last executing test programs:

9.138024838s ago: executing program 2 (id=1557):
r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1e000000000000030000000100010000200000d3aa3901209e6670d787f4906041cde8ef2f82eb88193c0cd3ed57a75292c9311d6a6a8f6ca2006d72477aeb8a2a67b618e0f815ea8f08576a45e3517da3b39463683aa6fc09bcf59782507500f7888baebbf7fa24e8d09cd7a1e4cdf0696768b3", @ANYRES32=r0, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="0400000001000000010000000500"/28], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
r4 = openat(r3, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50)
faccessat(r3, &(0x7f0000000000)='./file0\x00', 0x5)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f0000000180)={0x400, 0x461118d6, 0x1, 'queue0\x00', 0x6})

9.122158879s ago: executing program 2 (id=1558):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000440)=ANY=[@ANYRES32=<r4=>r1], 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000f00)=ANY=[@ANYRESHEX=r0, @ANYRES16=r4, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000020000ff82c2b01cb0de2a00000070003220e4699565718f00000000000000000000000000000000006ecc9b5a4c1048165627c5902f342ebd08e546e0f06834a0c70493233512484fd8114155ebc31e9a6d012b24e00037310f09dcae62415cdf378d8a79e953da710666df34908f9ca6b6b9796458555d38072e93c00a7f024e7539dcf0669e2e35491d1d5ec44209b8674cc1b074bbb15c44c0dff0b0efc2f9159bd7a26fa17b04a01c742d870f24ccfe9ff914c96349cebf6bd5f974e48450a3ffb9375a4180e1b1c5125b15973c8bfb0158f80da8db2c66d5e09f361ee3d048d2bb7cf55f5b310fd039f0b44776f4e3017bc964964637c801135fb75c805c7baa3cc6a5893030072acbeaace39f38a011c6e356604a665d3a86c79f4d43421131f7664e8a3507966592de0fadadb277e1dbf4b2cbd7f5cd09568c280e1c0754167d8c999e9d48212d3af728299ae406de52174bb4c9a3009911309e59d2ed11c4f3c1a33085cf010492fddae01bd0ab4c77de73b0d019623fe216eeb4efbabc1e66a8f39b32c1021933ff13ed6d087714ba8de24134f9ae3bc5f8dee292d6121a5df7dff9b01b5141b0c946a9720a6b9c3c0a18bac8d2b672b9eb5bd224240186410a7621db8b766d75c310b9e2fe73c9d577762ba9180d0c2cf57bf701694727e55319953d8a33e15965e8ace3cf32273cb7a0b66c1cc9e3f3ddeaa556dcfb91b287bc4d7ca50dc04a7f620e7741ba7e37a75a8d65b46a6b24cb3dc11403fc6897688b9a24daede23145042e5dad9a86173e2e6eca1f943c4e68d519199634b704d685ee7bee8746867eb0d9673d31c9bb58550b10950575abeb4a01b7bd7dd52a1c00f7"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x90)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10)
setresuid(0x0, 0x0, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9}, 0x10)
mount$9p_virtio(0x0, &(0x7f0000000300)='./cgroup\x00', &(0x7f0000000340), 0x4, &(0x7f0000000ac0)=ANY=[@ANYBLOB='trans=virtio,aname=,dfltgid', @ANYRESHEX=0x0, @ANYBLOB=',smackfshat=*-{,uid>', @ANYBLOB=',seclabel'])
memfd_secret(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32, @ANYRES16=r3, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000004000f14c23b0d8e113b16b4dd3c61880903e8a5c0a66f48289e571596066df0db7b612518f06e9d65e7d929e8f01d433ebf4be761275a21b3fa84964796c2c3250b328825c08b4d5cb81a0dedaeca751b477571034bce6f3d53b6eb3d07558eea6f0b3b2c68be8c544ca850084487c3107574d5fd4d243b0e427c590e9c782ecf1b308a0abbbfd8780303200f5b0c003b6bc4ff8226c444a037024a240656d7cc34a69ef2f623d7808c2b807aa35b4edc1f98db8dfaa56502fe2b64014773eca3139af5fcefcb818353c4bfb4a02f1c24556"], 0x50)
io_setup(0x8, &(0x7f0000000000))
eventfd2(0x0, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r10}, 0x10)
perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_config_ext, 0x0, 0x19fbcc0a, 0x0, 0x0, 0x0, 0x2, 0xffff}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x0)
r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r11, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
write$UHID_DESTROY(r11, &(0x7f0000000080), 0x4)

7.59293178s ago: executing program 2 (id=1567):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000080)="4e8fc38e", 0xb, 0x200000000004}])
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="05002a"], 0x2c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

7.415883776s ago: executing program 2 (id=1568):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48)
close(0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r3, 0x0, 0x400000000000000, 0x7)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
dup(0xffffffffffffffff)
socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000)
syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25")

7.305693087s ago: executing program 2 (id=1569):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000080)="4e8fc38e", 0xb, 0x200000000004}]) (fail_nth: 1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="05002a"], 0x2c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

5.822019624s ago: executing program 0 (id=1590):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
clock_getres(0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r3, 0x3)
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000280)={'batadv0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
syz_clone3(&(0x7f0000000340)={0x42907480, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
getdents64(0xffffffffffffffff, 0xfffffffffffffffe, 0x29)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000400)='kmem_cache_free\x00', r7}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x0)
r9 = socket$key(0xf, 0x3, 0x2)
r10 = dup3(r9, r8, 0x0)
sendmsg$key(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="0213ebff05000000ffffffff00000000030039"], 0x28}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0)

5.31683897s ago: executing program 0 (id=1592):
shmctl$SHM_LOCK(0x0, 0xb)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000080d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil)
shmctl$IPC_RMID(r0, 0x0)
shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000000)=""/120)

5.285722853s ago: executing program 0 (id=1593):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r2, 0xc0481273, &(0x7f0000000000)) (fail_nth: 8)

5.033684576s ago: executing program 0 (id=1595):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48)
close(0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r3, 0x0, 0x400000000000000, 0x7)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703310000001f03000000000000040014000d000a000d0000009ee5", 0x2e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
dup(0xffffffffffffffff)
socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000)
syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25")

5.032471077s ago: executing program 2 (id=1596):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
rt_sigaction(0x40, &(0x7f0000000380)={0x0, 0x88000001, 0x0, {[0x7]}}, 0x0, 0x8, &(0x7f00000003c0))
syz_clone3(&(0x7f0000006180)={0x100000000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@nobarrier}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@grpquota}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==")
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x64, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))

4.798585998s ago: executing program 0 (id=1599):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"})
syz_open_pts(r1, 0x141601)
r2 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88))
msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r10}, 0x18)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8})

4.370506617s ago: executing program 0 (id=1600):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_NEXT_CMD_LEN(r5, 0xc0481273, &(0x7f0000000000))

4.12732603s ago: executing program 4 (id=1604):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)=ANY=[@ANYBLOB="24000000010401080000000000000000000000040500010002"], 0x24}}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
r3 = socket(0x2, 0x3, 0x9)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r3, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x30, 0x0, 0x7, {[@noop, @timestamp_addr={0x7, 0x15, 0x15, 0x3, 0x0, [{@local}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast}]}]}}}], 0x30}}], 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x152090, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x4008240b, 0x80ffff00000000)
sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks}, {@minixdf}]}, 0x1, 0x4ff, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvndhx0uwmu+wBEOwuuwsFVXUSdzda7QGWEwK0EmKPIHVD4kZR7DiKndKEHtIzVyQqcYIjfwDnnrhzQXDjUg5I/IhADRIHoxlPUje1m6hJ7Cj+fKTRvDdv6u97Tee9+pvEL4CR9XZE7EVEMSI+i4iZ7HouO+LjzpHc92T//vLB/v3lXLTbn/4zl7Yn16LrzySuZa9ZiogffifiJ7nn4zZ3dteXarXqVlafa9U355o7uzfX6kur1dXqRqWyuLA4/+GtDyrnNta36sWs9OXHf9j7xs+Sbk1nV7rHcZ46Qy8cxUmMR8T3LyLYEIxl4ykOuyO8lHxEvB4R76TP/0yMpV9NAOAqa7dnoj3TXQcArrp8mgPL5ctZLmA68vlyuZPDeyOm8rVGs3XjTmN7Y6WTK5uNQv7OWq06n+UKZ6OQS+oLaflpvXKsfisiXouIX0xMpvXycqO2Msz/+ADACLt2bP3/z0Rn/QcArrjSsDsAAAyc9R8ARo/1HwBGj/UfAEZPZ/2fHHY3AIAB8v4fAEaP9R8ARsoPPvkkOdoH2edfr9zd2V5v3L25Um2ul+vby+XlxtZmebXRWE0/s6d+0uvVGo3Nhfdj+97sNzebrbnmzu7temN7o3U7/Vzv29VCetfeAEYGAPTz2luP/pxLVuSPJtMjuvZyKAy1Z8BFyw+7A8DQjA27A8DQ2O0LRtcZ3uNLD8AV0WOL3meUev2CULvdbl9cl4ALdv0L8v8wqrry/34KGEaM/D+MLvl/GF3tdu60e/7HaW8EAC43OX6gz/f/X8/Ov82+OfDjleN3PLzIXgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDldrj/bznbC3w68vlyOeKViJiNQu7OWq06HxGvRsSfJgoTSX1hyH0GAM4q/7dctv/X9Zn3pp9pevPaUbEYET/91ae/vLfUam39MaKY+9fE4fXWw+x6ZfC9BwBOdrhOJ+dHXW/kn+zfXz48Btmfv387Ikqd+Af7xTg4ij8e4+m5FIWImPp3Lqt35LpyF2ex9yAiPt9r/LmYTnMgnZ1Pj8dPYr8y0Pj5Z+Ln07bOOfm7+Nw59AVGzaNk/vm41/OXj7fTc+/nv5TOUGeXzX/JSy0fpHPg0/iH899Yn/nv1DHe//13O6XJ59seRHxxPOIw9kHX/HMYP9cn/nunjP+XL735Tr+29q8jrkfv+N2x5lr1zbnmzu7NtfrSanW1ulGpLC4szn9464PKXJqjnuu/Gvzjoxuv9mtLxj/VJ37phPF/9ZTj/83/PvvRV14Q/+vv9oqfjzdeED9ZE792yvhLU78r9WtL4q/0Gf9JX/8bLw77vWJWePzX3ee2DQcAhqe5s7u+VKtVtxQULn8h+Sd7CbrRs/CtQcUqRu+mn7/beaaPNbXbLxWr34xxHlk34DI4eugj4r/D7gwAAAAAAAAAAAAAANDTIH5jadhjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6fwAAAP//sUPPoQ==")
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0)
r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147)
ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6, 0xfffffffffffff, 0x0, 0x3, 0x1})
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000200000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x10)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r11}, 0x10)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)

3.975463044s ago: executing program 4 (id=1605):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10)
openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000240))
r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x20a202, 0x90)
recvmsg$unix(r2, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r3 = socket(0xa, 0x3, 0x3a)
bind$isdn(r3, &(0x7f0000000040)={0x22, 0x7f, 0x6, 0x0, 0x7}, 0x6)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f0000000380)="0086d084", 0x4, 0x800, &(0x7f0000000200)={0x11, 0x8100, r6, 0x1, 0x0, 0x6, @link_local}, 0x14)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
sendto$inet(r3, &(0x7f0000000480)="17c05201bc6e3f17c633cd3ee162ed11a4c2261a3ca17fc5d5ed9131e83548c9bc8f5cf7c4a6b471477466c605b249ea760f89a5f9d921ddd60665ab2db74542c1292d0d2d03e6d8a7cbc31686e84a79281b9b1ce1c30243a9a8332133b0c54127138249bec901b858618d72c426cf08d04eefa5c2002086", 0x78, 0x10, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)={0x44, r8, 0x1, 0x400, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x24, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x20}]}, {0x4}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}]}, 0x44}}, 0x0)
r11 = openat$rdma_cm(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
tee(r11, r2, 0x86a7, 0xa)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000019c0)={'syztnl0\x00', &(0x7f0000000500)={'sit0\x00', 0x0, 0x0, 0x7800, 0x7, 0x0, {{0x13, 0x4, 0x0, 0x2e, 0x4c, 0x64, 0x36, 0x7, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, {[@lsrr={0x83, 0xf, 0xbf, [@multicast2, @loopback, @local]}, @timestamp_addr={0x44, 0x24, 0xe1, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@multicast1, 0x552}, {@local, 0x9}, {@broadcast, 0x2}]}, @ra={0x94, 0x4, 0x1}]}}}}})
clock_settime(0x2, &(0x7f00000002c0))

3.462276991s ago: executing program 4 (id=1607):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"})
syz_open_pts(r1, 0x141601)
r2 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88))
msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
clock_getres(0x6, 0x0)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8})
close_range(r1, 0xffffffffffffffff, 0x0)

2.562654354s ago: executing program 4 (id=1609):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48)
close(0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r3, 0x0, 0x400000000000000, 0x7)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703310000001f03000000000000040014000d000a000d0000009ee5", 0x2e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
dup(0xffffffffffffffff)
socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000)
syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25")

2.514415119s ago: executing program 1 (id=1610):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x1, 0x6, @dev={0xfe, 0x80, '\x00', 0x2d}}, 0x1c)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000009"], 0x108}}, 0x0)

2.505808879s ago: executing program 1 (id=1611):
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200f9"], 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000e9a0597f10077bcf4125d6da594c0000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
clock_gettime(0x0, &(0x7f0000000000)={<r4=>0x0, <r5=>0x0})
nanosleep(&(0x7f0000000280)={r4, r5+10000000}, &(0x7f00000002c0))
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)

2.226913545s ago: executing program 4 (id=1612):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)

2.080052219s ago: executing program 3 (id=1613):
r0 = socket$inet6(0xa, 0x80002, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe26, 0xb, @empty}, 0x1c)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x2}, "30b00afe4e70"}}}}}}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xffffffffffffff52, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x4, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0x6}}, [@TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0x9, 0xfc, 0x1, 0xb0000000, 0x1, 0xffffffff, 0x3}}, {0x0, 0x2, [0x6, 0x5]}}, {{0x0, 0x1, {0xe, 0x39, 0xffbf, 0x6, 0x2, 0x7, 0xbb}}, {0x0, 0x2, [0xe5]}}]}, @TCA_INGRESS_BLOCK, @TCA_INGRESS_BLOCK]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000010}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x4, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_FLAGS={0x8, 0x2f, 0x6}]}}]}, 0x3c}}, 0x0)
r5 = openat$zero(0xffffff9c, &(0x7f0000000040), 0x20000, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg0\x00', <r6=>0x0})
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan1\x00'})
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000500)={'wpan1\x00', <r10=>0x0})
sendmsg$NL802154_CMD_SET_CHANNEL(r8, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="290200000000000000000900000008000300", @ANYRES32=r10, @ANYBLOB="0500080009000000050007"], 0x2c}}, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000680)='skb_copy_datagram_iovec\x00', r11}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff})
sendmsg$inet(r13, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r12, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r7, 0x0, 0x4000)
r14 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xf, 0x8, 0x0, 0x9, 0x4, r2, 0x7, '\x00', r6, r5, 0x4000001, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r15, 0x0, 0x0}, 0x10)

2.020365155s ago: executing program 3 (id=1614):
prctl$PR_SET_NAME(0xf, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d40)={{r0}, &(0x7f0000000cc0), &(0x7f0000000d00)='%-5lx  \x00'}, 0x20)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x20000014})
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x6}]})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, &(0x7f0000000040)=0x8)
close_range(r4, 0xffffffffffffffff, 0x0)

1.940874102s ago: executing program 4 (id=1615):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0xf}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x2)

1.569943616s ago: executing program 1 (id=1616):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x800)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0xf}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1)
fcntl$notify(0xffffffffffffffff, 0x402, 0x2)

1.502643402s ago: executing program 1 (id=1617):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"})
syz_open_pts(r1, 0x141601)
r2 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88))
msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
clock_getres(0x6, 0x0)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8})
close_range(r1, 0xffffffffffffffff, 0x0)

1.126120117s ago: executing program 3 (id=1618):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x45, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10)
acct(&(0x7f0000000080)='./file0\x00')
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0)
r4 = dup3(r2, r3, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r4, 0x0, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88)

1.037302915s ago: executing program 3 (id=1619):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0xf}, 0x1c)
r3 = socket(0xa, 0x40000000002, 0x0)
setpriority(0x1, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10)
setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB]}, 0x78)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, &(0x7f0000000180)=""/118, 0x0, 0x76, 0x0, 0x7, 0x0, @void, @value}, 0x28)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={<r9=>0xffffffffffffffff}, 0x2}}, 0x6b)
write$RDMA_USER_CM_CMD_LISTEN(r8, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r9}}, 0x10)
socket$inet_tcp(0x2, 0x1, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x2)

592.624386ms ago: executing program 1 (id=1620):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) (fail_nth: 2)

509.863034ms ago: executing program 1 (id=1621):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"})
syz_open_pts(r1, 0x141601)
r2 = msgget$private(0x0, 0x0)
msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88))
msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0)
msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
close(r7)
perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0)
recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r8=>0xffffffffffffffff]}}], 0x18}, 0x0)
write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef)
msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10)
msgctl$IPC_SET(r2, 0x1, 0x0)

483.118756ms ago: executing program 3 (id=1622):
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=")
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48)
close(0xffffffffffffffff)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]})
rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440))
r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0)
fallocate(r3, 0x0, 0x400000000000000, 0x7)
r4 = socket$netlink(0x10, 0x3, 0x0)
writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703310000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9", 0x45}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
dup(0xffffffffffffffff)
socket$xdp(0x2c, 0x3, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = socket$xdp(0x2c, 0x3, 0x0)
sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000)
syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25")

0s ago: executing program 3 (id=1624):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000240)={'vxcan0\x00', <r3=>0x0})
sendmsg$can_raw(r2, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f0000000140)={&(0x7f0000000200)=@can={{}, 0x0, 0x0, 0x4, 0x0, "1b2bd600c7ed2890"}, 0x10}, 0x2, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 1)

kernel console output (not intermixed with test programs):

? should_fail_ex+0x31/0x230
[  186.525608][T12925]  v2_write_dquot+0xd3/0x130
[  186.530245][T12925]  dquot_commit+0x219/0x260
[  186.534777][T12925]  ext4_write_dquot+0x129/0x1d0
[  186.539633][T12925]  ext4_mark_dquot_dirty+0x94/0xd0
[  186.544763][T12925]  __dquot_alloc_space+0x37b/0x8a0
[  186.549859][T12925]  ext4_mb_new_blocks+0x918/0x2020
[  186.555027][T12925]  ? __kmalloc_noprof+0x165/0x370
[  186.560118][T12925]  ? ext4_find_extent+0x69b/0x7c0
[  186.565120][T12925]  ? ext4_inode_to_goal_block+0x1cb/0x1f0
[  186.570830][T12925]  ext4_ext_map_blocks+0x1008/0x35c0
[  186.576191][T12925]  ? invalidate_inode_pages2_range+0x6ea/0x730
[  186.582373][T12925]  ? ext4_map_query_blocks+0x10e/0x180
[  186.587877][T12925]  ext4_map_blocks+0x592/0xcf0
[  186.592631][T12925]  ext4_iomap_begin+0x4a9/0x5d0
[  186.597564][T12925]  iomap_iter+0x3cc/0x800
[  186.601875][T12925]  ? __pfx_ext4_iomap_begin+0x10/0x10
[  186.607230][T12925]  __iomap_dio_rw+0x697/0x1090
[  186.611976][T12925]  ? __vfs_getxattr+0x29f/0x2b0
[  186.616831][T12925]  iomap_dio_rw+0x40/0x90
[  186.621148][T12925]  ext4_file_write_iter+0xa8c/0xe10
[  186.626334][T12925]  do_iter_readv_writev+0x394/0x450
[  186.631548][T12925]  vfs_writev+0x2d4/0x880
[  186.635869][T12925]  __se_sys_pwritev2+0x10c/0x1d0
[  186.640794][T12925]  __x64_sys_pwritev2+0x78/0x90
[  186.645652][T12925]  x64_sys_call+0x271f/0x2d60
[  186.650334][T12925]  do_syscall_64+0xc9/0x1c0
[  186.654949][T12925]  ? clear_bhb_loop+0x55/0xb0
[  186.659668][T12925]  ? clear_bhb_loop+0x55/0xb0
[  186.664393][T12925]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.670288][T12925] RIP: 0033:0x7f5db3b3dff9
[  186.674682][T12925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  186.694362][T12925] RSP: 002b:00007f5db27b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148
[  186.702953][T12925] RAX: ffffffffffffffda RBX: 00007f5db3cf5f80 RCX: 00007f5db3b3dff9
[  186.710954][T12925] RDX: 0000000000000002 RSI: 0000000020000240 RDI: 0000000000000004
[  186.718916][T12925] RBP: 00007f5db27b7090 R08: 0000000000000000 R09: 0000000000000003
[  186.726865][T12925] R10: 0000000000001800 R11: 0000000000000246 R12: 0000000000000001
[  186.734895][T12925] R13: 0000000000000000 R14: 00007f5db3cf5f80 R15: 00007ffd482ccb08
[  186.742859][T12925]  </TASK>
[  186.745940][T12925] EXT4-fs error (device loop2): ext4_write_dquot:6859: comm syz.2.1489: Failed to commit dquot type 0
[  186.770483][T12079] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.782888][T12882] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.790199][T12882] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.799042][T12882] bridge_slave_0: entered allmulticast mode
[  186.811515][T12882] bridge_slave_0: entered promiscuous mode
[  186.822603][T12882] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.829738][T12882] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.848776][T12882] bridge_slave_1: entered allmulticast mode
[  186.860387][T12882] bridge_slave_1: entered promiscuous mode
[  186.911214][   T89] bridge_slave_1: left allmulticast mode
[  186.916922][   T89] bridge_slave_1: left promiscuous mode
[  186.922762][   T89] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.928243][T12961] loop2: detected capacity change from 0 to 8192
[  186.936546][   T89] bridge_slave_0: left allmulticast mode
[  186.942329][   T89] bridge_slave_0: left promiscuous mode
[  186.947969][   T89] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.948803][T12961] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  187.103288][   T89] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  187.132168][   T89] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  187.156980][   T89] bond0 (unregistering): Released all slaves
[  187.185417][T12961] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1491'.
[  187.202027][T12961] 0·: renamed from hsr_slave_1 (while UP)
[  187.216601][T12961] 0·: entered allmulticast mode
[  187.230025][T12961] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  187.254538][T12882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  187.266562][   T89] hsr_slave_0: left promiscuous mode
[  187.272257][   T89] 0·: left promiscuous mode
[  187.277481][   T89] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  187.284876][   T89] batman_adv: batadv0: Removing interface: batadv_slave_0
[  187.298525][   T89] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  187.303780][T12980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  187.306021][   T89] batman_adv: batadv0: Removing interface: batadv_slave_1
[  187.314749][T12980] FAT-fs (loop2): Filesystem has been set read-only
[  187.328950][T12980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  187.337995][   T89] veth1_macvtap: left promiscuous mode
[  187.343530][   T89] veth0_macvtap: left promiscuous mode
[  187.349052][   T89] veth1_vlan: left promiscuous mode
[  187.354311][   T89] veth0_vlan: left promiscuous mode
[  187.439883][   T89] team0 (unregistering): Port device team_slave_1 removed
[  187.449686][   T89] team0 (unregistering): Port device team_slave_0 removed
[  187.482941][T12882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  187.515103][T12882] team0: Port device team_slave_0 added
[  187.521707][T12882] team0: Port device team_slave_1 added
[  187.532037][T12683] veth0_vlan: entered promiscuous mode
[  187.550472][T12882] batman_adv: batadv0: Adding interface: batadv_slave_0
[  187.557455][T12882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.583593][T12882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  187.594839][T12882] batman_adv: batadv0: Adding interface: batadv_slave_1
[  187.601859][T12882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  187.627821][T12882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  187.645174][T12683] veth1_vlan: entered promiscuous mode
[  187.663574][T12769] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  187.680657][T12769] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  187.689997][T12769] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  187.702160][T12882] hsr_slave_0: entered promiscuous mode
[  187.709362][T12882] hsr_slave_1: entered promiscuous mode
[  187.712480][T12980] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  187.723930][T12882] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  187.732242][T12882] Cannot create hsr debugfs directory
[  187.740417][T12683] veth0_macvtap: entered promiscuous mode
[  187.749341][T12769] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  187.786381][T12683] veth1_macvtap: entered promiscuous mode
[  187.817340][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.827970][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.837839][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  187.848417][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.859199][T12683] batman_adv: batadv0: Interface activated: batadv_slave_0
[  187.882802][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.893419][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.903249][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  187.913762][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  187.924986][T12683] batman_adv: batadv0: Interface activated: batadv_slave_1
[  187.942007][T12769] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.954657][T12769] 8021q: adding VLAN 0 to HW filter on device team0
[  187.963137][T12683] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  187.972031][T12683] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  187.980787][T12683] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  187.989489][T12683] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  188.022018][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.029218][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.062583][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.069652][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.086499][   T89] IPVS: stop unused estimator thread 0...
[  188.116424][T12769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  188.126820][T12769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  188.165422][  T367] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.242950][  T367] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.286347][T13038] chnl_net:caif_netlink_parms(): no params data found
[  188.291130][T13088] loop1: detected capacity change from 0 to 1024
[  188.300562][T13088] EXT4-fs: Ignoring removed i_version option
[  188.323176][  T367] bond0: (slave netdevsim1): Releasing backup interface
[  188.332765][  T367] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.333169][T13088] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.391937][T12683] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /3/file2/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1
[  188.415228][T12683] EXT4-fs (loop1): Remounting filesystem read-only
[  188.415412][T12769] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.436757][  T367] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.460293][T13038] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.467505][T13038] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.474754][T13038] bridge_slave_0: entered allmulticast mode
[  188.481632][T13038] bridge_slave_0: entered promiscuous mode
[  188.493803][T13038] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.501083][T13038] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.508533][T13038] bridge_slave_1: entered allmulticast mode
[  188.518064][T13038] bridge_slave_1: entered promiscuous mode
[  188.546957][T13038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  188.562040][T12882] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  188.570932][T12882] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  188.586378][T13038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  188.595458][T12882] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  188.626387][T13038] team0: Port device team_slave_0 added
[  188.632810][T13038] team0: Port device team_slave_1 added
[  188.638493][T12882] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  188.650152][  T367] bridge_slave_1: left allmulticast mode
[  188.655903][  T367] bridge_slave_1: left promiscuous mode
[  188.661680][  T367] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.669708][  T367] bridge_slave_0: left allmulticast mode
[  188.675458][  T367] bridge_slave_0: left promiscuous mode
[  188.681170][  T367] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.716626][T12496] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  188.724292][  T367] batman_adv: batadv0: Removing interface: erspan1
[  188.825735][  T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.835960][  T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.845932][  T367] bond0 (unregistering): Released all slaves
[  188.862875][T13038] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.869849][T13038] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.895799][T13038] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.915661][T13038] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.922705][T13038] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  188.948663][T13038] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.964952][  T367] hsr_slave_0: left promiscuous mode
[  188.970495][  T367] 0·: left promiscuous mode
[  188.977544][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  188.984928][  T367] batman_adv: batadv0: Removing interface: batadv_slave_0
[  188.992620][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.000004][  T367] batman_adv: batadv0: Removing interface: batadv_slave_1
[  189.008369][  T367] veth1_macvtap: left promiscuous mode
[  189.013828][  T367] veth0_macvtap: left promiscuous mode
[  189.019404][  T367] veth1_vlan: left promiscuous mode
[  189.024606][  T367] veth0_vlan: left promiscuous mode
[  189.090739][  T367] team0 (unregistering): Port device team_slave_1 removed
[  189.101302][  T367] team0 (unregistering): Port device team_slave_0 removed
[  189.186739][T13038] hsr_slave_0: entered promiscuous mode
[  189.198724][T13038] hsr_slave_1: entered promiscuous mode
[  189.204755][T13038] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  189.212394][T13038] Cannot create hsr debugfs directory
[  189.243071][T12882] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.263308][T12769] veth0_vlan: entered promiscuous mode
[  189.278510][T12882] 8021q: adding VLAN 0 to HW filter on device team0
[  189.299708][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.306802][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  189.317346][T12769] veth1_vlan: entered promiscuous mode
[  189.347012][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.354260][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  189.413142][T12769] veth0_macvtap: entered promiscuous mode
[  189.437706][T12769] veth1_macvtap: entered promiscuous mode
[  189.457581][T12882] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  189.481230][T13129] chnl_net:caif_netlink_parms(): no params data found
[  189.515318][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.525819][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.535731][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  189.546190][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.556949][T12769] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.571663][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.582171][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.591964][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  189.602446][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  189.613213][T12769] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.633872][T13129] bridge0: port 1(bridge_slave_0) entered blocking state
[  189.640999][T13129] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.649356][T13129] bridge_slave_0: entered allmulticast mode
[  189.655801][T13129] bridge_slave_0: entered promiscuous mode
[  189.665924][  T367] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.678546][T12769] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.687340][T12769] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.696065][T12769] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.704815][T12769] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.718415][T13129] bridge0: port 2(bridge_slave_1) entered blocking state
[  189.725636][T13129] bridge0: port 2(bridge_slave_1) entered disabled state
[  189.733100][T13129] bridge_slave_1: entered allmulticast mode
[  189.740176][T13129] bridge_slave_1: entered promiscuous mode
[  189.752974][  T367] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.778486][T12882] 8021q: adding VLAN 0 to HW filter on device batadv0
[  189.789081][T13129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  189.812572][T13129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  189.836437][T13129] team0: Port device team_slave_0 added
[  189.844505][  T367] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.860412][T13129] team0: Port device team_slave_1 added
[  189.938118][T13129] batman_adv: batadv0: Adding interface: batadv_slave_0
[  189.945156][T13129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  189.971183][T13129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  189.986531][  T367] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  189.998237][T13129] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.005236][T13129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.031229][T13129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.072634][T13129] hsr_slave_0: entered promiscuous mode
[  190.078763][T13129] hsr_slave_1: entered promiscuous mode
[  190.084915][T13129] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  190.093116][T13129] Cannot create hsr debugfs directory
[  190.099638][   T29] kauditd_printk_skb: 21 callbacks suppressed
[  190.099649][   T29] audit: type=1326 audit(1727863782.641:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.114811][T13038] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  190.129321][   T29] audit: type=1326 audit(1727863782.641:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.141224][   T29] audit: type=1326 audit(1727863782.678:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.183250][   T29] audit: type=1326 audit(1727863782.678:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.206772][   T29] audit: type=1326 audit(1727863782.678:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.231194][   T29] audit: type=1326 audit(1727863782.705:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.233686][T13038] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  190.254820][   T29] audit: type=1326 audit(1727863782.705:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.285012][   T29] audit: type=1326 audit(1727863782.705:4204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.285875][T12683] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.308486][   T29] audit: type=1326 audit(1727863782.705:4205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.340891][   T29] audit: type=1326 audit(1727863782.705:4206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000
[  190.373959][T12882] veth0_vlan: entered promiscuous mode
[  190.412819][T13038] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  190.421551][T12882] veth1_vlan: entered promiscuous mode
[  190.436194][  T367] bridge_slave_1: left allmulticast mode
[  190.441940][  T367] bridge_slave_1: left promiscuous mode
[  190.447541][  T367] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.456861][  T367] bridge_slave_0: left allmulticast mode
[  190.462553][  T367] bridge_slave_0: left promiscuous mode
[  190.468208][  T367] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.548590][  T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  190.558864][  T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  190.569201][  T367] bond0 (unregistering): Released all slaves
[  190.576885][T13038] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  190.596299][T12882] veth0_macvtap: entered promiscuous mode
[  190.612435][T12882] veth1_macvtap: entered promiscuous mode
[  190.620155][  T367] hsr_slave_0: left promiscuous mode
[  190.626007][  T367] hsr_slave_1: left promiscuous mode
[  190.631545][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.639100][  T367] batman_adv: batadv0: Removing interface: batadv_slave_0
[  190.646856][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  190.654297][  T367] batman_adv: batadv0: Removing interface: batadv_slave_1
[  190.662972][  T367] veth1_macvtap: left promiscuous mode
[  190.668508][  T367] veth0_macvtap: left promiscuous mode
[  190.674113][  T367] veth1_vlan: left promiscuous mode
[  190.679349][  T367] veth0_vlan: left promiscuous mode
[  190.750570][  T367] team0 (unregistering): Port device team_slave_1 removed
[  190.760651][  T367] team0 (unregistering): Port device team_slave_0 removed
[  190.839559][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.850061][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.859940][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  190.870395][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.887533][T12882] batman_adv: batadv0: Interface activated: batadv_slave_0
[  190.926148][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.936753][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.946581][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  190.957102][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  190.988318][T12882] batman_adv: batadv0: Interface activated: batadv_slave_1
[  190.992144][T13255] loop4: detected capacity change from 0 to 8192
[  191.021731][T12882] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.030583][T12882] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.039350][T12882] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.048312][T12882] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.094038][T13038] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.148203][T13038] 8021q: adding VLAN 0 to HW filter on device team0
[  191.178103][T13237] chnl_net:caif_netlink_parms(): no params data found
[  191.196597][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.203718][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.221638][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.228709][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.290290][T13279] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  191.300352][T13280] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  191.321733][T13129] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  191.334478][T13129] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  191.354437][T13038] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  191.364926][T13038] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  191.379285][T13237] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.386425][T13237] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.395649][T13237] bridge_slave_0: entered allmulticast mode
[  191.403285][T13237] bridge_slave_0: entered promiscuous mode
[  191.414400][T13129] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  191.421441][T13296] FAULT_INJECTION: forcing a failure.
[  191.421441][T13296] name failslab, interval 1, probability 0, space 0, times 0
[  191.434109][T13296] CPU: 1 UID: 0 PID: 13296 Comm: syz.4.1508 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  191.444872][T13296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  191.454986][T13296] Call Trace:
[  191.458255][T13296]  <TASK>
[  191.461219][T13296]  dump_stack_lvl+0xf2/0x150
[  191.465796][T13296]  dump_stack+0x15/0x20
[  191.470097][T13296]  should_fail_ex+0x223/0x230
[  191.474802][T13296]  ? audit_log_start+0x34c/0x6b0
[  191.479788][T13296]  should_failslab+0x8f/0xb0
[  191.484373][T13296]  kmem_cache_alloc_noprof+0x4c/0x290
[  191.489823][T13296]  audit_log_start+0x34c/0x6b0
[  191.494572][T13296]  audit_seccomp+0x4b/0x130
[  191.499100][T13296]  __seccomp_filter+0x6fa/0x1180
[  191.504077][T13296]  ? proc_fail_nth_write+0x12a/0x150
[  191.509387][T13296]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  191.515019][T13296]  ? vfs_write+0x580/0x910
[  191.519550][T13296]  ? __fget_files+0x1d4/0x210
[  191.524222][T13296]  __secure_computing+0x9f/0x1c0
[  191.529151][T13296]  syscall_trace_enter+0xd1/0x1f0
[  191.534309][T13296]  ? fpregs_assert_state_consistent+0x83/0xa0
[  191.540379][T13296]  do_syscall_64+0xaa/0x1c0
[  191.544946][T13296]  ? clear_bhb_loop+0x55/0xb0
[  191.550057][T13296]  ? clear_bhb_loop+0x55/0xb0
[  191.554723][T13296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.560624][T13296] RIP: 0033:0x7f2fc8f8dff9
[  191.565024][T13296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.584854][T13296] RSP: 002b:00007f2fc7c01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000044
[  191.593272][T13296] RAX: ffffffffffffffda RBX: 00007f2fc9145f80 RCX: 00007f2fc8f8dff9
[  191.601244][T13296] RDX: 0000000000000000 RSI: 0000000000000618 RDI: 0000000000000000
[  191.609214][T13296] RBP: 00007f2fc7c01090 R08: 0000000000000000 R09: 0000000000000000
[  191.617191][T13296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.625167][T13296] R13: 0000000000000000 R14: 00007f2fc9145f80 R15: 00007ffcd91c0878
[  191.633147][T13296]  </TASK>
[  191.638442][T13129] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  191.650599][T13237] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.657706][T13237] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.665066][T13237] bridge_slave_1: entered allmulticast mode
[  191.671589][T13237] bridge_slave_1: entered promiscuous mode
[  191.721859][T13129] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.734541][T13129] 8021q: adding VLAN 0 to HW filter on device team0
[  191.757014][T13129] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  191.767469][T13129] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  191.790821][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.797915][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.807645][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.814719][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.841679][  T367] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.867734][T13038] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.876685][T13237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  191.901528][T13237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  191.914343][  T367] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.935687][T13237] team0: Port device team_slave_0 added
[  191.942204][T13237] team0: Port device team_slave_1 added
[  191.985286][  T367] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.002583][T13237] batman_adv: batadv0: Adding interface: batadv_slave_0
[  192.009569][T13237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.035497][T13237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  192.048396][T13237] batman_adv: batadv0: Adding interface: batadv_slave_1
[  192.055446][T13237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  192.081552][T13237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  192.094734][T13129] 8021q: adding VLAN 0 to HW filter on device batadv0
[  192.106845][  T367] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  192.134518][T13237] hsr_slave_0: entered promiscuous mode
[  192.141743][T13237] hsr_slave_1: entered promiscuous mode
[  192.170887][T13038] veth0_vlan: entered promiscuous mode
[  192.190378][T13038] veth1_vlan: entered promiscuous mode
[  192.237573][  T367] bridge_slave_1: left allmulticast mode
[  192.243248][  T367] bridge_slave_1: left promiscuous mode
[  192.248969][  T367] bridge0: port 2(bridge_slave_1) entered disabled state
[  192.262382][  T367] bridge_slave_0: left allmulticast mode
[  192.268135][  T367] bridge_slave_0: left promiscuous mode
[  192.273925][  T367] bridge0: port 1(bridge_slave_0) entered disabled state
[  192.368965][  T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  192.379212][  T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  192.390092][  T367] bond0 (unregistering): Released all slaves
[  192.423616][T13038] veth0_macvtap: entered promiscuous mode
[  192.440809][  T367] hsr_slave_0: left promiscuous mode
[  192.446562][  T367] hsr_slave_1: left promiscuous mode
[  192.452131][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  192.459625][  T367] batman_adv: batadv0: Removing interface: batadv_slave_0
[  192.467574][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.475169][  T367] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.484245][  T367] veth1_macvtap: left promiscuous mode
[  192.489879][  T367] veth0_macvtap: left promiscuous mode
[  192.495412][  T367] veth1_vlan: left promiscuous mode
[  192.500859][  T367] veth0_vlan: left promiscuous mode
[  192.583401][  T367] team0 (unregistering): Port device team_slave_1 removed
[  192.593558][  T367] team0 (unregistering): Port device team_slave_0 removed
[  192.634303][T13038] veth1_macvtap: entered promiscuous mode
[  192.642803][T13129] veth0_vlan: entered promiscuous mode
[  192.663269][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.673775][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.683609][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.684486][T13341] loop4: detected capacity change from 0 to 8192
[  192.694027][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.694726][T13038] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.718404][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.728874][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.732221][T13341] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  192.738741][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  192.759789][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.770373][T13038] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.781146][T13038] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.789986][T13038] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.798673][T13038] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.807414][T13038] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.817197][T13341] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1511'.
[  192.827536][T13341] 0·: renamed from hsr_slave_1 (while UP)
[  192.838322][T13341] 0·: entered allmulticast mode
[  192.845139][T13341] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  192.862372][T13129] veth1_vlan: entered promiscuous mode
[  192.897617][T13129] veth0_macvtap: entered promiscuous mode
[  192.904948][T13129] veth1_macvtap: entered promiscuous mode
[  192.918681][T13343] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  192.926444][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.927558][T13343] FAT-fs (loop4): Filesystem has been set read-only
[  192.937960][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.954416][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.962534][T13343] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  192.964894][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  192.983466][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  192.993921][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.002136][T13350] netlink: 8280 bytes leftover after parsing attributes in process `syz.3.1513'.
[  193.038298][T13350] netlink: 8280 bytes leftover after parsing attributes in process `syz.3.1513'.
[  193.055010][T13129] batman_adv: batadv0: Interface activated: batadv_slave_0
[  193.076240][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.086729][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.096598][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.107071][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.116957][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  193.127384][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  193.147122][T13129] batman_adv: batadv0: Interface activated: batadv_slave_1
[  193.169523][T13129] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  193.178257][T13129] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  193.187185][T13129] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  193.195988][T13129] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  193.256191][T13237] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  193.272286][T13237] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  193.310861][T13237] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  193.332832][T13370] loop2: detected capacity change from 0 to 8192
[  193.339758][T13237] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  193.368323][T13343] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  193.379457][T13370] FAULT_INJECTION: forcing a failure.
[  193.379457][T13370] name failslab, interval 1, probability 0, space 0, times 0
[  193.392135][T13370] CPU: 0 UID: 0 PID: 13370 Comm: syz.2.1515 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  193.402952][T13370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  193.413050][T13370] Call Trace:
[  193.416319][T13370]  <TASK>
[  193.419246][T13370]  dump_stack_lvl+0xf2/0x150
[  193.423903][T13370]  dump_stack+0x15/0x20
[  193.428119][T13370]  should_fail_ex+0x223/0x230
[  193.432866][T13370]  ? fat_parse_long+0x5d/0x400
[  193.437637][T13370]  should_failslab+0x8f/0xb0
[  193.442228][T13370]  kmem_cache_alloc_noprof+0x4c/0x290
[  193.447639][T13370]  ? __memcg_slab_post_alloc_hook+0x4c4/0x660
[  193.453753][T13370]  fat_parse_long+0x5d/0x400
[  193.458357][T13370]  fat_search_long+0x1ff/0x980
[  193.463151][T13370]  ? __d_lookup_rcu+0x29b/0x2a0
[  193.468117][T13370]  ? avc_has_perm_noaudit+0x170/0x210
[  193.473574][T13370]  vfat_lookup+0xd6/0x2d0
[  193.477894][T13370]  __lookup_slow+0x184/0x250
[  193.482486][T13370]  lookup_slow+0x3c/0x60
[  193.486724][T13370]  link_path_walk+0x69e/0x820
[  193.491392][T13370]  __filename_parentat+0x13c/0x3c0
[  193.496554][T13370]  do_renameat2+0x330/0xa60
[  193.501045][T13370]  ? strncpy_from_user+0xd3/0x200
[  193.506153][T13370]  __x64_sys_rename+0x58/0x70
[  193.510822][T13370]  x64_sys_call+0x1a84/0x2d60
[  193.515492][T13370]  do_syscall_64+0xc9/0x1c0
[  193.519984][T13370]  ? clear_bhb_loop+0x55/0xb0
[  193.524766][T13370]  ? clear_bhb_loop+0x55/0xb0
[  193.529453][T13370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  193.535355][T13370] RIP: 0033:0x7f33a2d2dff9
[  193.539770][T13370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  193.559416][T13370] RSP: 002b:00007f33a19a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  193.567817][T13370] RAX: ffffffffffffffda RBX: 00007f33a2ee5f80 RCX: 00007f33a2d2dff9
[  193.575777][T13370] RDX: 0000000000000000 RSI: 0000000020001300 RDI: 0000000020000040
[  193.583736][T13370] RBP: 00007f33a19a1090 R08: 0000000000000000 R09: 0000000000000000
[  193.591728][T13370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  193.599686][T13370] R13: 0000000000000000 R14: 00007f33a2ee5f80 R15: 00007fff588af398
[  193.607659][T13370]  </TASK>
[  193.682109][  T367] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.735924][  T367] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.754339][T13237] 8021q: adding VLAN 0 to HW filter on device bond0
[  193.765959][T13237] 8021q: adding VLAN 0 to HW filter on device team0
[  193.784094][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state
[  193.791182][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  193.805174][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  193.812259][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  193.826552][  T367] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.860820][T13237] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  193.871318][T13237] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  193.911468][  T367] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  193.928143][T13408] loop2: detected capacity change from 0 to 8192
[  193.946587][T13408] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  193.998319][T13408] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1520'.
[  194.008621][T13408] 0·: renamed from hsr_slave_1 (while UP)
[  194.015711][T13408] 0·: entered allmulticast mode
[  194.020857][T13408] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  194.037129][  T367] bridge_slave_1: left allmulticast mode
[  194.042845][  T367] bridge_slave_1: left promiscuous mode
[  194.048579][  T367] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.059643][  T367] bridge_slave_0: left allmulticast mode
[  194.065329][  T367] bridge_slave_0: left promiscuous mode
[  194.070973][  T367] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.077934][T13427] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  194.086872][T13427] FAT-fs (loop2): Filesystem has been set read-only
[  194.094291][T13427] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  194.103320][T13427] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  194.119374][T13427] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  194.200685][  T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  194.211861][  T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  194.223266][  T367] bond0 (unregistering): Released all slaves
[  194.227849][T13429] syz.0.1522[13429] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.229332][T13429] syz.0.1522[13429] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.241890][T13429] syz.0.1522[13429] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  194.269942][T13237] 8021q: adding VLAN 0 to HW filter on device batadv0
[  194.284575][T13431] loop0: detected capacity change from 0 to 128
[  194.320749][T13431] FAT-fs (loop0): error, corrupted directory (invalid entries)
[  194.328450][T13431] FAT-fs (loop0): Filesystem has been set read-only
[  194.336734][  T367] hsr_slave_0: left promiscuous mode
[  194.351351][  T367] 0·: left promiscuous mode
[  194.362446][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  194.369874][  T367] batman_adv: batadv0: Removing interface: batadv_slave_0
[  194.377716][  T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  194.385183][  T367] batman_adv: batadv0: Removing interface: batadv_slave_1
[  194.396978][  T367] veth1_macvtap: left promiscuous mode
[  194.402561][  T367] veth0_macvtap: left promiscuous mode
[  194.408129][  T367] veth1_vlan: left promiscuous mode
[  194.413370][  T367] veth0_vlan: left promiscuous mode
[  194.492932][  T367] team0 (unregistering): Port device team_slave_1 removed
[  194.502993][  T367] team0 (unregistering): Port device team_slave_0 removed
[  194.551081][T13456] IPv6: Can't replace route, no match found
[  194.563411][T13396] chnl_net:caif_netlink_parms(): no params data found
[  194.598471][T13460] 9pnet_fd: Insufficient options for proto=fd
[  194.649019][T13396] bridge0: port 1(bridge_slave_0) entered blocking state
[  194.656179][T13396] bridge0: port 1(bridge_slave_0) entered disabled state
[  194.663473][T13396] bridge_slave_0: entered allmulticast mode
[  194.669836][T13396] bridge_slave_0: entered promiscuous mode
[  194.678546][T13237] veth0_vlan: entered promiscuous mode
[  194.685048][T13396] bridge0: port 2(bridge_slave_1) entered blocking state
[  194.692118][T13396] bridge0: port 2(bridge_slave_1) entered disabled state
[  194.699265][T13396] bridge_slave_1: entered allmulticast mode
[  194.705676][T13396] bridge_slave_1: entered promiscuous mode
[  194.738843][T13237] veth1_vlan: entered promiscuous mode
[  194.747151][T13396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  194.762826][T13237] veth0_macvtap: entered promiscuous mode
[  194.777810][T13473] netlink: 'syz.0.1528': attribute type 1 has an invalid length.
[  194.785392][T13396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  194.795668][T13237] veth1_macvtap: entered promiscuous mode
[  194.825616][T13396] team0: Port device team_slave_0 added
[  194.841184][T13477] loop0: detected capacity change from 0 to 1024
[  194.849350][T13396] team0: Port device team_slave_1 added
[  194.859136][T13477] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  194.874362][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.884898][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.894789][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.905264][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.914799][T13477] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f054c01c, mo2=0002]
[  194.915096][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  194.923090][T13477] System zones: 0-1, 3-36
[  194.933529][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.934721][T13237] batman_adv: batadv0: Interface activated: batadv_slave_0
[  194.937909][T13477] 
[  194.948526][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.967779][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.977624][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  194.988024][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  194.997828][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  195.008311][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  195.019129][T13237] batman_adv: batadv0: Interface activated: batadv_slave_1
[  195.021497][T13477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.035230][T13237] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  195.047440][T13237] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  195.056305][T13237] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  195.065027][T13237] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  195.079839][T13396] batman_adv: batadv0: Adding interface: batadv_slave_0
[  195.086875][T13396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.112949][T13396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  195.132209][T13396] batman_adv: batadv0: Adding interface: batadv_slave_1
[  195.139315][T13396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  195.165368][T13396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  195.214333][T13396] hsr_slave_0: entered promiscuous mode
[  195.223320][T13396] hsr_slave_1: entered promiscuous mode
[  195.237852][T13396] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  195.249602][T13396] Cannot create hsr debugfs directory
[  195.322244][T13494] loop3: detected capacity change from 0 to 4096
[  195.340888][T13494] EXT4-fs: Ignoring removed nobh option
[  195.346573][T13494] EXT4-fs: Ignoring removed i_version option
[  195.406896][T13502] loop7: detected capacity change from 0 to 16384
[  195.427712][T13494] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.454330][T13502] loop7: detected capacity change from 16384 to 16383
[  195.462007][T13502] netlink: 'syz.1.1503': attribute type 30 has an invalid length.
[  195.518301][T12882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.545116][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1503'.
[  195.554177][T13520] netlink: 'syz.1.1503': attribute type 30 has an invalid length.
[  195.739653][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  195.773641][T13129] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.793930][T13535] loop3: detected capacity change from 0 to 8192
[  195.804031][T13535] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  195.818800][T13396] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  195.844535][T13396] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  195.862765][T13535] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1531'.
[  195.871939][T13535] 0·: renamed from hsr_slave_1 (while UP)
[  195.879372][T13535] 0·: entered allmulticast mode
[  195.889116][T13535] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  195.909198][   T29] kauditd_printk_skb: 84 callbacks suppressed
[  195.909210][   T29] audit: type=1326 audit(1727863788.003:4289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13551 comm="syz.0.1534" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd596bdff9 code=0x0
[  195.917805][T13396] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  195.959716][T13565] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  195.968638][T13565] FAT-fs (loop3): Filesystem has been set read-only
[  195.976227][T13565] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  195.977761][T13396] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  195.991967][T13565] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  196.019933][T13565] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  196.067844][T13396] 8021q: adding VLAN 0 to HW filter on device bond0
[  196.082210][T13396] 8021q: adding VLAN 0 to HW filter on device team0
[  196.094295][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.101518][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  196.120315][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.127438][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  196.248613][T13396] 8021q: adding VLAN 0 to HW filter on device batadv0
[  196.256895][T13556] chnl_net:caif_netlink_parms(): no params data found
[  196.306405][T13556] bridge0: port 1(bridge_slave_0) entered blocking state
[  196.313663][T13556] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.329377][T13556] bridge_slave_0: entered allmulticast mode
[  196.340722][T13556] bridge_slave_0: entered promiscuous mode
[  196.344071][T13616] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks
[  196.347747][T13556] bridge0: port 2(bridge_slave_1) entered blocking state
[  196.361496][T13556] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.368848][T13556] bridge_slave_1: entered allmulticast mode
[  196.376169][T13556] bridge_slave_1: entered promiscuous mode
[  196.408558][T13556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  196.419046][T13556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  196.431216][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.457774][T13556] team0: Port device team_slave_0 added
[  196.464258][T13556] team0: Port device team_slave_1 added
[  196.487616][T13556] batman_adv: batadv0: Adding interface: batadv_slave_0
[  196.494664][T13556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.520663][T13556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  196.539675][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.551013][T13556] batman_adv: batadv0: Adding interface: batadv_slave_1
[  196.557977][T13556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  196.584036][T13556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  196.607270][T13632] FAULT_INJECTION: forcing a failure.
[  196.607270][T13632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  196.620489][T13632] CPU: 0 UID: 0 PID: 13632 Comm: +}[@ Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  196.630762][T13632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  196.640816][T13632] Call Trace:
[  196.644140][T13632]  <TASK>
[  196.647124][T13632]  dump_stack_lvl+0xf2/0x150
[  196.651726][T13632]  dump_stack+0x15/0x20
[  196.655879][T13632]  should_fail_ex+0x223/0x230
[  196.660619][T13632]  should_fail+0xb/0x10
[  196.664793][T13632]  should_fail_usercopy+0x1a/0x20
[  196.669804][T13632]  _copy_from_user+0x1e/0xd0
[  196.674406][T13632]  do_sock_getsockopt+0xd3/0x260
[  196.679383][T13632]  __sys_getsockopt+0x18a/0x200
[  196.684226][T13632]  __x64_sys_getsockopt+0x66/0x80
[  196.689303][T13632]  x64_sys_call+0x11cd/0x2d60
[  196.693962][T13632]  do_syscall_64+0xc9/0x1c0
[  196.698538][T13632]  ? clear_bhb_loop+0x55/0xb0
[  196.703303][T13632]  ? clear_bhb_loop+0x55/0xb0
[  196.707988][T13632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.714094][T13632] RIP: 0033:0x7fdbfe11dff9
[  196.718503][T13632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  196.738109][T13632] RSP: 002b:00007fdbfcd97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  196.746628][T13632] RAX: ffffffffffffffda RBX: 00007fdbfe2d5f80 RCX: 00007fdbfe11dff9
[  196.754602][T13632] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003
[  196.762669][T13632] RBP: 00007fdbfcd97090 R08: 0000000020000100 R09: 0000000000000000
[  196.770623][T13632] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  196.778571][T13632] R13: 0000000000000000 R14: 00007fdbfe2d5f80 R15: 00007ffcbb697a78
[  196.786525][T13632]  </TASK>
[  196.797243][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  196.812464][T13396] veth0_vlan: entered promiscuous mode
[  196.831302][T13556] hsr_slave_0: entered promiscuous mode
[  196.837414][T13556] hsr_slave_1: entered promiscuous mode
[  196.845398][T13556] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  196.853244][T13556] Cannot create hsr debugfs directory
[  196.885528][T13396] veth1_vlan: entered promiscuous mode
[  196.921959][T13613] chnl_net:caif_netlink_parms(): no params data found
[  196.944082][   T11] bridge_slave_1: left allmulticast mode
[  196.949770][   T11] bridge_slave_1: left promiscuous mode
[  196.955506][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.963470][   T11] bridge_slave_0: left allmulticast mode
[  196.969112][   T11] bridge_slave_0: left promiscuous mode
[  196.974825][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  196.988483][   T29] audit: type=1326 audit(1727863789.000:4290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.012422][   T29] audit: type=1326 audit(1727863789.000:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.035949][   T29] audit: type=1326 audit(1727863789.000:4292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.059440][   T29] audit: type=1326 audit(1727863789.000:4293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.083038][   T29] audit: type=1326 audit(1727863789.000:4294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.106558][   T29] audit: type=1326 audit(1727863789.000:4295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.130079][   T29] audit: type=1326 audit(1727863789.000:4296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.153544][   T29] audit: type=1326 audit(1727863789.000:4297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.177145][   T29] audit: type=1326 audit(1727863789.000:4298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  197.244772][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  197.255574][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  197.266448][   T11] bond0 (unregistering): Released all slaves
[  197.297794][T13396] veth0_macvtap: entered promiscuous mode
[  197.306067][   T11] hsr_slave_0: left promiscuous mode
[  197.311738][   T11] 0·: left promiscuous mode
[  197.316580][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  197.324049][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  197.331840][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  197.339446][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  197.348443][   T11] veth1_macvtap: left promiscuous mode
[  197.354035][   T11] veth0_macvtap: left promiscuous mode
[  197.359500][   T11] veth1_vlan: left promiscuous mode
[  197.364727][   T11] veth0_vlan: left promiscuous mode
[  197.437335][   T11] team0 (unregistering): Port device team_slave_1 removed
[  197.447182][   T11] team0 (unregistering): Port device team_slave_0 removed
[  197.509399][T13613] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.516580][T13613] bridge0: port 1(bridge_slave_0) entered disabled state
[  197.524013][T13613] bridge_slave_0: entered allmulticast mode
[  197.530435][T13613] bridge_slave_0: entered promiscuous mode
[  197.542250][T13396] veth1_macvtap: entered promiscuous mode
[  197.549205][T13613] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.556336][T13613] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.563589][T13613] bridge_slave_1: entered allmulticast mode
[  197.570083][T13613] bridge_slave_1: entered promiscuous mode
[  197.592681][T13613] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  197.603305][T13613] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  197.624137][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.634591][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.644404][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.654818][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.664622][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  197.675016][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.686876][T13396] batman_adv: batadv0: Interface activated: batadv_slave_0
[  197.695452][T13613] team0: Port device team_slave_0 added
[  197.706788][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.717296][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.727202][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.737705][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.747511][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  197.757948][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  197.789038][T13396] batman_adv: batadv0: Interface activated: batadv_slave_1
[  197.799493][T13613] team0: Port device team_slave_1 added
[  197.829332][T13396] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  197.838102][T13396] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.846831][T13396] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.855626][T13396] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.882524][T13671] FAULT_INJECTION: forcing a failure.
[  197.882524][T13671] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  197.895888][T13671] CPU: 1 UID: 0 PID: 13671 Comm: syz.1.1545 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  197.906740][T13671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  197.916835][T13671] Call Trace:
[  197.920111][T13671]  <TASK>
[  197.923095][T13671]  dump_stack_lvl+0xf2/0x150
[  197.927702][T13671]  dump_stack+0x15/0x20
[  197.931859][T13671]  should_fail_ex+0x223/0x230
[  197.932041][T13664] loop0: detected capacity change from 0 to 8192
[  197.936618][T13671]  should_fail_alloc_page+0xfd/0x110
[  197.944784][T13664] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  197.948227][T13671]  __alloc_pages_noprof+0x109/0x360
[  197.948252][T13671]  alloc_pages_mpol_noprof+0xb1/0x1e0
[  197.948298][T13671]  vma_alloc_folio_noprof+0x1a0/0x2f0
[  197.948420][T13671]  handle_mm_fault+0xdbe/0x2a80
[  197.979510][T13671]  exc_page_fault+0x296/0x650
[  197.984260][T13671]  asm_exc_page_fault+0x26/0x30
[  197.989163][T13671] RIP: 0010:rep_stos_alternative+0x40/0x80
[  197.995032][T13671] Code: ff c7 48 ff c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 90 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47
[  198.014820][T13671] RSP: 0018:ffffc90001577c10 EFLAGS: 00050202
[  198.021272][T13671] RAX: 0000000000000000 RBX: 000000002000b080 RCX: 0000000000000080
[  198.029256][T13671] RDX: 0000000000000000 RSI: 000000002000a080 RDI: 000000002000b000
[  198.037324][T13671] RBP: 000000002000a080 R08: ffffffff81bdb31f R09: 0000000000000000
[  198.045298][T13671] R10: 0001ffffffffffff R11: ffff888114865280 R12: ffffc90001577da0
[  198.053267][T13671] R13: 0000000000001000 R14: 0000000000009000 R15: 0000000000001000
[  198.061394][T13671]  ? iov_iter_zero+0x22f/0xc30
[  198.066166][T13671]  iov_iter_zero+0x251/0xc30
[  198.070910][T13671]  ? iovec_from_user+0x17a/0x210
[  198.075852][T13671]  read_iter_zero+0x5e/0x1e0
[  198.080533][T13671]  do_iter_readv_writev+0x394/0x450
[  198.085746][T13671]  vfs_readv+0x1df/0x660
[  198.090001][T13671]  do_readv+0xf8/0x220
[  198.094112][T13671]  __x64_sys_readv+0x45/0x50
[  198.098786][T13671]  x64_sys_call+0x2bd9/0x2d60
[  198.103469][T13671]  do_syscall_64+0xc9/0x1c0
[  198.108008][T13671]  ? clear_bhb_loop+0x55/0xb0
[  198.112695][T13671]  ? clear_bhb_loop+0x55/0xb0
[  198.117430][T13671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  198.123342][T13671] RIP: 0033:0x7fdbfe11dff9
[  198.127758][T13671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  198.147364][T13671] RSP: 002b:00007fdbfcd97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  198.155777][T13671] RAX: ffffffffffffffda RBX: 00007fdbfe2d5f80 RCX: 00007fdbfe11dff9
[  198.163773][T13671] RDX: 0000000000000002 RSI: 0000000020003400 RDI: 0000000000000008
[  198.171829][T13671] RBP: 00007fdbfcd97090 R08: 0000000000000000 R09: 0000000000000000
[  198.179837][T13671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  198.187810][T13671] R13: 0000000000000000 R14: 00007fdbfe2d5f80 R15: 00007ffcbb697a78
[  198.195779][T13671]  </TASK>
[  198.219006][T13664] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1544'.
[  198.236839][T13664] 0·: renamed from hsr_slave_1 (while UP)
[  198.254970][T13664] 0·: entered allmulticast mode
[  198.268273][T13664] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  198.288879][T13613] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.296021][T13613] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.322254][T13613] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.364407][T13613] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.371440][T13613] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  198.397693][T13613] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.465826][T13613] hsr_slave_0: entered promiscuous mode
[  198.478920][T13613] hsr_slave_1: entered promiscuous mode
[  198.488063][T13613] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  198.497045][T13613] Cannot create hsr debugfs directory
[  198.505320][T13556] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  198.516733][T13556] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  198.532910][   T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.611371][T13556] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  198.623209][T13556] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  198.653080][   T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.711000][   T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.752249][   T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  198.766922][T13556] 8021q: adding VLAN 0 to HW filter on device bond0
[  198.779610][T13556] 8021q: adding VLAN 0 to HW filter on device team0
[  198.788622][ T4905] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.795795][ T4905] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.806496][  T367] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.813776][  T367] bridge0: port 2(bridge_slave_1) entered forwarding state
[  198.871969][   T11] bridge_slave_1: left allmulticast mode
[  198.877645][   T11] bridge_slave_1: left promiscuous mode
[  198.883688][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.892426][   T11] bridge_slave_0: left allmulticast mode
[  198.898211][   T11] bridge_slave_0: left promiscuous mode
[  198.904160][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  199.021162][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  199.031620][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  199.042179][   T11] bond0 (unregistering): Released all slaves
[  199.071029][T13556] 8021q: adding VLAN 0 to HW filter on device batadv0
[  199.087203][   T11] hsr_slave_0: left promiscuous mode
[  199.093017][   T11] 0·: left promiscuous mode
[  199.097956][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  199.105453][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  199.113193][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  199.120768][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  199.130575][   T11] veth1_macvtap: left promiscuous mode
[  199.136055][   T11] veth0_macvtap: left promiscuous mode
[  199.141610][   T11] veth1_vlan: left promiscuous mode
[  199.146901][   T11] veth0_vlan: left promiscuous mode
[  199.227111][   T11] team0 (unregistering): Port device team_slave_1 removed
[  199.237008][   T11] team0 (unregistering): Port device team_slave_0 removed
[  199.361626][T13556] veth0_vlan: entered promiscuous mode
[  199.369278][T13761] loop1: detected capacity change from 0 to 128
[  199.380284][T13556] veth1_vlan: entered promiscuous mode
[  199.400682][T13556] veth0_macvtap: entered promiscuous mode
[  199.415859][T13556] veth1_macvtap: entered promiscuous mode
[  199.436763][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.447338][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.457259][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.467818][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.477688][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  199.488133][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.499630][T13556] batman_adv: batadv0: Interface activated: batadv_slave_0
[  199.518946][T13613] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  199.527670][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.538191][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.548126][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.558680][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.568587][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  199.579059][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  199.589955][T13556] batman_adv: batadv0: Interface activated: batadv_slave_1
[  199.598732][T13556] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  199.607506][T13556] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  199.616312][T13556] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  199.625010][T13556] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  199.634668][T13613] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  199.645981][T13613] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  199.681207][T13613] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  199.712704][T13801] FAULT_INJECTION: forcing a failure.
[  199.712704][T13801] name failslab, interval 1, probability 0, space 0, times 0
[  199.725480][T13801] CPU: 1 UID: 0 PID: 13801 Comm: syz.4.1555 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  199.736267][T13801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  199.746331][T13801] Call Trace:
[  199.749608][T13801]  <TASK>
[  199.752543][T13801]  dump_stack_lvl+0xf2/0x150
[  199.757133][T13801]  dump_stack+0x15/0x20
[  199.761319][T13801]  should_fail_ex+0x223/0x230
[  199.766010][T13801]  ? audit_log_start+0x34c/0x6b0
[  199.770991][T13801]  should_failslab+0x8f/0xb0
[  199.775585][T13801]  kmem_cache_alloc_noprof+0x4c/0x290
[  199.780960][T13801]  audit_log_start+0x34c/0x6b0
[  199.785747][T13801]  audit_seccomp+0x4b/0x130
[  199.790286][T13801]  __seccomp_filter+0x6fa/0x1180
[  199.790904][T13802] loop0: detected capacity change from 0 to 8192
[  199.795237][T13801]  ? proc_fail_nth_write+0x12a/0x150
[  199.806824][T13801]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  199.810222][T13802] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  199.812468][T13801]  ? vfs_write+0x580/0x910
[  199.827282][T13801]  __secure_computing+0x9f/0x1c0
[  199.832228][T13801]  syscall_trace_enter+0xd1/0x1f0
[  199.837288][T13801]  do_syscall_64+0xaa/0x1c0
[  199.841799][T13801]  ? clear_bhb_loop+0x55/0xb0
[  199.846513][T13801]  ? clear_bhb_loop+0x55/0xb0
[  199.851292][T13801]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.857277][T13801] RIP: 0033:0x7f88ff68dff9
[  199.861693][T13801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  199.881389][T13801] RSP: 002b:00007f88fe307038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e1
[  199.889808][T13801] RAX: ffffffffffffffda RBX: 00007f88ff845f80 RCX: 00007f88ff68dff9
[  199.897779][T13801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  199.905753][T13801] RBP: 00007f88fe307090 R08: 0000000000000000 R09: 0000000000000000
[  199.913774][T13801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.921811][T13801] R13: 0000000000000000 R14: 00007f88ff845f80 R15: 00007ffcda9759d8
[  199.929795][T13801]  </TASK>
[  199.984471][T13613] 8021q: adding VLAN 0 to HW filter on device bond0
[  199.995259][T13613] 8021q: adding VLAN 0 to HW filter on device team0
[  200.011764][T13802] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1554'.
[  200.032212][T13802] 1·: renamed from 
c0· (while UP)
[  200.055211][T13802] A link change request failed with some changes committed already. Interface 
c1· may have been left with an inconsistent configuration, please check.
[  200.075460][   T28] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.082588][   T28] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.103486][T13819] loop4: detected capacity change from 0 to 256
[  200.128301][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.135833][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.143434][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.154606][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.161802][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.189765][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.197286][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.205328][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.212860][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.220264][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.227888][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.235408][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.242822][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.250303][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.255961][T13613] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  200.257843][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.275804][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.283586][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.284445][T13809] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  200.291093][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.299794][T13809] FAT-fs (loop0): Filesystem has been set read-only
[  200.301810][T13809] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  200.307221][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.330590][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.338053][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.345530][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.394431][T13613] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.428080][T13129] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  200.537532][T13846] loop1: detected capacity change from 0 to 128
[  200.545323][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.553351][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.561194][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.568840][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.576260][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.579547][T13843] loop0: detected capacity change from 0 to 8192
[  200.583676][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.597517][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.603240][T13843] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  200.604971][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.622775][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.627306][T13846] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  200.630181][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.650188][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.657870][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.665183][T13846] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  200.665364][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.701772][T13613] veth0_vlan: entered promiscuous mode
[  200.704679][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.717585][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.721302][T13613] veth1_vlan: entered promiscuous mode
[  200.725130][    T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  200.747330][    T8] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  200.762540][T13613] veth0_macvtap: entered promiscuous mode
[  200.772447][T13613] veth1_macvtap: entered promiscuous mode
[  200.776133][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.788897][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.788910][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.788924][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.788934][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.789014][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.789026][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  200.850017][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.852866][T13613] batman_adv: batadv0: Interface activated: batadv_slave_0
[  200.875367][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.875385][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.875396][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.875410][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.875419][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.875432][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.875512][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  200.875524][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  200.882546][T13613] batman_adv: batadv0: Interface activated: batadv_slave_1
[  200.978568][T13613] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  200.987609][T13613] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  200.987640][T13613] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  200.987724][T13613] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.049862][T13237] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.091735][T13859] FAULT_INJECTION: forcing a failure.
[  201.091735][T13859] name failslab, interval 1, probability 0, space 0, times 0
[  201.104554][T13859] CPU: 1 UID: 0 PID: 13859 Comm: syz.1.1562 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  201.115422][T13859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  201.125489][T13859] Call Trace:
[  201.128802][T13859]  <TASK>
[  201.131727][T13859]  dump_stack_lvl+0xf2/0x150
[  201.136318][T13859]  dump_stack+0x15/0x20
[  201.140508][T13859]  should_fail_ex+0x223/0x230
[  201.145187][T13859]  ? __kvmalloc_node_noprof+0x72/0x170
[  201.150695][T13859]  should_failslab+0x8f/0xb0
[  201.155312][T13859]  __kmalloc_node_noprof+0xa8/0x380
[  201.160613][T13859]  __kvmalloc_node_noprof+0x72/0x170
[  201.165975][T13859]  rhashtable_init_noprof+0x312/0x450
[  201.171404][T13859]  nf_flow_table_init+0xe2/0x1d0
[  201.176370][T13859]  nf_tables_newflowtable+0xa4c/0x10d0
[  201.181887][T13859]  nfnetlink_rcv+0xb37/0x15c0
[  201.186683][T13859]  ? kmem_cache_free+0xdc/0x2d0
[  201.191548][T13859]  netlink_unicast+0x599/0x670
[  201.196366][T13859]  netlink_sendmsg+0x5cc/0x6e0
[  201.201207][T13859]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.206482][T13859]  __sock_sendmsg+0x140/0x180
[  201.211174][T13859]  ____sys_sendmsg+0x312/0x410
[  201.216003][T13859]  __sys_sendmsg+0x1d9/0x270
[  201.220652][T13859]  __x64_sys_sendmsg+0x46/0x50
[  201.225413][T13859]  x64_sys_call+0x2689/0x2d60
[  201.230105][T13859]  do_syscall_64+0xc9/0x1c0
[  201.234637][T13859]  ? clear_bhb_loop+0x55/0xb0
[  201.239437][T13859]  ? clear_bhb_loop+0x55/0xb0
[  201.244154][T13859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.250046][T13859] RIP: 0033:0x7fdbfe11dff9
[  201.254455][T13859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.274099][T13859] RSP: 002b:00007fdbfcd97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.282500][T13859] RAX: ffffffffffffffda RBX: 00007fdbfe2d5f80 RCX: 00007fdbfe11dff9
[  201.290514][T13859] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005
[  201.298472][T13859] RBP: 00007fdbfcd97090 R08: 0000000000000000 R09: 0000000000000000
[  201.306454][T13859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.314413][T13859] R13: 0000000000000000 R14: 00007fdbfe2d5f80 R15: 00007ffcbb697a78
[  201.322419][T13859]  </TASK>
[  201.364729][T13867] loop1: detected capacity change from 0 to 128
[  201.396609][  T367] kworker/u8:6: attempt to access beyond end of device
[  201.396609][  T367] loop1: rw=1, sector=145, nr_sectors = 896 limit=128
[  201.427396][   T29] kauditd_printk_skb: 143 callbacks suppressed
[  201.427412][   T29] audit: type=1326 audit(1727863793.098:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.459843][   T29] audit: type=1326 audit(1727863793.098:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.483445][   T29] audit: type=1326 audit(1727863793.098:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.507139][   T29] audit: type=1326 audit(1727863793.098:4443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.530613][   T29] audit: type=1326 audit(1727863793.098:4444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.554170][   T29] audit: type=1326 audit(1727863793.098:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.577784][   T29] audit: type=1326 audit(1727863793.098:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.601376][   T29] audit: type=1326 audit(1727863793.098:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.625039][   T29] audit: type=1326 audit(1727863793.098:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.648775][   T29] audit: type=1326 audit(1727863793.098:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000
[  201.788275][T13881] loop2: detected capacity change from 0 to 8192
[  201.797828][T13881] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  201.810946][T13881] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1568'.
[  201.819950][T13881] 0·: renamed from hsr_slave_1 (while UP)
[  201.827096][T13881] 0·: entered allmulticast mode
[  201.832482][T13881] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  201.865880][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  201.874740][T13882] FAT-fs (loop2): Filesystem has been set read-only
[  201.881606][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  201.890573][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  201.905822][T13882] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF
[  202.077753][T13890] tipc: Started in network mode
[  202.082677][T13890] tipc: Node identity ac14140f, cluster identity 4711
[  202.089974][T13890] tipc: New replicast peer: 255.255.255.255
[  202.096172][T13890] tipc: Enabled bearer <udp:syz2>, priority 10
[  202.118351][T13894] FAULT_INJECTION: forcing a failure.
[  202.118351][T13894] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.131550][T13894] CPU: 0 UID: 0 PID: 13894 Comm: syz.3.1575 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  202.142398][T13894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  202.152443][T13894] Call Trace:
[  202.155738][T13894]  <TASK>
[  202.158658][T13894]  dump_stack_lvl+0xf2/0x150
[  202.163243][T13894]  dump_stack+0x15/0x20
[  202.167464][T13894]  should_fail_ex+0x223/0x230
[  202.172140][T13894]  should_fail+0xb/0x10
[  202.176289][T13894]  should_fail_usercopy+0x1a/0x20
[  202.181318][T13894]  _copy_from_user+0x1e/0xd0
[  202.186157][T13894]  copy_msghdr_from_user+0x54/0x2a0
[  202.191354][T13894]  __sys_sendmsg+0x171/0x270
[  202.195963][T13894]  __x64_sys_sendmsg+0x46/0x50
[  202.200736][T13894]  x64_sys_call+0x2689/0x2d60
[  202.205438][T13894]  do_syscall_64+0xc9/0x1c0
[  202.210006][T13894]  ? clear_bhb_loop+0x55/0xb0
[  202.214684][T13894]  ? clear_bhb_loop+0x55/0xb0
[  202.219429][T13894]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.225320][T13894] RIP: 0033:0x7f0c5ca9dff9
[  202.229742][T13894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.249338][T13894] RSP: 002b:00007f0c5b717038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.257747][T13894] RAX: ffffffffffffffda RBX: 00007f0c5cc55f80 RCX: 00007f0c5ca9dff9
[  202.265803][T13894] RDX: 0000000000000003 RSI: 0000000020000980 RDI: 0000000000000003
[  202.273805][T13894] RBP: 00007f0c5b717090 R08: 0000000000000000 R09: 0000000000000000
[  202.281773][T13894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.289750][T13894] R13: 0000000000000000 R14: 00007f0c5cc55f80 R15: 00007ffd2281c268
[  202.297731][T13894]  </TASK>
[  202.308205][T13896] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1576'.
[  202.343520][T13903] xt_connbytes: Forcing CT accounting to be enabled
[  202.355880][T13903] Cannot find add_set index 0 as target
[  202.418072][T13907] loop1: detected capacity change from 0 to 8192
[  202.435954][T13907] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  202.456526][T13907] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1580'.
[  202.465647][T13907] 0·: renamed from hsr_slave_1 (while UP)
[  202.472650][T13907] 0·: entered allmulticast mode
[  202.478757][T13907] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  202.511961][T13915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  202.520886][T13915] FAT-fs (loop1): Filesystem has been set read-only
[  202.527690][T13915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  202.536642][T13915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  202.703734][T13915] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF
[  202.760232][   T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.816148][   T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.869285][   T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.880301][T13921] chnl_net:caif_netlink_parms(): no params data found
[  202.910138][T13921] bridge0: port 1(bridge_slave_0) entered blocking state
[  202.917180][T13921] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.925228][T13921] bridge_slave_0: entered allmulticast mode
[  202.931774][T13921] bridge_slave_0: entered promiscuous mode
[  202.941386][   T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  202.952531][T13921] bridge0: port 2(bridge_slave_1) entered blocking state
[  202.959629][T13921] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.967084][T13921] bridge_slave_1: entered allmulticast mode
[  202.973763][T13921] bridge_slave_1: entered promiscuous mode
[  202.995870][T13921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  203.006837][T13921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  203.036602][T13921] team0: Port device team_slave_0 added
[  203.043210][T13921] team0: Port device team_slave_1 added
[  203.049419][   T11] bridge_slave_1: left allmulticast mode
[  203.055064][   T11] bridge_slave_1: left promiscuous mode
[  203.060772][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  203.068517][   T11] bridge_slave_0: left allmulticast mode
[  203.074241][   T11] bridge_slave_0: left promiscuous mode
[  203.079906][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  203.160531][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  203.171045][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  203.181078][   T11] bond0 (unregistering): Released all slaves
[  203.189073][   T11] bond1 (unregistering): Released all slaves
[  203.209454][T13921] batman_adv: batadv0: Adding interface: batadv_slave_0
[  203.216431][T13921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.242437][T13921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  203.257812][T13921] batman_adv: batadv0: Adding interface: batadv_slave_1
[  203.264809][T13921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  203.290850][T13921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  203.320571][   T24] tipc: Node number set to 2886997007
[  203.365867][   T11] hsr_slave_0: left promiscuous mode
[  203.371508][   T11] 0·: left promiscuous mode
[  203.377076][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.384489][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.392363][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.399920][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.409399][   T11] veth1_macvtap: left promiscuous mode
[  203.414918][   T11] veth0_macvtap: left promiscuous mode
[  203.420663][   T11] veth1_vlan: left promiscuous mode
[  203.425994][   T11] veth0_vlan: left promiscuous mode
[  203.519409][   T11] team0 (unregistering): Port device team_slave_1 removed
[  203.530927][   T11] team0 (unregistering): Port device team_slave_0 removed
[  203.569504][T13921] hsr_slave_0: entered promiscuous mode
[  203.575572][T13921] hsr_slave_1: entered promiscuous mode
[  203.585896][T13961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1590'.
[  203.594835][T13961] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.602311][T13961] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.609951][T13961] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.617517][T13961] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.896781][T13999] FAULT_INJECTION: forcing a failure.
[  203.896781][T13999] name failslab, interval 1, probability 0, space 0, times 0
[  203.909570][T13999] CPU: 0 UID: 0 PID: 13999 Comm: syz.0.1593 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  203.920341][T13999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  203.930482][T13999] Call Trace:
[  203.933762][T13999]  <TASK>
[  203.936749][T13999]  dump_stack_lvl+0xf2/0x150
[  203.941350][T13999]  dump_stack+0x15/0x20
[  203.945563][T13999]  should_fail_ex+0x223/0x230
[  203.950270][T13999]  ? alloc_inode+0x6a/0x160
[  203.954781][T13999]  should_failslab+0x8f/0xb0
[  203.959440][T13999]  kmem_cache_alloc_lru_noprof+0x51/0x2a0
[  203.965240][T13999]  alloc_inode+0x6a/0x160
[  203.969579][T13999]  new_inode+0x1e/0x100
[  203.973793][T13999]  __debugfs_create_file+0x110/0x300
[  203.979153][T13999]  debugfs_create_file+0x49/0x60
[  203.984170][T13999]  do_blk_trace_setup+0x2d2/0x4d0
[  203.989302][T13999]  blk_trace_setup+0xad/0x140
[  203.993990][T13999]  sg_ioctl+0x6ce/0x1870
[  203.998266][T13999]  ? __pfx_sg_ioctl+0x10/0x10
[  204.002954][T13999]  __se_sys_ioctl+0xcd/0x140
[  204.007559][T13999]  __x64_sys_ioctl+0x43/0x50
[  204.012162][T13999]  x64_sys_call+0x15cc/0x2d60
[  204.016848][T13999]  do_syscall_64+0xc9/0x1c0
[  204.021354][T13999]  ? clear_bhb_loop+0x55/0xb0
[  204.026045][T13999]  ? clear_bhb_loop+0x55/0xb0
[  204.030748][T13999]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  204.036681][T13999] RIP: 0033:0x7efd596bdff9
[  204.041088][T13999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  204.060692][T13999] RSP: 002b:00007efd58337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  204.069120][T13999] RAX: ffffffffffffffda RBX: 00007efd59875f80 RCX: 00007efd596bdff9
[  204.077078][T13999] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000006
[  204.085042][T13999] RBP: 00007efd58337090 R08: 0000000000000000 R09: 0000000000000000
[  204.093142][T13999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  204.101190][T13999] R13: 0000000000000000 R14: 00007efd59875f80 R15: 00007fffa5adb388
[  204.109168][T13999]  </TASK>
[  204.112578][T13999] debugfs: out of free dentries, can not create file 'dropped'
[  204.212479][T14024] loop0: detected capacity change from 0 to 8192
[  204.227845][T14024] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  204.247705][T13921] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  204.256801][T14024] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1595'.
[  204.268641][T14024] 0·: renamed from 
c1· (while UP)
[  204.295920][T14024] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  204.312986][T13921] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  204.321541][T13921] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  204.333199][T13921] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  204.359451][   T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.377987][T14046] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  204.386831][T14046] FAT-fs (loop0): Filesystem has been set read-only
[  204.414325][T13921] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.421315][T14046] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  204.427777][T13921] 8021q: adding VLAN 0 to HW filter on device team0
[  204.440591][T14046] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  204.455954][   T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.485914][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.493076][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.501212][T14046] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[  204.525889][   T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.543447][   T28] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.550519][   T28] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.591362][   T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  204.644818][T14032] chnl_net:caif_netlink_parms(): no params data found
[  204.737428][   T11] bridge_slave_1: left allmulticast mode
[  204.743112][   T11] bridge_slave_1: left promiscuous mode
[  204.748826][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.760086][   T11] bridge_slave_0: left allmulticast mode
[  204.765833][   T11] bridge_slave_0: left promiscuous mode
[  204.771506][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.969172][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.980253][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.991448][   T11] bond0 (unregistering): Released all slaves
[  205.001694][T14032] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.008816][T14032] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.011389][T14127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1604'.
[  205.018590][T14032] bridge_slave_0: entered allmulticast mode
[  205.030342][T14127] loop4: detected capacity change from 0 to 512
[  205.031063][T14032] bridge_slave_0: entered promiscuous mode
[  205.044237][T14032] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.051284][T14032] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.058882][T14032] bridge_slave_1: entered allmulticast mode
[  205.065410][T14032] bridge_slave_1: entered promiscuous mode
[  205.080255][T13921] 8021q: adding VLAN 0 to HW filter on device batadv0
[  205.088166][T14127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.100779][T14127] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  205.113981][T14032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  205.131271][T14127] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #12: comm syz.4.1604: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  205.150809][T14127] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #12: comm syz.4.1604: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  205.169040][   T11] hsr_slave_0: left promiscuous mode
[  205.174708][   T11] 0·: left promiscuous mode
[  205.179761][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.187284][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.195092][T13396] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  205.204502][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.211945][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.221650][   T11] veth1_macvtap: left promiscuous mode
[  205.227430][   T11] veth0_macvtap: left promiscuous mode
[  205.232918][   T11] veth1_vlan: left promiscuous mode
[  205.238193][   T11] veth0_vlan: left promiscuous mode
[  205.342534][   T11] team0 (unregistering): Port device team_slave_1 removed
[  205.353268][   T11] team0 (unregistering): Port device team_slave_0 removed
[  205.411947][T14032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  205.426605][T14144] FAULT_INJECTION: forcing a failure.
[  205.426605][T14144] name failslab, interval 1, probability 0, space 0, times 0
[  205.439426][T14144] CPU: 0 UID: 0 PID: 14144 Comm: syz.3.1606 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  205.450195][T14144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  205.460283][T14144] Call Trace:
[  205.463553][T14144]  <TASK>
[  205.466484][T14144]  dump_stack_lvl+0xf2/0x150
[  205.471131][T14144]  dump_stack+0x15/0x20
[  205.475361][T14144]  should_fail_ex+0x223/0x230
[  205.480051][T14144]  ? __pfx_asymmetric_key_cmp+0x10/0x10
[  205.485602][T14144]  ? asymmetric_key_match_preparse+0x1ef/0x2f0
[  205.491791][T14144]  should_failslab+0x8f/0xb0
[  205.496411][T14144]  __kmalloc_noprof+0xa5/0x370
[  205.501241][T14144]  asymmetric_key_match_preparse+0x1ef/0x2f0
[  205.507305][T14144]  request_key_and_link+0x10c/0xcf0
[  205.512513][T14144]  ? get_pid_task+0x8e/0xc0
[  205.517020][T14144]  ? should_fail_ex+0xd7/0x230
[  205.521800][T14144]  ? strndup_user+0x68/0xa0
[  205.526329][T14144]  ? __pfx_key_default_cmp+0x10/0x10
[  205.531655][T14144]  __se_sys_request_key+0x1d7/0x290
[  205.536856][T14144]  ? fput+0x14e/0x190
[  205.540837][T14144]  __x64_sys_request_key+0x55/0x70
[  205.545951][T14144]  x64_sys_call+0x2643/0x2d60
[  205.550635][T14144]  do_syscall_64+0xc9/0x1c0
[  205.555139][T14144]  ? clear_bhb_loop+0x55/0xb0
[  205.559869][T14144]  ? clear_bhb_loop+0x55/0xb0
[  205.564585][T14144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.570531][T14144] RIP: 0033:0x7f0c5ca9dff9
[  205.574947][T14144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.594623][T14144] RSP: 002b:00007f0c5b6d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  205.603107][T14144] RAX: ffffffffffffffda RBX: 00007f0c5cc56130 RCX: 00007f0c5ca9dff9
[  205.611081][T14144] RDX: 0000000020001fee RSI: 0000000020001ffb RDI: 0000000020000040
[  205.619049][T14144] RBP: 00007f0c5b6d5090 R08: 0000000000000000 R09: 0000000000000000
[  205.627024][T14144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.634995][T14144] R13: 0000000000000000 R14: 00007f0c5cc56130 R15: 00007ffd2281c268
[  205.643028][T14144]  </TASK>
[  205.706578][T14032] team0: Port device team_slave_0 added
[  205.750882][T14032] team0: Port device team_slave_1 added
[  205.795036][T13921] veth0_vlan: entered promiscuous mode
[  205.836211][T13921] veth1_vlan: entered promiscuous mode
[  205.843193][T14032] batman_adv: batadv0: Adding interface: batadv_slave_0
[  205.850151][T14032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.876119][T14032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  205.893888][T14032] batman_adv: batadv0: Adding interface: batadv_slave_1
[  205.900882][T14032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  205.926884][T14032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  205.952854][T13921] veth0_macvtap: entered promiscuous mode
[  205.967852][T14114] chnl_net:caif_netlink_parms(): no params data found
[  206.003100][T14032] hsr_slave_0: entered promiscuous mode
[  206.009240][T14032] hsr_slave_1: entered promiscuous mode
[  206.015053][T14032] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.022691][T14032] Cannot create hsr debugfs directory
[  206.031880][T13921] veth1_macvtap: entered promiscuous mode
[  206.078638][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.089222][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.099159][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  206.109693][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.120427][T13921] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.151199][   T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.179902][T14114] bridge0: port 1(bridge_slave_0) entered blocking state
[  206.187040][T14114] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.194306][T14114] bridge_slave_0: entered allmulticast mode
[  206.200605][T14114] bridge_slave_0: entered promiscuous mode
[  206.209676][T14114] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.216958][T14114] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.224313][T14114] bridge_slave_1: entered allmulticast mode
[  206.230762][T14114] bridge_slave_1: entered promiscuous mode
[  206.241593][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.252097][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.261909][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  206.272441][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  206.283276][T13921] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.292390][T13921] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.301115][T13921] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.310064][T13921] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.318759][T13921] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.332881][   T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.350328][T14114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  206.382361][T14114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  206.399667][   T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.432273][T14114] team0: Port device team_slave_0 added
[  206.445884][   T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  206.457869][T14114] team0: Port device team_slave_1 added
[  206.503600][T14114] batman_adv: batadv0: Adding interface: batadv_slave_0
[  206.510729][T14114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.513337][T14210] loop1: detected capacity change from 0 to 128
[  206.536968][T14114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  206.554693][T14114] batman_adv: batadv0: Adding interface: batadv_slave_1
[  206.561678][T14114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  206.587647][T14114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  206.626588][T14114] hsr_slave_0: entered promiscuous mode
[  206.632889][T14114] hsr_slave_1: entered promiscuous mode
[  206.645037][T14114] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  206.662583][T14114] Cannot create hsr debugfs directory
[  206.692210][T14212] loop4: detected capacity change from 0 to 8192
[  206.707328][T14212] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  206.718936][   T28] bridge_slave_1: left allmulticast mode
[  206.724751][   T28] bridge_slave_1: left promiscuous mode
[  206.730522][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  206.739184][   T28] bridge_slave_0: left allmulticast mode
[  206.744965][   T28] bridge_slave_0: left promiscuous mode
[  206.750699][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  206.854462][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  206.865102][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  206.877269][   T28] bond0 (unregistering): Released all slaves
[  206.888826][T14212] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1609'.
[  206.900051][T14212] 0·: renamed from hsr_slave_1 (while UP)
[  206.907276][T14212] 0·: entered allmulticast mode
[  206.912711][T14212] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  206.952291][T14233] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  206.961397][T14233] FAT-fs (loop4): Filesystem has been set read-only
[  206.968538][T14233] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  206.992793][   T28] tipc: Disabling bearer <udp:syz2>
[  206.998020][   T28] tipc: Left network mode
[  207.004830][T14233] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF
[  207.033051][   T28] hsr_slave_0: left promiscuous mode
[  207.038779][   T28] 0·: left promiscuous mode
[  207.044827][   T28] veth1_macvtap: left promiscuous mode
[  207.050459][   T28] veth0_macvtap: left promiscuous mode
[  207.055998][   T28] veth1_vlan: left promiscuous mode
[  207.061364][   T28] veth0_vlan: left promiscuous mode
[  207.142280][   T28] team0 (unregistering): Port device team_slave_1 removed
[  207.152361][   T28] team0 (unregistering): Port device team_slave_0 removed
[  207.175230][   T29] kauditd_printk_skb: 206 callbacks suppressed
[  207.175244][   T29] audit: type=1326 audit(1727863798.396:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14243 comm="syz.3.1614" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c5ca9dff9 code=0x0
[  207.246466][T14032] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  207.269365][T14032] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  207.287031][T14032] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  207.300980][T14032] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  207.353855][T14032] 8021q: adding VLAN 0 to HW filter on device bond0
[  207.370208][T14032] 8021q: adding VLAN 0 to HW filter on device team0
[  207.379870][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.386949][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  207.400630][   T89] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.407761][   T89] bridge0: port 2(bridge_slave_1) entered forwarding state
[  207.456412][T14032] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  207.466884][T14032] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  207.535749][T14260] chnl_net:caif_netlink_parms(): no params data found
[  207.627169][   T28] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.644938][T14260] bridge0: port 1(bridge_slave_0) entered blocking state
[  207.652060][T14260] bridge0: port 1(bridge_slave_0) entered disabled state
[  207.661008][T14260] bridge_slave_0: entered allmulticast mode
[  207.667590][T14260] bridge_slave_0: entered promiscuous mode
[  207.679298][T14032] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.687160][T14260] bridge0: port 2(bridge_slave_1) entered blocking state
[  207.694266][T14260] bridge0: port 2(bridge_slave_1) entered disabled state
[  207.701603][T14260] bridge_slave_1: entered allmulticast mode
[  207.708175][T14260] bridge_slave_1: entered promiscuous mode
[  207.723641][   T28] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.741792][T14260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  207.752599][T14260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.781795][   T28] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  207.802163][T14114] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  207.812548][T14260] team0: Port device team_slave_0 added
[  207.819393][T14260] team0: Port device team_slave_1 added
[  207.831394][   T29] audit: type=1326 audit(1727863799.005:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.854974][   T29] audit: type=1326 audit(1727863799.005:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.878627][   T29] audit: type=1326 audit(1727863799.005:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.902125][   T29] audit: type=1326 audit(1727863799.005:4660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.925648][   T29] audit: type=1326 audit(1727863799.005:4661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.949120][   T29] audit: type=1326 audit(1727863799.005:4662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.972642][   T29] audit: type=1326 audit(1727863799.005:4663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  207.996115][   T29] audit: type=1326 audit(1727863799.005:4664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  208.020336][   T29] audit: type=1326 audit(1727863799.005:4665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000
[  208.051284][   T28] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.062130][T14114] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  208.080068][T14260] batman_adv: batadv0: Adding interface: batadv_slave_0
[  208.087074][T14260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.113034][T14260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  208.125966][T14114] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  208.135243][T14260] batman_adv: batadv0: Adding interface: batadv_slave_1
[  208.142422][T14260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  208.168320][T14260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  208.260578][T14114] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  208.299374][T14260] hsr_slave_0: entered promiscuous mode
[  208.305929][T14260] hsr_slave_1: entered promiscuous mode
[  208.311827][T14260] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  208.325234][T14260] Cannot create hsr debugfs directory
[  208.344582][   T28] bridge_slave_1: left allmulticast mode
[  208.350353][   T28] bridge_slave_1: left promiscuous mode
[  208.356138][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.364828][   T28] bridge_slave_0: left allmulticast mode
[  208.370517][   T28] bridge_slave_0: left promiscuous mode
[  208.376274][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  208.593225][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  208.690219][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  208.707041][   T28] bond0 (unregistering): Released all slaves
[  208.717265][T14032] veth0_vlan: entered promiscuous mode
[  208.746208][T14363] loop3: detected capacity change from 0 to 8192
[  208.764877][   T28] hsr_slave_0: left promiscuous mode
[  208.774583][   T28] 0·: left promiscuous mode
[  208.779438][T14363] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  208.790945][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.798402][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.806362][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.813847][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.822489][   T28] veth1_macvtap: left promiscuous mode
[  208.828101][   T28] veth0_macvtap: left promiscuous mode
[  208.833632][   T28] veth1_vlan: left promiscuous mode
[  208.838898][   T28] veth0_vlan: left promiscuous mode
[  208.926937][   T28] team0 (unregistering): Port device team_slave_1 removed
[  208.938237][   T28] team0 (unregistering): Port device team_slave_0 removed
[  208.980035][T14032] veth1_vlan: entered promiscuous mode
[  208.988281][T14363] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1622'.
[  208.997331][T14363] 0·: renamed from hsr_slave_1 (while UP)
[  209.004666][T14363] 0·: entered allmulticast mode
[  209.011791][T14363] A link change request failed with some changes committed already. Interface 
c0· may have been left with an inconsistent configuration, please check.
[  209.037117][T14114] 8021q: adding VLAN 0 to HW filter on device bond0
[  209.064727][T14032] veth0_macvtap: entered promiscuous mode
[  209.083345][T14114] 8021q: adding VLAN 0 to HW filter on device team0
[  209.097961][T14032] veth1_macvtap: entered promiscuous mode
[  209.119339][T14032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.129917][T14032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.139754][T14032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  209.150192][T14032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  209.161595][T14032] batman_adv: batadv0: Interface activated: batadv_slave_0
[  209.171605][T14376] ==================================================================
[  209.179701][T14376] BUG: KCSAN: data-race in fat16_ent_get / fat16_ent_put
[  209.186741][T14376] 
[  209.189064][T14376] write to 0xffff888104b849d2 of 2 bytes by task 13613 on cpu 0:
[  209.196778][T14376]  fat16_ent_put+0x28/0x60
[  209.201204][T14376]  fat_free_clusters+0x2a6/0x7a0
[  209.206144][T14376]  fat_truncate_blocks+0x4a8/0x530
[  209.211260][T14376]  fat_evict_inode+0x102/0x160
[  209.216032][T14376]  evict+0x2f0/0x580
[  209.219926][T14376]  iput+0x42a/0x5b0
[  209.223730][T14376]  do_unlinkat+0x282/0x4c0
[  209.228149][T14376]  __x64_sys_unlink+0x2e/0x40
[  209.232834][T14376]  x64_sys_call+0x280f/0x2d60
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  209.237511][T14376]  do_syscall_64+0xc9/0x1c0
[  209.242011][T14376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.247949][T14376] 
[  209.250265][T14376] read to 0xffff888104b849d2 of 2 bytes by task 14376 on cpu 1:
[  209.257889][T14376]  fat16_ent_get+0x23/0x70
[  209.262316][T14376]  fat_ent_read+0x3e0/0x5a0
[  209.266821][T14376]  fat_get_cluster+0x4b9/0x830
[  209.271587][T14376]  fat_truncate_blocks+0x271/0x530
[  209.276704][T14376]  fat_write_begin+0xc0/0xe0
[  209.281304][T14376]  generic_perform_write+0x1a8/0x4a0
[  209.286608][T14376]  __generic_file_write_iter+0xa1/0x120
[  209.292163][T14376]  generic_file_write_iter+0x77/0x1c0
[  209.297537][T14376]  __kernel_write_iter+0x24b/0x4e0
[  209.302661][T14376]  dump_user_range+0x3a7/0x550
[  209.307431][T14376]  elf_core_dump+0x1b66/0x1c60
[  209.312212][T14376]  do_coredump+0x1736/0x1ce0
[  209.316799][T14376]  get_signal+0xdc0/0x1070
[  209.321206][T14376]  arch_do_signal_or_restart+0x95/0x4b0
[  209.326738][T14376]  irqentry_exit_to_user_mode+0x9a/0x130
[  209.332361][T14376]  irqentry_exit+0x12/0x50
[  209.336767][T14376]  exc_general_protection+0x33d/0x4d0
[  209.342123][T14376]  asm_exc_general_protection+0x26/0x30
[  209.347683][T14376] 
[  209.349987][T14376] value changed: 0x03ea -> 0x0000
[  209.354987][T14376] 
[  209.357287][T14376] Reported by Kernel Concurrency Sanitizer on:
[  209.363411][T14376] CPU: 1 UID: 0 PID: 14376 Comm: syz.3.1622 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  209.374153][T14376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  209.384188][T14376] ==================================================================
[  209.392439][T14376] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050)
[  209.401647][T14376] FAT-fs (loop3): Filesystem has been set read-only
[  209.468102][T14376] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  209.707430][   T28] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.791076][   T28] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.900508][   T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  209.998866][   T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.109458][   T28] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.180893][   T28] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.235673][   T28] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.333028][   T28] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  210.393865][   T28] bridge_slave_1: left allmulticast mode
[  210.399642][   T28] bridge_slave_1: left promiscuous mode
[  210.405264][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.412958][   T28] bridge_slave_0: left allmulticast mode
[  210.418623][   T28] bridge_slave_0: left promiscuous mode
[  210.424261][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.432529][   T28] bridge_slave_1: left allmulticast mode
[  210.438205][   T28] bridge_slave_1: left promiscuous mode
[  210.443783][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  210.451536][   T28] bridge_slave_0: left allmulticast mode
[  210.457306][   T28] bridge_slave_0: left promiscuous mode
[  210.463041][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.624673][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.635123][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.645107][   T28] bond0 (unregistering): Released all slaves
[  210.653854][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.663900][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.673768][   T28] bond0 (unregistering): Released all slaves
[  210.746650][   T28] hsr_slave_0: left promiscuous mode
[  210.752418][   T28] 0·: left promiscuous mode
[  210.757329][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.764883][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.773253][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.780746][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.790302][   T28] hsr_slave_0: left promiscuous mode
[  210.796104][   T28] hsr_slave_1: left promiscuous mode
[  210.801707][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.809228][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.816641][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  210.824034][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  210.833507][   T28] veth1_macvtap: left promiscuous mode
[  210.838988][   T28] veth0_macvtap: left promiscuous mode
[  210.844460][   T28] veth1_vlan: left promiscuous mode
[  210.849726][   T28] veth0_vlan: left promiscuous mode
[  210.855419][   T28] veth1_macvtap: left promiscuous mode
[  210.860970][   T28] veth0_macvtap: left promiscuous mode
[  210.866472][   T28] veth1_vlan: left promiscuous mode
[  210.871756][   T28] veth0_vlan: left promiscuous mode
[  210.981980][   T28] team0 (unregistering): Port device team_slave_1 removed
[  210.991324][   T28] team0 (unregistering): Port device team_slave_0 removed
[  211.047580][   T28] team0 (unregistering): Port device team_slave_1 removed
[  211.057948][   T28] team0 (unregistering): Port device team_slave_0 removed
[  211.962724][   T28] bridge_slave_1: left allmulticast mode
[  211.968440][   T28] bridge_slave_1: left promiscuous mode
[  211.974099][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.981843][   T28] bridge_slave_0: left allmulticast mode
[  211.987527][   T28] bridge_slave_0: left promiscuous mode
[  211.993273][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.001197][   T28] bridge_slave_1: left allmulticast mode
[  212.006831][   T28] bridge_slave_1: left promiscuous mode
[  212.012632][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.020177][   T28] bridge_slave_0: left allmulticast mode
[  212.025806][   T28] bridge_slave_0: left promiscuous mode
[  212.031440][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.039332][   T28] bridge_slave_1: left allmulticast mode
[  212.045005][   T28] bridge_slave_1: left promiscuous mode
[  212.050597][   T28] bridge0: port 2(bridge_slave_1) entered disabled state
[  212.058239][   T28] bridge_slave_0: left allmulticast mode
[  212.063910][   T28] bridge_slave_0: left promiscuous mode
[  212.069573][   T28] bridge0: port 1(bridge_slave_0) entered disabled state
[  212.292403][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.302563][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.312591][   T28] bond0 (unregistering): Released all slaves
[  212.321139][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.330960][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.340309][   T28] bond0 (unregistering): Released all slaves
[  212.348497][   T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  212.358361][   T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  212.368076][   T28] bond0 (unregistering): Released all slaves
[  212.415369][   T28] hsr_slave_0: left promiscuous mode
[  212.421268][   T28] hsr_slave_1: left promiscuous mode
[  212.427128][   T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  212.434617][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.442764][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.451396][   T28] hsr_slave_0: left promiscuous mode
[  212.457895][   T28] hsr_slave_1: left promiscuous mode
[  212.463706][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.471521][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.481055][   T28] hsr_slave_0: left promiscuous mode
[  212.486904][   T28] hsr_slave_1: left promiscuous mode
[  212.492495][   T28] batman_adv: batadv0: Removing interface: batadv_slave_0
[  212.500211][   T28] batman_adv: batadv0: Removing interface: batadv_slave_1
[  212.509149][   T28] veth1_macvtap: left promiscuous mode
[  212.514674][   T28] veth0_macvtap: left promiscuous mode
[  212.520173][   T28] veth1_vlan: left promiscuous mode
[  212.525447][   T28] veth0_vlan: left promiscuous mode
[  212.592082][   T28] team0 (unregistering): Port device team_slave_1 removed
[  212.601778][   T28] team0 (unregistering): Port device team_slave_0 removed
[  212.654046][   T28] team0 (unregistering): Port device team_slave_1 removed
[  212.663320][   T28] team0 (unregistering): Port device team_slave_0 removed
[  212.713895][   T28] team0 (unregistering): Port device team_slave_1 removed
[  212.723371][   T28] team0 (unregistering): Port device team_slave_0 removed