x50
[  334.725238][T17851]  asm_exc_page_fault+0x26/0x30
[  334.730170][T17851] RIP: 0033:0xc376
[  334.733876][T17851] Code: Unable to access opcode bytes at 0xc34c.
[  334.740238][T17851] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  334.746286][T17851] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  334.754243][T17851] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  334.762207][T17851] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  334.770164][T17851] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  334.778193][T17851] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  334.786152][T17851]  </TASK>
[  334.789298][T17851] memory: usage 307200kB, limit 307200kB, failcnt 24992
[  334.796329][T17851] memory+swap: usage 432060kB, limit 9007199254740988kB, failcnt 0
[  334.804339][T17851] kmem: usage 4228kB, limit 9007199254740988kB, failcnt 0
[  334.811601][T17851] Memory cgroup stats for /syz3:
[  334.817206][T18438] vfat filesystem being mounted at /85/bus supports timestamps until 2107-12-31 (0x10391447e)
[  334.896298][T18438] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  334.902920][T18438] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  334.910494][T18438] vhci_hcd vhci_hcd.0: Device attached
[  334.933716][T18450] loop1: detected capacity change from 0 to 256
[  334.940480][T18447] vhci_hcd: connection closed
[  334.940841][ T3194] vhci_hcd: stop threads
[  334.949896][ T3194] vhci_hcd: release socket
[  334.950346][T18450] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  334.954321][ T3194] vhci_hcd: disconnect device
[  334.990955][T18450] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  335.001524][T18450] vfat filesystem being mounted at /7/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  335.099754][T17851] cache 275492864
[  335.103404][T17851] rss 434176
[  335.106590][T17851] shmem 275402752
[  335.110307][T17851] mapped_file 77824
[  335.114103][T17851] dirty 77824
[  335.117376][T17851] writeback 1761280
[  335.121199][T17851] workingset_refault_anon 12
[  335.125828][T17851] workingset_refault_file 2008
[  335.126897][T18461] loop1: detected capacity change from 0 to 512
[  335.130659][T17851] swap 126160896
[  335.140555][T17851] swapcached 1822720
[  335.141837][T18461] EXT4-fs: Ignoring removed i_version option
[  335.144581][T17851] pgpgin 484208
[  335.150416][T18461] EXT4-fs: Ignoring removed nobh option
[  335.159191][T18461] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  335.159498][T17851] pgpgout 416398
[  335.159506][T17851] pgfault 419736
[  335.176526][T17851] pgmajfault 29
[  335.180061][T17851] inactive_anon 263725056
[  335.180332][T18461] EXT4-fs (loop1): 1 truncate cleaned up
[  335.184449][T17851] active_anon 12599296
[  335.184458][T17851] inactive_file 0
[  335.184465][T17851] active_file 94208
[  335.201679][T17851] unevictable 0
[  335.205168][T17851] hierarchical_memory_limit 314572800
[  335.210551][T17851] hierarchical_memsw_limit 9223372036854771712
[  335.216690][T17851] total_cache 275492864
[  335.220858][T17851] total_rss 434176
[  335.224562][T17851] total_shmem 275402752
[  335.228722][T17851] total_mapped_file 77824
[  335.233147][T17851] total_dirty 77824
[  335.236937][T17851] total_writeback 1761280
[  335.241385][T17851] total_workingset_refault_anon 12
[  335.246485][T17851] total_workingset_refault_file 2008
[  335.251800][T17851] total_swap 126160896
[  335.255851][T17851] total_swapcached 1822720
[  335.260303][T17851] total_pgpgin 484209
[  335.264342][T17851] total_pgpgout 416399
[  335.268398][T17851] total_pgfault 419737
[  335.272484][T17851] total_pgmajfault 29
[  335.276466][T17851] total_inactive_anon 263725056
[  335.281400][T17851] total_active_anon 12599296
[  335.286064][T17851] total_inactive_file 0
[  335.290204][T17851] total_active_file 94208
[  335.294593][T17851] total_unevictable 0
[  335.298562][T17851] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17864,uid=0
[  335.313574][T17851] Memory cgroup out of memory: Killed process 17864 (syz.3.3909) total-vm:77176kB, anon-rss:484kB, file-rss:41432kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[  335.332103][T18459] __nla_validate_parse: 2 callbacks suppressed
[  335.332115][T18459] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4091'.
[  335.348959][T18461] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.375792][T18461] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4092'.
[  335.451479][T18086] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.539516][T18472] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4097'.
[  335.601589][T18468] loop1: detected capacity change from 0 to 8192
[  335.771765][T18487] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4103'.
[  335.859190][T18494] loop1: detected capacity change from 0 to 256
[  335.892419][T18494] FAT-fs (loop1): Directory bread(block 64) failed
[  335.899065][T18494] FAT-fs (loop1): Directory bread(block 65) failed
[  335.917129][T18494] FAT-fs (loop1): Directory bread(block 66) failed
[  335.942127][T18494] FAT-fs (loop1): Directory bread(block 67) failed
[  335.963170][T18494] FAT-fs (loop1): Directory bread(block 68) failed
[  335.973828][T18494] FAT-fs (loop1): Directory bread(block 69) failed
[  335.993994][T18517] FAULT_INJECTION: forcing a failure.
[  335.993994][T18517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  335.998159][T18494] FAT-fs (loop1): Directory bread(block 70) failed
[  336.007057][T18517] CPU: 1 PID: 18517 Comm: syz.0.4112 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  336.023643][T18517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  336.033683][T18517] Call Trace:
[  336.036983][T18517]  <TASK>
[  336.039940][T18517]  dump_stack_lvl+0xf2/0x150
[  336.044552][T18517]  dump_stack+0x15/0x20
[  336.048736][T18517]  should_fail_ex+0x229/0x230
[  336.053422][T18517]  should_fail+0xb/0x10
[  336.057579][T18517]  should_fail_usercopy+0x1a/0x20
[  336.062656][T18517]  _copy_from_iter+0xd3/0xb00
[  336.067388][T18517]  ? __virt_addr_valid+0x1ed/0x250
[  336.072497][T18517]  ? __check_object_size+0x35b/0x510
[  336.077773][T18517]  raw_sendmsg+0x254/0x440
[  336.082314][T18517]  ? __pfx_ieee802154_sock_sendmsg+0x10/0x10
[  336.088321][T18517]  ieee802154_sock_sendmsg+0x4e/0x60
[  336.093594][T18517]  __sock_sendmsg+0x140/0x180
[  336.098309][T18517]  __sys_sendto+0x1e5/0x260
[  336.102819][T18517]  __x64_sys_sendto+0x78/0x90
[  336.107551][T18517]  x64_sys_call+0x16d7/0x2d70
[  336.112300][T18517]  do_syscall_64+0xc9/0x1c0
[  336.116797][T18517]  ? clear_bhb_loop+0x55/0xb0
[  336.121586][T18517]  ? clear_bhb_loop+0x55/0xb0
[  336.126332][T18517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.132218][T18517] RIP: 0033:0x7fd4f3cc1bd9
[  336.136627][T18517] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.156256][T18517] RSP: 002b:00007fd4f2f43048 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  336.164658][T18517] RAX: ffffffffffffffda RBX: 00007fd4f3e4ff60 RCX: 00007fd4f3cc1bd9
[  336.172615][T18517] RDX: 0000000000000003 RSI: 0000000020000000 RDI: 0000000000000004
[  336.180608][T18517] RBP: 00007fd4f2f430a0 R08: 0000000000000000 R09: 0000000000000000
[  336.188566][T18517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.196586][T18517] R13: 000000000000000b R14: 00007fd4f3e4ff60 R15: 00007fffc80ae5e8
[  336.204613][T18517]  </TASK>
[  336.213698][T18494] FAT-fs (loop1): Directory bread(block 71) failed
[  336.220283][T18494] FAT-fs (loop1): Directory bread(block 72) failed
[  336.235446][T18494] FAT-fs (loop1): Directory bread(block 73) failed
[  336.257024][T18494] vfat filesystem being mounted at /12/bus supports timestamps until 2107-12-31 (0x10391447e)
[  336.292875][T18494] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(8)
[  336.299395][T18494] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  336.306956][T18494] vhci_hcd vhci_hcd.0: Device attached
[  336.314273][T18521] vhci_hcd: connection closed
[  336.314392][ T3194] vhci_hcd: stop threads
[  336.323318][ T3194] vhci_hcd: release socket
[  336.327727][ T3194] vhci_hcd: disconnect device
[  336.476311][T18531] loop4: detected capacity change from 0 to 512
[  336.483651][T18531] EXT4-fs: Ignoring removed i_version option
[  336.486666][T18532] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4118'.
[  336.489669][T18531] EXT4-fs: Ignoring removed nobh option
[  336.509801][T18531] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  336.526785][T18531] EXT4-fs (loop4): 1 truncate cleaned up
[  336.532802][T18531] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  336.580055][T18531] FAULT_INJECTION: forcing a failure.
[  336.580055][T18531] name failslab, interval 1, probability 0, space 0, times 0
[  336.592758][T18531] CPU: 0 PID: 18531 Comm: syz.4.4117 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  336.602916][T18531] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  336.612992][T18531] Call Trace:
[  336.616295][T18531]  <TASK>
[  336.619217][T18531]  dump_stack_lvl+0xf2/0x150
[  336.623974][T18531]  dump_stack+0x15/0x20
[  336.628134][T18531]  should_fail_ex+0x229/0x230
[  336.632825][T18531]  ? ext4_expand_extra_isize_ea+0x7a5/0xf70
[  336.638784][T18531]  __should_failslab+0x92/0xa0
[  336.643623][T18531]  should_failslab+0x9/0x20
[  336.648195][T18531]  kmalloc_trace_noprof+0x4b/0x2a0
[  336.653395][T18531]  ext4_expand_extra_isize_ea+0x7a5/0xf70
[  336.659201][T18531]  __ext4_expand_extra_isize+0x243/0x280
[  336.664843][T18531]  __ext4_mark_inode_dirty+0x2c5/0x440
[  336.670310][T18531]  ext4_dirty_inode+0x91/0xb0
[  336.675078][T18531]  ? __pfx_ext4_dirty_inode+0x10/0x10
[  336.680600][T18531]  __mark_inode_dirty+0x16d/0x7e0
[  336.685831][T18531]  ? setattr_copy+0x230/0x2c0
[  336.690503][T18531]  ext4_setattr+0x3e1/0xeb0
[  336.695007][T18531]  ? security_inode_setattr+0x92/0xc0
[  336.700402][T18531]  ? __pfx_ext4_setattr+0x10/0x10
[  336.705429][T18531]  notify_change+0x814/0x8a0
[  336.710018][T18531]  chown_common+0x2ad/0x3f0
[  336.714528][T18531]  do_fchownat+0x100/0x1a0
[  336.719019][T18531]  __x64_sys_lchown+0x4a/0x60
[  336.723715][T18531]  x64_sys_call+0x2a97/0x2d70
[  336.728464][T18531]  do_syscall_64+0xc9/0x1c0
[  336.733033][T18531]  ? clear_bhb_loop+0x55/0xb0
[  336.737730][T18531]  ? clear_bhb_loop+0x55/0xb0
[  336.742424][T18531]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.748343][T18531] RIP: 0033:0x7fd128851bd9
[  336.752748][T18531] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.772378][T18531] RSP: 002b:00007fd127ab2048 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  336.780776][T18531] RAX: ffffffffffffffda RBX: 00007fd1289e0038 RCX: 00007fd128851bd9
[  336.788766][T18531] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000280
[  336.796723][T18531] RBP: 00007fd127ab20a0 R08: 0000000000000000 R09: 0000000000000000
[  336.804676][T18531] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.812628][T18531] R13: 000000000000006e R14: 00007fd1289e0038 R15: 00007ffdb8cc0658
[  336.820654][T18531]  </TASK>
[  336.848980][T18542] loop0: detected capacity change from 0 to 512
[  336.863778][T18542] EXT4-fs: Ignoring removed i_version option
[  336.869809][T18542] EXT4-fs: Ignoring removed nobh option
[  336.888166][T18542] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  336.912697][T18542] EXT4-fs (loop0): 1 truncate cleaned up
[  336.944328][T18542] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  336.974360][T18547] netlink: 44 bytes leftover after parsing attributes in process `syz.2.4124'.
[  336.996250][T18542] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4122'.
[  337.092250][T18121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.176985][T18558] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4129'.
[  337.352518][T18575] loop0: detected capacity change from 0 to 512
[  337.372691][T18575] EXT4-fs: Ignoring removed i_version option
[  337.378686][T18575] EXT4-fs: Ignoring removed nobh option
[  337.399539][T18575] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  337.438530][T18575] EXT4-fs (loop0): 1 truncate cleaned up
[  337.444614][T18575] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  337.466606][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.477822][T18575] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4137'.
[  337.563087][T18121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  337.585220][   T30] oom_reaper: reaped process 17864 (syz.3.3909), now anon-rss:88kB, file-rss:28408kB, shmem-rss:0kB
[  337.597388][T18589] tipc: Started in network mode
[  337.602343][T18589] tipc: Node identity fe800000000000000000000000000012, cluster identity 4711
[  337.616851][T17850] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  337.626708][T17850] CPU: 1 PID: 17850 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  337.636929][T17850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  337.647043][T17850] Call Trace:
[  337.650379][T17850]  <TASK>
[  337.653292][T17850]  dump_stack_lvl+0xf2/0x150
[  337.657956][T17850]  dump_stack+0x15/0x20
[  337.662101][T17850]  dump_header+0x83/0x2d0
[  337.666529][T17850]  oom_kill_process+0x33e/0x4c0
[  337.671374][T17850]  out_of_memory+0x9af/0xbe0
[  337.676034][T17850]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  337.682092][T17850]  mem_cgroup_out_of_memory+0x13e/0x190
[  337.687710][T17850]  try_charge_memcg+0x745/0xcd0
[  337.692656][T17850]  ? __alloc_pages_noprof+0x194/0x360
[  337.698019][T17850]  ? __rcu_read_unlock+0x4e/0x70
[  337.702953][T17850]  __mem_cgroup_charge+0x63/0x100
[  337.708044][T17850]  shmem_get_folio_gfp+0x480/0xb70
[  337.713191][T17850]  shmem_write_begin+0xa0/0x1c0
[  337.718123][T17850]  generic_perform_write+0x1d5/0x410
[  337.723402][T17850]  shmem_file_write_iter+0xc8/0xf0
[  337.728510][T17850]  __kernel_write_iter+0x24f/0x4e0
[  337.733612][T17850]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  337.739410][T17850]  dump_user_range+0x3a7/0x550
[  337.744169][T17850]  elf_core_dump+0x1aeb/0x1c30
[  337.749044][T17850]  ? 0xffffffffff600000
[  337.753188][T17850]  do_coredump+0xff6/0x1860
[  337.757753][T17850]  ? __rcu_read_unlock+0x4e/0x70
[  337.762817][T17850]  get_signal+0xdc1/0x1080
[  337.767266][T17850]  arch_do_signal_or_restart+0x95/0x4b0
[  337.772799][T17850]  irqentry_exit_to_user_mode+0x94/0x130
[  337.778469][T17850]  irqentry_exit+0x12/0x50
[  337.782897][T17850]  asm_exc_page_fault+0x26/0x30
[  337.787739][T17850] RIP: 0033:0xc376
[  337.791447][T17850] Code: Unable to access opcode bytes at 0xc34c.
[  337.797750][T17850] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  337.803847][T17850] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  337.811802][T17850] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  337.819803][T17850] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  337.827803][T17850] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  337.835757][T17850] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  337.843716][T17850]  </TASK>
[  337.846887][T17850] memory: usage 307200kB, limit 307200kB, failcnt 26646
[  337.854230][T17850] memory+swap: usage 431992kB, limit 9007199254740988kB, failcnt 0
[  337.862239][T17850] kmem: usage 4292kB, limit 9007199254740988kB, failcnt 0
[  337.869333][T17850] Memory cgroup stats for /syz3:
[  337.873916][T18589] tipc: Enabled bearer <udp:syz0>, priority 10
[  337.895891][T17850] cache 309538816
[  337.899104][T18592] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4143'.
[  337.899525][T17850] rss 430080
[  337.911656][T17850] shmem 309452800
[  337.915297][T17850] mapped_file 77824
[  337.919141][T17850] dirty 77824
[  337.922488][T17850] writeback 0
[  337.925853][T17850] workingset_refault_anon 12
[  337.930428][T17850] workingset_refault_file 2133
[  337.935222][T17850] swap 127787008
[  337.938802][T17850] swapcached 208896
[  337.942597][T17850] pgpgin 494580
[  337.946104][T17850] pgpgout 418853
[  337.949659][T17850] pgfault 420245
[  337.953224][T17850] pgmajfault 29
[  337.956925][T17850] inactive_anon 57966592
[  337.961192][T17850] active_anon 252121088
[  337.965359][T17850] inactive_file 0
[  337.969057][T17850] active_file 77824
[  337.973492][T17850] unevictable 0
[  337.977497][T17850] hierarchical_memory_limit 314572800
[  337.982881][T17850] hierarchical_memsw_limit 9223372036854771712
[  337.989019][T17850] total_cache 309538816
[  337.993570][T17850] total_rss 430080
[  337.997551][T17850] total_shmem 309452800
[  338.001742][T17850] total_mapped_file 77824
[  338.006058][T17850] total_dirty 77824
[  338.010201][T17850] total_writeback 0
[  338.014047][T17850] total_workingset_refault_anon 12
[  338.019425][T17850] total_workingset_refault_file 2133
[  338.024871][T17850] total_swap 127787008
[  338.029010][T17850] total_swapcached 208896
[  338.033386][T17850] total_pgpgin 494581
[  338.037357][T17850] total_pgpgout 418854
[  338.041437][T17850] total_pgfault 420246
[  338.045539][T17850] total_pgmajfault 29
[  338.049513][T17850] total_inactive_anon 57966592
[  338.054268][T17850] total_active_anon 252121088
[  338.058955][T17850] total_inactive_file 0
[  338.063102][T17850] total_active_file 77824
[  338.067457][T17850] total_unevictable 0
[  338.071434][T17850] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17865,uid=0
[  338.086860][T17850] Memory cgroup out of memory: Killed process 17865 (syz.3.3909) total-vm:77176kB, anon-rss:484kB, file-rss:41088kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000
[  338.130763][T18602] FAULT_INJECTION: forcing a failure.
[  338.130763][T18602] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  338.143996][T18602] CPU: 0 PID: 18602 Comm: syz.4.4146 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  338.154170][T18602] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  338.164240][T18602] Call Trace:
[  338.167591][T18602]  <TASK>
[  338.170519][T18602]  dump_stack_lvl+0xf2/0x150
[  338.175112][T18602]  dump_stack+0x15/0x20
[  338.179298][T18602]  should_fail_ex+0x229/0x230
[  338.183976][T18602]  should_fail+0xb/0x10
[  338.188228][T18602]  should_fail_usercopy+0x1a/0x20
[  338.193242][T18602]  _copy_to_user+0x1e/0xa0
[  338.197643][T18602]  simple_read_from_buffer+0xa0/0x110
[  338.203025][T18602]  proc_fail_nth_read+0xfc/0x140
[  338.207990][T18602]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  338.213521][T18602]  vfs_read+0x1a2/0x6e0
[  338.217665][T18602]  ? __rcu_read_unlock+0x4e/0x70
[  338.222595][T18602]  ? __fget_files+0x1da/0x210
[  338.227264][T18602]  ksys_read+0xeb/0x1b0
[  338.231475][T18602]  __x64_sys_read+0x42/0x50
[  338.235969][T18602]  x64_sys_call+0x27e5/0x2d70
[  338.240681][T18602]  do_syscall_64+0xc9/0x1c0
[  338.245182][T18602]  ? clear_bhb_loop+0x55/0xb0
[  338.249914][T18602]  ? clear_bhb_loop+0x55/0xb0
[  338.254655][T18602]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.260538][T18602] RIP: 0033:0x7fd1288506bc
[  338.264943][T18602] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  338.284630][T18602] RSP: 002b:00007fd127ad3040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  338.293038][T18602] RAX: ffffffffffffffda RBX: 00007fd1289dff60 RCX: 00007fd1288506bc
[  338.301059][T18602] RDX: 000000000000000f RSI: 00007fd127ad30b0 RDI: 0000000000000006
[  338.309011][T18602] RBP: 00007fd127ad30a0 R08: 0000000000000000 R09: 0000000000000000
[  338.316965][T18602] R10: 0000000020000140 R11: 0000000000000246 R12: 0000000000000001
[  338.324919][T18602] R13: 000000000000000b R14: 00007fd1289dff60 R15: 00007ffdb8cc0658
[  338.332878][T18602]  </TASK>
[  338.403669][T18614] loop1: detected capacity change from 0 to 512
[  338.427388][T18614] ext4: Unknown parameter 'rootcontext
[  338.427388][T18614] staff_u'
[  338.451542][T18622] loop0: detected capacity change from 0 to 512
[  338.466026][T18622] EXT4-fs: Ignoring removed i_version option
[  338.467309][T18624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.472113][T18622] EXT4-fs: Ignoring removed nobh option
[  338.482503][T18624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.482531][T18624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.482547][T18624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.482560][T18624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.482575][T18624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.482589][T18624] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  338.482603][T18624] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  338.562191][T18610] 9pnet_fd: Insufficient options for proto=fd
[  338.564267][T18622] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  338.588209][T18622] EXT4-fs (loop0): 1 truncate cleaned up
[  338.594640][T18622] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.697483][T18121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  338.719381][T18640] loop2: detected capacity change from 0 to 2048
[  338.767884][T18648] loop0: detected capacity change from 0 to 256
[  338.795735][T18648] msdos filesystem being mounted at /25/file1 supports timestamps until 2107-12-31 (0x10391447e)
[  338.883200][T18652] loop1: detected capacity change from 0 to 8192
[  338.907954][T18652] vfat filesystem being mounted at /24/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  338.946082][T18655] loop2: detected capacity change from 0 to 2048
[  338.987380][T18655] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  338.988852][ T3162] tipc: Node number set to 4269801490
[  339.022912][   T29] audit: type=1400 audit(3441709392.601:2576): avc:  denied  { lock } for  pid=18656 comm="syz.0.4164" path="socket:[84601]" dev="sockfs" ino=84601 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=sock_file permissive=1
[  339.098368][T17534] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.109484][   T29] audit: type=1326 audit(3441709392.693:2577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.167117][T18681] loop0: detected capacity change from 0 to 512
[  339.174136][   T29] audit: type=1326 audit(3441709392.693:2578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.197757][   T29] audit: type=1326 audit(3441709392.693:2579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.213477][T18681] EXT4-fs: Ignoring removed i_version option
[  339.221218][   T29] audit: type=1326 audit(3441709392.693:2580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.227235][T18681] EXT4-fs: Ignoring removed nobh option
[  339.248477][T18681] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  339.250961][   T29] audit: type=1326 audit(3441709392.693:2581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.284157][T18681] EXT4-fs (loop0): 1 truncate cleaned up
[  339.289683][   T29] audit: type=1326 audit(3441709392.693:2582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.296863][T18681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.318807][   T29] audit: type=1326 audit(3441709392.693:2583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.354362][   T29] audit: type=1326 audit(3441709392.693:2584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.377818][   T29] audit: type=1326 audit(3441709392.693:2585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=18675 comm="syz.1.4168" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f052552dbd9 code=0x7ffc0000
[  339.493807][T18686] FAULT_INJECTION: forcing a failure.
[  339.493807][T18686] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  339.507072][T18686] CPU: 1 PID: 18686 Comm: syz.2.4169 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  339.517220][T18686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  339.527286][T18686] Call Trace:
[  339.530667][T18686]  <TASK>
[  339.533595][T18686]  dump_stack_lvl+0xf2/0x150
[  339.538263][T18686]  dump_stack+0x15/0x20
[  339.542485][T18686]  should_fail_ex+0x229/0x230
[  339.547161][T18686]  __should_fail_alloc_page+0xfd/0x110
[  339.552673][T18686]  __alloc_pages_noprof+0x109/0x360
[  339.557934][T18686]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  339.563374][T18686]  shmem_get_folio_gfp+0x3e4/0xb70
[  339.568532][T18686]  shmem_write_begin+0xa0/0x1c0
[  339.573382][T18686]  generic_perform_write+0x1d5/0x410
[  339.578678][T18686]  ? __pfx_shmem_write_end+0x10/0x10
[  339.583997][T18686]  shmem_file_write_iter+0xc8/0xf0
[  339.589152][T18686]  vfs_write+0x78f/0x900
[  339.593468][T18686]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  339.599416][T18686]  ksys_write+0xeb/0x1b0
[  339.603667][T18686]  __x64_sys_write+0x42/0x50
[  339.608275][T18686]  x64_sys_call+0x27ef/0x2d70
[  339.612962][T18686]  do_syscall_64+0xc9/0x1c0
[  339.617537][T18686]  ? clear_bhb_loop+0x55/0xb0
[  339.622302][T18686]  ? clear_bhb_loop+0x55/0xb0
[  339.626984][T18686]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.632897][T18686] RIP: 0033:0x7f83464d675f
[  339.637406][T18686] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 29 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 7c 8c 02 00 48
[  339.657034][T18686] RSP: 002b:00007f8345758e00 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  339.665468][T18686] RAX: ffffffffffffffda RBX: 0000000000040000 RCX: 00007f83464d675f
[  339.673530][T18686] RDX: 0000000000040000 RSI: 00007f833d339000 RDI: 0000000000000007
[  339.681500][T18686] RBP: 0000000000000000 R08: 0000000000000000 R09: 00000000000004d3
[  339.689530][T18686] R10: 0000000020001102 R11: 0000000000000293 R12: 0000000000000007
[  339.697710][T18686] R13: 00007f8345758f00 R14: 00007f8345758ec0 R15: 00007f833d339000
[  339.705683][T18686]  </TASK>
[  339.715086][T18690] loop1: detected capacity change from 0 to 512
[  339.735940][T18690] EXT4-fs: Mount option(s) incompatible with ext2
[  339.745810][T18121] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  339.841364][T18696] loop0: detected capacity change from 0 to 512
[  339.880175][T18696] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  339.917325][T18696] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  339.963393][T18696] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.023547][T18709] loop1: detected capacity change from 0 to 512
[  340.036609][T18709] EXT4-fs: Ignoring removed nomblk_io_submit option
[  340.053543][T18709] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  340.063316][T18696] devpts: called with bogus options
[  340.103087][T18709] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[  340.144538][T18709] EXT4-fs (loop1): 1 truncate cleaned up
[  340.177740][T18709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.209571][T18721] loop4: detected capacity change from 0 to 512
[  340.226477][T18709] EXT4-fs error (device loop1): ext4_map_blocks:580: inode #2: block 4: comm syz.1.4180: lblock 0 mapped to illegal pblock 4 (length 1)
[  340.252567][T18721] EXT4-fs: Ignoring removed i_version option
[  340.258712][T18721] EXT4-fs: Ignoring removed nobh option
[  340.288834][T18709] EXT4-fs (loop1): Remounting filesystem read-only
[  340.299600][T18721] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  340.340767][T18086] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.352482][T18721] EXT4-fs (loop4): 1 truncate cleaned up
[  340.358642][T18721] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.448844][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.457201][T17862] syz.3.3909 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  340.467634][T17862] CPU: 1 PID: 17862 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  340.477848][T17862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  340.487900][T17862] Call Trace:
[  340.491175][T17862]  <TASK>
[  340.494097][T17862]  dump_stack_lvl+0xf2/0x150
[  340.498700][T17862]  dump_stack+0x15/0x20
[  340.502940][T17862]  dump_header+0x83/0x2d0
[  340.507273][T17862]  oom_kill_process+0x33e/0x4c0
[  340.508966][T18738] vhci_hcd: invalid port number 203
[  340.512179][T17862]  out_of_memory+0x9af/0xbe0
[  340.517393][T18738] vhci_hcd: default hub control req: 2017 v0000 i00cb l0
[  340.521962][T17862]  ? try_to_free_mem_cgroup_pages+0x22a/0x4e0
[  340.535107][T17862]  mem_cgroup_out_of_memory+0x13e/0x190
[  340.540738][T17862]  try_charge_memcg+0x745/0xcd0
[  340.545596][T17862]  ? __alloc_pages_noprof+0x194/0x360
[  340.550972][T17862]  ? __rcu_read_unlock+0x4e/0x70
[  340.556020][T17862]  __mem_cgroup_charge+0x63/0x100
[  340.561141][T17862]  shmem_get_folio_gfp+0x480/0xb70
[  340.566277][T17862]  shmem_write_begin+0xa0/0x1c0
[  340.571127][T17862]  generic_perform_write+0x1d5/0x410
[  340.576501][T17862]  shmem_file_write_iter+0xc8/0xf0
[  340.581607][T17862]  __kernel_write_iter+0x24f/0x4e0
[  340.586711][T17862]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  340.592586][T17862]  dump_user_range+0x3a7/0x550
[  340.597351][T17862]  elf_core_dump+0x1aeb/0x1c30
[  340.602164][T17862]  ? 0xffffffffff600000
[  340.606347][T17862]  do_coredump+0xff6/0x1860
[  340.610884][T17862]  ? __rcu_read_unlock+0x4e/0x70
[  340.615819][T17862]  get_signal+0xdc1/0x1080
[  340.620278][T17862]  arch_do_signal_or_restart+0x95/0x4b0
[  340.625812][T17862]  irqentry_exit_to_user_mode+0x94/0x130
[  340.631489][T17862]  irqentry_exit+0x12/0x50
[  340.635931][T17862]  asm_exc_page_fault+0x26/0x30
[  340.640772][T17862] RIP: 0033:0xc376
[  340.644580][T17862] Code: Unable to access opcode bytes at 0xc34c.
[  340.650889][T17862] RSP: 002b:0000000020000278 EFLAGS: 00010217
[  340.656940][T17862] RAX: 0000000000000000 RBX: 00007fda68cccf60 RCX: 00007fda68b3ebd9
[  340.664909][T17862] RDX: 0000000020000280 RSI: 0000000020000270 RDI: 0000000000000000
[  340.672864][T17862] RBP: 00007fda68bade60 R08: 0000000020000300 R09: 0000000020000300
[  340.680819][T17862] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000000
[  340.688772][T17862] R13: 000000000000000b R14: 00007fda68cccf60 R15: 00007ffe0b49e228
[  340.696740][T17862]  </TASK>
[  340.699901][T17862] memory: usage 307200kB, limit 307200kB, failcnt 28898
[  340.706191][T18741] loop1: detected capacity change from 0 to 1024
[  340.706823][T17862] memory+swap: usage 430088kB, limit 9007199254740988kB, failcnt 0
[  340.706861][T17862] kmem: usage 4056kB, limit 9007199254740988kB, failcnt 0
[  340.706871][T17862] Memory cgroup stats for /syz3:
[  340.825203][T18741] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  340.850973][T18746] __nla_validate_parse: 5 callbacks suppressed
[  340.850987][T18746] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4189'.
[  340.884046][T17862] cache 307646464
[  340.887704][T17862] rss 413696
[  340.890883][T17862] shmem 307601408
[  340.894554][T17862] mapped_file 16384
[  340.898343][T17862] dirty 0
[  340.901268][T17862] writeback 2154496
[  340.905117][T17862] workingset_refault_anon 12
[  340.909687][T17862] workingset_refault_file 3414
[  340.914438][T17862] swap 125837312
[  340.918030][T17862] swapcached 2158592
[  340.921915][T17862] pgpgin 514782
[  340.925407][T17862] pgpgout 439029
[  340.928982][T17862] pgfault 421232
[  340.932540][T17862] pgmajfault 39
[  340.935979][T17862] inactive_anon 80908288
[  340.940239][T17862] active_anon 228470784
[  340.944451][T17862] inactive_file 12288
[  340.948525][T17862] active_file 4096
[  340.952230][T17862] unevictable 0
[  340.955674][T17862] hierarchical_memory_limit 314572800
[  340.961058][T17862] hierarchical_memsw_limit 9223372036854771712
[  340.967258][T17862] total_cache 307646464
[  340.971471][T17862] total_rss 413696
[  340.975186][T17862] total_shmem 307601408
[  340.979332][T17862] total_mapped_file 16384
[  340.983672][T17862] total_dirty 0
[  340.987110][T17862] total_writeback 2154496
[  340.991437][T17862] total_workingset_refault_anon 12
[  340.996533][T17862] total_workingset_refault_file 3414
[  341.001941][T17862] total_swap 125837312
[  341.005997][T17862] total_swapcached 2158592
[  341.010394][T17862] total_pgpgin 514783
[  341.014375][T17862] total_pgpgout 439030
[  341.018506][T17862] total_pgfault 421233
[  341.022551][T17862] total_pgmajfault 39
[  341.026557][T17862] total_inactive_anon 80908288
[  341.031306][T17862] total_active_anon 228470784
[  341.035987][T17862] total_inactive_file 12288
[  341.040475][T17862] total_active_file 4096
[  341.044712][T17862] total_unevictable 0
[  341.048718][T17862] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0,oom_memcg=/syz3,task_memcg=/syz3,task=syz.3.3909,pid=17850,uid=0
[  341.063722][T17862] Memory cgroup out of memory: Killed process 17850 (syz.3.3909) total-vm:77044kB, anon-rss:476kB, file-rss:42068kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000
[  341.181422][T18086] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.194360][T18757] loop4: detected capacity change from 0 to 512
[  341.218113][T18757] EXT4-fs: Ignoring removed nobh option
[  341.233363][T18757] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  341.253138][T18757] EXT4-fs (loop4): 1 truncate cleaned up
[  341.259224][T18757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.310558][T17570] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.415118][T18774] loop1: detected capacity change from 0 to 512
[  341.421799][T18774] EXT4-fs: Ignoring removed i_version option
[  341.427815][T18774] EXT4-fs: Ignoring removed nobh option
[  341.452634][T18775] loop4: detected capacity change from 0 to 2048
[  341.459660][T18774] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  341.480234][T18774] EXT4-fs (loop1): 1 truncate cleaned up
[  341.501001][T18774] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4199'.
[  341.547729][T18775]  loop4: p2 p3 p7
[  341.554587][T17850] ==================================================================
[  341.562666][T17850] BUG: KCSAN: data-race in folio_alloc_swap / free_swap_slot
[  341.570065][T17850] 
[  341.572379][T17850] write to 0xffffffff8842621b of 1 bytes by task 17853 on cpu 1:
[  341.580086][T17850]  folio_alloc_swap+0x1b3/0x490
[  341.584925][T17850]  shmem_writepage+0x43e/0x970
[  341.589677][T17850]  shrink_folio_list+0x19f4/0x2630
[  341.594803][T17850]  evict_folios+0x254f/0x3400
[  341.599469][T17850]  try_to_shrink_lruvec+0x719/0x8b0
[  341.604684][T17850]  shrink_lruvec+0x25c/0x1760
[  341.609386][T17850]  shrink_node+0x55e/0x1da0
[  341.613881][T17850]  do_try_to_free_pages+0x3cf/0xc20
[  341.619069][T17850]  try_to_free_mem_cgroup_pages+0x1ea/0x4e0
[  341.624953][T17850]  try_charge_memcg+0x27a/0xcd0
[  341.629794][T17850]  __mem_cgroup_charge+0x63/0x100
[  341.634810][T17850]  shmem_get_folio_gfp+0x480/0xb70
[  341.639906][T17850]  shmem_write_begin+0xa0/0x1c0
[  341.644741][T17850]  generic_perform_write+0x1d5/0x410
[  341.650044][T17850]  shmem_file_write_iter+0xc8/0xf0
[  341.655143][T17850]  __kernel_write_iter+0x24f/0x4e0
[  341.660248][T17850]  dump_user_range+0x3a7/0x550
[  341.664997][T17850]  elf_core_dump+0x1aeb/0x1c30
[  341.669763][T17850]  do_coredump+0xff6/0x1860
[  341.674260][T17850]  get_signal+0xdc1/0x1080
[  341.678664][T17850]  arch_do_signal_or_restart+0x95/0x4b0
[  341.684197][T17850]  irqentry_exit_to_user_mode+0x94/0x130
[  341.689817][T17850]  irqentry_exit+0x12/0x50
[  341.694219][T17850]  asm_exc_page_fault+0x26/0x30
[  341.699056][T17850] 
[  341.701362][T17850] read to 0xffffffff8842621b of 1 bytes by task 17850 on cpu 0:
[  341.708980][T17850]  free_swap_slot+0x4b/0x1d0
[  341.713558][T17850]  __swap_entry_free+0x1cc/0x1f0
[  341.718480][T17850]  free_swap_and_cache_nr+0x117/0x310
[  341.723839][T17850]  shmem_undo_range+0x2c3/0xa50
[  341.728673][T17850]  shmem_evict_inode+0x14d/0x530
[  341.733613][T17850]  evict+0x1ae/0x420
[  341.737520][T17850]  iput+0x432/0x5c0
[  341.741322][T17850]  dentry_unlink_inode+0x24c/0x260
[  341.746424][T17850]  __dentry_kill+0x188/0x4b0
[  341.751003][T17850]  dput+0x5c/0xd0
[  341.754627][T17850]  __fput+0x41f/0x6f0
[  341.758623][T17850]  ____fput+0x15/0x20
[  341.762594][T17850]  task_work_run+0x13a/0x1a0
[  341.767211][T17850]  do_exit+0x5d5/0x1710
[  341.771350][T17850]  do_group_exit+0x102/0x150
[  341.775927][T17850]  get_signal+0xf2f/0x1080
[  341.780331][T17850]  arch_do_signal_or_restart+0x95/0x4b0
[  341.785864][T17850]  irqentry_exit_to_user_mode+0x94/0x130
[  341.791515][T17850]  irqentry_exit+0x12/0x50
[  341.795919][T17850]  asm_exc_page_fault+0x26/0x30
[  341.800761][T17850] 
[  341.803066][T17850] value changed: 0x00 -> 0x01
[  341.807731][T17850] 
[  341.810039][T17850] Reported by Kernel Concurrency Sanitizer on:
[  341.816166][T17850] CPU: 0 PID: 17850 Comm: syz.3.3909 Not tainted 6.10.0-rc7-syzkaller-00254-g528dd46d0fc3 #0
[  341.826308][T17850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  341.836358][T17850] ==================================================================
[  342.968193][ T3194] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.032225][ T3194] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.095826][ T3194] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.151274][ T3194] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.226143][ T3194] bridge_slave_1: left allmulticast mode
[  343.231853][ T3194] bridge_slave_1: left promiscuous mode
[  343.237538][ T3194] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.245260][ T3194] bridge_slave_0: left allmulticast mode
[  343.250896][ T3194] bridge_slave_0: left promiscuous mode
[  343.256727][ T3194] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.356058][ T3194] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  343.366736][ T3194] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  343.377271][ T3194] bond0 (unregistering): Released all slaves
[  343.477486][ T3194] hsr_slave_0: left promiscuous mode
[  343.483085][ T3194] hsr_slave_1: left promiscuous mode
[  343.488935][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.496378][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.505766][ T3194] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.513156][ T3194] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.523108][ T3194] veth1_macvtap: left promiscuous mode
[  343.528593][ T3194] veth0_macvtap: left promiscuous mode
[  343.534133][ T3194] veth1_vlan: left promiscuous mode
[  343.539373][ T3194] veth0_vlan: left promiscuous mode
[  343.628848][ T3194] team0 (unregistering): Port device team_slave_1 removed
[  343.640150][ T3194] team0 (unregistering): Port device team_slave_0 removed