last executing test programs:

9.168865961s ago: executing program 2 (id=2984):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r2}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r3 = getpid()
madvise(&(0x7f0000bc6000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x80, 0x2, 0x4, 0x7ff}, {0xf000, 0x9, 0x5, 0x3}, {0x6, 0x7, 0x0, 0xb445}, {0x7, 0x0, 0x4}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200010, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r5 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r5, 0x0, 0x0, 0x1001f0)
fallocate(r5, 0x3, 0x9, 0x10000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000ad00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e20, @private=0xa010101}, 0x10)

8.245008705s ago: executing program 2 (id=2989):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x850}, 0x0)

7.87936397s ago: executing program 2 (id=2993):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000780)=ANY=[@ANYBLOB="cf65663222bd6768deab1c1312c9679b77ecdd3a13a98c4895f2e7dcff9e660fb512eb8733edac5f585cbbaedc1f3eb852736f42d1f0524d32e9bbd4b898d702f4594cf2a6ab064e0366c134dfcb9209d15dbd1bb07f1cbf4216fd61e827dea01cb3eed3c24f15d3119b2ffb00"/118], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000640)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb0100180000000000000031000000310000000c000000050000000000001205000000060000000200000f010000000100000095340000ff000000030000000900000001000000e6000000000030400000005f5f2e3000"], &(0x7f0000000540)=""/233, 0x58, 0xe9, 0x0, 0x4, 0x0, @void, @value}, 0x28)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = dup(r2)
fsetxattr$security_selinux(r3, &(0x7f0000000000), &(0x7f0000000040)='system_u:object_r:mouse_device_t:s0\x00', 0x20, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="161c000000", @ANYRES32, @ANYBLOB="130200"/20, @ANYRES32=0x0, @ANYRES32=r1, @ANYBLOB="1000"/28], 0x50)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r5, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000840)={r4, &(0x7f0000000240), &(0x7f0000000080)=@tcp=r5}, 0x20)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r7, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r8 = socket$packet(0x11, 0x2, 0x300)
connect$netlink(r2, &(0x7f0000000680)=@kern={0x10, 0x0, 0x0, 0x2000}, 0xc)
setsockopt$packet_fanout(r8, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xa004}, 0x4)
getpeername$packet(r7, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14)
syz_emit_ethernet(0x5e, &(0x7f00000004c0)={@empty, @random="7dedf1b4b3d8", @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e80400", 0x28, 0x3a, 0xff, @dev, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @loopback={0xff00000000000000}, @empty}}}}}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'veth1_to_batadv\x00', <r9=>0x0})
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000850000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r10}, 0x10)
sendto$packet(r7, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r9}, 0x14)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_NEW_INTERFACE(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000004c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010028bd7000fbdbdf250700000008000300", @ANYRES32=r11, @ANYBLOB="00000000000003ff"], 0x24}, 0x1, 0x0, 0x0, 0x8080}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wpan3\x00'})
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800702, &(0x7f0000000300)={[{@grpid}, {@bsdgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}, {@orlov}, {@bsdgroups}, {@oldalloc}, {@resuid}]}, 0x2, 0x462, &(0x7f0000000f80)="$eJzs209sFNUfAPDvzLblx//+EP+AqFVibPzT0oLKwYtGEw8YTfSAx9oWQliooTUBQqQagxcTQ6JejUcTD569eTHqycSr3g0JUS6gpzWzO9PuLruF0mW3dT+fZNv3dt7ue9+deTNv5s0E0LdGsj9JxLaI+C0idtayjQVGav9uXLsw/fe1C9NJVCpv/plUy12/dmG6KFp8bmueGU0j0o+SvJJG8+fOn5wql2fP5PnxhVPvjs+fO//MiVNTx2ePz56ePHz40MGJ55+bfLYjcWZxXd/7/ty+Pa++ffm16aOX3/npm6y92/Ll9XF0ykgW+F+VquZlj3e6sh7bXpdOBnrYEFalFBHZ6hqMiEopyy+vvJ3xyoc9bRxwV2XHpk3tFy9WgP+wJHrdAqA3igN9dv5bvLo09FgXrr5YOwHK4r6Rv2pLBiLNyww2nd920khEHF3858vsFXfpOgQAQL1Ppj8/Ek+3Gv+lp++rK7cjn0MZjoj/R8SuiLgnInZHxL0RkZW9PyIeWGX9zVNDN49/0it3FNhtysZ/L+RzW43jv2L0F8OlPLe9Gv9gcuxEefZA/puMxuCmLD+xQh3fv/zrp+2W1Y//sldWfzEWzNtxZaDpAt3M1MJUdVDaAVc/iNg70Cr+ZGkmIImIPRGxd3VfvaNInHjy633tCt06/hV0YJ6p8lXEE7X1vxhN8ReSlecnx/8X5dkD48VWcbOff7n0Rrv61xR/B2Trf0vj9t9cZDipn6+dX30dl37/uO05zZ1u/0PJW9X90VD+3tmphYUzExFDyZFqvuH9yeXPFvmzU4NL8Y/ub93/d+WfyeJ/MCKyjfihiHg4Ih7J2/5oRDwWEftXiP/Hl9ovWw/rf6bl/m9p+29a/6tPlE7+8F27+m9v/R+qpkbzd6r7v1u43Qau5bcDAACAjSKt3gOfpGNL6TQdG6vdw787tqTlufmFp47NvXd6pnav/HAMpsWVrp1110MnksX8G2v5yfxacbH8YH7d+LPS5mp+bHquPNPj2KHfbW3T/zN/lHrdOuCuazWPNjnUg4YAXdfc/9PG7MXXu9kYoKs8rw396xb9P+1WO4Duc/yH/rXc/79YSl2s/l1+RLjUoQcOgPXF8R/6l/4P/Uv/h/6l/0NfWstz/RL9nIi0G3WlEbG279kc6+UX21iJFjuLb90JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbDz/BgAA//+mY/CN")
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xf, 0x4, 0x8, 0x63b2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x20000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x4000, 0x0)

7.504964776s ago: executing program 3 (id=2995):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01032757c38d085641a7260000000c000180080001"], 0x20}, 0x1, 0x0, 0x0, 0x20040005}, 0x0)

7.23981658s ago: executing program 3 (id=2997):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000016c0)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x10, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x6, 0x2, 0x0, 0x272, 0xb, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xfffffffe, 0x0, 0x80007, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x400000, 0x3, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x80003, 0x0, 0xffffffff, 0x1, 0x0, 0x9, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x40000002, 0x0, 0x0, 0x0, 0x67ea, 0x0, 0x0, 0x2, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x87, 0x7, 0x0, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x2, 0x0, 0xfffffffe, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x7, 0x10000100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x6, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff, 0x2, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x7f}}]}}]}, 0x45c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
mremap(&(0x7f0000003000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f0000009000/0x4000)=nil)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r5, 0x5)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000fbff000000000000001d8500000007000000a50000002a00000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000001c0)='kmem_cache_free\x00', r6}, 0x10)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0x581, 0x0, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, 0x4d814}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_DOWNDELAY={0x8, 0x1f, 0x7fffffff}, @IFLA_BOND_ARP_INTERVAL={0x8, 0x7, 0x7}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x20004002}, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000001c0)='mm_page_free\x00', 0xffffffffffffffff, 0x0, 0x6}, 0x18)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x68, 0x0, 0x0, 0x1, 0x0, @loopback, @loopback}}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

7.068763653s ago: executing program 2 (id=2999):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000040)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0xc)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000300)=ANY=[@ANYBLOB="280000001800010000000000000000000200000008000000e00000020c00088008000c00", @ANYRES32=r2, @ANYBLOB="9fe7e3a356df0c0a64e412787ade5ed6e7f088ad62d91a034b19454c4bdeea605ebd7fc794"], 0x28}}, 0x0)
setuid(r2)
r3 = fcntl$dupfd(r0, 0x0, r0)
read$snapshot(r3, 0x0, 0xffffffbf)
read$usbfs(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r5 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$AUTOFS_IOC_READY(r5, 0x9360, 0x7f)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r6}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
r7 = socket(0xa, 0x1, 0x0)
getsockopt(r7, 0x0, 0x1fcf51d8, 0x0, &(0x7f0000001ffc))
r8 = io_uring_setup(0x280d, &(0x7f0000001280)={0x0, 0x160, 0x800, 0xfffffffc})
io_uring_register$IORING_REGISTER_BUFFERS2(r8, 0xf, &(0x7f0000001580)={0x1, 0x0, 0x0, &(0x7f00000014c0)=[{&(0x7f0000000280)=""/4094, 0xffe}], 0x0}, 0x20)
ioctl$SG_GET_PACK_ID(r3, 0x227c, &(0x7f0000000000))

6.286195844s ago: executing program 4 (id=3007):
openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file2\x00', 0x2000410, &(0x7f0000000000)={[{@bsdgroups}, {@jqfmt_vfsv1}]}, 0xc1, 0x7da, &(0x7f0000000fc0)="$eJzs3c1rG80dAODfyh+ynbR2odAmJ0OhNYTIdeomLfSQ0kMpNBBoz02MrJjUshUsOcTGEOdQ6KXQlh4K7SXnfqSHQq/9uLb/ROmhJITWMW/e04tediX5U5LtxJId/Dyw2pnd2Z0Z7ezsSLtIAVxYk+lLLuJKRPw8iRhvLk8iYigLDUbcbqR7u7VRTKck6vUf/C/J0vz50u6+kub8UjPyxYj4+08iruUO5jranJdLK83QdG3p0XR1bf36w6W5hdJCafnmzOzsjVtfv3Xz8Fbv6qN/rV9+9YvvfuWPtwfjCy9+9o8kbsfl5rrtrY3ie+7+kMmYbL4nQ+lbuM93TjuzM5acdQF4J+mpOdA4y+NKjMdAFurgfU9AAOBceBoRdQDggklc/wHggml9D7C9tVFsTWf7jUR/vf52RIw06t+6v9lYM9i8ZzeS3Qcd20723RlJImLiFPKfjIjf/uVHv0+n6NF9SIB2Np9FxP2Jye2t/IH+P0n7v+Gj95DvuOar3TarN7abPLBY/wf989d0/PONw+O/qzsP9IxkrwfGPyP5Nufuuzj6/M+97LDpMfqmo6Xjv2/tebZtd/y389DaxEAz9plszDeUPHhYLqV922cjYiqG8ml8Jkva/imoqTefvOmU/97x3/9/+ePfpfmn890UuZeD+aiP79lmfq42dwpVz7x+FnF1sF39k53xb9Jh/Hu34173H5rvffOnv+mUMq1/Wt/WdLj+vVV/HvHltsd/91gmXZ9PnM6aw3SrUbTxp//8eqxT/rvHP5/N0/xbnwX6IT3+Y93rP5GGqmvri3PlcmmlevI8/vl8/G+d1u1t/+3rn7X/fdL2P5z8MAu3WtqTuVptZSZiOPn+4eU3drdtxVvp0/pPfan9+d+p/eeaz8be34l1N/hq+A/NXbWtf2azU/17K63//ImOf5dAvbnNgVUv3i4OdMr/eMd/NgtNNZccp/87oqTv0ZoBAAAAAAAAAAAAAAAAAAAAAAAA4ORyEXE5klxhJ5zLFQqN//D+fIzlypVq7dqDyuryfGT/lT0RQ7nWT12O7/k91Jnm7+G34jcOxL8WEZ+LiF/lR7N4oVgpz5915QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg6dL+//9/ms4Khca6/+bPunQAQM+MnHUBAIC+c/0HgIvnZNf/0Z6VAwDonxN//q8nvSkIANA3x77+3+9tOQCA/nH/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgB67e+dOOtU/3toopvH5x2uri5XH1+dL1cXC0mqxUKysPCosVCoL5VKhWFnquKPNxqxcqTyajeXVJ9O1UrU2XV1bv7dUWV2u3Xu4NLdQulca6lvNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD4qmvri3PlcmlFoEtgtDR6HopxjgKDcS6KcSiw+e+hrF13TRwTH0zjH+6SJjnNvEYPLtnbS4yeSd8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8CH4NAAA//9RvRhH")
gettid()
timer_create(0x0, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r1, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200000, &(0x7f0000000180)={[{@dioread_nolock}, {@norecovery}, {@min_batch_time={'min_batch_time', 0x3d, 0x1}}, {@nojournal_checksum}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@nodelalloc}, {@errors_remount}, {@acl}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x343}}, {@jqfmt_vfsold}, {@barrier_val={'barrier', 0x3d, 0x7}}, {@nombcache}]}, 0xfd, 0x573, &(0x7f0000000cc0)="$eJzs3V9rW+UfAPDvSZP9636/djCGeiGDXTgZS9fWPxOEzUvR4UDvZ2izMpouo0nHWgduF+7GGxmCiAPxBXjv5fAN+CoGOhgyil6IUDnpSZe1Sf8tNbH5fOBsz5Nzkud58pzvyfOck/QEMLBOpv/kIl6OiK+SiJGWdfnIVp5c3W756e2pdEliZeXj35O4sO61kuz/4SzzUkT8/EXEmdzGcmuLS7OlSqU8n+XH6nM3xmqLS2evzZVmyjPl6xOTk+ffnJx45+23utbW1y//+e1HD98//+Wp5W9+fHzsfhIX42i2Lm1XF4q405o5Wfo7SxXi4roNx7tQWD9Jel0BdmUoi/NCpMeAkRjKoh7Y/z6PiBVgQCXiHwZUcxzQnNt3aR78n/HkvdUJ0Mb251fPjcShxtzoyHLy3Mwone+OdqH8tIyffntwP11i8/MQh7fIA+zInbsRcS6f33j8S7Lj3+6da5w83tz6Mgbt8wd66WE6/knuRGyI/9za+CfajH+G28Tubmwd/7nHXSimo3T8927b8e/aoWt0KMv9rzHmKyRXr1XK5yLi/xFxOgoH0/xm13POLz9a6bSudfyXLmn5zbFgVo/H+YPPP2e6VC+9SJtbPbkb8Urb8W+y1v9Jm/5P34/L2yzjRPnBq53Wbd3+vbXyQ8Rrbfv/2RWtZPPrk2ON/WGsuVds9Me9E790Kr/X7U/7/8jm7R9NWq/X1nZexveH/ip3Wrfb/f9A8kkjfSB77FapXp8fjziQfJgfXv/4xLPnNvPN7dP2nz7VPv432//Tyden22z/veP3Om7aD/0/vaP+33ni0Qeffdep/O31/xuN1Onske0c/7ZbwRd57wAAAAAAAKDf5CLiaCS54lo6lysWV7/fcTyO5CrVWv3M1erC9elo/FZ2NAq55pXukZbvQ4xn34dt5ifW5Scj4lhEfD10uJEvTlUr071uPAAAAAAAAAAAAAAAAAAAAPSJ4Q6//0/9OtTr2gF7rnFjg4O9rgXQC1ve8r8bd3oC+tKW8Q/sWzuPf2cGYL/w+Q+DS/zD4BL/MLi2G/+FkT2uCPCv8/kPg0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQFddvnQpXVaWn96eSvPTNxcXZqs3z06Xa7PFuYWp4lR1/kZxplqdqZSLU9W5rV6vUq3eGJ+IhVtj9XKtPlZbXLoyV124Xr9yba40U75SLvhjwwAAAAAAAAAAAAAAAAAAALBBbXFptlSplOclOiYuRF9UYy8buGpXT8/3Syskupro8YEJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFr8EwAA//8DDjNQ")

6.252288825s ago: executing program 3 (id=3008):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xad, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="727df9daccf1acd67e1c77dfc2a2a0171729940cef9e4c2cbe45953927d81335ea11e95cd7dc2cb77f7747d4fe46098ae0d303a3f109dcfa2abc99a9bcd35eacecf23aa4634002a981246c0b3f8a854396ee867f524a688de3bd186478e4b15d6742d6af27d65a48b551c2ff249d15cbf3ccf387542ea091819682c3067a98449cce8099c77e"], 0x10448)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000080)=ANY=[], 0x41)

6.016564839s ago: executing program 1 (id=3009):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x7, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x402)
r2 = dup(r1)
ioctl$USBDEVFS_CONTROL(r2, 0xc0185500, &(0x7f0000000240)={0x20, 0xc, 0x2, 0x241, 0x0, 0x10003, 0x0})

6.015944839s ago: executing program 3 (id=3010):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049c8)
write$binfmt_elf32(r0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000", @ANYRES32], 0x48)
ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003)
r1 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
creat(0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="4c0000006c000100"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140035006d6163766c616e3000000000000000001800348014"], 0x4c}}, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000003000000080000000400000006000000ffa919c6f4957a321ca337ee1fdfd297ea751a823a43978899f259bd9a11c4c2054a1980e6c445c26832aeb0e54e90ec2b34e46c0a99ee564f777d2f59297623f9c3d155ed3585790f3faf178fe59632b0c3c73bfc685675d19989f3e777dc99cd72be2daed28d17b12bd85818aa8ad903d690ac3c085ae9280000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, {0x14a4f26e}}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x5}, 0x18)
syz_io_uring_setup(0xaa5, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
rt_sigpending(0x0, 0xa84e7df75718b5b5)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.983372429s ago: executing program 2 (id=3011):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x82, &(0x7f0000000040), 0x7, 0x4d6, &(0x7f0000000740)="$eJzs3EFsVEUfAPD/27a0QPnoh4iCqEU0NhpbKCgcTAxGEw+aGPGgx6YtBFmooTURQmRJDB4NiXfj0asHr+rNcDLxikcTQ0IMF8DTM2/3bXe73V3a7bYr9PdLlp2Znbczs/Pm7bwZtgFsWqPZP0nEcETcjIidEVFozDBaebp35/L0/TuXp6OUpif/TrLD4m4WzyX58/Y8MlaIKHyZ1F6oM3/x0tmpYnH2Qh6fWDj36cT8xUuvnDk3dXr29Oz5yePHjx45fOy1yVdX36gm5WXturvvi7n9e9/5+Pp70/3V9KH8ub4d3TIao82qUvZCtwvrsR114aS/Xc431r8yrFh2/mfdNVAe/zujL9p2HvAISdM0HWz9ciltdHVZCvDQSqLXNQB6o/pFn93/Vh/NJgJb1mf60XO3T1RugLJ238sfEc+WE6vrIAMN97fdNBoRH5X++TZ7xDqtQwAA1Pv5RHUm2DD/G4nYU5fvf/keykhE/D8idkXEYxGxOyIej0reJyLiyYb374uItE35ow3x5fOfwq21tbC9bP73er63VZv/Rf0u2EhfHtsRUZ0wzx7KP5OxGBg8daY4e7hNGb+89fvXrV6rn/9lj6z86lwwr8et/oYFupmphamOG9zg9tWIff2N7U/6I5LFnYAkIvZGxL5VvO9IXfjMS9/vX4wMLM334PaXpU330bqwVZF+F/Fipf9LsaT/ayUm7fcnJ4aiOHtoIjsLDjUt48Zv195vVf4D2//jn42HvH3sp5P5yFq7rP+31Z3/Ud2/rbV/JIlIFvdr51dfxrU/vmp5T9Pp+b8l+bAcrt6Xfj61sHDhcMSW5N3l6ZO1Y6vx7DlKlfaPHWw+/nflx2SfxFMRkZ3ET0fEM1G5QxyN9MqBiHguIg62af+vbz7/SeftX19Z+2eaXv+W9H9tvz4LZKkXlqRMFZNSJXctZTHQd/bAzfstLh4r6/+j5dBYntL8+pcsuUQsr0XzwBo/PgAAAHgoFCJiuG4taTgKhfHxyhrQ7thWKM7NL7x8au6z8zOV3wiMxEChutJVWQ8eSKrrnyN18cmG+JF83fibvq3l+Pj0XHGmpy0HtpfHfFIYX7wWVMZ/5q/uLDED/2V+8gOb14PG/57rG1QRYMP5/ofNq278l1pkKfmfMvBoWsn3v7VAeDQ1G/9XOjgGeLikxjJsaqsZ/0vz3tjZ9coAG6o/PlgMF3paE2Cjmf/DprSiH8l3HEgHm780FMszx1D7N+yLzqqxtUlZPQlkM6uelL61k6Oqf02hZZ4orO4NB5f9yYjO+vTU2j+W03u6fvKn+f5Yt3vwhw0Zp80C7a8bk8Prd00CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADopn8DAAD//7x926o=")
r0 = syz_open_dev$usbmon(&(0x7f0000000900), 0x7, 0x0)
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={0x0})
r1 = open(0x0, 0x68380, 0x0)
r2 = accept4$nfc_llcp(r1, &(0x7f0000000180), &(0x7f0000000200)=0x60, 0x800)
fcntl$getownex(r2, 0x10, &(0x7f0000000280))
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$setregs(0xd, r3, 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(0xffffffffffffffff, 0x81f8943c, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP(0xffffffffffffffff, 0xd0009412, &(0x7f0000000f80)={0x0, 0x5})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xfd, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r5}, &(0x7f0000000000), &(0x7f00000005c0)=r6}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r6}, 0x18)
socket$kcm(0x10, 0x2, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r7}, 0x10)
ptrace$getregset(0x4204, r3, 0x201, &(0x7f00000000c0)={0x0})
ioctl$MON_IOCT_RING_SIZE(r0, 0x9204, 0x248a4)
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0)

5.542574756s ago: executing program 3 (id=3013):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0xfc5, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa10080046000fb70000000000849078ac1414bbac14140e01000000dd9dec79219eb5499325e16c96335bc5ff0e043319357749084ca9d0ae1378f4e88112a2f7c10fd1523b9007773fd2b2bd0ebabccd2e5c35fb3baff587585840f2530c6f4d025f118440ac22a8b34da7b5e1e873bd429686be3ef84439e05fc0fefedb8b897b09445a9e10cf24aec2ff3ca6a86d94df0c4a928ed904dcfb02e6c6c5918a839d33cb9b55dfb3cd89d80eb18dc06415d313b4ea240a65eff4b941ac018e8f81de044239960271333255291b5fbfdcf8db25e175640f36986b859aeb3370ca17e6a20aeeb5c5d27eb097fc1fab796a7ff8fcbe119bbe4be2c8a5c58890191c59bea20bfe4edf9c5453e59f610d3bd1d6eb49b02e464aee0480187c5717936add1347b08cdf5b056adb941708e8a0498900419e98b75658c6dd00f88eebf8c9aaee2e38c80eafcf6ca08ea305da9c7050948ef78a1457a2e933287fe8d2e100cb00078ed829985f8812d543cc5cdb71521f4113829551efe915e4d6773f2d285cc1e8813919356ca5ef202b0d2b8a3d7de51e4635e761ffd7efe5d51dd1325596f0e4e1c0b1ce73240cb931227892d66f3629c9d152372d5790c1c25e2f6f850a5eb83654f423b84adbbf4169d472b2cddaa7137ff14c2944ade3a57613806810707a2e6c078beb4b87cf8cf39c9950bcb3f9bb42308bd5e68d81f7f4d9e528541703059787f5e342be8ebb9841d587f7455b409115d511c130d9641fc74391228bda52d2fa58e2ca74b26583e73e2cfb881945d8ecbc77eb35e783057f6c35ba06b7f639ec516ee54bf3645f6ec436ba859e22ed480a862285aa21f3d5cd3734dde388a7f8920c4a6b4a952f830e0d2811f2f2714e660e961de0b3e0b8d5fd1007690a61e414e82245dbe4e47c73465ed40af1cee2eae4801ee408ad1fce81ff8db738c21ba64e85427082c5efd93fa9a1a3e3d78eff84f326df1c6fa656cc7d4dab842fe8e0d9ce47ad0a7e74dfe1a53776a346a22dc7a0e476754d385d99aa9cbd3f445ffb2ed61e01b28fc071d706ad204b1e8014481dba0cbc460b67e64d6e955184271cedef7f951021e3595ebe9c3384b53efafb67cbed2aa1ede5d7fcff3a9d27d05766fb8894d7948609441759f4c4dfa33b6d486d4fb7e231f04d4f0f9e98f4b156129d9307fb9ebf3b278232062e7fe9ec2db7c4c991f83733368a107bf5798a1df45c919d71cce45ed907240c2f2fa6a4227e8e11cef2e7968c63e7a1adc3edec2170c17ed2cc54d0ea2b34e99b81015ffe51a501c2b73ddac5223e69d0dd451d358c0cd2ff7db256850ec1e9e349901f168d854284da68d80c68298a75c5d859008c82fe08b4cf2e68a2c0190760a03aff1be2c9425b6d5ef5c67bafb6d16fffeeb0211d90abbade4db9d6a9e9c981dde14c1d54e9138f9760bcdccbf17e7416042cfe7bbd8bba2f739f7f900ee45b965316b950e8474f3be92081fb63f43a4858b39e20e14d5a38c0973d680f2fda9e310d0e088523bdcbb728bcd0074447b4ace876da5642cd7d781cdb023a31446e0a0c59d5388674a5c8a97927e014a73d0330bd5c5187db79f1c546a8bcca008263509c23b246dea58fb36c44d373c1c92ffdd1600c27d4b10b3fc86b88ecefe8743bb59a6b8e443f06d2ae3a6908b6bc25b647deee13262225b8879dd79413ffa3d4aef91a0a04d4dc3030b5beb081c5fdf9152c3a17e6b24457fd580d84d3006af27ff44d6ec3664c4955a1d1dc5eb041682644ae564390a3d0aa602b2a18cdd3f8a1efff7b8f3afc31c283c9b74b806a98bd9f1ad8ecce410160c0a27f7ef90a2b0c1bea64e187adc04a04bff7c435659bc4c3ce5c2730e121972541062102e93d2a136e1aaaf3e25d548d695167bf98c25d5a773e35bb556a5e7cad6e2b0874500fc098469494d2654808ee88588fd167f4332061a9b4cae6b22d87624e325e89a269f61ce0d26465ddfedc1f0fa2a5cf1ee7fe3e6cb375f1ff04cf8d22667debe574b8395023bde9a8302376af2e119c4c88433d1722011ade605f3a4201860742b0392ac96cc138d9ddb952f4e4742a7fd9d625465dac35347c1662b2085c357120c6ff69dedc013c5fe46555a4448b0be41e21ad73162bf9aa1cfb70f4702c7051c0a13fae918133f123d33c5c02e66ae8fceb3109b2e13a7a3e71484d59dfcba16db2d21549be1ba6cd5ad7610eefda427982384961f18bd6857ad97e868c2914d0ba934a296eda52646031c4504864061f3cba1df65cd04ef6b1050fb30b5abbbe28f8f7adb8073e452f4c0c5492a5f8d427ddf451ae303a86639e5dbccfe2b2bedb911d534a77c012e2f8a24917d98ab14557caf3e66040f21767685644f0003459762d4ab25a0e33a92b54748cf46a977505074b79b9b0746b2b5b168876a2ca10bb903edc1d1992a4a94c0ee0dd7b37add092163b5fbaf16090f8143187d060b19e3822f3def14717e41558f9582467a5a5f89148450fde235e7a5bb900e4e9d14e2147bfd2a52f84a115eb170bf3d3b9b3de9781960be4e53025c7dce005e1458140bb9cf9da8fa1124ac558fb220d57c23a7f120f5171eb2208d9e6ab7186ae457973da564f1fd45b241c15596035f55034c3995a587b4471068076839420df947f10ab2fc211732d768c135d63cc5eeda1bdfc780e7ed90855fa5a364e63f529703cd0f691b0b6a41232bfd1c1f61ef6b16ed3b9055ca888c8ebcd16a0623ede9e4e37b7d6175e3d0ddba8e7d87639eb8b0ba246131951a581575f1adf4c598a9f2f087d5eb2a0a5834d8cb12b0ad76d9381a838ccfbfcc20bbb970474c48677f10aa57be1d607d5b049d397178035f7f3393cd9000336c83218850ecd64142a22f7ae7e6a7e62013d6d105eb7c862e13979698681d44121ee9e2e552315d4d3913ff7bcd90d6bed72d50107a971a37d5a1d75efeebf03cc91239b7e427fba8df6b79674c15acd2093289fe6155063af81d85840abf4635f66083b3707d34b2149dfdf95cb4deb71e1574118c242b160c770347e6b1f135a985e89fe8e6d7f40281cfb6dc05cd8b9d4f6680c0863acb34516092acdf2bea67f54ab4282ba2d898287f34d9384e335b2ddbb87aaea8cadb8f0b397e99a68a7a214fae5a1f56c95bcd901534c23cd5cff3c168813d7fa1191dd7437c96b07324a7b21b48e205b859dcd080bd62ab7cca4bd7a73959218d0eeb21c887483201eaf3afb19efe1741b57332c5441685a7bb8324d9e85faafc785312b58aabef2eef6a8048663bf13db9ae9edd4b1dcebc99890693f11b354b1f1aad19b66251b4bcaed0daed73b87dedd140fd680e7d3355362844d1d7ba2ae6be7ffae59d7b3c679b890448b0de1acf591abfe6f3096794b7e142e0ac0862ab8cb76eb79b17d1138be3747f907c3f11c636a0f0e0d315d1ff05aab0ce62fbac03a2b4ddeac7ee192bba2da93b7a926271f6d594aa14de2c294ad0c77770a624d1ce24cc8d8f5e9b629604fa7897f0cbd641f76a85dc8df33b5715eb100e30e53b85110d2252c22575a7365eb08006b4d62d305e780101965094ce2aaad170df470870e687fb280b772d41ad5d470b71e256af3a0d2c02df95821d38f28cdff26fa7a3f6e920edbd3174d2d2bce854ef68dae8a0a4a63753c825930903a2ca75d4321bad0ad9ff6852f94dd04972a45bb9625b3726dfbcc959e85242f0d327b181aee0fdab7af064dd97151b131a5c4a51a66692cbbd9f1348a16470cedef1b255e172cd2b15184177ad43744de941869af884ff8e59ef0e63ac5e1b99c851e0f915359ce12d9c380bb6f9c2bc773267157afeda7abcc120a31a1b72af6662bff7f5f194dad00b4ebfdcbb4dfc39854412db1ae99b449d741f841239159ea467cf1e38b95bcb7603ebcb400cb31410b2a4e25126caade0019bf667cc998bc4582578da0f8a6268f6d114ccf9dd8379995e8be1b934bb5645d72f97e05628129a7d2bc548e08796341f43dc3c9fcbe89d8284dc6633bee0d17e99f600425f0172b6bc478f5117dadf15e36e850ecc0ca75664ef8e4877a44b4ffa22a6f1d6719f8d81f9937928caa0690b77406a3298aaf446e2f78343267399bb7f64c60f80000000000000000d09a3810790720c98a041332c809be7aea1480b9e5eb989085c23b4aee75143068def3e89d1c417b63321e68d340a1472d2504088c17cd75de0e700508c55a7246ca9a762cc50ca35cbcaa7dcf4ae3264c32ff2cd67566ed501fb8182b5f16c58295783f3b2b554b06aae700f198c71ad7519868c1e6fbeb0246569b04beeb8b71bcbb9af93372bee365efb1d7424689e8241b1dc346a73a84b5773487f388356b8dbec1a108846e3f8dc74865b156e8ad18b353efc4ad0b11412a381fec8f5d45678b4f8b680591be8077303e7aff71acf9052ae3b73e41e19668f9b53bfd75b778970831b6891a78ffe0d4863e62cbbf6cf8c085032864479cd3a250842984dcc2860f057f86c8e2d4d2afefb8a45b7d5b8c94e752f369a1b434c827cd26cd0276a8b40019a95ebe7c16de4c1ce8efbd5c70e0c507631818aa4fbc937d212e428aefa895069656babdbd921af974da32c49f4ca6d1e1e28319b427c8bad4d650809c673ec6073770b4097e5700a8071110fd07acbc5a59f8d7b0735a98fd40ce03718a9a93c035948859215c59f54343b08bfd95a35d73c5f09a9ebe63c509fe8443fa74e6efd0fd87defc7cb16725ce3c3d5f7664cfe253faf2cbeb307052dd2269b6266acdb31e2006b9355f673ca5c9cb907605ce071824254b139607a069531f9598f4040ddeb9cd018e9dfa1808032dfb65a4af0820da810a7b58fbb65ac8e65b017a40ec2d445a5c7b78d1f0e717b19427ef1fe6cc08c5e9da5a7d1d508fd939854589dcba8d75ff3d8d1c1fb28af1ed6900bcd4cedbe42fd6243c81264fe81be756bfd71ebcd4d96bd7ec50a676bc57e130bd8da21bb6e888eb6c8402516f6fe6dfe25be9a3e33f2cdbed9de00efb867cbe80ec2309458f41924b967d254166e5a0a5f776395214a67900d180704b9fb09f9c4c4c62fd382fcd5efe099e22d2c82f198a39d193f65b68e09454e2ab8f2d7413c64563742f1c34ca9285e501bff5efa30a0da946f875d23162eaa53c4008bed38e9a190b08ff8bfb6bfb91553c4c329fc73b8be308b00347dee2afdc08bab311c75386f452b706d1820c9038998924665010a548c09743a16167b0b09373b5cd2fb1da4f6c9ea5b1f1dd7775f6fcb23eab4fd1990364dacb2a1656b9bcf1c4866b7222872a3a3a03d397499222a3f31a35d3aeaf6a6d39f0fbee1e0f6e1e10ba0774f15f245d955cc8132d86c2d768f8a06274caa5a12c46e9e08ee556c1da49830f1e6c0a0c53a9ef1489c3fba0251c3e6839e891ac298108f3ed05066e48b8bda2c5f6e691c7a7425b7019e0a547f6560a0af41831a4a790c3a8eac9a3a9119da3eef85cb12f3f3115f04ae95534ac847b4ee2cc2fc43cdba382ecae7c4f499ce1be1ca1907313ff665c2fd7d4c8f36716f33b6861f5cf3f1c878feadfa9a664b8d629a16c750c466326a951efaa830e4f328270041f2ca0be49f0affe5806b94b027033f008957e83d167d6fe4168ec4fb79385cc06e257bba807ecfccaba56cf751dac996b7a347d36ec52b0f5d16425402416c735530bd7c545f8c753fb3b1054b82bc37c5f050fc42d27310bc859972781822b79dace0d56e3d7c0c1bdd9e717baf23455fb542d8e6f86776e9f157c064e1adb960164734a196b3fca233a24e306f94e23f3862523ec461440a069baeb1fc204334b166cfa595135d85414c6e49c07e32f18d090d38f86b9fb9e78ffa5a039dad2aa7e64f5b3791fcfc885cc1e57564f62f734a580bda7624a0a5fda051432f3fc82a776da56bfdd9dd39e1d11c2ef990fee3ef077508fe789d671b7a908751ec88d2e1723e60677da5871f72fac54eb4b4d05dbcb72680d2488c22d73ca3cd3fc38710348e64699c6681aee0462fb3bb8bd4fcd769b902d5b7bbe64079a41aaf92023454d00aa1452c2e53ab07d6a5a0dbef2042218fa1c953cdefccd0471505900a0fd360bb550d1e46576a1fdeb0d38dfd079b920c789721e6decae0b397b1aecee5d2a184b3077d602a0134e848314d32d7264dde1dbbb3dbc9763c512f87982e5a9c7504b3fb9f2052aaa4fa237d33c130b0cff403510612b330002f461fcd859acf8efa52401a073d0631cabe1d695f5abccf80e1f5e64b84c553ac1fdb0d6f37e9412aa25275f4682ee1b"], 0x0)

5.332925879s ago: executing program 3 (id=3014):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000004c0)={{0x14}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_REG_ADDR_MIN={0x8, 0x3, 0x1, 0x0, 0x14}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0x850}, 0x0)

5.27643045s ago: executing program 1 (id=3015):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f0000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1, 0x0, 0x7fff}, 0x18)
r2 = socket(0x10, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, &(0x7f0000000340)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33cb95d66a1781f31bf07fd2ae874", "62266bd8", "d1b29b99d21d88a2"}, 0x28)
write$binfmt_script(r3, &(0x7f0000000780)={'#! ', './file0'}, 0xb)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r3, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
close_range(r2, r3, 0x20000000000)

4.998158024s ago: executing program 4 (id=3018):
mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0)

4.997637354s ago: executing program 1 (id=3019):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="0500000004000000990000000b"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000700)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = getpid()
madvise(&(0x7f0000bc6000/0x1000)=nil, 0x1000, 0x17)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x1, &(0x7f0000000100)={0x4, &(0x7f00000000c0)=[{0x80, 0x2, 0x4, 0x7ff}, {0xf000, 0x9, 0x5, 0x3}, {0x6, 0x7, 0x0, 0xb445}, {0x7, 0x0, 0x4}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x200010, &(0x7f0000000200), 0x3, 0x570, &(0x7f0000000680)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r4 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
fallocate(r4, 0x0, 0x0, 0x1001f0)
fallocate(r4, 0x3, 0x9, 0x10000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x2, 0x2, &(0x7f0000000080)=ANY=[@ANYBLOB="85000000ad00000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x38, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e20, @private=0xa010101}, 0x10)

4.815912197s ago: executing program 4 (id=3020):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
recvmmsg(r0, &(0x7f0000004f00)=[{{0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000001840)=""/69, 0x45}, {0x0}], 0x2}, 0x34e}], 0x1, 0x0, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

4.032370489s ago: executing program 1 (id=3022):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x35, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
sendto$inet6(r2, 0x0, 0x0, 0x20004041, 0x0, 0x0)
connect$inet6(r2, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x19}, 0x7}, 0x1c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000001c0)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r4], 0x28}}, 0x0)

3.792312573s ago: executing program 4 (id=3023):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049c8)
write$binfmt_elf32(r0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000", @ANYRES32], 0x48)
ioctl$RTC_UIE_ON(0xffffffffffffffff, 0x7003)
r1 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
creat(0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000580)=ANY=[@ANYBLOB="4c0000006c000100"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140035006d6163766c616e3000000000000000001800348014"], 0x4c}}, 0x0)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000003000000080000000400000006000000ffa919c6f4957a321ca337ee1fdfd297ea751a823a43978899f259bd9a11c4c2054a1980e6c445c26832aeb0e54e90ec2b34e46c0a99ee564f777d2f59297623f9c3d155ed3585790f3faf178fe59632b0c3c73bfc685675d19989f3e777dc99cd72be2daed28d17b12bd85818aa8ad903d690ac3c085ae9280000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, r2, {0x14a4f26e}}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000030000000000000000000400b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b705000008000000850000006900000095"], &(0x7f0000000500)='syzkaller\x00', 0x1, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000040)='kmem_cache_free\x00', r5, 0x0, 0x5}, 0x18)
syz_io_uring_setup(0xaa5, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc9ffb}]})
rt_sigpending(0x0, 0xa84e7df75718b5b5)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

3.609090835s ago: executing program 0 (id=3025):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
setsockopt$WPAN_SECURITY_LEVEL(r0, 0x0, 0x2, &(0x7f0000000480)=0xffffffffffffffff, 0x4)

3.430313378s ago: executing program 0 (id=3026):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @random="e5db9638edbc"})
writev(r0, &(0x7f0000000140)=[{&(0x7f00000001c0)="89e7ee2c7cdad9b4b473", 0xa}, {&(0x7f00000006c0)="fd", 0x1}], 0x2)

3.016329825s ago: executing program 1 (id=3027):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r0}, &(0x7f00000004c0), &(0x7f0000001c40)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff85000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x8b}, 0x0)
setreuid(0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

2.990758455s ago: executing program 4 (id=3028):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000600000027"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000540)=ANY=[@ANYBLOB="05000000000000007111a300000000008510000002000000850000000500000095000000000000009500a50500000000d6b67bfe139ec7314d59e3a78e88048f0290447e93e9d8d7aedaed1b77ea1581d8334ceaf8a5bcf76955c67d9517eebbc34528607902ef0c5aa382da06864ca78a708d55010ba38e3ab0386adcf2c66b95de4dc186214381c062e89c350bbddc8916b5ff350806ad2a85925b54cc0b80400879552701d3ea4555d1442b50c229d95857e6f56716bb009df954ed600bee6fc2a9f8f22e60bfaf"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_audit(0x10, 0x3, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x7c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
r5 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r6}, &(0x7f0000000180), &(0x7f00000001c0)=r5}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
kexec_load(0x0, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x4, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket$unix(0x1, 0x1, 0x0)
r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r10}, 0x10)
r11 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006100000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000009800000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r12, 0x18000000000002a0, 0x12, 0x0, &(0x7f0000000240)="d2ff03066003008cb89e08d988a8c8421d7f", 0x0, 0xd5b4, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'team_slave_1\x00'})
syz_genetlink_get_family_id$tipc(&(0x7f0000000040), r8)

2.734106389s ago: executing program 2 (id=3029):
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
mount$bpf(0x0, &(0x7f0000000100)='.\x00', &(0x7f00000006c0), 0x400008, &(0x7f00000001c0)={[{@mode={'mode', 0x3d, 0x3}}, {@gid={'gid', 0x3d, r1}}]})
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
lseek(r2, 0x10001, 0x0)
r3 = socket(0x1e, 0x4, 0x0)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xfffffffd, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x7, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r4}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000700)='kfree\x00', 0xffffffffffffffff, 0x0, 0x5}, 0x18)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0xffffffff}, 0x10)
r5 = socket(0x1e, 0x4, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r7}, 0x10)
fsetxattr$security_selinux(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000040)='system_u:object_r:dhcp_state_t:s0\x00', 0x1e, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
close(r5)

2.64487937s ago: executing program 0 (id=3030):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
setreuid(0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r2}, 0x18)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0xe501, 0x3, 0x2a8, 0x138, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x210, 0x230, 0x230, 0x210, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@unspec=@limit={{0x48}, {0x28f5c, 0x4, 0x0, 0x0, 0x0, 0x2}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x308)

1.322794141s ago: executing program 0 (id=3031):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000040), 0x8000, 0x0)
pread64(r1, 0x0, 0x0, 0x1e24429c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, &(0x7f0000000c00)=ANY=[@ANYBLOB="18000000000000000000000023ed0000180100002820702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f0000000240)="8a", 0x1, 0x51, &(0x7f0000000080)={0xa, 0x3, 0x1, @local, 0x9}, 0x1c)

1.112070414s ago: executing program 0 (id=3032):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000002c80)={0xa, 0x14e24}, 0x1c)
connect$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e24}, 0x1c)
recvmmsg(r0, &(0x7f0000004f00)=[{{0x0, 0x0, &(0x7f0000001d40)=[{&(0x7f0000001840)=""/69, 0x45}, {0x0}], 0x2}, 0x34e}], 0x1, 0x0, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0xc8000)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

771.322269ms ago: executing program 0 (id=3033):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000001c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc0004}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
openat$selinux_commit_pending_bools(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
bpf$MAP_CREATE(0x700000000000000, 0x0, 0x50)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r3 = openat$cgroup_devices(r2, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
r4 = add_key$keyring(&(0x7f0000000180), &(0x7f0000000280)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$link(0x1f, 0x0, r4)
write$cgroup_devices(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB='c 1:23'], 0xa)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000440), 0x1, 0x0)
shmget$private(0x0, 0x1000, 0x0, &(0x7f0000003000/0x1000)=nil)
r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$PPPIOCSACTIVE(r5, 0x40107446, &(0x7f0000000400)={0x5, &(0x7f0000000300)=[{0x1, 0xfb, 0xff, 0x1}, {0x5781, 0x2, 0x4, 0x4}, {0x1000, 0x7, 0xec, 0x8001}, {0xff93, 0x40, 0x9, 0x1}, {0x7ff, 0x3}]})
unshare(0x6a040000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000480)='kfree\x00'}, 0x18)
socket(0xa, 0x3, 0x3a)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x800, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r6}, 0x10)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000901, 0x0, 0x0)

101.393609ms ago: executing program 4 (id=3034):
socket(0x10, 0x3, 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00'})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
r7 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/11], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r7, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x2d)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000180)='dctcp-reno\x00', 0xb)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={@fallback, 0x11, 0x1, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r9, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffe0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)

0s ago: executing program 1 (id=3035):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
perf_event_open(&(0x7f0000000140)={0x2, 0x80, 0x38, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x1, @perf_bp={0x0, 0xd}, 0x80, 0x10003, 0x7fff, 0x5, 0x4, 0xf095, 0x2b, 0x0, 0x0, 0x0, 0xffffffffffffff7f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000300000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000020000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x3e00, 0x116094000, 0x41000000}], 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$packet(0x11, 0x3, 0x300)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="540000000207010100000000000000000a0000060c00034000000000000000053400078008000140000000cf080002"], 0x54}}, 0x40010)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r6=>0x0})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, r7, 0x0)
mlock2(&(0x7f0000003000/0x4000)=nil, 0x4000, 0x0)
mremap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4000, 0x0, &(0x7f0000001000/0x4000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r4, &(0x7f0000000100)="3f031c000302140006001e00890000004a1b7880610c0806000088a800008100000088a8ffff", 0x26, 0x40881, &(0x7f0000000540)={0xc9, 0x8100, r6, 0x1, 0x1, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xc}}, 0x14)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000100)={0x4, &(0x7f0000000040)=[{0x0, 0x6, 0x7, 0x7}, {0x315, 0x2, 0x4, 0x40}, {0x7fff, 0x2, 0x6, 0xf6}, {0x3, 0x0, 0x3, 0x6}]})
set_mempolicy(0x6005, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
set_mempolicy(0x4000, &(0x7f0000000300)=0x7, 0x1)
fallocate(r1, 0x2, 0x9, 0x1)

kernel console output (not intermixed with test programs):

mpat=0 ip=0x7f42dd66e929 code=0x7ffc0000
[  296.328643][   T29] audit: type=1326 audit(1749495410.976:5555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11400 comm="syz.4.2672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f42dd66e929 code=0x7ffc0000
[  296.352937][   T29] audit: type=1326 audit(1749495410.976:5556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11400 comm="syz.4.2672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42dd66e929 code=0x7ffc0000
[  296.377746][   T29] audit: type=1326 audit(1749495410.976:5557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11400 comm="syz.4.2672" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42dd66e929 code=0x7ffc0000
[  296.380825][T11430] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  296.402403][   T29] audit: type=1400 audit(1749495411.106:5558): avc:  denied  { create } for  pid=11429 comm="syz.3.2680" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  296.408316][T11430] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  296.408440][T11430] vhci_hcd vhci_hcd.0: Device attached
[  296.428114][   T29] audit: type=1400 audit(1749495411.106:5559): avc:  denied  { setopt } for  pid=11429 comm="syz.3.2680" lport=58 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  296.462560][   T29] audit: type=1400 audit(1749495411.106:5560): avc:  denied  { read } for  pid=11429 comm="syz.3.2680" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  296.487029][   T29] audit: type=1400 audit(1749495411.106:5561): avc:  denied  { open } for  pid=11429 comm="syz.3.2680" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  296.555927][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  296.626860][ T3415] vhci_hcd: vhci_device speed not set
[  296.660396][T11431] vhci_hcd: connection closed
[  296.660620][ T3432] vhci_hcd: stop threads
[  296.670023][ T3432] vhci_hcd: release socket
[  296.674499][ T3432] vhci_hcd: disconnect device
[  296.706951][ T3415] usb 7-1: new full-speed USB device number 2 using vhci_hcd
[  296.725309][ T3415] usb 7-1: enqueue for inactive port 0
[  296.728997][T11443] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2683'.
[  296.743204][T11441] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2681'.
[  296.753768][ T3415] usb 7-1: enqueue for inactive port 0
[  296.757967][T11443] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2683'.
[  296.760253][ T3415] usb 7-1: enqueue for inactive port 0
[  296.776041][T11441] 0ªX¹¦D: entered promiscuous mode
[  296.781277][T11441] 0ªX¹¦D: left allmulticast mode
[  296.797517][T11449] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2681'.
[  296.816715][T11443] 0ªX¹¦D: renamed from 
31ªX¹¦D
[  296.824657][   T29] audit: type=1400 audit(1749495411.556:5562): avc:  denied  { append } for  pid=11450 comm="syz.3.2686" name="loop-control" dev="devtmpfs" ino=99 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  296.853366][T11443] 0ªX¹¦D: left promiscuous mode
[  296.859285][T11443] 0ªX¹¦D: entered allmulticast mode
[  296.866536][T11443] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  296.882777][T11449] 1ªX¹¦D: renamed from 
30ªX¹¦D
[  296.888396][ T3415] vhci_hcd: vhci_device speed not set
[  296.900471][T11449] 1ªX¹¦D: left promiscuous mode
[  296.905536][T11449] 1ªX¹¦D: entered allmulticast mode
[  296.924824][T11449] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[  297.073374][T11456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2687'.
[  297.082991][T11456] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2687'.
[  297.172951][T11463] xt_CT: You must specify a L4 protocol and not use inversions on it
[  297.400643][T11460] loop3: detected capacity change from 0 to 1024
[  297.679384][T11460] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  297.840890][T11473] loop4: detected capacity change from 0 to 2048
[  297.899497][T11473] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  298.277242][T11476] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  298.294089][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.318844][T11476] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 12 with error 28
[  298.331427][T11476] EXT4-fs (loop4): This should not happen!! Data will be lost
[  298.331427][T11476] 
[  298.342651][T11476] EXT4-fs (loop4): Total free blocks count 0
[  298.348894][T11476] EXT4-fs (loop4): Free/Dirty block details
[  298.355185][T11476] EXT4-fs (loop4): free_blocks=2415919104
[  298.361124][T11476] EXT4-fs (loop4): dirty_blocks=16
[  298.366444][T11476] EXT4-fs (loop4): Block reservation details
[  298.372672][T11476] EXT4-fs (loop4): i_reserved_data_blocks=1
[  298.389640][T11479] capability: warning: `syz.2.2692' uses deprecated v2 capabilities in a way that may be insecure
[  298.543946][T11487] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2694'.
[  298.603775][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  298.780573][T11496] loop4: detected capacity change from 0 to 128
[  298.806804][T11496] FAT-fs (loop4): Directory bread(block 32) failed
[  298.821147][T11496] FAT-fs (loop4): Directory bread(block 33) failed
[  298.835587][T11496] FAT-fs (loop4): Directory bread(block 34) failed
[  298.848765][T11496] FAT-fs (loop4): Directory bread(block 35) failed
[  298.861963][T11496] FAT-fs (loop4): Directory bread(block 36) failed
[  298.876836][T11496] FAT-fs (loop4): Directory bread(block 37) failed
[  298.889959][T11496] FAT-fs (loop4): Directory bread(block 38) failed
[  298.904141][T11496] FAT-fs (loop4): Directory bread(block 39) failed
[  298.917266][T11496] FAT-fs (loop4): Directory bread(block 40) failed
[  298.930558][T11496] FAT-fs (loop4): Directory bread(block 41) failed
[  298.995796][T11495] syz.4.2696: attempt to access beyond end of device
[  298.995796][T11495] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  299.023879][T11495] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  299.032289][T11495] FAT-fs (loop4): Filesystem has been set read-only
[  299.045875][T11496] syz.4.2696: attempt to access beyond end of device
[  299.045875][T11496] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  299.072400][T11496] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  299.417202][T11509] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2702'.
[  299.485192][T11515] netlink: 'wÞ£ÿ': attribute type 1 has an invalid length.
[  299.492965][T11515] netlink: 252 bytes leftover after parsing attributes in process `wÞ£ÿ'.
[  299.848443][ T3311] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.989012][T11527] loop0: detected capacity change from 0 to 128
[  300.003069][T11527] FAT-fs (loop0): Directory bread(block 32) failed
[  300.012073][T11527] FAT-fs (loop0): Directory bread(block 33) failed
[  300.018847][T11527] FAT-fs (loop0): Directory bread(block 34) failed
[  300.025623][T11527] FAT-fs (loop0): Directory bread(block 35) failed
[  300.032601][T11527] FAT-fs (loop0): Directory bread(block 36) failed
[  300.039804][T11527] FAT-fs (loop0): Directory bread(block 37) failed
[  300.046574][T11527] FAT-fs (loop0): Directory bread(block 38) failed
[  300.055263][T11527] FAT-fs (loop0): Directory bread(block 39) failed
[  300.062874][T11527] FAT-fs (loop0): Directory bread(block 40) failed
[  300.077811][T11527] FAT-fs (loop0): Directory bread(block 41) failed
[  300.097372][T11529] loop2: detected capacity change from 0 to 512
[  300.108980][T11529] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  300.142293][T11525] syz.0.2707: attempt to access beyond end of device
[  300.142293][T11525] loop0: rw=0, sector=4108, nr_sectors = 4 limit=128
[  300.165286][T11529] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  300.184188][T11525] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[  300.192967][T11525] FAT-fs (loop0): Filesystem has been set read-only
[  300.200355][T11529] EXT4-fs (loop2): 1 truncate cleaned up
[  300.207130][T11527] syz.0.2707: attempt to access beyond end of device
[  300.207130][T11527] loop0: rw=0, sector=4108, nr_sectors = 4 limit=128
[  300.208167][T11529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  300.234403][T11527] FAT-fs (loop0): error, fat_free: invalid cluster chain (i_pos 196)
[  300.288040][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.404771][T11541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2713'.
[  300.645804][T11558] loop3: detected capacity change from 0 to 2048
[  300.747885][T11558] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  300.786068][T11568] xt_TPROXY: Can be used only with -p tcp or -p udp
[  300.815347][T11563] loop2: detected capacity change from 0 to 1024
[  300.854408][T11563] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  300.865536][T11563] EXT4-fs (loop2): group descriptors corrupted!
[  300.952713][T11571] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  301.035214][T11571] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 474 with error 28
[  301.047702][T11571] EXT4-fs (loop3): This should not happen!! Data will be lost
[  301.047702][T11571] 
[  301.057688][T11571] EXT4-fs (loop3): Total free blocks count 0
[  301.063838][T11571] EXT4-fs (loop3): Free/Dirty block details
[  301.070023][T11571] EXT4-fs (loop3): free_blocks=2415919104
[  301.075949][T11571] EXT4-fs (loop3): dirty_blocks=480
[  301.081661][T11571] EXT4-fs (loop3): Block reservation details
[  301.087720][T11571] EXT4-fs (loop3): i_reserved_data_blocks=30
[  301.137448][   T29] kauditd_printk_skb: 173 callbacks suppressed
[  301.137481][   T29] audit: type=1326 audit(1749495415.886:5736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.167763][   T29] audit: type=1326 audit(1749495415.886:5737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.259710][T11548] loop4: detected capacity change from 0 to 512
[  301.346831][   T29] audit: type=1326 audit(1749495415.946:5738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.370616][   T29] audit: type=1326 audit(1749495415.946:5739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.384130][T11548] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  301.394482][   T29] audit: type=1326 audit(1749495415.946:5740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.426937][   T29] audit: type=1326 audit(1749495415.946:5741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.450703][   T29] audit: type=1326 audit(1749495415.946:5742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.474348][   T29] audit: type=1326 audit(1749495415.946:5743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.497997][   T29] audit: type=1326 audit(1749495415.946:5744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.522358][   T29] audit: type=1326 audit(1749495415.946:5745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11576 comm="syz.2.2724" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  301.556892][T11582] 0ªX¹¦D: entered promiscuous mode
[  301.562281][T11582] 0ªX¹¦D: left allmulticast mode
[  301.593762][T11585] 1ªX¹¦D: renamed from 
30ªX¹¦D
[  301.600524][T11585] 1ªX¹¦D: left promiscuous mode
[  301.605964][T11585] 1ªX¹¦D: entered allmulticast mode
[  301.612419][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  301.637849][T11585] A link change request failed with some changes committed already. Interface 
31ªX¹¦D may have been left with an inconsistent configuration, please check.
[  301.709584][T11548] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  301.733152][T11548] ext4 filesystem being mounted at /586/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  301.844215][T11608] FAULT_INJECTION: forcing a failure.
[  301.844215][T11608] name failslab, interval 1, probability 0, space 0, times 1
[  301.857205][T11608] CPU: 1 UID: 0 PID: 11608 Comm: syz.1.2733 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  301.857234][T11608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  301.857254][T11608] Call Trace:
[  301.857264][T11608]  <TASK>
[  301.857272][T11608]  __dump_stack+0x1d/0x30
[  301.857296][T11608]  dump_stack_lvl+0xe8/0x140
[  301.857315][T11608]  dump_stack+0x15/0x1b
[  301.857397][T11608]  should_fail_ex+0x265/0x280
[  301.857434][T11608]  should_failslab+0x8c/0xb0
[  301.857464][T11608]  kmem_cache_alloc_noprof+0x50/0x310
[  301.857580][T11608]  ? audit_log_start+0x365/0x6c0
[  301.857623][T11608]  audit_log_start+0x365/0x6c0
[  301.857731][T11608]  audit_seccomp+0x48/0x100
[  301.857767][T11608]  ? __seccomp_filter+0x68c/0x10d0
[  301.857797][T11608]  __seccomp_filter+0x69d/0x10d0
[  301.857888][T11608]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  301.857917][T11608]  ? vfs_write+0x75e/0x8e0
[  301.857944][T11608]  __secure_computing+0x82/0x150
[  301.858043][T11608]  syscall_trace_enter+0xcf/0x1e0
[  301.858075][T11608]  do_syscall_64+0xac/0x200
[  301.858107][T11608]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  301.858133][T11608]  ? clear_bhb_loop+0x40/0x90
[  301.858212][T11608]  ? clear_bhb_loop+0x40/0x90
[  301.858240][T11608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  301.858338][T11608] RIP: 0033:0x7f1f0a9ee929
[  301.858354][T11608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  301.858376][T11608] RSP: 002b:00007f1f09057038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  301.858400][T11608] RAX: ffffffffffffffda RBX: 00007f1f0ac15fa0 RCX: 00007f1f0a9ee929
[  301.858416][T11608] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  301.858433][T11608] RBP: 00007f1f09057090 R08: 0000000000000000 R09: 0000000000000000
[  301.858529][T11608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  301.858545][T11608] R13: 0000000000000000 R14: 00007f1f0ac15fa0 R15: 00007ffd2dd54948
[  301.858567][T11608]  </TASK>
[  302.100444][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.407479][T11649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.416084][T11649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  302.498568][T11653] FAULT_INJECTION: forcing a failure.
[  302.498568][T11653] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  302.511959][T11653] CPU: 1 UID: 0 PID: 11653 Comm: syz.2.2752 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  302.511990][T11653] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  302.512013][T11653] Call Trace:
[  302.512021][T11653]  <TASK>
[  302.512030][T11653]  __dump_stack+0x1d/0x30
[  302.512056][T11653]  dump_stack_lvl+0xe8/0x140
[  302.512094][T11653]  dump_stack+0x15/0x1b
[  302.512113][T11653]  should_fail_ex+0x265/0x280
[  302.512155][T11653]  should_fail_alloc_page+0xf2/0x100
[  302.512186][T11653]  __alloc_frozen_pages_noprof+0xff/0x360
[  302.512301][T11653]  alloc_pages_mpol+0xb3/0x250
[  302.512394][T11653]  vma_alloc_folio_noprof+0x1aa/0x300
[  302.512444][T11653]  handle_mm_fault+0xec2/0x2be0
[  302.512481][T11653]  ? mas_walk+0xf2/0x120
[  302.512511][T11653]  do_user_addr_fault+0x636/0x1090
[  302.512557][T11653]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  302.512654][T11653]  exc_page_fault+0x62/0xa0
[  302.512699][T11653]  asm_exc_page_fault+0x26/0x30
[  302.512726][T11653] RIP: 0033:0x7f7e1eb1ffb6
[  302.512747][T11653] Code: 00 00 00 00 41 57 31 c0 41 56 49 89 d6 41 55 49 89 f5 48 89 d6 41 54 49 89 fc 48 8d 3d 8e 1f 1b 00 55 53 48 81 ec 88 20 00 00 <48> 89 0c 24 4c 89 44 24 08 e8 5c e0 fe ff 4d 85 f6 0f 84 46 0a 00
[  302.512771][T11653] RSP: 002b:00007f7e1d2b4f70 EFLAGS: 00010202
[  302.512828][T11653] RAX: 0000000000000000 RBX: 00007f7e1ee75fa0 RCX: 0000000000000000
[  302.512870][T11653] RDX: 0000200000000000 RSI: 0000200000000000 RDI: 00007f7e1ecd1f3b
[  302.512888][T11653] RBP: 00007f7e1d2b7090 R08: 00007f7e1eb0e3a0 R09: 0000000000000000
[  302.512904][T11653] R10: 0000000000000005 R11: 0000200000000000 R12: 0000000000000005
[  302.512920][T11653] R13: 000000000000002d R14: 0000200000000000 R15: 00007fff145ce468
[  302.512943][T11653]  </TASK>
[  302.512956][T11653] Huh VM_FAULT_OOM leaked out to the #PF handler. Retrying PF
[  302.693804][T11653] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  302.702901][T11653] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.375442][T11677] loop3: detected capacity change from 0 to 2048
[  303.401208][T11677] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  303.423354][T11681] __nla_validate_parse: 3 callbacks suppressed
[  303.423372][T11681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2760'.
[  303.464942][T11683] loop2: detected capacity change from 0 to 2048
[  303.482156][T11683] EXT4-fs: Ignoring removed mblk_io_submit option
[  303.491773][T11674] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.506735][T11677] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  303.523174][T11677] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 962 with error 28
[  303.537043][T11677] EXT4-fs (loop3): This should not happen!! Data will be lost
[  303.537043][T11677] 
[  303.547860][T11677] EXT4-fs (loop3): Total free blocks count 0
[  303.554618][T11677] EXT4-fs (loop3): Free/Dirty block details
[  303.560998][T11677] EXT4-fs (loop3): free_blocks=2415919104
[  303.566831][T11677] EXT4-fs (loop3): dirty_blocks=976
[  303.572201][T11677] EXT4-fs (loop3): Block reservation details
[  303.578442][T11677] EXT4-fs (loop3): i_reserved_data_blocks=61
[  303.590280][T11683] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  303.648847][T11674] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.688171][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.771667][T11674] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.783064][T11694] netlink: 'syz.2.2764': attribute type 6 has an invalid length.
[  303.821506][   T12] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  303.854745][T11674] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  303.946205][T11674] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  303.992610][T11674] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.006384][T11674] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.024566][T11674] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.045355][T11706] loop3: detected capacity change from 0 to 1024
[  304.062020][T11706] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  304.235735][T11720] loop4: detected capacity change from 0 to 1024
[  304.249066][T11720] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.286416][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.321230][T11698] chnl_net:caif_netlink_parms(): no params data found
[  304.388104][T11734] loop4: detected capacity change from 0 to 128
[  304.406359][T11734] FAT-fs (loop4): Directory bread(block 32) failed
[  304.424995][T11734] FAT-fs (loop4): Directory bread(block 33) failed
[  304.431793][T11734] FAT-fs (loop4): Directory bread(block 34) failed
[  304.439154][T11734] FAT-fs (loop4): Directory bread(block 35) failed
[  304.445805][T11734] FAT-fs (loop4): Directory bread(block 36) failed
[  304.453342][T11734] FAT-fs (loop4): Directory bread(block 37) failed
[  304.460622][T11734] FAT-fs (loop4): Directory bread(block 38) failed
[  304.467549][T11734] FAT-fs (loop4): Directory bread(block 39) failed
[  304.469002][T11740] loop2: detected capacity change from 0 to 128
[  304.474456][T11734] FAT-fs (loop4): Directory bread(block 40) failed
[  304.482285][T11698] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.487266][T11734] FAT-fs (loop4): Directory bread(block 41) failed
[  304.494199][T11698] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.515737][T11698] bridge_slave_0: entered allmulticast mode
[  304.524548][T11698] bridge_slave_0: entered promiscuous mode
[  304.529736][T11734] syz.4.2773: attempt to access beyond end of device
[  304.529736][T11734] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  304.544925][T11734] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  304.553397][T11734] FAT-fs (loop4): Filesystem has been set read-only
[  304.558404][T11740] FAT-fs (loop2): Directory bread(block 32) failed
[  304.560693][T11734] syz.4.2773: attempt to access beyond end of device
[  304.560693][T11734] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  304.570063][T11740] FAT-fs (loop2): Directory bread(block 33) failed
[  304.582797][T11734] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  304.601623][T11740] FAT-fs (loop2): Directory bread(block 34) failed
[  304.605425][T11698] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.608464][T11740] FAT-fs (loop2): Directory bread(block 35) failed
[  304.615463][T11698] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.622281][T11740] FAT-fs (loop2): Directory bread(block 36) failed
[  304.629964][T11698] bridge_slave_1: entered allmulticast mode
[  304.636667][T11740] FAT-fs (loop2): Directory bread(block 37) failed
[  304.649619][T11698] bridge_slave_1: entered promiscuous mode
[  304.651332][T11740] FAT-fs (loop2): Directory bread(block 38) failed
[  304.662681][T11740] FAT-fs (loop2): Directory bread(block 39) failed
[  304.669746][T11740] FAT-fs (loop2): Directory bread(block 40) failed
[  304.676554][T11740] FAT-fs (loop2): Directory bread(block 41) failed
[  304.712645][T11698] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.737319][T11698] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  304.743453][T11740] syz.2.2777: attempt to access beyond end of device
[  304.743453][T11740] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  304.767865][T11740] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  304.776125][T11740] FAT-fs (loop2): Filesystem has been set read-only
[  304.785975][T11740] syz.2.2777: attempt to access beyond end of device
[  304.785975][T11740] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  304.801137][T11698] team0: Port device team_slave_0 added
[  304.801693][T11740] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  304.808691][T11698] team0: Port device team_slave_1 added
[  304.821507][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.872864][T11698] batman_adv: batadv0: Adding interface: batadv_slave_0
[  304.880080][T11698] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  304.906396][T11698] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.033620][T11698] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.041105][T11698] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.067917][T11698] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.149353][T11698] hsr_slave_0: entered promiscuous mode
[  305.156654][T11698] hsr_slave_1: entered promiscuous mode
[  305.162813][T11698] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.170846][T11698] Cannot create hsr debugfs directory
[  305.270483][T11771] loop4: detected capacity change from 0 to 512
[  305.305417][T11771] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.331024][T11771] ext4 filesystem being mounted at /598/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  305.372227][T11771] FAULT_INJECTION: forcing a failure.
[  305.372227][T11771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  305.385593][T11771] CPU: 0 UID: 0 PID: 11771 Comm: syz.4.2789 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  305.385704][T11771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  305.385718][T11771] Call Trace:
[  305.385726][T11771]  <TASK>
[  305.385736][T11771]  __dump_stack+0x1d/0x30
[  305.385765][T11771]  dump_stack_lvl+0xe8/0x140
[  305.385790][T11771]  dump_stack+0x15/0x1b
[  305.385811][T11771]  should_fail_ex+0x265/0x280
[  305.385917][T11771]  should_fail+0xb/0x20
[  305.385950][T11771]  should_fail_usercopy+0x1a/0x20
[  305.386019][T11771]  strncpy_from_user+0x25/0x230
[  305.386085][T11771]  strncpy_from_user_nofault+0x68/0xf0
[  305.386108][T11771]  bpf_probe_read_compat_str+0xb4/0x130
[  305.386156][T11771]  bpf_prog_d73d3bb03d5a037f+0x3e/0x44
[  305.386173][T11771]  bpf_trace_run2+0x107/0x1c0
[  305.386199][T11771]  ? selinux_release_secctx+0x45/0x80
[  305.386246][T11771]  ? selinux_release_secctx+0x45/0x80
[  305.386291][T11771]  __traceiter_kfree+0x2e/0x50
[  305.386315][T11771]  ? selinux_release_secctx+0x45/0x80
[  305.386356][T11771]  kfree+0x27b/0x320
[  305.386448][T11771]  ? security_sid_to_context+0x27/0x40
[  305.386483][T11771]  selinux_release_secctx+0x45/0x80
[  305.386520][T11771]  security_release_secctx+0x42/0x60
[  305.386561][T11771]  audit_log_task_context+0xb3/0x190
[  305.386686][T11771]  audit_log_task+0xf4/0x250
[  305.386727][T11771]  audit_seccomp+0x61/0x100
[  305.386765][T11771]  ? __seccomp_filter+0x68c/0x10d0
[  305.386833][T11771]  __seccomp_filter+0x69d/0x10d0
[  305.386865][T11771]  ? update_load_avg+0x1da/0x820
[  305.386902][T11771]  ? __list_add_valid_or_report+0x38/0xe0
[  305.386974][T11771]  ? _raw_spin_unlock+0x26/0x50
[  305.387080][T11771]  __secure_computing+0x82/0x150
[  305.387104][T11771]  syscall_trace_enter+0xcf/0x1e0
[  305.387134][T11771]  do_syscall_64+0xac/0x200
[  305.387184][T11771]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  305.387216][T11771]  ? clear_bhb_loop+0x40/0x90
[  305.387244][T11771]  ? clear_bhb_loop+0x40/0x90
[  305.387324][T11771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  305.387347][T11771] RIP: 0033:0x7f42dd66d33c
[  305.387364][T11771] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  305.387388][T11771] RSP: 002b:00007f42dbcd7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  305.387412][T11771] RAX: ffffffffffffffda RBX: 00007f42dd895fa0 RCX: 00007f42dd66d33c
[  305.387428][T11771] RDX: 000000000000000f RSI: 00007f42dbcd70a0 RDI: 0000000000000007
[  305.387477][T11771] RBP: 00007f42dbcd7090 R08: 0000000000000000 R09: 0000000000000000
[  305.387489][T11771] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  305.387501][T11771] R13: 0000000000000000 R14: 00007f42dd895fa0 R15: 00007ffc3ce65cd8
[  305.387522][T11771]  </TASK>
[  305.669470][T11773] loop3: detected capacity change from 0 to 1024
[  305.693794][T11773] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  305.709329][T11698] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.795096][ T3309] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  305.809556][T11698] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.852900][T11698] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.912248][T11698] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.931624][T11787] loop4: detected capacity change from 0 to 2048
[  305.958756][T11787] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  306.022464][T11698] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  306.032615][T11698] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  306.047070][T11698] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  306.059724][T11698] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  306.098378][T11791] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  306.107877][T11797] loop2: detected capacity change from 0 to 128
[  306.115124][T11791] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1164 with error 28
[  306.133566][T11791] EXT4-fs (loop4): This should not happen!! Data will be lost
[  306.133566][T11791] 
[  306.143510][T11791] EXT4-fs (loop4): Total free blocks count 0
[  306.149603][T11791] EXT4-fs (loop4): Free/Dirty block details
[  306.155547][T11791] EXT4-fs (loop4): free_blocks=2415919104
[  306.159122][T11797] FAT-fs (loop2): Directory bread(block 32) failed
[  306.161555][T11791] EXT4-fs (loop4): dirty_blocks=1168
[  306.169474][T11797] FAT-fs (loop2): Directory bread(block 33) failed
[  306.173457][T11791] EXT4-fs (loop4): Block reservation details
[  306.180547][T11797] FAT-fs (loop2): Directory bread(block 34) failed
[  306.186313][T11791] EXT4-fs (loop4): i_reserved_data_blocks=73
[  306.193632][T11797] FAT-fs (loop2): Directory bread(block 35) failed
[  306.212728][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.226079][T11797] FAT-fs (loop2): Directory bread(block 36) failed
[  306.251602][T11798] netlink: 9 bytes leftover after parsing attributes in process `syz.1.2795'.
[  306.252258][T11797] FAT-fs (loop2): Directory bread(block 37) failed
[  306.289074][T11806] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(13)
[  306.295763][T11806] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  306.297146][T11797] FAT-fs (loop2): Directory bread(block 38) failed
[  306.303662][T11806] vhci_hcd vhci_hcd.0: Device attached
[  306.311127][T11809] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2795'.
[  306.321263][T11797] FAT-fs (loop2): Directory bread(block 39) failed
[  306.325811][T11798] 1ªX¹¦D: entered promiscuous mode
[  306.331846][T11806] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(15)
[  306.336557][T11798] 1ªX¹¦D: left allmulticast mode
[  306.343310][T11806] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  306.356406][T11806] vhci_hcd vhci_hcd.0: Device attached
[  306.369572][T11797] FAT-fs (loop2): Directory bread(block 40) failed
[  306.376975][T11797] FAT-fs (loop2): Directory bread(block 41) failed
[  306.378935][T11809] 0ªX¹¦D: renamed from 
31ªX¹¦D
[  306.392491][T11806] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(17)
[  306.392620][T11809] 0ªX¹¦D: left promiscuous mode
[  306.399641][T11806] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  306.399735][T11806] vhci_hcd vhci_hcd.0: Device attached
[  306.404649][T11809] 0ªX¹¦D: entered allmulticast mode
[  306.426070][T11809] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  306.433941][T11806] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(20)
[  306.448377][T11806] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  306.456178][T11806] vhci_hcd vhci_hcd.0: Device attached
[  306.470292][T11806] vhci_hcd vhci_hcd.0: pdev(3) rhport(4) sockfd(22)
[  306.476991][T11806] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  306.484692][T11806] vhci_hcd vhci_hcd.0: Device attached
[  306.495107][T11698] 8021q: adding VLAN 0 to HW filter on device bond0
[  306.503166][T11806] vhci_hcd vhci_hcd.0: pdev(3) rhport(5) sockfd(24)
[  306.503745][T11819] syz.2.2794: attempt to access beyond end of device
[  306.503745][T11819] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  306.510105][T11806] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  306.510262][T11806] vhci_hcd vhci_hcd.0: Device attached
[  306.533065][T11819] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  306.533104][T11819] FAT-fs (loop2): Filesystem has been set read-only
[  306.534479][T11819] syz.2.2794: attempt to access beyond end of device
[  306.534479][T11819] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  306.567485][   T29] kauditd_printk_skb: 413 callbacks suppressed
[  306.567587][   T29] audit: type=1400 audit(1749495421.296:6157): avc:  denied  { execute } for  pid=11805 comm="syz.3.2796" path="/558/cpu.stat" dev="tmpfs" ino=2926 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=file permissive=1
[  306.568108][ T1035] usb 7-1: new low-speed USB device number 3 using vhci_hcd
[  306.576571][T11819] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  306.602160][T11810] vhci_hcd: connection closed
[  306.605249][T11815] vhci_hcd: connection closed
[  306.613542][T11813] vhci_hcd: connection closed
[  306.618358][T11820] vhci_hcd: connection closed
[  306.628329][T11817] vhci_hcd: connection closed
[  306.631783][T11807] vhci_hcd: connection reset by peer
[  306.638840][T11698] 8021q: adding VLAN 0 to HW filter on device team0
[  306.651010][   T31] vhci_hcd: stop threads
[  306.655341][   T31] vhci_hcd: release socket
[  306.655360][   T31] vhci_hcd: disconnect device
[  306.660981][   T31] vhci_hcd: stop threads
[  306.666010][   T29] audit: type=1326 audit(1749495421.406:6158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.669346][   T31] vhci_hcd: release socket
[  306.693049][   T29] audit: type=1326 audit(1749495421.406:6159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.697466][   T31] vhci_hcd: disconnect device
[  306.727465][   T29] audit: type=1326 audit(1749495421.476:6160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.751567][   T29] audit: type=1326 audit(1749495421.476:6161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.776198][   T29] audit: type=1326 audit(1749495421.476:6162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.810159][   T29] audit: type=1326 audit(1749495421.546:6163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.834225][   T29] audit: type=1326 audit(1749495421.546:6164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.838864][   T31] vhci_hcd: stop threads
[  306.857960][   T29] audit: type=1326 audit(1749495421.546:6165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.862398][   T31] vhci_hcd: release socket
[  306.886235][   T29] audit: type=1326 audit(1749495421.556:6166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11792 comm="syz.2.2794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  306.897930][ T8466] bridge0: port 1(bridge_slave_0) entered blocking state
[  306.914775][   T31] vhci_hcd: disconnect device
[  306.921847][ T8466] bridge0: port 1(bridge_slave_0) entered forwarding state
[  306.935242][   T31] vhci_hcd: stop threads
[  306.939700][ T8466] bridge0: port 2(bridge_slave_1) entered blocking state
[  306.939931][   T31] vhci_hcd: release socket
[  306.946944][ T8466] bridge0: port 2(bridge_slave_1) entered forwarding state
[  306.959002][   T31] vhci_hcd: disconnect device
[  306.959939][T11698] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  306.974834][T11698] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  306.976538][  T369] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  306.989237][   T31] vhci_hcd: stop threads
[  307.003250][   T31] vhci_hcd: release socket
[  307.007865][   T31] vhci_hcd: disconnect device
[  307.034964][   T31] vhci_hcd: stop threads
[  307.039495][   T31] vhci_hcd: release socket
[  307.043989][   T31] vhci_hcd: disconnect device
[  307.145845][T11836] netlink: 140 bytes leftover after parsing attributes in process `syz.1.2801'.
[  307.168977][T11698] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.288572][T11698] veth0_vlan: entered promiscuous mode
[  307.299484][T11698] veth1_vlan: entered promiscuous mode
[  307.321379][T11698] veth0_macvtap: entered promiscuous mode
[  307.330195][T11698] veth1_macvtap: entered promiscuous mode
[  307.360237][T11698] batman_adv: batadv0: Interface activated: batadv_slave_0
[  307.372895][T11698] batman_adv: batadv0: Interface activated: batadv_slave_1
[  307.382445][T11851] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2804'.
[  307.393858][T11698] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.403037][T11698] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.411913][T11698] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  307.421033][T11698] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  307.503601][T11851] 9pnet_fd: Insufficient options for proto=fd
[  307.629122][T11858] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2806'.
[  307.969001][T11863] loop3: detected capacity change from 0 to 1024
[  308.000126][T11863] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  308.186496][T11870] chnl_net:caif_netlink_parms(): no params data found
[  308.238707][T11870] bridge0: port 1(bridge_slave_0) entered blocking state
[  308.246096][T11870] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.254014][T11870] bridge_slave_0: entered allmulticast mode
[  308.260868][T11870] bridge_slave_0: entered promiscuous mode
[  308.268509][T11870] bridge0: port 2(bridge_slave_1) entered blocking state
[  308.275853][T11870] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.283192][T11870] bridge_slave_1: entered allmulticast mode
[  308.290002][T11870] bridge_slave_1: entered promiscuous mode
[  308.319010][T11870] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  308.333620][T11870] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  308.360672][T11870] team0: Port device team_slave_0 added
[  308.368809][T11870] team0: Port device team_slave_1 added
[  308.391103][T11870] batman_adv: batadv0: Adding interface: batadv_slave_0
[  308.398614][T11870] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.425510][T11870] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  308.437628][T11870] batman_adv: batadv0: Adding interface: batadv_slave_1
[  308.444790][T11870] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  308.471208][T11870] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  308.487152][T11888] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2810'.
[  308.526008][T11870] hsr_slave_0: entered promiscuous mode
[  308.533042][T11870] hsr_slave_1: entered promiscuous mode
[  308.540642][T11870] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  308.550094][T11870] Cannot create hsr debugfs directory
[  308.611906][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  308.612004][T11895] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2813'.
[  308.722104][T11870] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.768777][T11870] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.860298][T11870] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.908572][T11870] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  308.973749][   T12] bridge_slave_1: left allmulticast mode
[  308.980013][   T12] bridge_slave_1: left promiscuous mode
[  308.985983][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.008028][   T12] bridge_slave_0: left allmulticast mode
[  309.013757][   T12] bridge_slave_0: left promiscuous mode
[  309.019648][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.095555][T11929] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2825'.
[  309.129935][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  309.139938][   T12] bond0 (unregistering): Released all slaves
[  309.170326][T11870] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  309.183133][T11870] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  309.197239][   T12] hsr_slave_0: left promiscuous mode
[  309.203007][   T12] hsr_slave_1: left promiscuous mode
[  309.212268][   T12] veth1_macvtap: left promiscuous mode
[  309.218038][   T12] veth0_macvtap: left promiscuous mode
[  309.223679][   T12] veth1_vlan: left promiscuous mode
[  309.229421][   T12] veth0_vlan: left promiscuous mode
[  309.293986][   T12] team0 (unregistering): Port device team_slave_1 removed
[  309.304148][   T12] team0 (unregistering): Port device team_slave_0 removed
[  309.336048][T11870] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  309.345820][T11870] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  309.385120][T11870] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.398379][T11870] 8021q: adding VLAN 0 to HW filter on device team0
[  309.408556][ T3321] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.415742][ T3321] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.427385][  T369] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.434566][  T369] bridge0: port 2(bridge_slave_1) entered forwarding state
[  309.522693][T11870] 8021q: adding VLAN 0 to HW filter on device batadv0
[  309.559140][   T12] bridge_slave_1: left allmulticast mode
[  309.564972][   T12] bridge_slave_1: left promiscuous mode
[  309.570956][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.585898][   T12] bridge_slave_0: left allmulticast mode
[  309.591931][   T12] bridge_slave_0: left promiscuous mode
[  309.599479][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.723011][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  309.733878][   T12] bond0 (unregistering): Released all slaves
[  309.825074][   T12] hsr_slave_0: left promiscuous mode
[  309.847165][T11963] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(12)
[  309.853961][T11963] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  309.861882][T11963] vhci_hcd vhci_hcd.0: Device attached
[  309.862134][   T12] hsr_slave_1: left promiscuous mode
[  309.885142][   T12] veth1_macvtap: left promiscuous mode
[  309.893492][T11966] 9pnet: Could not find request transport: 0xffffffffffffffff
[  309.901180][   T12] veth0_macvtap: left promiscuous mode
[  309.907187][T11967] vhci_hcd: connection closed
[  309.907824][   T12] veth1_vlan: left promiscuous mode
[  309.908148][ T3321] vhci_hcd: stop threads
[  309.913456][   T12] veth0_vlan: left promiscuous mode
[  309.918577][ T3321] vhci_hcd: release socket
[  309.932761][ T3321] vhci_hcd: disconnect device
[  309.974727][   T12] pimreg (unregistering): left allmulticast mode
[  310.021403][   T12] team0 (unregistering): Port device team_slave_1 removed
[  310.034310][   T12] team0 (unregistering): Port device team_slave_0 removed
[  310.105900][T11870] veth0_vlan: entered promiscuous mode
[  310.116545][T11870] veth1_vlan: entered promiscuous mode
[  310.132947][T11870] veth0_macvtap: entered promiscuous mode
[  310.141025][T11870] veth1_macvtap: entered promiscuous mode
[  310.164778][T11870] batman_adv: batadv0: Interface activated: batadv_slave_0
[  310.179043][T11870] batman_adv: batadv0: Interface activated: batadv_slave_1
[  310.198800][T11975] loop3: detected capacity change from 0 to 2048
[  310.208319][T11870] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  310.217305][T11870] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  310.226490][T11870] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  310.235990][T11870] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  310.261179][T11975] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  310.345564][T11975] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  310.394864][T11975] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 452 with error 28
[  310.407663][T11975] EXT4-fs (loop3): This should not happen!! Data will be lost
[  310.407663][T11975] 
[  310.417421][T11975] EXT4-fs (loop3): Total free blocks count 0
[  310.423535][T11975] EXT4-fs (loop3): Free/Dirty block details
[  310.429644][T11975] EXT4-fs (loop3): free_blocks=2415919104
[  310.435525][T11975] EXT4-fs (loop3): dirty_blocks=656
[  310.440910][T11975] EXT4-fs (loop3): Block reservation details
[  310.446962][T11975] EXT4-fs (loop3): i_reserved_data_blocks=41
[  310.483677][T11990] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2836'.
[  310.495295][T11990] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  310.503116][T11990] batman_adv: batadv0: Removing interface: batadv_slave_0
[  310.523751][T11990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  310.531617][T11990] batman_adv: batadv0: Removing interface: batadv_slave_1
[  310.713450][  T369] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  310.764440][T11993] FAULT_INJECTION: forcing a failure.
[  310.764440][T11993] name failslab, interval 1, probability 0, space 0, times 0
[  310.777440][T11993] CPU: 1 UID: 0 PID: 11993 Comm: syz.3.2838 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  310.777472][T11993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.777488][T11993] Call Trace:
[  310.777498][T11993]  <TASK>
[  310.777509][T11993]  __dump_stack+0x1d/0x30
[  310.777538][T11993]  dump_stack_lvl+0xe8/0x140
[  310.777626][T11993]  dump_stack+0x15/0x1b
[  310.777644][T11993]  should_fail_ex+0x265/0x280
[  310.777688][T11993]  should_failslab+0x8c/0xb0
[  310.777797][T11993]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  310.777886][T11993]  ? hugetlbfs_alloc_inode+0xbc/0x100
[  310.777916][T11993]  hugetlbfs_alloc_inode+0xbc/0x100
[  310.777968][T11993]  ? __pfx_hugetlbfs_alloc_inode+0x10/0x10
[  310.778001][T11993]  alloc_inode+0x40/0x170
[  310.778023][T11993]  new_inode+0x1d/0xe0
[  310.778116][T11993]  hugetlbfs_get_inode+0x7b/0x370
[  310.778254][T11993]  hugetlb_file_setup+0x192/0x3d0
[  310.778291][T11993]  ksys_mmap_pgoff+0x157/0x310
[  310.778332][T11993]  x64_sys_call+0x1602/0x2fb0
[  310.778360][T11993]  do_syscall_64+0xd2/0x200
[  310.778402][T11993]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  310.778429][T11993]  ? clear_bhb_loop+0x40/0x90
[  310.778451][T11993]  ? clear_bhb_loop+0x40/0x90
[  310.778523][T11993]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.778551][T11993] RIP: 0033:0x7f95c969e929
[  310.778570][T11993] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  310.778603][T11993] RSP: 002b:00007f95c7d07038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  310.778625][T11993] RAX: ffffffffffffffda RBX: 00007f95c98c5fa0 RCX: 00007f95c969e929
[  310.778639][T11993] RDX: 0000000000000002 RSI: 0000000000800000 RDI: 0000200000800000
[  310.778653][T11993] RBP: 00007f95c7d07090 R08: ffffffffffffffff R09: 0000000080000000
[  310.778667][T11993] R10: 0000000000042032 R11: 0000000000000246 R12: 0000000000000001
[  310.778680][T11993] R13: 0000000000000000 R14: 00007f95c98c5fa0 R15: 00007ffc73ca9308
[  310.778701][T11993]  </TASK>
[  311.259074][T12016] SELinux: unrecognized netlink message: protocol=6 nlmsg_type=27161 sclass=netlink_xfrm_socket pid=12016 comm=syz.0.2845
[  311.272288][T12012] loop3: detected capacity change from 0 to 1024
[  311.318711][T12012] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.382867][T12023] vhci_hcd: invalid port number 96
[  311.388261][T12023] vhci_hcd: default hub control req: 0000 vfffc i0060 l0
[  311.397951][T12023] FAULT_INJECTION: forcing a failure.
[  311.397951][T12023] name failslab, interval 1, probability 0, space 0, times 0
[  311.410863][T12023] CPU: 1 UID: 0 PID: 12023 Comm: syz.0.2846 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  311.410898][T12023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  311.410912][T12023] Call Trace:
[  311.410921][T12023]  <TASK>
[  311.410929][T12023]  __dump_stack+0x1d/0x30
[  311.410954][T12023]  dump_stack_lvl+0xe8/0x140
[  311.410979][T12023]  dump_stack+0x15/0x1b
[  311.410999][T12023]  should_fail_ex+0x265/0x280
[  311.411046][T12023]  should_failslab+0x8c/0xb0
[  311.411076][T12023]  kmem_cache_alloc_noprof+0x50/0x310
[  311.411110][T12023]  ? security_inode_alloc+0x37/0x100
[  311.411150][T12023]  security_inode_alloc+0x37/0x100
[  311.411190][T12023]  inode_init_always_gfp+0x4b7/0x500
[  311.411218][T12023]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  311.411243][T12023]  alloc_inode+0x58/0x170
[  311.411274][T12023]  new_inode+0x1d/0xe0
[  311.411299][T12023]  shmem_get_inode+0x244/0x750
[  311.411336][T12023]  __shmem_file_setup+0x158/0x210
[  311.411369][T12023]  shmem_zero_setup+0x63/0xd0
[  311.411407][T12023]  mmap_region+0xf7a/0x1560
[  311.411461][T12023]  do_mmap+0x9b3/0xbe0
[  311.411496][T12023]  vm_mmap_pgoff+0x17a/0x2e0
[  311.411530][T12023]  ksys_mmap_pgoff+0xc2/0x310
[  311.411569][T12023]  ? __x64_sys_mmap+0x49/0x70
[  311.411598][T12023]  x64_sys_call+0x1602/0x2fb0
[  311.411625][T12023]  do_syscall_64+0xd2/0x200
[  311.411653][T12023]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  311.411686][T12023]  ? clear_bhb_loop+0x40/0x90
[  311.411707][T12023]  ? clear_bhb_loop+0x40/0x90
[  311.411729][T12023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.411750][T12023] RIP: 0033:0x7fac66b8e929
[  311.411769][T12023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.411790][T12023] RSP: 002b:00007fac651f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  311.411809][T12023] RAX: ffffffffffffffda RBX: 00007fac66db5fa0 RCX: 00007fac66b8e929
[  311.411821][T12023] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000200000000000
[  311.411833][T12023] RBP: 00007fac651f7090 R08: ffffffffffffffff R09: 0000000000000000
[  311.411846][T12023] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000001
[  311.411859][T12023] R13: 0000000000000000 R14: 00007fac66db5fa0 R15: 00007ffef0c313a8
[  311.411884][T12023]  </TASK>
[  311.647789][ T1035] usb 7-1: enqueue for inactive port 0
[  311.653329][ T1035] usb 7-1: enqueue for inactive port 0
[  311.727076][ T1035] vhci_hcd: vhci_device speed not set
[  311.917982][T11995] syz.1.2837 (11995) used greatest stack depth: 6952 bytes left
[  311.991280][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.004392][T12031] wireguard0: entered promiscuous mode
[  312.010110][T12031] wireguard0: entered allmulticast mode
[  312.082328][T12034] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2851'.
[  312.134130][T12041] unsupported nla_type 52263
[  312.149366][T12039] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2848'.
[  312.152582][   T29] kauditd_printk_skb: 145 callbacks suppressed
[  312.152601][   T29] audit: type=1326 audit(1749495426.876:6312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.189439][   T29] audit: type=1326 audit(1749495426.876:6313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.202813][T12041] loop3: detected capacity change from 0 to 8192
[  312.215099][   T29] audit: type=1326 audit(1749495426.876:6314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.245779][   T29] audit: type=1326 audit(1749495426.876:6315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.269656][   T29] audit: type=1326 audit(1749495426.876:6316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.293832][   T29] audit: type=1326 audit(1749495426.876:6317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.301813][T12027] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2848'.
[  312.317790][   T29] audit: type=1326 audit(1749495426.876:6318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.317839][   T29] audit: type=1326 audit(1749495426.876:6319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.317924][   T29] audit: type=1326 audit(1749495426.876:6320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.318006][   T29] audit: type=1326 audit(1749495426.876:6321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12040 comm="syz.3.2853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  312.478763][T12047] netlink: 9 bytes leftover after parsing attributes in process `syz.4.2855'.
[  312.491271][ T3299]  loop3: p1 p2 < > p3 p4 < p5 >
[  312.496488][ T3299] loop3: partition table partially beyond EOD, truncated
[  312.506449][T12047] gretap0: entered promiscuous mode
[  312.516265][T12047] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2855'.
[  312.526048][ T3299] loop3: p1 size 100663296 extends beyond EOD, truncated
[  312.534534][T12047] 0ªX¹¦D: renamed from gretap0
[  312.541990][ T3299] loop3: p2 start 591104 is beyond EOD, truncated
[  312.548989][ T3299] loop3: p3 start 33572980 is beyond EOD, truncated
[  312.559172][ T3299] loop3: p5 size 100663296 extends beyond EOD, truncated
[  312.569678][T12047] 0ªX¹¦D: left promiscuous mode
[  312.574796][T12047] 0ªX¹¦D: entered allmulticast mode
[  312.582921][T12047] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  312.618468][T12041]  loop3: p1 p2 < > p3 p4 < p5 >
[  312.623568][T12041] loop3: partition table partially beyond EOD, truncated
[  312.632147][T12041] loop3: p1 size 100663296 extends beyond EOD, truncated
[  312.641236][T12041] loop3: p2 start 591104 is beyond EOD, truncated
[  312.647958][T12041] loop3: p3 start 33572980 is beyond EOD, truncated
[  312.658284][T12041] loop3: p5 size 100663296 extends beyond EOD, truncated
[  312.675941][T12052] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.734430][T12052] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.773417][ T3623] udevd[3623]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  312.773526][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  312.783947][ T4484] udevd[4484]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  312.810321][ T3623] udevd[3623]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  312.810338][ T3299] udevd[3299]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  312.813132][ T4484] udevd[4484]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  312.846169][T12052] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.886881][T12062] loop4: detected capacity change from 0 to 2048
[  312.898662][T12062] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  312.915171][T12052] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  312.963418][T12052] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.976449][T12052] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.989162][T12052] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  313.001285][T12052] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  313.022681][T12066] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  313.038824][T12066] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1590 with error 28
[  313.051688][T12066] EXT4-fs (loop4): This should not happen!! Data will be lost
[  313.051688][T12066] 
[  313.061717][T12066] EXT4-fs (loop4): Total free blocks count 0
[  313.068013][T12066] EXT4-fs (loop4): Free/Dirty block details
[  313.074025][T12066] EXT4-fs (loop4): free_blocks=2415919104
[  313.080026][T12066] EXT4-fs (loop4): dirty_blocks=1600
[  313.085337][T12066] EXT4-fs (loop4): Block reservation details
[  313.091474][T12066] EXT4-fs (loop4): i_reserved_data_blocks=100
[  313.575797][T12084] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2867'.
[  313.758129][ T3321] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  313.863105][T12104] FAULT_INJECTION: forcing a failure.
[  313.863105][T12104] name failslab, interval 1, probability 0, space 0, times 0
[  313.876199][T12104] CPU: 0 UID: 0 PID: 12104 Comm: syz.4.2874 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  313.876240][T12104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  313.876258][T12104] Call Trace:
[  313.876268][T12104]  <TASK>
[  313.876277][T12104]  __dump_stack+0x1d/0x30
[  313.876303][T12104]  dump_stack_lvl+0xe8/0x140
[  313.876322][T12104]  dump_stack+0x15/0x1b
[  313.876355][T12104]  should_fail_ex+0x265/0x280
[  313.876396][T12104]  should_failslab+0x8c/0xb0
[  313.876428][T12104]  kmem_cache_alloc_node_noprof+0x57/0x320
[  313.876466][T12104]  ? __alloc_skb+0x101/0x320
[  313.876518][T12104]  __alloc_skb+0x101/0x320
[  313.876557][T12104]  ? audit_log_start+0x365/0x6c0
[  313.876600][T12104]  audit_log_start+0x380/0x6c0
[  313.876727][T12104]  audit_seccomp+0x48/0x100
[  313.876768][T12104]  ? __seccomp_filter+0x68c/0x10d0
[  313.876798][T12104]  __seccomp_filter+0x69d/0x10d0
[  313.876832][T12104]  ? _raw_spin_unlock+0x26/0x50
[  313.876869][T12104]  __secure_computing+0x82/0x150
[  313.876970][T12104]  syscall_trace_enter+0xcf/0x1e0
[  313.876999][T12104]  do_syscall_64+0xac/0x200
[  313.877108][T12104]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  313.877140][T12104]  ? clear_bhb_loop+0x40/0x90
[  313.877283][T12104]  ? clear_bhb_loop+0x40/0x90
[  313.877312][T12104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  313.877340][T12104] RIP: 0033:0x7f84eec8d33c
[  313.877359][T12104] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  313.877382][T12104] RSP: 002b:00007f84ed2f7030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  313.877456][T12104] RAX: ffffffffffffffda RBX: 00007f84eeeb5fa0 RCX: 00007f84eec8d33c
[  313.877474][T12104] RDX: 000000000000000f RSI: 00007f84ed2f70a0 RDI: 0000000000000004
[  313.877490][T12104] RBP: 00007f84ed2f7090 R08: 0000000000000000 R09: 0000000000000000
[  313.877511][T12104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  313.877523][T12104] R13: 0000000000000000 R14: 00007f84eeeb5fa0 R15: 00007fff3ab0a4e8
[  313.877545][T12104]  </TASK>
[  314.139803][T12108] xt_TPROXY: Can be used only with -p tcp or -p udp
[  314.169351][T12110] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  314.228306][   T23] hid-generic 0000:00C0:2000.0001: unknown main item tag 0x0
[  314.239428][   T23] hid-generic 0000:00C0:2000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  314.265606][T12115] loop2: detected capacity change from 0 to 128
[  314.281469][T12110] loop3: detected capacity change from 0 to 1024
[  314.318356][T12115] FAT-fs (loop2): Directory bread(block 32) failed
[  314.336177][T12110] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  314.362065][T12115] FAT-fs (loop2): Directory bread(block 33) failed
[  314.400204][T12110] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.416360][T12115] FAT-fs (loop2): Directory bread(block 34) failed
[  314.448483][T12123] loop4: detected capacity change from 0 to 128
[  314.455179][T12115] FAT-fs (loop2): Directory bread(block 35) failed
[  314.486187][T12115] FAT-fs (loop2): Directory bread(block 36) failed
[  314.505724][T12123] FAT-fs (loop4): Directory bread(block 32) failed
[  314.518033][T12115] FAT-fs (loop2): Directory bread(block 37) failed
[  314.536015][T12123] FAT-fs (loop4): Directory bread(block 33) failed
[  314.556344][T12115] FAT-fs (loop2): Directory bread(block 38) failed
[  314.564145][T12123] FAT-fs (loop4): Directory bread(block 34) failed
[  314.583339][T12115] FAT-fs (loop2): Directory bread(block 39) failed
[  314.590449][T12115] FAT-fs (loop2): Directory bread(block 40) failed
[  314.595772][T12123] FAT-fs (loop4): Directory bread(block 35) failed
[  314.599683][T12115] FAT-fs (loop2): Directory bread(block 41) failed
[  314.624794][T12123] FAT-fs (loop4): Directory bread(block 36) failed
[  314.632013][T12123] FAT-fs (loop4): Directory bread(block 37) failed
[  314.639381][T12123] FAT-fs (loop4): Directory bread(block 38) failed
[  314.646055][T12123] FAT-fs (loop4): Directory bread(block 39) failed
[  314.652926][T12123] FAT-fs (loop4): Directory bread(block 40) failed
[  314.659655][T12123] FAT-fs (loop4): Directory bread(block 41) failed
[  314.669152][T12128] netlink: 9 bytes leftover after parsing attributes in process `syz.0.2882'.
[  314.678467][T12111] syz.2.2878: attempt to access beyond end of device
[  314.678467][T12111] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  314.693200][T12128] gretap0: entered promiscuous mode
[  314.700567][T12111] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  314.708607][T12123] syz.4.2880: attempt to access beyond end of device
[  314.708607][T12123] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  314.708831][T12111] FAT-fs (loop2): Filesystem has been set read-only
[  314.736963][T12130] netlink: 5 bytes leftover after parsing attributes in process `syz.0.2882'.
[  314.743834][T12123] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  314.746083][T12115] syz.2.2878: attempt to access beyond end of device
[  314.746083][T12115] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  314.754249][T12123] FAT-fs (loop4): Filesystem has been set read-only
[  314.778264][T12130] 0ªX¹¦D: renamed from gretap0
[  314.784741][T12130] 0ªX¹¦D: left promiscuous mode
[  314.788360][T12119] syz.4.2880: attempt to access beyond end of device
[  314.788360][T12119] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  314.789686][T12130] 0ªX¹¦D: entered allmulticast mode
[  314.790114][T12115] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  314.819006][T12119] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  314.819318][T12130] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  314.843641][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.947063][T12132] process 'syz.2.2885' launched '/dev/fd/6' with NULL argv: empty string added
[  314.967712][T12136] loop3: detected capacity change from 0 to 2048
[  315.008010][T12136] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  315.021375][T12132] loop2: detected capacity change from 0 to 1024
[  315.048306][T12132] EXT4-fs: Ignoring removed nobh option
[  315.130727][T12132] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.156704][T12132] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.2885: bad entry in directory: inode out of bounds - offset=60, inode=393231, rec_len=16, size=1024 fake=0
[  315.177212][T12136] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  315.200813][T12136] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 440 with error 28
[  315.213488][T12136] EXT4-fs (loop3): This should not happen!! Data will be lost
[  315.213488][T12136] 
[  315.223348][T12136] EXT4-fs (loop3): Total free blocks count 0
[  315.229454][T12136] EXT4-fs (loop3): Free/Dirty block details
[  315.230732][T12157] EXT4-fs error (device loop2): ext4_search_dir:1474: inode #2: block 16: comm syz.2.2885: bad entry in directory: inode out of bounds - offset=60, inode=393231, rec_len=16, size=1024 fake=0
[  315.235621][T12136] EXT4-fs (loop3): free_blocks=2415919104
[  315.260530][T12136] EXT4-fs (loop3): dirty_blocks=448
[  315.265814][T12136] EXT4-fs (loop3): Block reservation details
[  315.271860][T12136] EXT4-fs (loop3): i_reserved_data_blocks=28
[  315.283564][T12158] loop4: detected capacity change from 0 to 1024
[  315.297963][T12150] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2883'.
[  315.317568][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.332808][T12158] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  315.527085][ T3321] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  315.618769][T12175] loop2: detected capacity change from 0 to 128
[  315.634697][T12175] FAT-fs (loop2): Directory bread(block 32) failed
[  315.642135][T12175] FAT-fs (loop2): Directory bread(block 33) failed
[  315.649189][T12175] FAT-fs (loop2): Directory bread(block 34) failed
[  315.655963][T12175] FAT-fs (loop2): Directory bread(block 35) failed
[  315.663243][T12175] FAT-fs (loop2): Directory bread(block 36) failed
[  315.670462][T12175] FAT-fs (loop2): Directory bread(block 37) failed
[  315.677431][T12175] FAT-fs (loop2): Directory bread(block 38) failed
[  315.684276][T12175] FAT-fs (loop2): Directory bread(block 39) failed
[  315.692216][T12175] FAT-fs (loop2): Directory bread(block 40) failed
[  315.702206][T12175] FAT-fs (loop2): Directory bread(block 41) failed
[  315.732705][T12175] syz.2.2895: attempt to access beyond end of device
[  315.732705][T12175] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  315.746424][T12175] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  315.754714][T12175] FAT-fs (loop2): Filesystem has been set read-only
[  315.769748][T12171] syz.2.2895: attempt to access beyond end of device
[  315.769748][T12171] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  315.783676][T12171] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  315.856909][T12180] sd 0:0:1:0: device reset
[  315.868459][T12180] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2896'.
[  315.877606][T12180] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2896'.
[  315.901843][T12180] loop2: detected capacity change from 0 to 512
[  315.919660][T12180] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  315.935529][T12180] EXT4-fs (loop2): 1 truncate cleaned up
[  316.105646][T12188] loop2: detected capacity change from 0 to 2048
[  316.123502][T12188] SELinux: security_context_str_to_sid (staff_u) failed with errno=-22
[  316.168532][T12193] 9pnet_fd: Insufficient options for proto=fd
[  316.210616][T12188] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2899'.
[  316.282597][T12198] ieee802154 phy0 wpan0: encryption failed: -22
[  316.303298][   T10] IPVS: starting estimator thread 0...
[  316.321139][T12200] loop4: detected capacity change from 0 to 2048
[  316.396873][T12201] IPVS: using max 2352 ests per chain, 117600 per kthread
[  316.397789][T12208] loop2: detected capacity change from 0 to 128
[  316.422333][T12200] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  316.467452][T12208] FAT-fs (loop2): Directory bread(block 32) failed
[  316.485067][T12200] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 510 with error 28
[  316.497804][T12200] EXT4-fs (loop4): This should not happen!! Data will be lost
[  316.497804][T12200] 
[  316.507788][T12200] EXT4-fs (loop4): Total free blocks count 0
[  316.513811][T12200] EXT4-fs (loop4): Free/Dirty block details
[  316.520002][T12200] EXT4-fs (loop4): free_blocks=2415919104
[  316.526300][T12200] EXT4-fs (loop4): dirty_blocks=512
[  316.537494][T12200] EXT4-fs (loop4): Block reservation details
[  316.543534][T12200] EXT4-fs (loop4): i_reserved_data_blocks=32
[  316.549648][T12208] FAT-fs (loop2): Directory bread(block 33) failed
[  316.556653][T12208] FAT-fs (loop2): Directory bread(block 34) failed
[  316.563517][T12208] FAT-fs (loop2): Directory bread(block 35) failed
[  316.574637][T12200] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2905'.
[  316.583763][T12208] FAT-fs (loop2): Directory bread(block 36) failed
[  316.583794][T12208] FAT-fs (loop2): Directory bread(block 37) failed
[  316.620952][T12208] FAT-fs (loop2): Directory bread(block 38) failed
[  316.634674][T12208] FAT-fs (loop2): Directory bread(block 39) failed
[  316.651773][T12208] FAT-fs (loop2): Directory bread(block 40) failed
[  316.671237][T12208] FAT-fs (loop2): Directory bread(block 41) failed
[  316.722221][T12205] syz.2.2906: attempt to access beyond end of device
[  316.722221][T12205] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  316.769225][T12205] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  316.777429][T12205] FAT-fs (loop2): Filesystem has been set read-only
[  316.794400][T12208] syz.2.2906: attempt to access beyond end of device
[  316.794400][T12208] loop2: rw=0, sector=4108, nr_sectors = 4 limit=128
[  316.816830][T12208] FAT-fs (loop2): error, fat_free: invalid cluster chain (i_pos 196)
[  316.837014][ T3321] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  316.849741][ T3321] EXT4-fs (loop4): This should not happen!! Data will be lost
[  316.849741][ T3321] 
[  316.899854][T12219] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  316.941756][T12219] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.002985][T12219] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.062690][T12219] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.152752][T12219] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  317.165938][T12219] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  317.179309][T12219] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  317.191719][T12219] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  317.298126][   T29] kauditd_printk_skb: 239 callbacks suppressed
[  317.298147][   T29] audit: type=1400 audit(1749495432.046:6559): avc:  denied  { write } for  pid=12230 comm="syz.4.2914" name="file0" dev="tmpfs" ino=148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  317.327721][   T29] audit: type=1400 audit(1749495432.046:6560): avc:  denied  { open } for  pid=12230 comm="syz.4.2914" path="/24/file0" dev="tmpfs" ino=148 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  317.351405][   T29] audit: type=1400 audit(1749495432.106:6561): avc:  denied  { ioctl } for  pid=12230 comm="syz.4.2914" path="/24/file0" dev="tmpfs" ino=148 ioctlcmd=0x1273 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  317.718207][T12250] loop4: detected capacity change from 0 to 2048
[  317.748501][T12250] EXT4-fs mount: 6 callbacks suppressed
[  317.748524][T12250] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  317.876264][T12253] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  317.938349][T12253] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1628 with error 28
[  317.950886][T12253] EXT4-fs (loop4): This should not happen!! Data will be lost
[  317.950886][T12253] 
[  317.960881][T12253] EXT4-fs (loop4): Total free blocks count 0
[  317.966937][T12253] EXT4-fs (loop4): Free/Dirty block details
[  317.972884][T12253] EXT4-fs (loop4): free_blocks=2415919104
[  317.979402][T12253] EXT4-fs (loop4): dirty_blocks=1632
[  317.984928][T12253] EXT4-fs (loop4): Block reservation details
[  317.991148][T12253] EXT4-fs (loop4): i_reserved_data_blocks=102
[  318.069578][   T29] audit: type=1400 audit(1749495432.816:6562): avc:  denied  { create } for  pid=12260 comm="syz.2.2924" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  318.099254][T12261] syz.2.2924 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  318.110366][   T29] audit: type=1326 audit(1749495432.846:6563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.2.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  318.134219][   T29] audit: type=1326 audit(1749495432.846:6564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.2.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  318.157837][   T29] audit: type=1326 audit(1749495432.846:6565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.2.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  318.181387][   T29] audit: type=1326 audit(1749495432.846:6566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.2.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  318.205122][   T29] audit: type=1326 audit(1749495432.846:6567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.2.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  318.229218][   T29] audit: type=1326 audit(1749495432.846:6568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12260 comm="syz.2.2924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7e1ec4e929 code=0x7ffc0000
[  318.358986][T12266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2926'.
[  318.369270][T12266] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2926'.
[  318.411787][T12264] loop2: detected capacity change from 0 to 1024
[  318.429639][T12264] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.560266][   T31] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  318.628241][T12282] FAULT_INJECTION: forcing a failure.
[  318.628241][T12282] name failslab, interval 1, probability 0, space 0, times 0
[  318.641037][T12282] CPU: 0 UID: 0 PID: 12282 Comm: syz.4.2930 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  318.641065][T12282] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  318.641079][T12282] Call Trace:
[  318.641088][T12282]  <TASK>
[  318.641099][T12282]  __dump_stack+0x1d/0x30
[  318.641129][T12282]  dump_stack_lvl+0xe8/0x140
[  318.641155][T12282]  dump_stack+0x15/0x1b
[  318.641221][T12282]  should_fail_ex+0x265/0x280
[  318.641261][T12282]  should_failslab+0x8c/0xb0
[  318.641319][T12282]  kmem_cache_alloc_lru_noprof+0x55/0x310
[  318.641374][T12282]  ? proc_alloc_inode+0x34/0x90
[  318.641406][T12282]  ? __pfx_proc_alloc_inode+0x10/0x10
[  318.641445][T12282]  proc_alloc_inode+0x34/0x90
[  318.641476][T12282]  alloc_inode+0x40/0x170
[  318.641503][T12282]  new_inode+0x1d/0xe0
[  318.641593][T12282]  proc_pid_make_inode+0x1f/0xd0
[  318.641627][T12282]  proc_fd_instantiate+0x36/0x1a0
[  318.641667][T12282]  proc_fill_cache+0x1c1/0x240
[  318.641700][T12282]  ? __pfx_proc_fd_instantiate+0x10/0x10
[  318.641803][T12282]  proc_readfd_common+0x28b/0x3b0
[  318.641840][T12282]  ? __pfx_proc_fd_instantiate+0x10/0x10
[  318.641881][T12282]  proc_fd_iterate+0x24/0x30
[  318.641972][T12282]  iterate_dir+0x114/0x330
[  318.642058][T12282]  ? mutex_lock+0xd/0x30
[  318.642101][T12282]  __se_sys_getdents64+0x88/0x1b0
[  318.642289][T12282]  ? __pfx_filldir64+0x10/0x10
[  318.642324][T12282]  __x64_sys_getdents64+0x43/0x50
[  318.642385][T12282]  x64_sys_call+0x1302/0x2fb0
[  318.642415][T12282]  do_syscall_64+0xd2/0x200
[  318.642444][T12282]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  318.642554][T12282]  ? clear_bhb_loop+0x40/0x90
[  318.642651][T12282]  ? clear_bhb_loop+0x40/0x90
[  318.642682][T12282]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  318.642703][T12282] RIP: 0033:0x7f84eec8e929
[  318.642721][T12282] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  318.642767][T12282] RSP: 002b:00007f84ed2f7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  318.642786][T12282] RAX: ffffffffffffffda RBX: 00007f84eeeb5fa0 RCX: 00007f84eec8e929
[  318.642799][T12282] RDX: 0000000000001002 RSI: 0000200000002f40 RDI: 0000000000000006
[  318.642812][T12282] RBP: 00007f84ed2f7090 R08: 0000000000000000 R09: 0000000000000000
[  318.642824][T12282] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  318.642839][T12282] R13: 0000000000000000 R14: 00007f84eeeb5fa0 R15: 00007fff3ab0a4e8
[  318.642865][T12282]  </TASK>
[  318.952073][T12285] __nla_validate_parse: 1 callbacks suppressed
[  318.952117][T12285] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2932'.
[  319.157806][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.177932][T12294] loop3: detected capacity change from 0 to 2048
[  319.198830][T12294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  319.433166][T12303] xt_TPROXY: Can be used only with -p tcp or -p udp
[  319.633819][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  319.712724][T12305] loop3: detected capacity change from 0 to 2048
[  319.775028][T12305] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  319.807024][T12309] xt_TPROXY: Can be used only with -p tcp or -p udp
[  319.902686][T12305] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  319.973193][T12305] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 432 with error 28
[  319.986345][T12305] EXT4-fs (loop3): This should not happen!! Data will be lost
[  319.986345][T12305] 
[  319.996068][T12305] EXT4-fs (loop3): Total free blocks count 0
[  320.002448][T12305] EXT4-fs (loop3): Free/Dirty block details
[  320.005124][T12313] loop4: detected capacity change from 0 to 2048
[  320.008650][T12305] EXT4-fs (loop3): free_blocks=2415919104
[  320.008671][T12305] EXT4-fs (loop3): dirty_blocks=448
[  320.008687][T12305] EXT4-fs (loop3): Block reservation details
[  320.032429][T12305] EXT4-fs (loop3): i_reserved_data_blocks=28
[  320.117742][T12313] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  320.293842][T12317] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  320.366861][T12317] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 442 with error 28
[  320.379457][T12317] EXT4-fs (loop4): This should not happen!! Data will be lost
[  320.379457][T12317] 
[  320.389558][T12317] EXT4-fs (loop4): Total free blocks count 0
[  320.396023][T12317] EXT4-fs (loop4): Free/Dirty block details
[  320.402101][T12317] EXT4-fs (loop4): free_blocks=2415919104
[  320.407997][T12317] EXT4-fs (loop4): dirty_blocks=448
[  320.413247][T12317] EXT4-fs (loop4): Block reservation details
[  320.419349][T12317] EXT4-fs (loop4): i_reserved_data_blocks=28
[  320.560427][   T51] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 6 with error 28
[  320.737509][T12324] netlink: 9 bytes leftover after parsing attributes in process `syz.2.2943'.
[  320.748756][T12324] 1ªX¹¦D: entered promiscuous mode
[  320.753976][T12324] 1ªX¹¦D: left allmulticast mode
[  320.775231][T12324] netlink: 5 bytes leftover after parsing attributes in process `syz.2.2943'.
[  320.793565][T12324] 0ªX¹¦D: renamed from 
31ªX¹¦D
[  320.811396][ T3321] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 24 with max blocks 2 with error 28
[  320.826896][T12324] 0ªX¹¦D: left promiscuous mode
[  320.831831][T12324] 0ªX¹¦D: entered allmulticast mode
[  320.846025][T12324] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  321.015544][T12334] loop4: detected capacity change from 0 to 128
[  321.056013][T12334] FAT-fs (loop4): Directory bread(block 32) failed
[  321.067047][T12334] FAT-fs (loop4): Directory bread(block 33) failed
[  321.073854][T12334] FAT-fs (loop4): Directory bread(block 34) failed
[  321.106858][T12334] FAT-fs (loop4): Directory bread(block 35) failed
[  321.113577][T12334] FAT-fs (loop4): Directory bread(block 36) failed
[  321.129182][T12334] FAT-fs (loop4): Directory bread(block 37) failed
[  321.135957][T12334] FAT-fs (loop4): Directory bread(block 38) failed
[  321.143046][T12334] FAT-fs (loop4): Directory bread(block 39) failed
[  321.155322][T12334] FAT-fs (loop4): Directory bread(block 40) failed
[  321.162364][T12334] FAT-fs (loop4): Directory bread(block 41) failed
[  321.213837][T12337] loop2: detected capacity change from 0 to 1024
[  321.230876][T12337] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.292334][T12333] syz.4.2946: attempt to access beyond end of device
[  321.292334][T12333] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  321.307542][T12333] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  321.315782][T12333] FAT-fs (loop4): Filesystem has been set read-only
[  321.324065][T12333] syz.4.2946: attempt to access beyond end of device
[  321.324065][T12333] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  321.337855][T12333] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  321.370598][T12351] netlink: 'syz.0.2951': attribute type 32 has an invalid length.
[  321.378781][T12351] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2951'.
[  321.649021][T12368] xt_TPROXY: Can be used only with -p tcp or -p udp
[  321.950716][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.207967][T12375] netlink: 9 bytes leftover after parsing attributes in process `syz.3.2957'.
[  322.245788][T12375] 1ªX¹¦D: entered promiscuous mode
[  322.251267][T12375] 1ªX¹¦D: left allmulticast mode
[  322.269181][T12377] netlink: 5 bytes leftover after parsing attributes in process `syz.3.2957'.
[  322.348435][T12377] 0ªX¹¦D: renamed from 
31ªX¹¦D
[  322.358602][T12377] 0ªX¹¦D: left promiscuous mode
[  322.363879][T12377] 0ªX¹¦D: entered allmulticast mode
[  322.388574][T12377] A link change request failed with some changes committed already. Interface 
30ªX¹¦D may have been left with an inconsistent configuration, please check.
[  322.489170][T12380] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2958'.
[  322.510099][   T29] kauditd_printk_skb: 76 callbacks suppressed
[  322.510119][   T29] audit: type=1326 audit(1749495437.256:6645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.540556][   T29] audit: type=1326 audit(1749495437.256:6646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.564648][   T29] audit: type=1326 audit(1749495437.256:6647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.588685][   T29] audit: type=1326 audit(1749495437.256:6648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.612436][   T29] audit: type=1326 audit(1749495437.256:6649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.636948][   T29] audit: type=1326 audit(1749495437.256:6650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.660531][   T29] audit: type=1326 audit(1749495437.256:6651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.684242][   T29] audit: type=1326 audit(1749495437.256:6652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.707848][   T29] audit: type=1326 audit(1749495437.256:6653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.731862][   T29] audit: type=1326 audit(1749495437.256:6654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12381 comm="syz.1.2960" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1f0a9ee929 code=0x7ffc0000
[  322.758719][T12384] macvlan1: entered promiscuous mode
[  322.768834][T12384] ipvlan0: entered promiscuous mode
[  322.780540][T12384] ipvlan0: left promiscuous mode
[  322.797366][T12384] macvlan1: left promiscuous mode
[  322.825980][T12387] bridge_slave_0: left allmulticast mode
[  322.831962][T12387] bridge_slave_0: left promiscuous mode
[  322.837872][T12387] bridge0: port 1(bridge_slave_0) entered disabled state
[  322.855984][T12387] bridge_slave_1: left allmulticast mode
[  322.861973][T12387] bridge_slave_1: left promiscuous mode
[  322.867848][T12387] bridge0: port 2(bridge_slave_1) entered disabled state
[  322.900621][T12387] bond0: (slave bond_slave_0): Releasing backup interface
[  322.935419][T12387] bond0: (slave bond_slave_1): Releasing backup interface
[  322.952936][T12387] team0: Port device team_slave_0 removed
[  322.964947][T12387] team0: Port device team_slave_1 removed
[  323.016387][T12406] loop2: detected capacity change from 0 to 1024
[  323.064659][T12406] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  323.451148][T12428] 9pnet_fd: Insufficient options for proto=fd
[  323.529728][T12428] ªªªªªª: renamed from vlan0 (while UP)
[  323.536033][T12428] FAULT_INJECTION: forcing a failure.
[  323.536033][T12428] name failslab, interval 1, probability 0, space 0, times 0
[  323.549223][T12428] CPU: 1 UID: 0 PID: 12428 Comm: syz.0.2972 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  323.549261][T12428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  323.549277][T12428] Call Trace:
[  323.549285][T12428]  <TASK>
[  323.549359][T12428]  __dump_stack+0x1d/0x30
[  323.549388][T12428]  dump_stack_lvl+0xe8/0x140
[  323.549462][T12428]  dump_stack+0x15/0x1b
[  323.549478][T12428]  should_fail_ex+0x265/0x280
[  323.549519][T12428]  ? kobject_uevent_env+0x1c0/0x570
[  323.549588][T12428]  should_failslab+0x8c/0xb0
[  323.549667][T12428]  __kmalloc_cache_noprof+0x4c/0x320
[  323.549704][T12428]  kobject_uevent_env+0x1c0/0x570
[  323.549787][T12428]  kobject_rename+0x2d6/0x350
[  323.549836][T12428]  ? sysfs_rename_link_ns+0x106/0x120
[  323.549882][T12428]  device_rename+0x11f/0x180
[  323.549956][T12428]  netif_change_name+0x1eb/0x6b0
[  323.549985][T12428]  ? _raw_spin_unlock+0x26/0x50
[  323.550013][T12428]  ? finish_task_switch+0xad/0x2b0
[  323.550045][T12428]  dev_change_name+0xc0/0x170
[  323.550157][T12428]  dev_ifsioc+0x302/0xaa0
[  323.550188][T12428]  ? __cond_resched+0x4e/0x90
[  323.550234][T12428]  dev_ioctl+0x4a7/0x960
[  323.550262][T12428]  sock_do_ioctl+0x197/0x220
[  323.550292][T12428]  sock_ioctl+0x41b/0x610
[  323.550329][T12428]  ? __pfx_sock_ioctl+0x10/0x10
[  323.550358][T12428]  __se_sys_ioctl+0xce/0x140
[  323.550390][T12428]  __x64_sys_ioctl+0x43/0x50
[  323.550455][T12428]  x64_sys_call+0x19a8/0x2fb0
[  323.550477][T12428]  do_syscall_64+0xd2/0x200
[  323.550497][T12428]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  323.550535][T12428]  ? clear_bhb_loop+0x40/0x90
[  323.550642][T12428]  ? clear_bhb_loop+0x40/0x90
[  323.550669][T12428]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.550691][T12428] RIP: 0033:0x7fac66b8e929
[  323.550707][T12428] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.550725][T12428] RSP: 002b:00007fac651f7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  323.550801][T12428] RAX: ffffffffffffffda RBX: 00007fac66db5fa0 RCX: 00007fac66b8e929
[  323.550818][T12428] RDX: 0000200000000000 RSI: 0000000000008923 RDI: 0000000000000007
[  323.550831][T12428] RBP: 00007fac651f7090 R08: 0000000000000000 R09: 0000000000000000
[  323.550846][T12428] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.550862][T12428] R13: 0000000000000000 R14: 00007fac66db5fa0 R15: 00007ffef0c313a8
[  323.550888][T12428]  </TASK>
[  323.988306][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.064717][T12434] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.084604][T12436] loop3: detected capacity change from 0 to 512
[  324.136535][T12436] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  324.175384][T12434] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.188321][T12443] capability: warning: `syz.1.2979' uses 32-bit capabilities (legacy support in use)
[  324.217707][T12436] EXT4-fs (loop3): 1 truncate cleaned up
[  324.233280][T12436] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  324.307555][T12456] netlink: 'syz.4.2977': attribute type 10 has an invalid length.
[  324.319347][T12456] team0: Device veth0_macvtap failed to register rx_handler
[  324.400965][T12458] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  324.430220][T12434] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.662971][T12460] loop2: detected capacity change from 0 to 128
[  324.737700][T12460] FAT-fs (loop2): bogus logical sector size 0
[  324.743897][T12460] FAT-fs (loop2): Can't find a valid FAT filesystem
[  324.754929][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  324.770504][T12434] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.829079][T12460] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2980'.
[  324.999243][T12434] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  325.070620][T12434] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  325.150779][T12434] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  325.248455][T12434] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  325.283972][T12480] loop2: detected capacity change from 0 to 1024
[  325.447813][T12480] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.002188][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.429188][T12500] batadv_slave_0: entered promiscuous mode
[  326.458990][T12500] (unnamed net_device) (uninitialized): option lacp_rate: mode dependency failed, not supported in mode balance-rr(0)
[  326.460021][T12504] loop2: detected capacity change from 0 to 512
[  326.523657][T12507] loop4: detected capacity change from 0 to 128
[  326.598560][T12497] batadv_slave_0: left promiscuous mode
[  326.630401][T12507] FAT-fs (loop4): Directory bread(block 32) failed
[  326.639406][T12504] EXT4-fs: Ignoring removed orlov option
[  326.645395][T12504] EXT4-fs: Ignoring removed oldalloc option
[  326.687059][T12507] FAT-fs (loop4): Directory bread(block 33) failed
[  326.735239][T12507] FAT-fs (loop4): Directory bread(block 34) failed
[  326.755232][T12504] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 220 vs 1023 free clusters
[  326.776839][T12507] FAT-fs (loop4): Directory bread(block 35) failed
[  326.793987][T12507] FAT-fs (loop4): Directory bread(block 36) failed
[  326.801031][T12504] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.2993: Parent and EA inode have the same ino 15
[  326.821548][T12507] FAT-fs (loop4): Directory bread(block 37) failed
[  326.838042][T12507] FAT-fs (loop4): Directory bread(block 38) failed
[  326.911499][T12507] FAT-fs (loop4): Directory bread(block 39) failed
[  326.918746][T12504] EXT4-fs (loop2): 1 orphan inode deleted
[  326.961903][T12507] FAT-fs (loop4): Directory bread(block 40) failed
[  326.969272][T12504] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.007344][T12507] FAT-fs (loop4): Directory bread(block 41) failed
[  327.101531][T12516] loop3: detected capacity change from 0 to 512
[  327.148257][ T3315] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.226914][T12516] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  327.266952][T12502] syz.4.2992: attempt to access beyond end of device
[  327.266952][T12502] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  327.316827][T12516] EXT4-fs (loop3): 1 truncate cleaned up
[  327.339178][T12516] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  327.397353][T12502] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  327.405723][T12502] FAT-fs (loop4): Filesystem has been set read-only
[  327.412982][T12507] syz.4.2992: attempt to access beyond end of device
[  327.412982][T12507] loop4: rw=0, sector=4108, nr_sectors = 4 limit=128
[  327.496857][T12507] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 196)
[  327.510173][T12533] sch_tbf: burst 0 is lower than device ip6gre0 mtu (1448) !
[  327.639816][T12516] (unnamed net_device) (uninitialized): Removing last ns target with arp_interval on
[  327.813756][   T29] kauditd_printk_skb: 192 callbacks suppressed
[  327.813775][   T29] audit: type=1400 audit(1749495442.556:6847): avc:  denied  { bind } for  pid=12542 comm="syz.4.3005" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  327.866177][T12543] netlink: 5560 bytes leftover after parsing attributes in process `syz.4.3005'.
[  328.008293][ T3305] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.017610][T12547] loop4: detected capacity change from 0 to 2048
[  328.060331][T12547] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  328.322890][   T29] audit: type=1326 audit(1749495443.066:6848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.346887][   T29] audit: type=1326 audit(1749495443.066:6849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.360545][T12552] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  328.370853][   T29] audit: type=1326 audit(1749495443.066:6850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.406538][T12559] loop2: detected capacity change from 0 to 512
[  328.409446][   T29] audit: type=1326 audit(1749495443.066:6851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.439579][   T29] audit: type=1326 audit(1749495443.066:6852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.463336][   T29] audit: type=1326 audit(1749495443.066:6853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.487852][   T29] audit: type=1326 audit(1749495443.066:6854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.511766][   T29] audit: type=1326 audit(1749495443.066:6855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.537195][   T29] audit: type=1326 audit(1749495443.066:6856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12553 comm="syz.3.3010" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f95c969e929 code=0x7ffc0000
[  328.577256][T12552] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 412 with error 28
[  328.589991][T12552] EXT4-fs (loop4): This should not happen!! Data will be lost
[  328.589991][T12552] 
[  328.600156][T12552] EXT4-fs (loop4): Total free blocks count 0
[  328.606374][T12552] EXT4-fs (loop4): Free/Dirty block details
[  328.612442][T12552] EXT4-fs (loop4): free_blocks=2415919104
[  328.618328][T12552] EXT4-fs (loop4): dirty_blocks=416
[  328.623661][T12552] EXT4-fs (loop4): Block reservation details
[  328.629756][T12552] EXT4-fs (loop4): i_reserved_data_blocks=26
[  328.669367][T12559] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.3011: bg 0: block 5: invalid block bitmap
[  328.697647][T12562] syzkaller0: entered promiscuous mode
[  328.703179][T12562] syzkaller0: entered allmulticast mode
[  328.730443][T12556] vhci_hcd: invalid port number 65
[  328.735834][T12556] vhci_hcd: SetHubDepth req not supported for USB 2.0 roothub
[  328.743735][T12559] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  328.753275][T12559] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.3011: invalid indirect mapped block 3 (level 2)
[  328.922390][T12559] EXT4-fs (loop2): 1 orphan inode deleted
[  328.928442][T12559] EXT4-fs (loop2): 1 truncate cleaned up
[  329.086468][T12559] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  329.137586][ T8466] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  329.580872][ T3321] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.719950][ T3321] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.892666][ T3321] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.080102][ T3321] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  330.367758][ T3321] bridge_slave_1: left allmulticast mode
[  330.373491][ T3321] bridge_slave_1: left promiscuous mode
[  330.379467][ T3321] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.521198][ T3321] bridge_slave_0: left allmulticast mode
[  330.526948][ T3321] bridge_slave_0: left promiscuous mode
[  330.532916][ T3321] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.983850][ T3321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  331.047912][ T3321] bond0 (unregistering): Released all slaves
[  331.107811][ T3321] bond1 (unregistering): Released all slaves
[  331.303009][T12614] syzkaller0: entered promiscuous mode
[  331.308662][T12614] syzkaller0: entered allmulticast mode
[  331.488149][ T3321] hsr_slave_0: left promiscuous mode
[  331.507214][ T3315] EXT4-fs error (device loop2): ext4_lookup:1787: inode #17: comm syz-executor: iget: bad extended attribute block 6904
[  331.544414][ T3321] hsr_slave_1: left promiscuous mode
[  331.587103][ T3315] EXT4-fs error (device loop2): ext4_lookup:1787: inode #17: comm syz-executor: iget: bad extended attribute block 6904
[  331.621929][ T3321] veth1_macvtap: left promiscuous mode
[  331.784404][ T3321] veth0_macvtap: left promiscuous mode
[  331.867629][ T3321] veth1_vlan: left promiscuous mode
[  331.910630][T12455] syz.1.2979 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  331.920568][T12455] CPU: 0 UID: 0 PID: 12455 Comm: syz.1.2979 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  331.920633][T12455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.920650][T12455] Call Trace:
[  331.920660][T12455]  <TASK>
[  331.920671][T12455]  __dump_stack+0x1d/0x30
[  331.920697][T12455]  dump_stack_lvl+0xe8/0x140
[  331.920719][T12455]  dump_stack+0x15/0x1b
[  331.920741][T12455]  dump_header+0x81/0x220
[  331.920819][T12455]  oom_kill_process+0x334/0x3f0
[  331.920853][T12455]  out_of_memory+0x979/0xb80
[  331.920886][T12455]  try_charge_memcg+0x5e6/0x9e0
[  331.920927][T12455]  charge_memcg+0x51/0xc0
[  331.921021][T12455]  __mem_cgroup_charge+0x28/0xb0
[  331.921122][T12455]  shmem_get_folio_gfp+0x470/0xd60
[  331.921173][T12455]  shmem_write_begin+0xa8/0x190
[  331.921276][T12455]  generic_perform_write+0x184/0x490
[  331.921316][T12455]  shmem_file_write_iter+0xc5/0xf0
[  331.921406][T12455]  __kernel_write_iter+0x253/0x4c0
[  331.921431][T12455]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  331.921467][T12455]  dump_user_range+0x407/0x8c0
[  331.921496][T12455]  elf_core_dump+0x1dc2/0x1f80
[  331.921527][T12455]  ? 0xffffffffff600000
[  331.921565][T12455]  do_coredump+0x1dfd/0x27b0
[  331.921634][T12455]  ? __account_obj_stock+0x211/0x350
[  331.921692][T12455]  ? __sigqueue_free+0xf4/0x130
[  331.921804][T12455]  ? kmem_cache_free+0xdf/0x300
[  331.921840][T12455]  ? proc_coredump_connector+0x114/0x220
[  331.921871][T12455]  get_signal+0xd85/0xf70
[  331.921987][T12455]  arch_do_signal_or_restart+0x96/0x480
[  331.922039][T12455]  irqentry_exit_to_user_mode+0x5e/0xa0
[  331.922087][T12455]  irqentry_exit+0x12/0x50
[  331.922169][T12455]  asm_exc_page_fault+0x26/0x30
[  331.922196][T12455] RIP: 0033:0x7f1f0a9ee931
[  331.922216][T12455] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  331.922240][T12455] RSP: 002b:0000000000000040 EFLAGS: 00010217
[  331.922259][T12455] RAX: 0000000000000000 RBX: 00007f1f0ac15fa0 RCX: 00007f1f0a9ee929
[  331.922320][T12455] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000000000040200
[  331.922332][T12455] RBP: 00007f1f0aa70b39 R08: 0000000000000000 R09: 0000000000000000
[  331.922346][T12455] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  331.922362][T12455] R13: 0000000000000000 R14: 00007f1f0ac15fa0 R15: 00007ffd2dd54948
[  331.922389][T12455]  </TASK>
[  331.922407][T12455] memory: usage 307200kB, limit 307200kB, failcnt 12866
[  331.991777][ T3321] veth0_vlan: left promiscuous mode
[  331.996586][T12455] memory+swap: usage 431976kB, limit 9007199254740988kB, failcnt 0
[  331.996607][T12455] kmem: usage 4560kB, limit 9007199254740988kB, failcnt 0
[  332.130526][T12640] xt_CT: You must specify a L4 protocol and not use inversions on it
[  332.136020][T12455] Memory cgroup stats for /syz1:
[  332.136728][T12455] cache 309469184
[  332.209005][T12455] rss 253952
[  332.212229][T12455] shmem 309465088
[  332.216119][T12455] mapped_file 0
[  332.219930][T12455] dirty 0
[  332.222957][T12455] writeback 0
[  332.226386][T12455] workingset_refault_anon 101
[  332.233945][T12455] workingset_refault_file 8811
[  332.241156][T12455] swap 127770624
[  332.245069][T12455] swapcached 225280
[  332.249147][T12455] pgpgin 584912
[  332.252804][T12455] pgpgout 509252
[  332.256712][T12455] pgfault 507652
[  332.260361][T12455] pgmajfault 95
[  332.264018][T12455] inactive_anon 111288320
[  332.268460][T12455] active_anon 198610944
[  332.272630][T12455] inactive_file 0
[  332.276477][T12455] active_file 4096
[  332.280312][T12455] unevictable 0
[  332.283797][T12455] hierarchical_memory_limit 314572800
[  332.289328][T12455] hierarchical_memsw_limit 9223372036854771712
[  332.295658][T12455] total_cache 309469184
[  332.299881][T12455] total_rss 253952
[  332.303630][T12455] total_shmem 309465088
[  332.307823][T12455] total_mapped_file 0
[  332.311960][T12455] total_dirty 0
[  332.315425][T12455] total_writeback 0
[  332.319337][T12455] total_workingset_refault_anon 101
[  332.324592][T12455] total_workingset_refault_file 8811
[  332.329949][T12455] total_swap 127770624
[  332.334149][T12455] total_swapcached 225280
[  332.338661][T12455] total_pgpgin 584912
[  332.342672][T12455] total_pgpgout 509252
[  332.346808][T12455] total_pgfault 507652
[  332.350928][T12455] total_pgmajfault 95
[  332.354970][T12455] total_inactive_anon 111288320
[  332.360044][T12455] total_active_anon 198610944
[  332.364827][T12455] total_inactive_file 0
[  332.369098][T12455] total_active_file 4096
[  332.373553][T12455] total_unevictable 0
[  332.377700][T12455] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.2979,pid=12452,uid=0
[  332.392489][T12455] Memory cgroup out of memory: Killed process 12452 (syz.1.2979) total-vm:90044kB, anon-rss:1088kB, file-rss:21744kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[  333.027001][T12455] syz.1.2979 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  333.036955][T12455] CPU: 1 UID: 0 PID: 12455 Comm: syz.1.2979 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  333.036989][T12455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  333.037057][T12455] Call Trace:
[  333.037065][T12455]  <TASK>
[  333.037076][T12455]  __dump_stack+0x1d/0x30
[  333.037101][T12455]  dump_stack_lvl+0xe8/0x140
[  333.037121][T12455]  dump_stack+0x15/0x1b
[  333.037145][T12455]  dump_header+0x81/0x220
[  333.037190][T12455]  oom_kill_process+0x334/0x3f0
[  333.037261][T12455]  out_of_memory+0x979/0xb80
[  333.037367][T12455]  try_charge_memcg+0x5e6/0x9e0
[  333.037403][T12455]  charge_memcg+0x51/0xc0
[  333.037446][T12455]  __mem_cgroup_charge+0x28/0xb0
[  333.037487][T12455]  shmem_get_folio_gfp+0x470/0xd60
[  333.037564][T12455]  shmem_write_begin+0xa8/0x190
[  333.037599][T12455]  generic_perform_write+0x184/0x490
[  333.037627][T12455]  shmem_file_write_iter+0xc5/0xf0
[  333.037718][T12455]  __kernel_write_iter+0x253/0x4c0
[  333.037738][T12455]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  333.037765][T12455]  dump_user_range+0x407/0x8c0
[  333.037800][T12455]  elf_core_dump+0x1dc2/0x1f80
[  333.037841][T12455]  ? 0xffffffffff600000
[  333.037918][T12455]  do_coredump+0x1dfd/0x27b0
[  333.037959][T12455]  ? __account_obj_stock+0x211/0x350
[  333.038002][T12455]  ? __sigqueue_free+0xf4/0x130
[  333.038032][T12455]  ? kmem_cache_free+0xdf/0x300
[  333.038119][T12455]  ? proc_coredump_connector+0x114/0x220
[  333.038171][T12455]  get_signal+0xd85/0xf70
[  333.038214][T12455]  arch_do_signal_or_restart+0x96/0x480
[  333.038343][T12455]  irqentry_exit_to_user_mode+0x5e/0xa0
[  333.038460][T12455]  irqentry_exit+0x12/0x50
[  333.038585][T12455]  asm_exc_page_fault+0x26/0x30
[  333.038607][T12455] RIP: 0033:0x7f1f0a9ee931
[  333.038622][T12455] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  333.038645][T12455] RSP: 002b:0000000000000040 EFLAGS: 00010217
[  333.038666][T12455] RAX: 0000000000000000 RBX: 00007f1f0ac15fa0 RCX: 00007f1f0a9ee929
[  333.038690][T12455] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000000000040200
[  333.038706][T12455] RBP: 00007f1f0aa70b39 R08: 0000000000000000 R09: 0000000000000000
[  333.038722][T12455] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  333.038797][T12455] R13: 0000000000000000 R14: 00007f1f0ac15fa0 R15: 00007ffd2dd54948
[  333.038825][T12455]  </TASK>
[  333.038833][T12455] memory: usage 307200kB, limit 307200kB, failcnt 15746
[  333.286429][T12455] memory+swap: usage 432136kB, limit 9007199254740988kB, failcnt 0
[  333.294569][T12455] kmem: usage 4396kB, limit 9007199254740988kB, failcnt 0
[  333.301910][T12455] Memory cgroup stats for /syz1:
[  333.302274][ T3321] team0 (unregistering): Port device team_slave_1 removed
[  333.342274][ T3321] team0 (unregistering): Port device team_slave_0 removed
[  333.378776][T12455] cache 309673984
[  333.382581][T12455] rss 372736
[  333.385915][T12455] shmem 309673984
[  333.389702][T12455] mapped_file 11755520
[  333.393852][T12455] dirty 0
[  333.396953][T12455] writeback 0
[  333.400280][T12455] workingset_refault_anon 110
[  333.405116][T12455] workingset_refault_file 10321
[  333.410058][T12455] swap 127934464
[  333.413837][T12455] swapcached 61440
[  333.417722][T12455] pgpgin 596988
[  333.421271][T12455] pgpgout 521287
[  333.424891][T12455] pgfault 510713
[  333.428518][T12455] pgmajfault 121
[  333.432101][T12455] inactive_anon 154783744
[  333.436454][T12455] active_anon 155287552
[  333.440695][T12455] inactive_file 0
[  333.444349][T12455] active_file 0
[  333.447962][T12455] unevictable 0
[  333.451500][T12455] hierarchical_memory_limit 314572800
[  333.457107][T12455] hierarchical_memsw_limit 9223372036854771712
[  333.463297][T12455] total_cache 309673984
[  333.467507][T12455] total_rss 372736
[  333.471254][T12455] total_shmem 309673984
[  333.475622][T12455] total_mapped_file 11755520
[  333.480395][T12455] total_dirty 0
[  333.484023][T12455] total_writeback 0
[  333.487929][T12455] total_workingset_refault_anon 110
[  333.493645][T12455] total_workingset_refault_file 10321
[  333.499357][T12455] total_swap 127934464
[  333.503503][T12455] total_swapcached 61440
[  333.506928][   T29] kauditd_printk_skb: 202 callbacks suppressed
[  333.506947][   T29] audit: type=1400 audit(1749495448.176:7059): avc:  denied  { recv } for  pid=3321 comm="kworker/u8:6" saddr=10.128.0.163 src=34164 daddr=10.128.1.31 dest=22 netif=eth0 scontext=system_u:system_r:sshd_t tcontext=system_u:object_r:unlabeled_t tclass=peer permissive=1
[  333.508265][T12455] total_pgpgin 596988
[  333.514642][   T29] audit: type=1326 audit(1749495448.236:7060): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.540695][T12455] total_pgpgout 521287
[  333.540712][T12455] total_pgfault 510713
[  333.545494][   T29] audit: type=1326 audit(1749495448.236:7061): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.545536][   T29] audit: type=1326 audit(1749495448.246:7062): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.545563][   T29] audit: type=1326 audit(1749495448.246:7063): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.569460][T12455] total_pgmajfault 121
[  333.573540][   T29] audit: type=1326 audit(1749495448.246:7064): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.577614][T12455] total_inactive_anon 154783744
[  333.577693][T12455] total_active_anon 155287552
[  333.601342][   T29] audit: type=1326 audit(1749495448.246:7065): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.625462][T12455] total_inactive_file 0
[  333.649410][   T29] audit: type=1326 audit(1749495448.246:7066): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.653489][T12455] total_active_file 0
[  333.653501][T12455] total_unevictable 0
[  333.677516][   T29] audit: type=1326 audit(1749495448.246:7067): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.682458][T12455] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  333.687167][   T29] audit: type=1326 audit(1749495448.246:7068): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12648 comm="syz.0.3033" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fac66b8e929 code=0x7ffc0000
[  333.801832][T12455] ,cpuset=/,mems_allowed=0,oom_memcg=/syz1,task_memcg=/syz1,task=syz.1.3027,pid=12619,uid=0
[  333.812310][T12455] Memory cgroup out of memory: Killed process 12641 (syz.1.3027) total-vm:93752kB, anon-rss:1060kB, file-rss:22444kB, shmem-rss:11392kB, UID:0 pgtables:148kB oom_score_adj:1000
[  333.841251][T12622] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  333.850777][T12622] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  333.892751][T12448] syz.1.2979 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[  333.902730][T12448] CPU: 0 UID: 0 PID: 12448 Comm: syz.1.2979 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  333.902869][T12448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  333.902886][T12448] Call Trace:
[  333.902896][T12448]  <TASK>
[  333.902906][T12448]  __dump_stack+0x1d/0x30
[  333.902931][T12448]  dump_stack_lvl+0xe8/0x140
[  333.902953][T12448]  dump_stack+0x15/0x1b
[  333.902977][T12448]  dump_header+0x81/0x220
[  333.903069][T12448]  oom_kill_process+0x334/0x3f0
[  333.903122][T12448]  out_of_memory+0x979/0xb80
[  333.903166][T12448]  try_charge_memcg+0x5e6/0x9e0
[  333.903201][T12448]  charge_memcg+0x51/0xc0
[  333.903269][T12448]  __mem_cgroup_charge+0x28/0xb0
[  333.903307][T12448]  shmem_get_folio_gfp+0x470/0xd60
[  333.903370][T12448]  shmem_write_begin+0xa8/0x190
[  333.903415][T12448]  generic_perform_write+0x184/0x490
[  333.903454][T12448]  shmem_file_write_iter+0xc5/0xf0
[  333.903477][T12448]  __kernel_write_iter+0x253/0x4c0
[  333.903501][T12448]  ? __pfx_shmem_file_write_iter+0x10/0x10
[  333.903536][T12448]  dump_user_range+0x407/0x8c0
[  333.903565][T12448]  elf_core_dump+0x1dc2/0x1f80
[  333.903618][T12448]  ? 0xffffffffff600000
[  333.903726][T12448]  do_coredump+0x1dfd/0x27b0
[  333.903783][T12448]  ? __account_obj_stock+0x2d6/0x350
[  333.903827][T12448]  ? __sigqueue_free+0xf4/0x130
[  333.903858][T12448]  ? kmem_cache_free+0xdf/0x300
[  333.903893][T12448]  ? proc_coredump_connector+0x114/0x220
[  333.903957][T12448]  get_signal+0xd85/0xf70
[  333.904001][T12448]  arch_do_signal_or_restart+0x96/0x480
[  333.904066][T12448]  irqentry_exit_to_user_mode+0x5e/0xa0
[  333.904125][T12448]  irqentry_exit+0x12/0x50
[  333.904156][T12448]  asm_exc_page_fault+0x26/0x30
[  333.904182][T12448] RIP: 0033:0x7f1f0a9ee931
[  333.904201][T12448] Code: 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 48 3d 01 f0 ff ff 73 01 <c3> 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f
[  333.904225][T12448] RSP: 002b:0000000000000040 EFLAGS: 00010217
[  333.904245][T12448] RAX: 0000000000000000 RBX: 00007f1f0ac15fa0 RCX: 00007f1f0a9ee929
[  333.904287][T12448] RDX: 0000000000000000 RSI: 0000000000000040 RDI: 0000000000040200
[  333.904300][T12448] RBP: 00007f1f0aa70b39 R08: 0000000000000000 R09: 0000000000000000
[  333.904314][T12448] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  333.904330][T12448] R13: 0000000000000000 R14: 00007f1f0ac15fa0 R15: 00007ffd2dd54948
[  333.904357][T12448]  </TASK>
[  333.904365][T12448] memory: usage 307172kB, limit 307200kB, failcnt 15936
[  334.154928][T12448] memory+swap: usage 427668kB, limit 9007199254740988kB, failcnt 0
[  334.162948][T12448] kmem: usage 4396kB, limit 9007199254740988kB, failcnt 0
[  334.170652][T12448] Memory cgroup stats for /syz1:
[  334.180645][T12448] cache 306016256
[  334.189731][T12448] rss 225280
[  334.193119][T12448] shmem 305287168
[  334.196912][T12448] mapped_file 729088
[  334.200963][T12448] dirty 0
[  334.204102][T12448] writeback 0
[  334.207499][T12448] workingset_refault_anon 110
[  334.212290][T12448] workingset_refault_file 10678
[  334.217396][T12448] swap 127934464
[  334.221053][T12448] swapcached 57344
[  334.224932][T12448] pgpgin 599145
[  334.228911][T12448] pgpgout 524373
[  334.232585][T12448] pgfault 510749
[  334.236170][T12448] pgmajfault 123
[  334.239875][T12448] inactive_anon 225271808
[  334.244229][T12448] active_anon 80220160
[  334.248368][T12448] inactive_file 0
[  334.252037][T12448] active_file 458752
[  334.256330][T12448] unevictable 0
[  334.259991][T12448] hierarchical_memory_limit 314572800
[  334.265820][T12448] hierarchical_memsw_limit 9223372036854771712
[  334.272178][T12448] total_cache 306016256
[  334.276367][T12448] total_rss 225280
[  334.280271][T12448] total_shmem 305287168
[  334.284470][T12448] total_mapped_file 729088
[  334.288982][T12448] total_dirty 0
[  334.292619][T12448] total_writeback 0
[  334.296506][T12448] total_workingset_refault_anon 110
[  334.301847][T12448] total_workingset_refault_file 10678
[  334.307416][T12448] total_swap 127934464
[  334.311544][T12448] total_swapcached 57344
[  334.315878][T12448] total_pgpgin 599145
[  334.319985][T12448] total_pgpgout 524373
[  334.324250][T12448] total_pgfault 510749
[  334.328480][T12448] total_pgmajfault 123
[  334.332624][T12448] total_inactive_anon 225271808
[  334.337542][T12448] total_active_anon 80220160
[  334.342288][T12448] total_inactive_file 0
[  334.346493][T12448] total_active_file 458752
[  334.351082][T12448] total_unevictable 0
[  334.351122][T12463] ==================================================================
[  334.355165][T12448] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null)
[  334.363381][T12463] BUG: KCSAN: data-race in mem_cgroup_flush_stats_ratelimited / tick_do_update_jiffies64
[  334.370296][T12448] ,cpuset=
[  334.380063][T12463] 
[  334.380071][T12463] read-write to 0xffffffff868099c0 of 8 bytes by interrupt on cpu 0:
[  334.380094][T12463]  tick_do_update_jiffies64+0x113/0x1c0
[  334.383140][T12448] /,mems_allowed=0
[  334.385469][T12463]  tick_nohz_handler+0x7f/0x2d0
[  334.393766][T12448] ,oom_memcg=
[  334.399393][T12463]  __hrtimer_run_queues+0x20f/0x5a0
[  334.399422][T12463]  hrtimer_interrupt+0x21a/0x460
[  334.403156][T12448] /syz1
[  334.408003][T12463]  __sysvec_apic_timer_interrupt+0x5c/0x1d0
[  334.411565][T12448] ,task_memcg=
[  334.416571][T12463]  sysvec_apic_timer_interrupt+0x6f/0x80
[  334.421552][T12448] /syz1
[  334.424280][T12463]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  334.430233][T12448] ,task=syz.1.2979,pid=12448,uid=0
[  334.433564][T12463]  console_flush_all+0x55b/0x730
[  334.439262][T12448] Memory cgroup out of memory: Killed process 12448 (syz.1.2979) total-vm:90044kB, anon-rss:1088kB, file-rss:21796kB, shmem-rss:0kB, UID:0 pgtables:188kB oom_score_adj:1000
[  334.441979][T12463]  console_unlock+0xa1/0x330
[  334.480194][T12463]  vprintk_emit+0x388/0x650
[  334.484749][T12463]  vprintk_default+0x26/0x30
[  334.489482][T12463]  vprintk+0x1d/0x30
[  334.493418][T12463]  _printk+0x79/0xa0
[  334.497360][T12463]  seq_buf_do_printk+0x113/0x1a0
[  334.502332][T12463]  mem_cgroup_print_oom_meminfo+0x169/0x250
[  334.508278][T12463]  dump_header+0xa0/0x220
[  334.512741][T12463]  oom_kill_process+0x334/0x3f0
[  334.517743][T12463]  out_of_memory+0x979/0xb80
[  334.522391][T12463]  try_charge_memcg+0x5e6/0x9e0
[  334.527356][T12463]  charge_memcg+0x51/0xc0
[  334.531722][T12463]  __mem_cgroup_charge+0x28/0xb0
[  334.536695][T12463]  shmem_get_folio_gfp+0x470/0xd60
[  334.541847][T12463]  shmem_write_begin+0xa8/0x190
[  334.546748][T12463]  generic_perform_write+0x184/0x490
[  334.552057][T12463]  shmem_file_write_iter+0xc5/0xf0
[  334.557207][T12463]  __kernel_write_iter+0x253/0x4c0
[  334.562452][T12463]  dump_user_range+0x407/0x8c0
[  334.567421][T12463]  elf_core_dump+0x1dc2/0x1f80
[  334.572233][T12463]  do_coredump+0x1dfd/0x27b0
[  334.576856][T12463]  get_signal+0xd85/0xf70
[  334.581304][T12463]  arch_do_signal_or_restart+0x96/0x480
[  334.586909][T12463]  irqentry_exit_to_user_mode+0x5e/0xa0
[  334.592506][T12463]  irqentry_exit+0x12/0x50
[  334.596961][T12463]  asm_exc_page_fault+0x26/0x30
[  334.601833][T12463] 
[  334.604206][T12463] read to 0xffffffff868099c0 of 8 bytes by task 12463 on cpu 1:
[  334.611870][T12463]  mem_cgroup_flush_stats_ratelimited+0x29/0x70
[  334.618150][T12463]  count_shadow_nodes+0x6a/0x230
[  334.623105][T12463]  do_shrink_slab+0x63/0x680
[  334.627723][T12463]  shrink_slab+0x448/0x760
[  334.632249][T12463]  shrink_node+0x6c3/0x2120
[  334.636797][T12463]  do_try_to_free_pages+0x3f6/0xcd0
[  334.642137][T12463]  try_to_free_mem_cgroup_pages+0x1ab/0x410
[  334.648050][T12463]  try_charge_memcg+0x358/0x9e0
[  334.653106][T12463]  charge_memcg+0x51/0xc0
[  334.657486][T12463]  __mem_cgroup_charge+0x28/0xb0
[  334.662648][T12463]  shmem_get_folio_gfp+0x470/0xd60
[  334.667818][T12463]  shmem_write_begin+0xa8/0x190
[  334.672723][T12463]  generic_perform_write+0x184/0x490
[  334.678035][T12463]  shmem_file_write_iter+0xc5/0xf0
[  334.683169][T12463]  __kernel_write_iter+0x253/0x4c0
[  334.688387][T12463]  dump_user_range+0x407/0x8c0
[  334.693170][T12463]  elf_core_dump+0x1dc2/0x1f80
[  334.697954][T12463]  do_coredump+0x1dfd/0x27b0
[  334.702578][T12463]  get_signal+0xd85/0xf70
[  334.706958][T12463]  arch_do_signal_or_restart+0x96/0x480
[  334.712820][T12463]  irqentry_exit_to_user_mode+0x5e/0xa0
[  334.718411][T12463]  irqentry_exit+0x12/0x50
[  334.722963][T12463]  asm_exc_page_fault+0x26/0x30
[  334.727835][T12463] 
[  334.730169][T12463] value changed: 0x0000000100000d29 -> 0x0000000100000d2a
[  334.737286][T12463] 
[  334.739714][T12463] Reported by Kernel Concurrency Sanitizer on:
[  334.745983][T12463] CPU: 1 UID: 0 PID: 12463 Comm: syz.1.2979 Not tainted 6.16.0-rc1-syzkaller #0 PREEMPT(voluntary) 
[  334.756772][T12463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  334.766860][T12463] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  335.129014][T12580] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.853119][ T3321] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  335.911719][ T3321] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.049312][ T3321] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.197948][ T3321] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  336.397781][ T3321] bridge_slave_1: left allmulticast mode
[  336.403493][ T3321] bridge_slave_1: left promiscuous mode
[  336.409335][ T3321] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.450176][ T3321] bridge_slave_0: left allmulticast mode
[  336.455891][ T3321] bridge_slave_0: left promiscuous mode
[  336.461693][ T3321] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.628771][ T3321] bond0 (unregistering): Released all slaves
[  336.680143][ T3321] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  336.690325][ T3321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  336.700133][ T3321] bond0 (unregistering): Released all slaves
[  336.765416][ T3321] hsr_slave_0: left promiscuous mode
[  336.771397][ T3321] hsr_slave_1: left promiscuous mode
[  336.781862][ T3321] veth1_macvtap: left promiscuous mode
[  336.788093][ T3321] veth0_macvtap: left promiscuous mode
[  336.793812][ T3321] veth1_vlan: left promiscuous mode
[  336.799801][ T3321] veth0_vlan: left promiscuous mode
[  336.881218][ T3321] team0 (unregistering): Port device team_slave_1 removed
[  336.892193][ T3321] team0 (unregistering): Port device team_slave_0 removed
[  336.928601][ T3367] infiniband syz1: ib_query_port failed (-19)
[  337.098435][ T3321] IPVS: stop unused estimator thread 0...
[  337.140904][ T3321] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.199602][ T3321] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.258836][ T3321] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.298630][ T3321] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.364766][ T3321] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.398480][ T3321] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.460001][ T3321] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.509189][ T3321] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  337.558007][ T3321] bridge_slave_1: left allmulticast mode
[  337.563842][ T3321] bridge_slave_1: left promiscuous mode
[  337.569814][ T3321] bridge0: port 2(bridge_slave_1) entered disabled state
[  337.578371][ T3321] bridge_slave_0: left allmulticast mode
[  337.584209][ T3321] bridge_slave_0: left promiscuous mode
[  337.590070][ T3321] bridge0: port 1(bridge_slave_0) entered disabled state
[  337.699441][ T3321] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  337.709558][ T3321] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  337.719337][ T3321] bond0 (unregistering): Released all slaves
[  337.828752][ T3321] bond0 (unregistering): Released all slaves
[  337.882296][ T3321] hsr_slave_0: left promiscuous mode
[  337.888885][ T3321] hsr_slave_1: left promiscuous mode
[  337.894617][ T3321] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  337.902112][ T3321] batman_adv: batadv0: Removing interface: batadv_slave_0
[  337.910729][ T3321] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  337.918594][ T3321] batman_adv: batadv0: Removing interface: batadv_slave_1
[  337.930799][ T3321] hsr_slave_0: left promiscuous mode
[  337.936484][ T3321] hsr_slave_1: left promiscuous mode
[  337.948143][ T3321] veth1_macvtap: left promiscuous mode
[  337.953698][ T3321] veth1_vlan: left promiscuous mode
[  337.959532][ T3321] veth0_vlan: left promiscuous mode
[  337.965555][ T3321] veth1_macvtap: left promiscuous mode
[  337.971268][ T3321] veth0_macvtap: left promiscuous mode
[  337.977002][ T3321] veth1_vlan: left promiscuous mode
[  337.982241][ T3321] veth0_vlan: left promiscuous mode
[  338.073599][ T3321] team0 (unregistering): Port device team_slave_1 removed
[  338.083299][ T3321] team0 (unregistering): Port device team_slave_0 removed