last executing test programs: 9.138024838s ago: executing program 2 (id=1557): r0 = open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0) fcntl$setlease(r0, 0x400, 0x1) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1e000000000000030000000100010000200000d3aa3901209e6670d787f4906041cde8ef2f82eb88193c0cd3ed57a75292c9311d6a6a8f6ca2006d72477aeb8a2a67b618e0f815ea8f08576a45e3517da3b39463683aa6fc09bcf59782507500f7888baebbf7fa24e8d09cd7a1e4cdf0696768b3", @ANYRES32=r0, @ANYBLOB="0500"/20, @ANYRES32=0x0, @ANYRES32=r0, @ANYBLOB="0400000001000000010000000500"/28], 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000640)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='kmem_cache_free\x00', r2}, 0x10) r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0) r4 = openat(r3, &(0x7f00000000c0)='./file0\x00', 0x6a1c2, 0x50) faccessat(r3, &(0x7f0000000000)='./file0\x00', 0x5) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r4, 0xc08c5335, &(0x7f0000000180)={0x400, 0x461118d6, 0x1, 'queue0\x00', 0x6}) 9.122158879s ago: executing program 2 (id=1558): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10) r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000580)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) r3 = syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000440)=ANY=[@ANYRES32=r1], 0x0) close_range(r2, 0xffffffffffffffff, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000f00)=ANY=[@ANYRESHEX=r0, @ANYRES16=r4, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000020000ff82c2b01cb0de2a00000070003220e4699565718f00000000000000000000000000000000006ecc9b5a4c1048165627c5902f342ebd08e546e0f06834a0c70493233512484fd8114155ebc31e9a6d012b24e00037310f09dcae62415cdf378d8a79e953da710666df34908f9ca6b6b9796458555d38072e93c00a7f024e7539dcf0669e2e35491d1d5ec44209b8674cc1b074bbb15c44c0dff0b0efc2f9159bd7a26fa17b04a01c742d870f24ccfe9ff914c96349cebf6bd5f974e48450a3ffb9375a4180e1b1c5125b15973c8bfb0158f80da8db2c66d5e09f361ee3d048d2bb7cf55f5b310fd039f0b44776f4e3017bc964964637c801135fb75c805c7baa3cc6a5893030072acbeaace39f38a011c6e356604a665d3a86c79f4d43421131f7664e8a3507966592de0fadadb277e1dbf4b2cbd7f5cd09568c280e1c0754167d8c999e9d48212d3af728299ae406de52174bb4c9a3009911309e59d2ed11c4f3c1a33085cf010492fddae01bd0ab4c77de73b0d019623fe216eeb4efbabc1e66a8f39b32c1021933ff13ed6d087714ba8de24134f9ae3bc5f8dee292d6121a5df7dff9b01b5141b0c946a9720a6b9c3c0a18bac8d2b672b9eb5bd224240186410a7621db8b766d75c310b9e2fe73c9d577762ba9180d0c2cf57bf701694727e55319953d8a33e15965e8ace3cf32273cb7a0b66c1cc9e3f3ddeaa556dcfb91b287bc4d7ca50dc04a7f620e7741ba7e37a75a8d65b46a6b24cb3dc11403fc6897688b9a24daede23145042e5dad9a86173e2e6eca1f943c4e68d519199634b704d685ee7bee8746867eb0d9673d31c9bb58550b10950575abeb4a01b7bd7dd52a1c00f7"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000b8e9850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x90) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r7}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r8}, 0x10) setresuid(0x0, 0x0, 0x0) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='kfree\x00', r9}, 0x10) mount$9p_virtio(0x0, &(0x7f0000000300)='./cgroup\x00', &(0x7f0000000340), 0x4, &(0x7f0000000ac0)=ANY=[@ANYBLOB='trans=virtio,aname=,dfltgid', @ANYRESHEX=0x0, @ANYBLOB=',smackfshat=*-{,uid>', @ANYBLOB=',seclabel']) memfd_secret(0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000dc0)=ANY=[@ANYBLOB="1600000000000000040000000100000000000000", @ANYRES32, @ANYRES16=r3, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000004000f14c23b0d8e113b16b4dd3c61880903e8a5c0a66f48289e571596066df0db7b612518f06e9d65e7d929e8f01d433ebf4be761275a21b3fa84964796c2c3250b328825c08b4d5cb81a0dedaeca751b477571034bce6f3d53b6eb3d07558eea6f0b3b2c68be8c544ca850084487c3107574d5fd4d243b0e427c590e9c782ecf1b308a0abbbfd8780303200f5b0c003b6bc4ff8226c444a037024a240656d7cc34a69ef2f623d7808c2b807aa35b4edc1f98db8dfaa56502fe2b64014773eca3139af5fcefcb818353c4bfb4a02f1c24556"], 0x50) io_setup(0x8, &(0x7f0000000000)) eventfd2(0x0, 0x0) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000020000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000340)='kfree\x00', r10}, 0x10) perf_event_open(&(0x7f00000000c0)={0x1, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc46, 0x0, @perf_config_ext, 0x0, 0x19fbcc0a, 0x0, 0x0, 0x0, 0x2, 0xffff}, 0x0, 0x4000000000, 0xffffffffffffffff, 0x0) r11 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$UHID_CREATE(r11, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f00000000c0)=""/43, 0x2b}}, 0x120) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) write$UHID_DESTROY(r11, &(0x7f0000000080), 0x4) 7.59293178s ago: executing program 2 (id=1567): r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0) io_setup(0x3ff, &(0x7f0000000500)=0x0) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000080)="4e8fc38e", 0xb, 0x200000000004}]) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="05002a"], 0x2c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 7.415883776s ago: executing program 2 (id=1568): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48) close(0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r3, 0x0, 0x400000000000000, 0x7) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) dup(0xffffffffffffffff) socket$xdp(0x2c, 0x3, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000) syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25") 7.305693087s ago: executing program 2 (id=1569): r0 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0) openat$procfs(0xffffff9c, &(0x7f00000000c0)='/proc/bus/input/devices\x00', 0x0, 0x0) io_setup(0x3ff, &(0x7f0000000500)=0x0) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) io_submit(r1, 0x1, &(0x7f0000000140)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0x0, r2, &(0x7f0000000080)="4e8fc38e", 0xb, 0x200000000004}]) (fail_nth: 1) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16, @ANYBLOB, @ANYBLOB="05002a"], 0x2c}}, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 5.822019624s ago: executing program 0 (id=1590): bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) clock_getres(0x5, 0x0) r0 = socket$inet6_sctp(0xa, 0x801, 0x84) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='kmem_cache_free\x00', r2}, 0x10) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) listen(r3, 0x3) syz_emit_ethernet(0x0, 0x0, 0x0) syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000280)={'batadv0\x00', 0x0}) r5 = socket$nl_route(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) syz_clone3(&(0x7f0000000340)={0x42907480, &(0x7f00000000c0), 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58) getdents64(0xffffffffffffffff, 0xfffffffffffffffe, 0x29) r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f0000000400)='kmem_cache_free\x00', r7}, 0x10) r8 = socket$inet6(0xa, 0x2, 0x0) r9 = socket$key(0xf, 0x3, 0x2) r10 = dup3(r9, r8, 0x0) sendmsg$key(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB="0213ebff05000000ffffffff00000000030039"], 0x28}}, 0x0) sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r4}}, 0x24}}, 0x0) 5.31683897s ago: executing program 0 (id=1592): shmctl$SHM_LOCK(0x0, 0xb) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000f40)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000002d0301000000000095000000000000007126000000000000bf670000000000005601000000ff07ad6706000002000000070300000ee60000bf250000000000002d350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000160400000400f9ffad3001000000000084000000000000004500000001f0ffff95000000000000006e8ad524a56600a5585b7351ca1136aef2e9407e5c2501d11900db85604036883647b1fb3f1403b816f511c8c56e56e40b01005505f8a89dae4293b10f3631b25fc9f189084c7fddccff01361d355f6cce8ec2abcdf1bc9040daef2cfa2046e2091e269f4734ffa55eb2d4e8de20b38c8808b365b46bd54c68cd30139a8c3827a7dd6d6e2b5fea3906f8456b0000000000ff07efffffff0047018ae79db613d2aec070f718ab629b4975320dd7a7da532281fd22c7b835005bf52715396669836db6000000005b4f0591ee7c8cd263dd172b28d01c4d8ddaf2cdad3d1a74a2f078aa6402483856a6e495408d0b33047f06aec2cc590df28efc7dbec6857db922195a271af103f03e1155197e067b2ebf4e2dae06e394c9639564f000fc3cdd05a157544d0200000000000000ee48f5287123a0d246c0c4c00fe979dbc09ed4db22d7172adc6ae8faa5f9ad188e07000000000000008d88a0b4684559d46cae41db1b914e93f1f88e80ef80c6ed3e1ff91ff111000000000000000000e33de432e488ad0e724c2d14a1e770e116984a5700afb8a1f3d47277ef0e33e7e00ec5f74e10937ba0e321346977b7d1b18013f509675b5b0f352e30dffda780e95c301f4fc7d5a76475ace6b128b02bfd71023daffdf748a6bd356fcbacec96373d1101000736ac0bbcb5f4836bddfe8bf46308000000ade9e59fcf271bb98bd0b8b5216b858b414c31682f9f3db2e4d8e5898e445fe55ac56c0ddd932d838ff651023853d42210642986f8bbc7340bc8393f774318c9fc9b05788de2c6e601b50777e8dff581de1d5ae3d801ead7eba31126e2172fa1eadf5f3bec81004d00000000c8e4692e051c731f9ac766b7fd66278d40f0760f23e8c7d1f47cd8e02504e85e152955ad8acd989c0b2eea71414f533f5685c3904bfe1d0011ffc1ba5398f3d68124674478186edd036f15bf847c33f79e1a0ad3d2b5080ecb01420c9f1b534e969fce97ffff07000009000000bfe0ed7c5853a665c0805752dca0e571d75cac5a5d8e4f6e05055b6dec5a9a5696f053a92d81fd9e5f2b9dbbe24f38e745b5a95d45003d0600e413dc623f3e6b096c8b0ad7438c6631388892c55b0671140afbfb83bba415f729fea4c8a8a86189dceedad84cdd17c46bdd847a1f4b0facd3744f5bbb06abb319204fca4bcd4297fe7b4cee75abf43e14fe861224799c0f12702964fc890a176fdafa2c9387280b5693c000c0304cece48642649375dae0b7979b229f708a97349e96e783af9a23cd3980a2c29d3d62875e5319cd51bdd224878a0b25edf0e83c930633bd9a823e28f359608ea326c77a1aa17318f392a0ec6c188916f4149c503027feccfd68ec8278a90252693fb133c4615801077e1d75420017c03990b855fe481a20b4919bb11c6d737b6545ef140a0fc339bb53953662f1454f9852e7c4e17eb8e68f076c659f56d6c7f97a94d604f45cfe88b30c170000000001000000ef931f137967de563c29d81aacb3d48226a4e4b6670900000000000000fa68bff3693afc44db223f0400000000000000d23b48bb38b31a14ffcddd92c38f6b6d86a0e56d47a82bad5d2a6dce4c4d353261260c9d7a6bd9f2c872c4172a3d2ac80dfb718cc159e6423065624f1300007d6072f0cf120ad2ba519afdd43a14000000000000000000000000007ef2f3c58d045f0700000094069acbe333aebd10f2118fbfeda3fa5500d52cd5241588d2b68a332edfef6d701c8936a25d68b841f982511392cc0d3a78616f8ce0f2877d099258bf85866d0ee7f803fa50fd41ef62b028d12028a7b497d92f544523290f520b0d000000000000000000007758b1267669ded883b5867c5916a74843b784955108f750c57744c76a09629dd0aaca5cb0f14f49db80a1aa2692c18fbb31cbdb3f2e138e6d5ba3491fc3617b511f24bad26466407e39000000000080d7a1bf4624d31c13a6840f45a7f4e01a50d790132abb36915e35b1ac35bf3921357f638684bba17b8fe1e2123153ecd6d1f76820d4f8fa0b96b50c457ae8d5f2351cdb7bc8170380557bc11cf6ee3395974e37018a2a7473312cb32affb8ff72a253e0d36099e460f13694b9891af526d9608271838e83d17103887f34210dd4c0cf60dec608b4ca5ba2f3037bf381e7b5d5b27820000000000000000000000b719bd34f3244730f708fdd532640edc6b82dd4ad72ecbaccafef806f5447aba2246d56a601bbd8c24ba1e16dda3296ce10de6830"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r0 = shmget(0x1, 0x4000, 0x200, &(0x7f0000ffb000/0x4000)=nil) shmctl$IPC_RMID(r0, 0x0) shmctl$SHM_INFO(r0, 0xe, &(0x7f0000000000)=""/120) 5.285722853s ago: executing program 0 (id=1593): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_NEXT_CMD_LEN(r2, 0xc0481273, &(0x7f0000000000)) (fail_nth: 8) 5.033684576s ago: executing program 0 (id=1595): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48) close(0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r3, 0x0, 0x400000000000000, 0x7) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703310000001f03000000000000040014000d000a000d0000009ee5", 0x2e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) dup(0xffffffffffffffff) socket$xdp(0x2c, 0x3, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000) syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25") 5.032471077s ago: executing program 2 (id=1596): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) rt_sigaction(0x40, &(0x7f0000000380)={0x0, 0x88000001, 0x0, {[0x7]}}, 0x0, 0x8, &(0x7f00000003c0)) syz_clone3(&(0x7f0000006180)={0x100000000, 0x0, 0x0, 0x0, {0x7}, 0x0, 0x0, 0x0, 0x0}, 0x58) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000003c0)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x2000480, &(0x7f0000000280), 0x1, 0x76a, &(0x7f0000001b00)="$eJzs3d9rW1UcAPDvTdt17aatIOh8KghaGEvtrJuCDxMfRHAw0Ge3kGZlNm1Gk461FNwQwRdBxQdBX/bsj/nmqz9e9b/wQTamdsOJD1K5adJla9KlW5MI+XzgNOfce9Nzvjn3nnuSe0kC6FsT6Z9MxKGI+CiJGKstTyJiqJobjDixud3t9bV8mpLY2Hjzj6S6za31tXw0PCd1oFZ4MiJ+fD/icGZ7veWV1flcsVhYqpWnKgvnp8orq0fOLeTmCnOFxWPTMzNHj79w/NjexfrXL6sHr3/82rPfnPjnvSeufvhTEifiYG1dYxx7ZSImaq/JUPoS3uXVva6sx5JeN4AHkh6aA5tHeRyKsRio5loY6WbLAIBOeTciNgCAPpM4/wNAn6l/DnBrfS1fT739RKK7brwSEfs3469f39xcM1i7Zre/eh109FZy15WRJCLG96D+iYj44ru3v0pTdOg6JEAzly5HxJnxie3jf7LtnoXdeq6NbSbuKRv/oHu+T+c/Lzab/2W25j/RZP4z3OTYfRD3P/4z1/agmpbS+d/LDfe23W6Iv2Z8oFZ6pDrnG0rOnisW0rHt0YiYjKHhtDy9Qx2TN/+92Wpd4/zvz0/e+TKtP328s0Xm2uDw3c+ZzVVyDxNzoxuXI54abBZ/stX/SYv576k263j9pQ8+b7UujT+Nt562x99ZG1cinmna/3fuaEt2vD9xqro7TNV3iia+/fWz0Vb1N/Z/mtL66+8FuiHt/9Gd4x9PGu/XLO++jp+vjP3Qat3942++/+9L3qrm99WWXcxVKkvTEfuSN7YvP3rnufVyffs0/smnmx//O+3/6XvCM23GP3j9968fPP7OSuOf3VX/7z5z9fb8QKv62+v/mWpusraknfGv3QY+zGsHAAAAAAAAAAAAAAAAAAAAAAAAAO3KRMTBSDLZrXwmk81u/ob34zGaKZbKlcNnS8uLs1H9rezxGMrUv+pyrOH7UKdr34dfLx+9p/x8RDwWEZ8Oj1TL2XypONvr4AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg5kCL3/9P/Tbc69YBAB2zv9cNAAC6zvkfAPrP7s7/Ix1rBwDQPd7/A0D/cf4HgP7j/A8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECHnTp5Mk0bf6+v5dPy7IWV5fnShSOzhfJ8dmE5n82Xls5n50qluWIhmy8ttPxHlzYfiqXS+ZlYXL44VSmUK1PlldXTC6Xlxcrpcwu5ucLpwlDXIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA9pVXVudzxWJhSUZGRmYr0zhKjPRugAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4n/svAAD//9EyKso=") syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x88a, &(0x7f00000001c0)={[{@usrquota}, {@usrjquota, 0x22}, {@nobarrier}, {@noload}, {@data_err_ignore}, {@grpjquota, 0x22}, {@grpquota}, {@jqfmt_vfsold}, {@noblock_validity}]}, 0xfe, 0x44e, &(0x7f0000000900)="$eJzs3M1vG0UbAPDHdpw0bfMmbykfDS0ECiLiI2nSD3rgUgQSB5CQ4FDEKSRpFeo2qAkSrSIIHMIRVeKOOCLxF3ChXBBwQuIKd4QUoVwonIzW3k3dxE7ixIlL/ftJm8x4xpp5dnfs8azXAXSsoeRPLuJgRPwaEf3V7J0Vhqr/bq0sTP69sjCZi3L5jT9zlXp/rSxMZlWz5x2oZsrlDdpdejtiolSavprmR+cvvzc6d+36czOXJy5OX5y+Mn727KmTx7rPjJ9uSZx9SV8HP5w9euSVt268Nnn+xjs/fp3092BaXhtHqwxV925dT7a6sTbrq0nnutrYEZpSiIjkcBUr478/CtG7WtYfL3/S1s4Bu6pczpd7GhcvloF7WDJRBzpR9kaffP7Ntj2aetwVls/F6jrGrXSrlnRFPq1TTD8j7YahiDi/+M8XyRa7tA4BAFDr5rmIeLbe/C8fD9TU+196bWggIv4fEYci4r6IOBwR90dU6j4YEQ812f7aKyTr5z/l/m0FtkXJ/O+F9NrWnfO/bPYXA4U011eJv5i7MFOaPpHuk+Eo9iT5sQ3a+O6lXz5rVFY7/0u2pP1sLpj244+uNQt0UxPzEzuJudbyxxGDXfXiz63OeZP58ZGIGNxmGzNPf3W0Udnm8W+gBZPy8pcRT1WP/2KsiT+Ta3h9cuz5M+OnR/dFafrEaHZWrPfTz0uvN2p/R/G3wPLNcuyve/6vxj+Q2xcxd+36pcr12rnm21j67dOGn2m2e/53596spLvTxz6YmJ+/OhbRnXt1/ePjt5+b5bP6yfk/fLz++D8Ut/fEwxGRnMTHIuKRiHg07ftjEfF4RBzfIP4fXnzi3ebj32BVvoWS+Kc2O/5Re/ybTxQuff9N8/FnkuN/qpIaTh/ZyuvfVju4k30HAAAA/xX5ynfgc/mR1XQ+PzJS/Q7/4difL83OzT9zYfb9K1PV78oPRDGfrXT116yHjqVrw1l+fE3+ZLpu/Hmht5IfmZwtTbU7eOhwBxqM/8TvhXb3Dth17teCzmX8Q+cy/qFzGf/QuYx/6Fz1xv9HbegHsPc2ef/v3at+AHvP/B86l/EPncv4h47U8N74/I5u+ZdoU+Lb7p39VsPWE5G/S0K+ZxLFqFvUteUfs9hmoqduUbtfmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFrj3wAAAP//j57jFA==") syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0x64, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000)) 4.798585998s ago: executing program 0 (id=1599): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"}) syz_open_pts(r1, 0x141601) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)) msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0) msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r7) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r10}, 0x18) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8}) 4.370506617s ago: executing program 0 (id=1600): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x52) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r3}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000071"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r4}, 0x10) syz_open_procfs$namespace(0x0, 0xfffffffffffffffe) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r1}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020702500000000002020207b1a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) ioctl$SG_NEXT_CMD_LEN(r5, 0xc0481273, &(0x7f0000000000)) 4.12732603s ago: executing program 4 (id=1604): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000009c0)=ANY=[@ANYBLOB="24000000010401080000000000000000000000040500010002"], 0x24}}, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000f4, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r2}, 0x10) r3 = socket(0x2, 0x3, 0x9) bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10) sendmmsg$inet(r3, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@ip_retopts={{0x30, 0x0, 0x7, {[@noop, @timestamp_addr={0x7, 0x15, 0x15, 0x3, 0x0, [{@local}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@broadcast}]}]}}}], 0x30}}], 0x2, 0x0) close(0xffffffffffffffff) r4 = socket$nl_rdma(0x10, 0x3, 0x14) r5 = perf_event_open(&(0x7f0000000040)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x152090, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, @perf_bp={0x0}}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r5, 0x4008240b, 0x80ffff00000000) sendmsg$RDMA_NLDEV_CMD_GET(r4, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0) syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f00000001c0)={[{@grpquota}, {@inode_readahead_blks}, {@minixdf}]}, 0x1, 0x4ff, &(0x7f0000000ac0)="$eJzs3c9vG1kdAPCvndhx0uwmu+wBEOwuuwsFVXUSdzda7QGWEwK0EmKPIHVD4kZR7DiKndKEHtIzVyQqcYIjfwDnnrhzQXDjUg5I/IhADRIHoxlPUje1m6hJ7Cj+fKTRvDdv6u97Tee9+pvEL4CR9XZE7EVEMSI+i4iZ7HouO+LjzpHc92T//vLB/v3lXLTbn/4zl7Yn16LrzySuZa9ZiogffifiJ7nn4zZ3dteXarXqVlafa9U355o7uzfX6kur1dXqRqWyuLA4/+GtDyrnNta36sWs9OXHf9j7xs+Sbk1nV7rHcZ46Qy8cxUmMR8T3LyLYEIxl4ykOuyO8lHxEvB4R76TP/0yMpV9NAOAqa7dnoj3TXQcArrp8mgPL5ctZLmA68vlyuZPDeyOm8rVGs3XjTmN7Y6WTK5uNQv7OWq06n+UKZ6OQS+oLaflpvXKsfisiXouIX0xMpvXycqO2Msz/+ADACLt2bP3/z0Rn/QcArrjSsDsAAAyc9R8ARo/1HwBGj/UfAEZPZ/2fHHY3AIAB8v4fAEaP9R8ARsoPPvkkOdoH2edfr9zd2V5v3L25Um2ul+vby+XlxtZmebXRWE0/s6d+0uvVGo3Nhfdj+97sNzebrbnmzu7temN7o3U7/Vzv29VCetfeAEYGAPTz2luP/pxLVuSPJtMjuvZyKAy1Z8BFyw+7A8DQjA27A8DQ2O0LRtcZ3uNLD8AV0WOL3meUev2CULvdbl9cl4ALdv0L8v8wqrry/34KGEaM/D+MLvl/GF3tdu60e/7HaW8EAC43OX6gz/f/X8/Ov82+OfDjleN3PLzIXgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDldrj/bznbC3w68vlyOeKViJiNQu7OWq06HxGvRsSfJgoTSX1hyH0GAM4q/7dctv/X9Zn3pp9pevPaUbEYET/91ae/vLfUam39MaKY+9fE4fXWw+x6ZfC9BwBOdrhOJ+dHXW/kn+zfXz48Btmfv387Ikqd+Af7xTg4ij8e4+m5FIWImPp3Lqt35LpyF2ex9yAiPt9r/LmYTnMgnZ1Pj8dPYr8y0Pj5Z+Ln07bOOfm7+Nw59AVGzaNk/vm41/OXj7fTc+/nv5TOUGeXzX/JSy0fpHPg0/iH899Yn/nv1DHe//13O6XJ59seRHxxPOIw9kHX/HMYP9cn/nunjP+XL735Tr+29q8jrkfv+N2x5lr1zbnmzu7NtfrSanW1ulGpLC4szn9464PKXJqjnuu/Gvzjoxuv9mtLxj/VJ37phPF/9ZTj/83/PvvRV14Q/+vv9oqfjzdeED9ZE792yvhLU78r9WtL4q/0Gf9JX/8bLw77vWJWePzX3ee2DQcAhqe5s7u+VKtVtxQULn8h+Sd7CbrRs/CtQcUqRu+mn7/beaaPNbXbLxWr34xxHlk34DI4eugj4r/D7gwAAAAAAAAAAAAAANDTIH5jadhjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Or6fwAAAP//sUPPoQ==") r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x0) r7 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x187842, 0x147) ioctl$EXT4_IOC_MOVE_EXT(r7, 0xc028660f, &(0x7f0000000240)={0x3920e, r6, 0xfffffffffffff, 0x0, 0x3, 0x1}) syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff) syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH") setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file0/file0\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0) openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000200000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r10}, 0x10) r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000020000807b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='kmem_cache_free\x00', r11}, 0x10) signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000) 3.975463044s ago: executing program 4 (id=1605): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000006c0)='kmem_cache_free\x00', r1}, 0x10) openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0) ioctl$AUTOFS_IOC_PROTOVER(r1, 0x80049363, &(0x7f0000000240)) r2 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x20a202, 0x90) recvmsg$unix(r2, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r3 = socket(0xa, 0x3, 0x3a) bind$isdn(r3, &(0x7f0000000040)={0x22, 0x7f, 0x6, 0x0, 0x7}, 0x6) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r5 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) sendto$packet(r5, &(0x7f0000000380)="0086d084", 0x4, 0x800, &(0x7f0000000200)={0x11, 0x8100, r6, 0x1, 0x0, 0x6, @link_local}, 0x14) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'}) sendto$inet(r3, &(0x7f0000000480)="17c05201bc6e3f17c633cd3ee162ed11a4c2261a3ca17fc5d5ed9131e83548c9bc8f5cf7c4a6b471477466c605b249ea760f89a5f9d921ddd60665ab2db74542c1292d0d2d03e6d8a7cbc31686e84a79281b9b1ce1c30243a9a8332133b0c54127138249bec901b858618d72c426cf08d04eefa5c2002086", 0x78, 0x10, 0x0, 0x0) r7 = socket$nl_generic(0x10, 0x3, 0x10) r8 = syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), 0xffffffffffffffff) r9 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', 0x0}) sendmsg$ETHTOOL_MSG_FEATURES_SET(r7, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000002c0)={0x44, r8, 0x1, 0x400, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x24, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x1c, 0x3, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x20}]}, {0x4}]}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}, @ETHTOOL_A_FEATURES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r10}]}]}, 0x44}}, 0x0) r11 = openat$rdma_cm(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) tee(r11, r2, 0x86a7, 0xa) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f00000019c0)={'syztnl0\x00', &(0x7f0000000500)={'sit0\x00', 0x0, 0x0, 0x7800, 0x7, 0x0, {{0x13, 0x4, 0x0, 0x2e, 0x4c, 0x64, 0x36, 0x7, 0x4, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @remote, {[@lsrr={0x83, 0xf, 0xbf, [@multicast2, @loopback, @local]}, @timestamp_addr={0x44, 0x24, 0xe1, 0x1, 0x0, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@multicast1, 0x552}, {@local, 0x9}, {@broadcast, 0x2}]}, @ra={0x94, 0x4, 0x1}]}}}}}) clock_settime(0x2, &(0x7f00000002c0)) 3.462276991s ago: executing program 4 (id=1607): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"}) syz_open_pts(r1, 0x141601) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)) msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0) msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r7) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) clock_getres(0x6, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8}) close_range(r1, 0xffffffffffffffff, 0x0) 2.562654354s ago: executing program 4 (id=1609): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48) close(0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r3, 0x0, 0x400000000000000, 0x7) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703310000001f03000000000000040014000d000a000d0000009ee5", 0x2e}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) dup(0xffffffffffffffff) socket$xdp(0x2c, 0x3, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000) syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25") 2.514415119s ago: executing program 1 (id=1610): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014001100b7030000000000698500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r2}, 0x10) r3 = socket$inet6_icmp(0xa, 0x2, 0x3a) bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x1, 0x6, @dev={0xfe, 0x80, '\x00', 0x2d}}, 0x1c) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000002e00)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021840000000c0a0101000000000000d955070000000900020073797a31000000000900010073797a30000000005800038054000080080003400000000248000b80340001800a0001006c696d69740000002400028008000440000000010c00024000000000000000000c0001400000000000000009"], 0x108}}, 0x0) 2.505808879s ago: executing program 1 (id=1611): futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0) futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0) futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x6, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="18020000fdffffff0000000000000000850000002c00000095"], &(0x7f0000000040)='GPL\x00', 0x5, 0xbf, &(0x7f00000020c0)=""/191, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10) syz_emit_ethernet(0xfdef, &(0x7f0000000280)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200f9"], 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000000000000e9a0597f10077bcf4125d6da594c0000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) nanosleep(&(0x7f0000000280)={r4, r5+10000000}, &(0x7f00000002c0)) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r3, &(0x7f0000000080), &(0x7f0000001540)=""/155}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) 2.226913545s ago: executing program 4 (id=1612): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) 2.080052219s ago: executing program 3 (id=1613): r0 = socket$inet6(0xa, 0x80002, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe26, 0xb, @empty}, 0x1c) r2 = socket$pppl2tp(0x18, 0x1, 0x1) syz_emit_ethernet(0x4c, &(0x7f0000000140)={@link_local, @random="ece65fbcee55", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0x0, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x2}, "30b00afe4e70"}}}}}}}, 0x0) setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x80000004, 0x4) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000010000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = socket(0x2a, 0x2, 0x0) getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0xffffffffffffff52, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x4, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0x6}}, [@TCA_STAB={0x0, 0x8, 0x0, 0x1, [{{0x0, 0x1, {0x9, 0xfc, 0x1, 0xb0000000, 0x1, 0xffffffff, 0x3}}, {0x0, 0x2, [0x6, 0x5]}}, {{0x0, 0x1, {0xe, 0x39, 0xffbf, 0x6, 0x2, 0x7, 0xbb}}, {0x0, 0x2, [0xe5]}}]}, @TCA_INGRESS_BLOCK, @TCA_INGRESS_BLOCK]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000010}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000640)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x4, {0x0, 0x0, 0x0, r4, {0x0, 0xffff}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_FLAGS={0x8, 0x2f, 0x6}]}}]}, 0x3c}}, 0x0) r5 = openat$zero(0xffffff9c, &(0x7f0000000040), 0x20000, 0x0) ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000080)={'wg0\x00', 0x0}) r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'wpan1\x00'}) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000500)={'wpan1\x00', 0x0}) sendmsg$NL802154_CMD_SET_CHANNEL(r8, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000c40)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="290200000000000000000900000008000300", @ANYRES32=r10, @ANYBLOB="0500080009000000050007"], 0x2c}}, 0x0) r11 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000680)='skb_copy_datagram_iovec\x00', r11}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r13, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0) recvmsg$unix(r12, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0) ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, 0x0) sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r7, 0x0, 0x4000) r14 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=@base={0xf, 0x8, 0x0, 0x9, 0x4, r2, 0x7, '\x00', r6, r5, 0x4000001, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r15 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r15, 0x0, 0x0}, 0x10) 2.020365155s ago: executing program 3 (id=1614): prctl$PR_SET_NAME(0xf, 0x0) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d40)={{r0}, &(0x7f0000000cc0), &(0x7f0000000d00)='%-5lx \x00'}, 0x20) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = epoll_create1(0x0) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000100)={0x20000014}) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000280)={0x1, &(0x7f0000000240)=[{0x6}]}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(0xffffffffffffffff, 0x40605346, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000100)=@assoc_value, &(0x7f0000000040)=0x8) close_range(r4, 0xffffffffffffffff, 0x0) 1.940874102s ago: executing program 4 (id=1615): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) socket$vsock_stream(0x28, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0xf}, 0x1c) socket$inet_tcp(0x2, 0x1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) 1.569943616s ago: executing program 1 (id=1616): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) socket$vsock_stream(0x28, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r1, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev, 0xf}, 0x1c) socket$inet_tcp(0x2, 0x1, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) (fail_nth: 1) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) 1.502643402s ago: executing program 1 (id=1617): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"}) syz_open_pts(r1, 0x141601) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)) msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0) msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r7) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) clock_getres(0x6, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)={{0x1}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8}) close_range(r1, 0xffffffffffffffff, 0x0) 1.126120117s ago: executing program 3 (id=1618): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x45, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r0], 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x90) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$tipc(0x1e, 0x2, 0x0) bind$tipc(r2, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x42, 0x0, 0x3}, 0x10) acct(&(0x7f0000000080)='./file0\x00') r3 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10) sendmsg$tipc(r3, &(0x7f0000000140)={0x0, 0x20d302, 0x0}, 0x0) r4 = dup3(r2, r3, 0x0) write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r4, 0x0, 0x0) setsockopt$TIPC_GROUP_LEAVE(r3, 0x10f, 0x88) 1.037302915s ago: executing program 3 (id=1619): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x24d8, @void, @value}, 0x94) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000009c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) pipe2(&(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) socket$vsock_stream(0x28, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c) connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x0, 0x9, @dev={0xfe, 0x80, '\x00', 0xe}, 0xf}, 0x1c) r3 = socket(0xa, 0x40000000002, 0x0) setpriority(0x1, 0x0, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r4}, 0x10) setsockopt$EBT_SO_SET_ENTRIES(r3, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB]}, 0x78) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={0x0, &(0x7f0000000180)=""/118, 0x0, 0x76, 0x0, 0x7, 0x0, @void, @value}, 0x28) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000140)={0xffffffffffffffff}, 0x2}}, 0x6b) write$RDMA_USER_CM_CMD_LISTEN(r8, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r9}}, 0x10) socket$inet_tcp(0x2, 0x1, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) fcntl$notify(0xffffffffffffffff, 0x402, 0x2) 592.624386ms ago: executing program 1 (id=1620): bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x5, [@struct={0x3, 0x0, 0x0, 0x4, 0x1, 0x1}]}, {0x0, [0x5f, 0x5f, 0x61]}}, 0x0, 0x29, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28) (fail_nth: 2) 509.863034ms ago: executing program 1 (id=1621): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ec0)=ANY=[@ANYBLOB="18000000000080000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a3850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x800, 0x0) ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x9, "ff00f7000000000000000000af88008300"}) syz_open_pts(r1, 0x141601) r2 = msgget$private(0x0, 0x0) msgctl$IPC_SET(r2, 0x1, &(0x7f0000258f88)) msgsnd(r2, &(0x7f0000000340)={0x3}, 0x0, 0x0) msgrcv(r2, &(0x7f0000000000)={0x0, ""/8}, 0x10, 0x1, 0x1000) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600170000000000040000000100000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r4}, 0x10) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, 0xffffffffffffffff}) close(r7) perf_event_open(&(0x7f0000000380)={0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0xc8}, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0) recvmsg$unix(r6, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0) write$cgroup_subtree(r8, &(0x7f0000000300)=ANY=[@ANYBLOB="8fedcb7910009875f37538e486dd6317ce8102033300fe08000e40000200875a65969ff57b00000000000000000000000000ac1414aa"], 0xfdef) msgrcv(r2, &(0x7f00000000c0)={0x0, ""/245}, 0xfd, 0x0, 0x0) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r9 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="170000000006000004000000ff0000003298beb10a1cbac90e3c0000000015925a62f70f3fcd971206b38d5920c083f1710885c953d2c78dc3886d678ec64dc1c97bbac55d9e99ed2432c91207b87a74e6c9fc791d8dcf3de2cbceb8a06af46a55537cf904c3fb41db6151c496ce1e72b4196e1109f0d21b8760ef6f621bfc12a1347ce34ee8ffb00449bc5e73aecaae976c6397a59bc0aaa42121bee9f436acc159316d5e0e08bad14e8029ab72125320a647e3093d08210264fec4", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r10}, 0x10) msgctl$IPC_SET(r2, 0x1, 0x0) 483.118756ms ago: executing program 3 (id=1622): syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000040)='./file2\x00', 0x10502, &(0x7f0000001b80)=ANY=[], 0x1, 0x11f3, &(0x7f0000002580)="$eJzs3E+LW1UYB+C3cWrHqfNHrdV2oQfduLo0s3AlSJApyASU2gitINw6NxpyTUJuGIiI1ZVbP4e4dCeIX2A2fgZ3s3HZhXiFpLVNTdUuOpH6PJv7kvf8cu8hEDjhnBy/8c2n/W6VdfNJNE6disYoIt1KkaIRd7y0P79eu77farf3rqR0uXW1+XpKaevlHz/4/LtXfpqcff/7rR/OxNHOh8e/7v5ydP7owvHvVz/pValXpcFwkvJ0Yzic5DfKIh30qn6W0rtlkVdF6g2qYrzQ75bD0Wia8sHB5sZoXFRVygfT1C+maTJMk/E05R/nvUHKsixtbgQPdPqfh3S+vVXXdURdn44no67r+qnYiLPxdGzGVnwZEc/Es/FcnIvn43y8EC/Ghdmok3h8AAAAAAAAAAAAAAAAAAAA+P/4u/P/27Hj/D8AAAAAAAAAAAAAAAAAAACcgPeuXd9vtdt7V1Jajyi/PuwcdubXeb/VjV6UUcSl2I7fYnb6f25eX367vXcpzezEV+XN2/mbh50nFvPN2d8J3M6vzXp38s15Pi3mz8TGvfnd2I5zy++/uzS/Hq+9ek8+i+34+aMYRhkHs3vfzX/RTOmtd9r35S/OxgEAAMDjIEt/Wrp+z7IH9ef5h/h94L719VpcXFvt3Imopp/187IsxovF+l9eUfz7ovGI3rkR/5EJKh7/YtXfTJyEux/6qp8EAAAAAAAAAACAh/GIdxGuxZKdZW+uZqoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB/sAPHAgAAAADC/K3T6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgqAAD//99CzUo=") r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000001000"/28], 0x48) close(0xffffffffffffffff) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000780)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kmem_cache_free\x00', r2}, 0x10) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0xfffd, 0x0, 0x0, 0x7ffc0002}]}) rt_sigaction(0x19, &(0x7f0000000000)={0xfffffffffffffffc, 0x44000006, 0x0}, 0x0, 0x8, &(0x7f0000000440)) r3 = memfd_create(&(0x7f00000006c0)='\x00\xac=\x9d\xd2\xdb\xe6\xbf\xb4\xf2\xed\x04\x00\x00\x00\xd4N\x12\x9b\x1f\t\xd1Z+\x86T\x16\xf8\x01\x00\x00\x00\x9f+\x8d!\x0fG\xab\xc2\xdc\xa3\xb3\xae8\x9f9?\xefo\xa4k\x01\xb2>\xa1\x9c\x86xm\xe6\x9bZ4\x91\x1a\xdb\xdd\x89\xb9\xc0LF;\xd6\x84\x195\x06\x00\x00\x00~\xf3S\x12\"p^\xc1jP\x8a\xc6[\xbd\xe7q]\xdd\r\x1aZS\x01*\x1b\xfd\xbcMA\xdcq\xa1\x00\xb3\xf9\x91r\x7f\xdc\xf1\xc3G,\xdb\xccS\x15\x95b\x17\xab\xe4?\x96\x95\xa4kP\x99YO\xb8V\xd5p\x90X\xaaf', 0x0) fallocate(r3, 0x0, 0x400000000000000, 0x7) r4 = socket$netlink(0x10, 0x3, 0x0) writev(r4, &(0x7f0000000340)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a001700000000040037000900030001632564b758b9a64411f6bb744dc48f57", 0x39}], 0x1) r5 = socket$kcm(0x10, 0x2, 0x0) sendmsg$inet(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000006c0)="5c00000013006bcd9e3fe3dc6e48aa310b6b8703310000001f03000000000000040014000d000a000d0000009ee517d34460bc24eab556a705251e6182949a3651f60a84c9", 0x45}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0) dup(0xffffffffffffffff) socket$xdp(0x2c, 0x3, 0x0) r6 = syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82) sendto$inet(r0, &(0x7f0000001040)="8932ed209b230927", 0x8, 0x6000c804, 0x0, 0x0) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000a40)=ANY=[@ANYRESDEC=r6, @ANYBLOB="f9c28da3110d51bec3f6ef359120520ed7b2ffbe1bbde711514fe25246ed3b1145b33664fc581021c32d1e6543d3b43a3f4bec585f37dc37b6c44f02b441aae0b31880f8b1080423d0e7a29af74c12ad6bcfbca785396fa810a892a070374a68a7d0cf38328e334ba838ef866d048c51d896cc89659d78923bd9b8d79bf267", @ANYBLOB="0655c19a48d5add3883f590e5692c662b5a593d8934e9ee9b96bef4b54da5c12bcc86b0018f4be4c6c49e9aea54632079eb8f65123115132e75d970892f315c6923d3f83eb97f63991de4db0dbfe929468abfe4069a5cc569293ebc188efbd682e0a46c0756a267b3f27b630e567f509611a988fed28350e9bc2b1", @ANYRESOCT=0x0, @ANYRES8=r4, @ANYRES32=0x0, @ANYRESDEC=r3], &(0x7f0000000800)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='mm_page_alloc\x00', r7}, 0x10) r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$AUTOFS_IOC_FAIL(r8, 0x4c80, 0xffffffffffffffb6) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r9 = socket$xdp(0x2c, 0x3, 0x0) sendmsg$xdp(r9, &(0x7f00000002c0)={&(0x7f0000000000)={0x2c, 0x0, 0x0, 0x31}, 0x10, &(0x7f0000000140)=[{&(0x7f0000000380)="776538397eecf44d98e22a2edcb436d7b814ee1f6dc95327372a34f8fe08b7af21bb7bf80625a9c58d46a6b263513497af96953aa3d6ef1ec5a571b220816a0bd082fe233183a6ceefac6eb3ee34c468ba5e83258d685081f130a3daab43fcdcab5613565a3fb03e6eb5dff6e915ffb00ace7e9a8812465031d562eeb91b69504eb2737072c2d1c5ce091bc326b3bccdb755c7b7f9e8fb641527d7860e899a0e", 0xa0}, {&(0x7f0000000440)="7d313407f20d1c3a86ec89e9e21b3e761a379c5ad310adf91e82e341641bf29f9eadcfd917d65f0ab7d3102e38011788273183b47d0b96eb10e0883f1a515d653452bd4ee7618d8de7afcf58ee9ed2ede2c2a148627c6626ac0401ccdf8e54f6434ccfd1385f03040774c704abca14e33ec420d179a58ffa1fff0142ef8477188575ae1ff176c6873374c7e5de2b506ba417ce2ac23be354f15990999c", 0x9d}], 0x2, 0x0, 0x0, 0x4841}, 0x4c000) syz_clone(0x22c8080, &(0x7f0000000500)="2d6a337f96849dfad259c60af3e16bc2ad0de31f913f13790f5b6f549e9100000014a55f791bc41af3ddf947d418cf751697d21b27530dddeceda82c5b75b880b4ce54165df3bc4de131eb2981742b43f21bfec6018ced94017b75b702c0306e59f0eb7e6b", 0xfffffffffffffec4, &(0x7f0000000580), &(0x7f0000000300), &(0x7f0000000600)="5556282d2941d79aa42dae7e118dea95cd7d3647febf7fb9d5f775ce75e896d74050262d672d857d98acbbd8f6b862d2837c789809b784567c642054e14e7dcfb267b2b2999e863d8c324e44901b2884b6cf679fb979e9be8d23922052e65847acdb3b57427703716c7158c3075bef9ae5b2f72746a910482e7e044b2e9e4e2f514d49e76bb6c2baee19424831319b8aabb4e8cf22b3c7c45bee25") 0s ago: executing program 3 (id=1624): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r1}, 0x10) r2 = socket$can_raw(0x1d, 0x3, 0x1) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000240)={'vxcan0\x00', 0x0}) sendmsg$can_raw(r2, &(0x7f0000000000)={&(0x7f00000000c0)={0x1d, r3}, 0x10, &(0x7f0000000140)={&(0x7f0000000200)=@can={{}, 0x0, 0x0, 0x4, 0x0, "1b2bd600c7ed2890"}, 0x10}, 0x2, 0x0, 0x0, 0x80}, 0x0) (fail_nth: 1) kernel console output (not intermixed with test programs): ? should_fail_ex+0x31/0x230 [ 186.525608][T12925] v2_write_dquot+0xd3/0x130 [ 186.530245][T12925] dquot_commit+0x219/0x260 [ 186.534777][T12925] ext4_write_dquot+0x129/0x1d0 [ 186.539633][T12925] ext4_mark_dquot_dirty+0x94/0xd0 [ 186.544763][T12925] __dquot_alloc_space+0x37b/0x8a0 [ 186.549859][T12925] ext4_mb_new_blocks+0x918/0x2020 [ 186.555027][T12925] ? __kmalloc_noprof+0x165/0x370 [ 186.560118][T12925] ? ext4_find_extent+0x69b/0x7c0 [ 186.565120][T12925] ? ext4_inode_to_goal_block+0x1cb/0x1f0 [ 186.570830][T12925] ext4_ext_map_blocks+0x1008/0x35c0 [ 186.576191][T12925] ? invalidate_inode_pages2_range+0x6ea/0x730 [ 186.582373][T12925] ? ext4_map_query_blocks+0x10e/0x180 [ 186.587877][T12925] ext4_map_blocks+0x592/0xcf0 [ 186.592631][T12925] ext4_iomap_begin+0x4a9/0x5d0 [ 186.597564][T12925] iomap_iter+0x3cc/0x800 [ 186.601875][T12925] ? __pfx_ext4_iomap_begin+0x10/0x10 [ 186.607230][T12925] __iomap_dio_rw+0x697/0x1090 [ 186.611976][T12925] ? __vfs_getxattr+0x29f/0x2b0 [ 186.616831][T12925] iomap_dio_rw+0x40/0x90 [ 186.621148][T12925] ext4_file_write_iter+0xa8c/0xe10 [ 186.626334][T12925] do_iter_readv_writev+0x394/0x450 [ 186.631548][T12925] vfs_writev+0x2d4/0x880 [ 186.635869][T12925] __se_sys_pwritev2+0x10c/0x1d0 [ 186.640794][T12925] __x64_sys_pwritev2+0x78/0x90 [ 186.645652][T12925] x64_sys_call+0x271f/0x2d60 [ 186.650334][T12925] do_syscall_64+0xc9/0x1c0 [ 186.654949][T12925] ? clear_bhb_loop+0x55/0xb0 [ 186.659668][T12925] ? clear_bhb_loop+0x55/0xb0 [ 186.664393][T12925] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 186.670288][T12925] RIP: 0033:0x7f5db3b3dff9 [ 186.674682][T12925] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 186.694362][T12925] RSP: 002b:00007f5db27b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000148 [ 186.702953][T12925] RAX: ffffffffffffffda RBX: 00007f5db3cf5f80 RCX: 00007f5db3b3dff9 [ 186.710954][T12925] RDX: 0000000000000002 RSI: 0000000020000240 RDI: 0000000000000004 [ 186.718916][T12925] RBP: 00007f5db27b7090 R08: 0000000000000000 R09: 0000000000000003 [ 186.726865][T12925] R10: 0000000000001800 R11: 0000000000000246 R12: 0000000000000001 [ 186.734895][T12925] R13: 0000000000000000 R14: 00007f5db3cf5f80 R15: 00007ffd482ccb08 [ 186.742859][T12925] [ 186.745940][T12925] EXT4-fs error (device loop2): ext4_write_dquot:6859: comm syz.2.1489: Failed to commit dquot type 0 [ 186.770483][T12079] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 186.782888][T12882] bridge0: port 1(bridge_slave_0) entered blocking state [ 186.790199][T12882] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.799042][T12882] bridge_slave_0: entered allmulticast mode [ 186.811515][T12882] bridge_slave_0: entered promiscuous mode [ 186.822603][T12882] bridge0: port 2(bridge_slave_1) entered blocking state [ 186.829738][T12882] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.848776][T12882] bridge_slave_1: entered allmulticast mode [ 186.860387][T12882] bridge_slave_1: entered promiscuous mode [ 186.911214][ T89] bridge_slave_1: left allmulticast mode [ 186.916922][ T89] bridge_slave_1: left promiscuous mode [ 186.922762][ T89] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.928243][T12961] loop2: detected capacity change from 0 to 8192 [ 186.936546][ T89] bridge_slave_0: left allmulticast mode [ 186.942329][ T89] bridge_slave_0: left promiscuous mode [ 186.947969][ T89] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.948803][T12961] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 187.103288][ T89] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 187.132168][ T89] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 187.156980][ T89] bond0 (unregistering): Released all slaves [ 187.185417][T12961] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1491'. [ 187.202027][T12961] 0·: renamed from hsr_slave_1 (while UP) [ 187.216601][T12961] 0·: entered allmulticast mode [ 187.230025][T12961] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 187.254538][T12882] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 187.266562][ T89] hsr_slave_0: left promiscuous mode [ 187.272257][ T89] 0·: left promiscuous mode [ 187.277481][ T89] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 187.284876][ T89] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 187.298525][ T89] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 187.303780][T12980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 187.306021][ T89] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 187.314749][T12980] FAT-fs (loop2): Filesystem has been set read-only [ 187.328950][T12980] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 187.337995][ T89] veth1_macvtap: left promiscuous mode [ 187.343530][ T89] veth0_macvtap: left promiscuous mode [ 187.349052][ T89] veth1_vlan: left promiscuous mode [ 187.354311][ T89] veth0_vlan: left promiscuous mode [ 187.439883][ T89] team0 (unregistering): Port device team_slave_1 removed [ 187.449686][ T89] team0 (unregistering): Port device team_slave_0 removed [ 187.482941][T12882] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 187.515103][T12882] team0: Port device team_slave_0 added [ 187.521707][T12882] team0: Port device team_slave_1 added [ 187.532037][T12683] veth0_vlan: entered promiscuous mode [ 187.550472][T12882] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 187.557455][T12882] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.583593][T12882] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 187.594839][T12882] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 187.601859][T12882] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 187.627821][T12882] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 187.645174][T12683] veth1_vlan: entered promiscuous mode [ 187.663574][T12769] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 187.680657][T12769] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 187.689997][T12769] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 187.702160][T12882] hsr_slave_0: entered promiscuous mode [ 187.709362][T12882] hsr_slave_1: entered promiscuous mode [ 187.712480][T12980] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 187.723930][T12882] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 187.732242][T12882] Cannot create hsr debugfs directory [ 187.740417][T12683] veth0_macvtap: entered promiscuous mode [ 187.749341][T12769] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 187.786381][T12683] veth1_macvtap: entered promiscuous mode [ 187.817340][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.827970][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.837839][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 187.848417][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.859199][T12683] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 187.882802][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.893419][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.903249][T12683] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 187.913762][T12683] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 187.924986][T12683] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 187.942007][T12769] 8021q: adding VLAN 0 to HW filter on device bond0 [ 187.954657][T12769] 8021q: adding VLAN 0 to HW filter on device team0 [ 187.963137][T12683] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.972031][T12683] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.980787][T12683] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 187.989489][T12683] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 188.022018][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.029218][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 188.062583][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.069652][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 188.086499][ T89] IPVS: stop unused estimator thread 0... [ 188.116424][T12769] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 188.126820][T12769] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 188.165422][ T367] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.242950][ T367] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.286347][T13038] chnl_net:caif_netlink_parms(): no params data found [ 188.291130][T13088] loop1: detected capacity change from 0 to 1024 [ 188.300562][T13088] EXT4-fs: Ignoring removed i_version option [ 188.323176][ T367] bond0: (slave netdevsim1): Releasing backup interface [ 188.332765][ T367] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.333169][T13088] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.391937][T12683] EXT4-fs error (device loop1): ext4_readdir:261: inode #11: block 32: comm syz-executor: path /3/file2/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=134217739, rec_len=12, size=1024 fake=1 [ 188.415228][T12683] EXT4-fs (loop1): Remounting filesystem read-only [ 188.415412][T12769] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 188.436757][ T367] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 188.460293][T13038] bridge0: port 1(bridge_slave_0) entered blocking state [ 188.467505][T13038] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.474754][T13038] bridge_slave_0: entered allmulticast mode [ 188.481632][T13038] bridge_slave_0: entered promiscuous mode [ 188.493803][T13038] bridge0: port 2(bridge_slave_1) entered blocking state [ 188.501083][T13038] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.508533][T13038] bridge_slave_1: entered allmulticast mode [ 188.518064][T13038] bridge_slave_1: entered promiscuous mode [ 188.546957][T13038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 188.562040][T12882] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 188.570932][T12882] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 188.586378][T13038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 188.595458][T12882] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 188.626387][T13038] team0: Port device team_slave_0 added [ 188.632810][T13038] team0: Port device team_slave_1 added [ 188.638493][T12882] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 188.650152][ T367] bridge_slave_1: left allmulticast mode [ 188.655903][ T367] bridge_slave_1: left promiscuous mode [ 188.661680][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 188.669708][ T367] bridge_slave_0: left allmulticast mode [ 188.675458][ T367] bridge_slave_0: left promiscuous mode [ 188.681170][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 188.716626][T12496] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 188.724292][ T367] batman_adv: batadv0: Removing interface: erspan1 [ 188.825735][ T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 188.835960][ T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 188.845932][ T367] bond0 (unregistering): Released all slaves [ 188.862875][T13038] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 188.869849][T13038] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.895799][T13038] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 188.915661][T13038] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 188.922705][T13038] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 188.948663][T13038] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 188.964952][ T367] hsr_slave_0: left promiscuous mode [ 188.970495][ T367] 0·: left promiscuous mode [ 188.977544][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 188.984928][ T367] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 188.992620][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 189.000004][ T367] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 189.008369][ T367] veth1_macvtap: left promiscuous mode [ 189.013828][ T367] veth0_macvtap: left promiscuous mode [ 189.019404][ T367] veth1_vlan: left promiscuous mode [ 189.024606][ T367] veth0_vlan: left promiscuous mode [ 189.090739][ T367] team0 (unregistering): Port device team_slave_1 removed [ 189.101302][ T367] team0 (unregistering): Port device team_slave_0 removed [ 189.186739][T13038] hsr_slave_0: entered promiscuous mode [ 189.198724][T13038] hsr_slave_1: entered promiscuous mode [ 189.204755][T13038] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 189.212394][T13038] Cannot create hsr debugfs directory [ 189.243071][T12882] 8021q: adding VLAN 0 to HW filter on device bond0 [ 189.263308][T12769] veth0_vlan: entered promiscuous mode [ 189.278510][T12882] 8021q: adding VLAN 0 to HW filter on device team0 [ 189.299708][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.306802][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 189.317346][T12769] veth1_vlan: entered promiscuous mode [ 189.347012][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.354260][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 189.413142][T12769] veth0_macvtap: entered promiscuous mode [ 189.437706][T12769] veth1_macvtap: entered promiscuous mode [ 189.457581][T12882] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 189.481230][T13129] chnl_net:caif_netlink_parms(): no params data found [ 189.515318][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.525819][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.535731][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 189.546190][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.556949][T12769] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 189.571663][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.582171][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.591964][T12769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 189.602446][T12769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 189.613213][T12769] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 189.633872][T13129] bridge0: port 1(bridge_slave_0) entered blocking state [ 189.640999][T13129] bridge0: port 1(bridge_slave_0) entered disabled state [ 189.649356][T13129] bridge_slave_0: entered allmulticast mode [ 189.655801][T13129] bridge_slave_0: entered promiscuous mode [ 189.665924][ T367] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.678546][T12769] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.687340][T12769] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.696065][T12769] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.704815][T12769] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 189.718415][T13129] bridge0: port 2(bridge_slave_1) entered blocking state [ 189.725636][T13129] bridge0: port 2(bridge_slave_1) entered disabled state [ 189.733100][T13129] bridge_slave_1: entered allmulticast mode [ 189.740176][T13129] bridge_slave_1: entered promiscuous mode [ 189.752974][ T367] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.778486][T12882] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 189.789081][T13129] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 189.812572][T13129] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 189.836437][T13129] team0: Port device team_slave_0 added [ 189.844505][ T367] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.860412][T13129] team0: Port device team_slave_1 added [ 189.938118][T13129] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 189.945156][T13129] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 189.971183][T13129] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 189.986531][ T367] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 189.998237][T13129] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 190.005236][T13129] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 190.031229][T13129] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 190.072634][T13129] hsr_slave_0: entered promiscuous mode [ 190.078763][T13129] hsr_slave_1: entered promiscuous mode [ 190.084915][T13129] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 190.093116][T13129] Cannot create hsr debugfs directory [ 190.099638][ T29] kauditd_printk_skb: 21 callbacks suppressed [ 190.099649][ T29] audit: type=1326 audit(1727863782.641:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.114811][T13038] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 190.129321][ T29] audit: type=1326 audit(1727863782.641:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.141224][ T29] audit: type=1326 audit(1727863782.678:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.183250][ T29] audit: type=1326 audit(1727863782.678:4200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.206772][ T29] audit: type=1326 audit(1727863782.678:4201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.231194][ T29] audit: type=1326 audit(1727863782.705:4202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.233686][T13038] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 190.254820][ T29] audit: type=1326 audit(1727863782.705:4203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.285012][ T29] audit: type=1326 audit(1727863782.705:4204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.285875][T12683] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 190.308486][ T29] audit: type=1326 audit(1727863782.705:4205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.340891][ T29] audit: type=1326 audit(1727863782.705:4206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13207 comm="syz.4.1501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2fc8f8dff9 code=0x7ffc0000 [ 190.373959][T12882] veth0_vlan: entered promiscuous mode [ 190.412819][T13038] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 190.421551][T12882] veth1_vlan: entered promiscuous mode [ 190.436194][ T367] bridge_slave_1: left allmulticast mode [ 190.441940][ T367] bridge_slave_1: left promiscuous mode [ 190.447541][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 190.456861][ T367] bridge_slave_0: left allmulticast mode [ 190.462553][ T367] bridge_slave_0: left promiscuous mode [ 190.468208][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 190.548590][ T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 190.558864][ T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 190.569201][ T367] bond0 (unregistering): Released all slaves [ 190.576885][T13038] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 190.596299][T12882] veth0_macvtap: entered promiscuous mode [ 190.612435][T12882] veth1_macvtap: entered promiscuous mode [ 190.620155][ T367] hsr_slave_0: left promiscuous mode [ 190.626007][ T367] hsr_slave_1: left promiscuous mode [ 190.631545][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 190.639100][ T367] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 190.646856][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 190.654297][ T367] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 190.662972][ T367] veth1_macvtap: left promiscuous mode [ 190.668508][ T367] veth0_macvtap: left promiscuous mode [ 190.674113][ T367] veth1_vlan: left promiscuous mode [ 190.679349][ T367] veth0_vlan: left promiscuous mode [ 190.750570][ T367] team0 (unregistering): Port device team_slave_1 removed [ 190.760651][ T367] team0 (unregistering): Port device team_slave_0 removed [ 190.839559][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 190.850061][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.859940][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 190.870395][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.887533][T12882] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 190.926148][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 190.936753][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.946581][T12882] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 190.957102][T12882] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 190.988318][T12882] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 190.992144][T13255] loop4: detected capacity change from 0 to 8192 [ 191.021731][T12882] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.030583][T12882] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.039350][T12882] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.048312][T12882] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 191.094038][T13038] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.148203][T13038] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.178103][T13237] chnl_net:caif_netlink_parms(): no params data found [ 191.196597][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.203718][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.221638][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.228709][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.290290][T13279] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 191.300352][T13280] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0 [ 191.321733][T13129] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 191.334478][T13129] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 191.354437][T13038] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 191.364926][T13038] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 191.379285][T13237] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.386425][T13237] bridge0: port 1(bridge_slave_0) entered disabled state [ 191.395649][T13237] bridge_slave_0: entered allmulticast mode [ 191.403285][T13237] bridge_slave_0: entered promiscuous mode [ 191.414400][T13129] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 191.421441][T13296] FAULT_INJECTION: forcing a failure. [ 191.421441][T13296] name failslab, interval 1, probability 0, space 0, times 0 [ 191.434109][T13296] CPU: 1 UID: 0 PID: 13296 Comm: syz.4.1508 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 191.444872][T13296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 191.454986][T13296] Call Trace: [ 191.458255][T13296] [ 191.461219][T13296] dump_stack_lvl+0xf2/0x150 [ 191.465796][T13296] dump_stack+0x15/0x20 [ 191.470097][T13296] should_fail_ex+0x223/0x230 [ 191.474802][T13296] ? audit_log_start+0x34c/0x6b0 [ 191.479788][T13296] should_failslab+0x8f/0xb0 [ 191.484373][T13296] kmem_cache_alloc_noprof+0x4c/0x290 [ 191.489823][T13296] audit_log_start+0x34c/0x6b0 [ 191.494572][T13296] audit_seccomp+0x4b/0x130 [ 191.499100][T13296] __seccomp_filter+0x6fa/0x1180 [ 191.504077][T13296] ? proc_fail_nth_write+0x12a/0x150 [ 191.509387][T13296] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 191.515019][T13296] ? vfs_write+0x580/0x910 [ 191.519550][T13296] ? __fget_files+0x1d4/0x210 [ 191.524222][T13296] __secure_computing+0x9f/0x1c0 [ 191.529151][T13296] syscall_trace_enter+0xd1/0x1f0 [ 191.534309][T13296] ? fpregs_assert_state_consistent+0x83/0xa0 [ 191.540379][T13296] do_syscall_64+0xaa/0x1c0 [ 191.544946][T13296] ? clear_bhb_loop+0x55/0xb0 [ 191.550057][T13296] ? clear_bhb_loop+0x55/0xb0 [ 191.554723][T13296] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 191.560624][T13296] RIP: 0033:0x7f2fc8f8dff9 [ 191.565024][T13296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 191.584854][T13296] RSP: 002b:00007f2fc7c01038 EFLAGS: 00000246 ORIG_RAX: 0000000000000044 [ 191.593272][T13296] RAX: ffffffffffffffda RBX: 00007f2fc9145f80 RCX: 00007f2fc8f8dff9 [ 191.601244][T13296] RDX: 0000000000000000 RSI: 0000000000000618 RDI: 0000000000000000 [ 191.609214][T13296] RBP: 00007f2fc7c01090 R08: 0000000000000000 R09: 0000000000000000 [ 191.617191][T13296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 191.625167][T13296] R13: 0000000000000000 R14: 00007f2fc9145f80 R15: 00007ffcd91c0878 [ 191.633147][T13296] [ 191.638442][T13129] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 191.650599][T13237] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.657706][T13237] bridge0: port 2(bridge_slave_1) entered disabled state [ 191.665066][T13237] bridge_slave_1: entered allmulticast mode [ 191.671589][T13237] bridge_slave_1: entered promiscuous mode [ 191.721859][T13129] 8021q: adding VLAN 0 to HW filter on device bond0 [ 191.734541][T13129] 8021q: adding VLAN 0 to HW filter on device team0 [ 191.757014][T13129] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 191.767469][T13129] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 191.790821][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 191.797915][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 191.807645][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 191.814719][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 191.841679][ T367] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.867734][T13038] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 191.876685][T13237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 191.901528][T13237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 191.914343][ T367] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 191.935687][T13237] team0: Port device team_slave_0 added [ 191.942204][T13237] team0: Port device team_slave_1 added [ 191.985286][ T367] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.002583][T13237] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 192.009569][T13237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.035497][T13237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 192.048396][T13237] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 192.055446][T13237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 192.081552][T13237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 192.094734][T13129] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 192.106845][ T367] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 192.134518][T13237] hsr_slave_0: entered promiscuous mode [ 192.141743][T13237] hsr_slave_1: entered promiscuous mode [ 192.170887][T13038] veth0_vlan: entered promiscuous mode [ 192.190378][T13038] veth1_vlan: entered promiscuous mode [ 192.237573][ T367] bridge_slave_1: left allmulticast mode [ 192.243248][ T367] bridge_slave_1: left promiscuous mode [ 192.248969][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 192.262382][ T367] bridge_slave_0: left allmulticast mode [ 192.268135][ T367] bridge_slave_0: left promiscuous mode [ 192.273925][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 192.368965][ T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 192.379212][ T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 192.390092][ T367] bond0 (unregistering): Released all slaves [ 192.423616][T13038] veth0_macvtap: entered promiscuous mode [ 192.440809][ T367] hsr_slave_0: left promiscuous mode [ 192.446562][ T367] hsr_slave_1: left promiscuous mode [ 192.452131][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 192.459625][ T367] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 192.467574][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 192.475169][ T367] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 192.484245][ T367] veth1_macvtap: left promiscuous mode [ 192.489879][ T367] veth0_macvtap: left promiscuous mode [ 192.495412][ T367] veth1_vlan: left promiscuous mode [ 192.500859][ T367] veth0_vlan: left promiscuous mode [ 192.583401][ T367] team0 (unregistering): Port device team_slave_1 removed [ 192.593558][ T367] team0 (unregistering): Port device team_slave_0 removed [ 192.634303][T13038] veth1_macvtap: entered promiscuous mode [ 192.642803][T13129] veth0_vlan: entered promiscuous mode [ 192.663269][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.673775][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.683609][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.684486][T13341] loop4: detected capacity change from 0 to 8192 [ 192.694027][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.694726][T13038] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 192.718404][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.728874][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.732221][T13341] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 192.738741][T13038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 192.759789][T13038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.770373][T13038] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 192.781146][T13038] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.789986][T13038] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.798673][T13038] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.807414][T13038] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 192.817197][T13341] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1511'. [ 192.827536][T13341] 0·: renamed from hsr_slave_1 (while UP) [ 192.838322][T13341] 0·: entered allmulticast mode [ 192.845139][T13341] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 192.862372][T13129] veth1_vlan: entered promiscuous mode [ 192.897617][T13129] veth0_macvtap: entered promiscuous mode [ 192.904948][T13129] veth1_macvtap: entered promiscuous mode [ 192.918681][T13343] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 192.926444][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.927558][T13343] FAT-fs (loop4): Filesystem has been set read-only [ 192.937960][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.954416][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.962534][T13343] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 192.964894][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 192.983466][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 192.993921][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.002136][T13350] netlink: 8280 bytes leftover after parsing attributes in process `syz.3.1513'. [ 193.038298][T13350] netlink: 8280 bytes leftover after parsing attributes in process `syz.3.1513'. [ 193.055010][T13129] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 193.076240][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.086729][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.096598][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.107071][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.116957][T13129] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 193.127384][T13129] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 193.147122][T13129] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 193.169523][T13129] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.178257][T13129] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.187185][T13129] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.195988][T13129] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 193.256191][T13237] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 193.272286][T13237] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 193.310861][T13237] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 193.332832][T13370] loop2: detected capacity change from 0 to 8192 [ 193.339758][T13237] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 193.368323][T13343] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 193.379457][T13370] FAULT_INJECTION: forcing a failure. [ 193.379457][T13370] name failslab, interval 1, probability 0, space 0, times 0 [ 193.392135][T13370] CPU: 0 UID: 0 PID: 13370 Comm: syz.2.1515 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 193.402952][T13370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 193.413050][T13370] Call Trace: [ 193.416319][T13370] [ 193.419246][T13370] dump_stack_lvl+0xf2/0x150 [ 193.423903][T13370] dump_stack+0x15/0x20 [ 193.428119][T13370] should_fail_ex+0x223/0x230 [ 193.432866][T13370] ? fat_parse_long+0x5d/0x400 [ 193.437637][T13370] should_failslab+0x8f/0xb0 [ 193.442228][T13370] kmem_cache_alloc_noprof+0x4c/0x290 [ 193.447639][T13370] ? __memcg_slab_post_alloc_hook+0x4c4/0x660 [ 193.453753][T13370] fat_parse_long+0x5d/0x400 [ 193.458357][T13370] fat_search_long+0x1ff/0x980 [ 193.463151][T13370] ? __d_lookup_rcu+0x29b/0x2a0 [ 193.468117][T13370] ? avc_has_perm_noaudit+0x170/0x210 [ 193.473574][T13370] vfat_lookup+0xd6/0x2d0 [ 193.477894][T13370] __lookup_slow+0x184/0x250 [ 193.482486][T13370] lookup_slow+0x3c/0x60 [ 193.486724][T13370] link_path_walk+0x69e/0x820 [ 193.491392][T13370] __filename_parentat+0x13c/0x3c0 [ 193.496554][T13370] do_renameat2+0x330/0xa60 [ 193.501045][T13370] ? strncpy_from_user+0xd3/0x200 [ 193.506153][T13370] __x64_sys_rename+0x58/0x70 [ 193.510822][T13370] x64_sys_call+0x1a84/0x2d60 [ 193.515492][T13370] do_syscall_64+0xc9/0x1c0 [ 193.519984][T13370] ? clear_bhb_loop+0x55/0xb0 [ 193.524766][T13370] ? clear_bhb_loop+0x55/0xb0 [ 193.529453][T13370] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 193.535355][T13370] RIP: 0033:0x7f33a2d2dff9 [ 193.539770][T13370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 193.559416][T13370] RSP: 002b:00007f33a19a1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052 [ 193.567817][T13370] RAX: ffffffffffffffda RBX: 00007f33a2ee5f80 RCX: 00007f33a2d2dff9 [ 193.575777][T13370] RDX: 0000000000000000 RSI: 0000000020001300 RDI: 0000000020000040 [ 193.583736][T13370] RBP: 00007f33a19a1090 R08: 0000000000000000 R09: 0000000000000000 [ 193.591728][T13370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 193.599686][T13370] R13: 0000000000000000 R14: 00007f33a2ee5f80 R15: 00007fff588af398 [ 193.607659][T13370] [ 193.682109][ T367] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.735924][ T367] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.754339][T13237] 8021q: adding VLAN 0 to HW filter on device bond0 [ 193.765959][T13237] 8021q: adding VLAN 0 to HW filter on device team0 [ 193.784094][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state [ 193.791182][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state [ 193.805174][ T50] bridge0: port 2(bridge_slave_1) entered blocking state [ 193.812259][ T50] bridge0: port 2(bridge_slave_1) entered forwarding state [ 193.826552][ T367] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.860820][T13237] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 193.871318][T13237] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 193.911468][ T367] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 193.928143][T13408] loop2: detected capacity change from 0 to 8192 [ 193.946587][T13408] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 193.998319][T13408] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1520'. [ 194.008621][T13408] 0·: renamed from hsr_slave_1 (while UP) [ 194.015711][T13408] 0·: entered allmulticast mode [ 194.020857][T13408] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 194.037129][ T367] bridge_slave_1: left allmulticast mode [ 194.042845][ T367] bridge_slave_1: left promiscuous mode [ 194.048579][ T367] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.059643][ T367] bridge_slave_0: left allmulticast mode [ 194.065329][ T367] bridge_slave_0: left promiscuous mode [ 194.070973][ T367] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.077934][T13427] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 194.086872][T13427] FAT-fs (loop2): Filesystem has been set read-only [ 194.094291][T13427] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 194.103320][T13427] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 194.119374][T13427] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 194.200685][ T367] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 194.211861][ T367] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 194.223266][ T367] bond0 (unregistering): Released all slaves [ 194.227849][T13429] syz.0.1522[13429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.229332][T13429] syz.0.1522[13429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.241890][T13429] syz.0.1522[13429] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 194.269942][T13237] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 194.284575][T13431] loop0: detected capacity change from 0 to 128 [ 194.320749][T13431] FAT-fs (loop0): error, corrupted directory (invalid entries) [ 194.328450][T13431] FAT-fs (loop0): Filesystem has been set read-only [ 194.336734][ T367] hsr_slave_0: left promiscuous mode [ 194.351351][ T367] 0·: left promiscuous mode [ 194.362446][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 194.369874][ T367] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 194.377716][ T367] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 194.385183][ T367] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 194.396978][ T367] veth1_macvtap: left promiscuous mode [ 194.402561][ T367] veth0_macvtap: left promiscuous mode [ 194.408129][ T367] veth1_vlan: left promiscuous mode [ 194.413370][ T367] veth0_vlan: left promiscuous mode [ 194.492932][ T367] team0 (unregistering): Port device team_slave_1 removed [ 194.502993][ T367] team0 (unregistering): Port device team_slave_0 removed [ 194.551081][T13456] IPv6: Can't replace route, no match found [ 194.563411][T13396] chnl_net:caif_netlink_parms(): no params data found [ 194.598471][T13460] 9pnet_fd: Insufficient options for proto=fd [ 194.649019][T13396] bridge0: port 1(bridge_slave_0) entered blocking state [ 194.656179][T13396] bridge0: port 1(bridge_slave_0) entered disabled state [ 194.663473][T13396] bridge_slave_0: entered allmulticast mode [ 194.669836][T13396] bridge_slave_0: entered promiscuous mode [ 194.678546][T13237] veth0_vlan: entered promiscuous mode [ 194.685048][T13396] bridge0: port 2(bridge_slave_1) entered blocking state [ 194.692118][T13396] bridge0: port 2(bridge_slave_1) entered disabled state [ 194.699265][T13396] bridge_slave_1: entered allmulticast mode [ 194.705676][T13396] bridge_slave_1: entered promiscuous mode [ 194.738843][T13237] veth1_vlan: entered promiscuous mode [ 194.747151][T13396] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 194.762826][T13237] veth0_macvtap: entered promiscuous mode [ 194.777810][T13473] netlink: 'syz.0.1528': attribute type 1 has an invalid length. [ 194.785392][T13396] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 194.795668][T13237] veth1_macvtap: entered promiscuous mode [ 194.825616][T13396] team0: Port device team_slave_0 added [ 194.841184][T13477] loop0: detected capacity change from 0 to 1024 [ 194.849350][T13396] team0: Port device team_slave_1 added [ 194.859136][T13477] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 194.874362][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.884898][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.894789][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.905264][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.914799][T13477] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=f054c01c, mo2=0002] [ 194.915096][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 194.923090][T13477] System zones: 0-1, 3-36 [ 194.933529][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.934721][T13237] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 194.937909][T13477] [ 194.948526][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.967779][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.977624][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 194.988024][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 194.997828][T13237] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 195.008311][T13237] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 195.019129][T13237] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 195.021497][T13477] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.035230][T13237] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.047440][T13237] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.056305][T13237] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.065027][T13237] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 195.079839][T13396] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 195.086875][T13396] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.112949][T13396] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 195.132209][T13396] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 195.139315][T13396] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 195.165368][T13396] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 195.214333][T13396] hsr_slave_0: entered promiscuous mode [ 195.223320][T13396] hsr_slave_1: entered promiscuous mode [ 195.237852][T13396] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 195.249602][T13396] Cannot create hsr debugfs directory [ 195.322244][T13494] loop3: detected capacity change from 0 to 4096 [ 195.340888][T13494] EXT4-fs: Ignoring removed nobh option [ 195.346573][T13494] EXT4-fs: Ignoring removed i_version option [ 195.406896][T13502] loop7: detected capacity change from 0 to 16384 [ 195.427712][T13494] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.454330][T13502] loop7: detected capacity change from 16384 to 16383 [ 195.462007][T13502] netlink: 'syz.1.1503': attribute type 30 has an invalid length. [ 195.518301][T12882] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.545116][T13520] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1503'. [ 195.554177][T13520] netlink: 'syz.1.1503': attribute type 30 has an invalid length. [ 195.739653][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 195.773641][T13129] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.793930][T13535] loop3: detected capacity change from 0 to 8192 [ 195.804031][T13535] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 195.818800][T13396] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 195.844535][T13396] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 195.862765][T13535] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1531'. [ 195.871939][T13535] 0·: renamed from hsr_slave_1 (while UP) [ 195.879372][T13535] 0·: entered allmulticast mode [ 195.889116][T13535] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 195.909198][ T29] kauditd_printk_skb: 84 callbacks suppressed [ 195.909210][ T29] audit: type=1326 audit(1727863788.003:4289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13551 comm="syz.0.1534" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efd596bdff9 code=0x0 [ 195.917805][T13396] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 195.959716][T13565] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 195.968638][T13565] FAT-fs (loop3): Filesystem has been set read-only [ 195.976227][T13565] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 195.977761][T13396] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 195.991967][T13565] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 196.019933][T13565] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 196.067844][T13396] 8021q: adding VLAN 0 to HW filter on device bond0 [ 196.082210][T13396] 8021q: adding VLAN 0 to HW filter on device team0 [ 196.094295][ T50] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.101518][ T50] bridge0: port 1(bridge_slave_0) entered forwarding state [ 196.120315][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.127438][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 196.248613][T13396] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 196.256895][T13556] chnl_net:caif_netlink_parms(): no params data found [ 196.306405][T13556] bridge0: port 1(bridge_slave_0) entered blocking state [ 196.313663][T13556] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.329377][T13556] bridge_slave_0: entered allmulticast mode [ 196.340722][T13556] bridge_slave_0: entered promiscuous mode [ 196.344071][T13616] EXT4-fs (sda1): resizing filesystem from 262144 to 262144 blocks [ 196.347747][T13556] bridge0: port 2(bridge_slave_1) entered blocking state [ 196.361496][T13556] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.368848][T13556] bridge_slave_1: entered allmulticast mode [ 196.376169][T13556] bridge_slave_1: entered promiscuous mode [ 196.408558][T13556] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 196.419046][T13556] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 196.431216][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.457774][T13556] team0: Port device team_slave_0 added [ 196.464258][T13556] team0: Port device team_slave_1 added [ 196.487616][T13556] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 196.494664][T13556] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.520663][T13556] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 196.539675][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.551013][T13556] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 196.557977][T13556] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 196.584036][T13556] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 196.607270][T13632] FAULT_INJECTION: forcing a failure. [ 196.607270][T13632] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 196.620489][T13632] CPU: 0 UID: 0 PID: 13632 Comm: +}[@ Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 196.630762][T13632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 196.640816][T13632] Call Trace: [ 196.644140][T13632] [ 196.647124][T13632] dump_stack_lvl+0xf2/0x150 [ 196.651726][T13632] dump_stack+0x15/0x20 [ 196.655879][T13632] should_fail_ex+0x223/0x230 [ 196.660619][T13632] should_fail+0xb/0x10 [ 196.664793][T13632] should_fail_usercopy+0x1a/0x20 [ 196.669804][T13632] _copy_from_user+0x1e/0xd0 [ 196.674406][T13632] do_sock_getsockopt+0xd3/0x260 [ 196.679383][T13632] __sys_getsockopt+0x18a/0x200 [ 196.684226][T13632] __x64_sys_getsockopt+0x66/0x80 [ 196.689303][T13632] x64_sys_call+0x11cd/0x2d60 [ 196.693962][T13632] do_syscall_64+0xc9/0x1c0 [ 196.698538][T13632] ? clear_bhb_loop+0x55/0xb0 [ 196.703303][T13632] ? clear_bhb_loop+0x55/0xb0 [ 196.707988][T13632] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 196.714094][T13632] RIP: 0033:0x7fdbfe11dff9 [ 196.718503][T13632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 196.738109][T13632] RSP: 002b:00007fdbfcd97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037 [ 196.746628][T13632] RAX: ffffffffffffffda RBX: 00007fdbfe2d5f80 RCX: 00007fdbfe11dff9 [ 196.754602][T13632] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000003 [ 196.762669][T13632] RBP: 00007fdbfcd97090 R08: 0000000020000100 R09: 0000000000000000 [ 196.770623][T13632] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001 [ 196.778571][T13632] R13: 0000000000000000 R14: 00007fdbfe2d5f80 R15: 00007ffcbb697a78 [ 196.786525][T13632] [ 196.797243][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 196.812464][T13396] veth0_vlan: entered promiscuous mode [ 196.831302][T13556] hsr_slave_0: entered promiscuous mode [ 196.837414][T13556] hsr_slave_1: entered promiscuous mode [ 196.845398][T13556] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 196.853244][T13556] Cannot create hsr debugfs directory [ 196.885528][T13396] veth1_vlan: entered promiscuous mode [ 196.921959][T13613] chnl_net:caif_netlink_parms(): no params data found [ 196.944082][ T11] bridge_slave_1: left allmulticast mode [ 196.949770][ T11] bridge_slave_1: left promiscuous mode [ 196.955506][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 196.963470][ T11] bridge_slave_0: left allmulticast mode [ 196.969112][ T11] bridge_slave_0: left promiscuous mode [ 196.974825][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 196.988483][ T29] audit: type=1326 audit(1727863789.000:4290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.012422][ T29] audit: type=1326 audit(1727863789.000:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.035949][ T29] audit: type=1326 audit(1727863789.000:4292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.059440][ T29] audit: type=1326 audit(1727863789.000:4293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.083038][ T29] audit: type=1326 audit(1727863789.000:4294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.106558][ T29] audit: type=1326 audit(1727863789.000:4295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.130079][ T29] audit: type=1326 audit(1727863789.000:4296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.153544][ T29] audit: type=1326 audit(1727863789.000:4297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.177145][ T29] audit: type=1326 audit(1727863789.000:4298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13638 comm="syz.1.1541" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 197.244772][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 197.255574][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 197.266448][ T11] bond0 (unregistering): Released all slaves [ 197.297794][T13396] veth0_macvtap: entered promiscuous mode [ 197.306067][ T11] hsr_slave_0: left promiscuous mode [ 197.311738][ T11] 0·: left promiscuous mode [ 197.316580][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 197.324049][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 197.331840][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 197.339446][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 197.348443][ T11] veth1_macvtap: left promiscuous mode [ 197.354035][ T11] veth0_macvtap: left promiscuous mode [ 197.359500][ T11] veth1_vlan: left promiscuous mode [ 197.364727][ T11] veth0_vlan: left promiscuous mode [ 197.437335][ T11] team0 (unregistering): Port device team_slave_1 removed [ 197.447182][ T11] team0 (unregistering): Port device team_slave_0 removed [ 197.509399][T13613] bridge0: port 1(bridge_slave_0) entered blocking state [ 197.516580][T13613] bridge0: port 1(bridge_slave_0) entered disabled state [ 197.524013][T13613] bridge_slave_0: entered allmulticast mode [ 197.530435][T13613] bridge_slave_0: entered promiscuous mode [ 197.542250][T13396] veth1_macvtap: entered promiscuous mode [ 197.549205][T13613] bridge0: port 2(bridge_slave_1) entered blocking state [ 197.556336][T13613] bridge0: port 2(bridge_slave_1) entered disabled state [ 197.563589][T13613] bridge_slave_1: entered allmulticast mode [ 197.570083][T13613] bridge_slave_1: entered promiscuous mode [ 197.592681][T13613] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 197.603305][T13613] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 197.624137][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.634591][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.644404][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.654818][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.664622][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 197.675016][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.686876][T13396] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 197.695452][T13613] team0: Port device team_slave_0 added [ 197.706788][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.717296][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.727202][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.737705][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.747511][T13396] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 197.757948][T13396] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 197.789038][T13396] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 197.799493][T13613] team0: Port device team_slave_1 added [ 197.829332][T13396] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.838102][T13396] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.846831][T13396] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.855626][T13396] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 197.882524][T13671] FAULT_INJECTION: forcing a failure. [ 197.882524][T13671] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 197.895888][T13671] CPU: 1 UID: 0 PID: 13671 Comm: syz.1.1545 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 197.906740][T13671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 197.916835][T13671] Call Trace: [ 197.920111][T13671] [ 197.923095][T13671] dump_stack_lvl+0xf2/0x150 [ 197.927702][T13671] dump_stack+0x15/0x20 [ 197.931859][T13671] should_fail_ex+0x223/0x230 [ 197.932041][T13664] loop0: detected capacity change from 0 to 8192 [ 197.936618][T13671] should_fail_alloc_page+0xfd/0x110 [ 197.944784][T13664] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 197.948227][T13671] __alloc_pages_noprof+0x109/0x360 [ 197.948252][T13671] alloc_pages_mpol_noprof+0xb1/0x1e0 [ 197.948298][T13671] vma_alloc_folio_noprof+0x1a0/0x2f0 [ 197.948420][T13671] handle_mm_fault+0xdbe/0x2a80 [ 197.979510][T13671] exc_page_fault+0x296/0x650 [ 197.984260][T13671] asm_exc_page_fault+0x26/0x30 [ 197.989163][T13671] RIP: 0010:rep_stos_alternative+0x40/0x80 [ 197.995032][T13671] Code: ff c7 48 ff c9 75 f6 c3 cc cc cc cc 48 89 07 48 83 c7 08 83 e9 08 74 ef 83 f9 08 73 ef eb de 66 2e 0f 1f 84 00 00 00 00 00 90 <48> 89 07 48 89 47 08 48 89 47 10 48 89 47 18 48 89 47 20 48 89 47 [ 198.014820][T13671] RSP: 0018:ffffc90001577c10 EFLAGS: 00050202 [ 198.021272][T13671] RAX: 0000000000000000 RBX: 000000002000b080 RCX: 0000000000000080 [ 198.029256][T13671] RDX: 0000000000000000 RSI: 000000002000a080 RDI: 000000002000b000 [ 198.037324][T13671] RBP: 000000002000a080 R08: ffffffff81bdb31f R09: 0000000000000000 [ 198.045298][T13671] R10: 0001ffffffffffff R11: ffff888114865280 R12: ffffc90001577da0 [ 198.053267][T13671] R13: 0000000000001000 R14: 0000000000009000 R15: 0000000000001000 [ 198.061394][T13671] ? iov_iter_zero+0x22f/0xc30 [ 198.066166][T13671] iov_iter_zero+0x251/0xc30 [ 198.070910][T13671] ? iovec_from_user+0x17a/0x210 [ 198.075852][T13671] read_iter_zero+0x5e/0x1e0 [ 198.080533][T13671] do_iter_readv_writev+0x394/0x450 [ 198.085746][T13671] vfs_readv+0x1df/0x660 [ 198.090001][T13671] do_readv+0xf8/0x220 [ 198.094112][T13671] __x64_sys_readv+0x45/0x50 [ 198.098786][T13671] x64_sys_call+0x2bd9/0x2d60 [ 198.103469][T13671] do_syscall_64+0xc9/0x1c0 [ 198.108008][T13671] ? clear_bhb_loop+0x55/0xb0 [ 198.112695][T13671] ? clear_bhb_loop+0x55/0xb0 [ 198.117430][T13671] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 198.123342][T13671] RIP: 0033:0x7fdbfe11dff9 [ 198.127758][T13671] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 198.147364][T13671] RSP: 002b:00007fdbfcd97038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013 [ 198.155777][T13671] RAX: ffffffffffffffda RBX: 00007fdbfe2d5f80 RCX: 00007fdbfe11dff9 [ 198.163773][T13671] RDX: 0000000000000002 RSI: 0000000020003400 RDI: 0000000000000008 [ 198.171829][T13671] RBP: 00007fdbfcd97090 R08: 0000000000000000 R09: 0000000000000000 [ 198.179837][T13671] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 198.187810][T13671] R13: 0000000000000000 R14: 00007fdbfe2d5f80 R15: 00007ffcbb697a78 [ 198.195779][T13671] [ 198.219006][T13664] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1544'. [ 198.236839][T13664] 0·: renamed from hsr_slave_1 (while UP) [ 198.254970][T13664] 0·: entered allmulticast mode [ 198.268273][T13664] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 198.288879][T13613] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 198.296021][T13613] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.322254][T13613] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 198.364407][T13613] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 198.371440][T13613] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 198.397693][T13613] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 198.465826][T13613] hsr_slave_0: entered promiscuous mode [ 198.478920][T13613] hsr_slave_1: entered promiscuous mode [ 198.488063][T13613] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 198.497045][T13613] Cannot create hsr debugfs directory [ 198.505320][T13556] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 198.516733][T13556] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 198.532910][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.611371][T13556] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 198.623209][T13556] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 198.653080][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.711000][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.752249][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 198.766922][T13556] 8021q: adding VLAN 0 to HW filter on device bond0 [ 198.779610][T13556] 8021q: adding VLAN 0 to HW filter on device team0 [ 198.788622][ T4905] bridge0: port 1(bridge_slave_0) entered blocking state [ 198.795795][ T4905] bridge0: port 1(bridge_slave_0) entered forwarding state [ 198.806496][ T367] bridge0: port 2(bridge_slave_1) entered blocking state [ 198.813776][ T367] bridge0: port 2(bridge_slave_1) entered forwarding state [ 198.871969][ T11] bridge_slave_1: left allmulticast mode [ 198.877645][ T11] bridge_slave_1: left promiscuous mode [ 198.883688][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 198.892426][ T11] bridge_slave_0: left allmulticast mode [ 198.898211][ T11] bridge_slave_0: left promiscuous mode [ 198.904160][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 199.021162][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 199.031620][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 199.042179][ T11] bond0 (unregistering): Released all slaves [ 199.071029][T13556] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 199.087203][ T11] hsr_slave_0: left promiscuous mode [ 199.093017][ T11] 0·: left promiscuous mode [ 199.097956][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 199.105453][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 199.113193][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 199.120768][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 199.130575][ T11] veth1_macvtap: left promiscuous mode [ 199.136055][ T11] veth0_macvtap: left promiscuous mode [ 199.141610][ T11] veth1_vlan: left promiscuous mode [ 199.146901][ T11] veth0_vlan: left promiscuous mode [ 199.227111][ T11] team0 (unregistering): Port device team_slave_1 removed [ 199.237008][ T11] team0 (unregistering): Port device team_slave_0 removed [ 199.361626][T13556] veth0_vlan: entered promiscuous mode [ 199.369278][T13761] loop1: detected capacity change from 0 to 128 [ 199.380284][T13556] veth1_vlan: entered promiscuous mode [ 199.400682][T13556] veth0_macvtap: entered promiscuous mode [ 199.415859][T13556] veth1_macvtap: entered promiscuous mode [ 199.436763][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.447338][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.457259][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.467818][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.477688][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 199.488133][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.499630][T13556] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 199.518946][T13613] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 199.527670][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.538191][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.548126][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.558680][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.568587][T13556] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 199.579059][T13556] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 199.589955][T13556] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 199.598732][T13556] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.607506][T13556] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.616312][T13556] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.625010][T13556] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 199.634668][T13613] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 199.645981][T13613] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 199.681207][T13613] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 199.712704][T13801] FAULT_INJECTION: forcing a failure. [ 199.712704][T13801] name failslab, interval 1, probability 0, space 0, times 0 [ 199.725480][T13801] CPU: 1 UID: 0 PID: 13801 Comm: syz.4.1555 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 199.736267][T13801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 199.746331][T13801] Call Trace: [ 199.749608][T13801] [ 199.752543][T13801] dump_stack_lvl+0xf2/0x150 [ 199.757133][T13801] dump_stack+0x15/0x20 [ 199.761319][T13801] should_fail_ex+0x223/0x230 [ 199.766010][T13801] ? audit_log_start+0x34c/0x6b0 [ 199.770991][T13801] should_failslab+0x8f/0xb0 [ 199.775585][T13801] kmem_cache_alloc_noprof+0x4c/0x290 [ 199.780960][T13801] audit_log_start+0x34c/0x6b0 [ 199.785747][T13801] audit_seccomp+0x4b/0x130 [ 199.790286][T13801] __seccomp_filter+0x6fa/0x1180 [ 199.790904][T13802] loop0: detected capacity change from 0 to 8192 [ 199.795237][T13801] ? proc_fail_nth_write+0x12a/0x150 [ 199.806824][T13801] ? __pfx_proc_fail_nth_write+0x10/0x10 [ 199.810222][T13802] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 199.812468][T13801] ? vfs_write+0x580/0x910 [ 199.827282][T13801] __secure_computing+0x9f/0x1c0 [ 199.832228][T13801] syscall_trace_enter+0xd1/0x1f0 [ 199.837288][T13801] do_syscall_64+0xaa/0x1c0 [ 199.841799][T13801] ? clear_bhb_loop+0x55/0xb0 [ 199.846513][T13801] ? clear_bhb_loop+0x55/0xb0 [ 199.851292][T13801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 199.857277][T13801] RIP: 0033:0x7f88ff68dff9 [ 199.861693][T13801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 199.881389][T13801] RSP: 002b:00007f88fe307038 EFLAGS: 00000246 ORIG_RAX: 00000000000000e1 [ 199.889808][T13801] RAX: ffffffffffffffda RBX: 00007f88ff845f80 RCX: 00007f88ff68dff9 [ 199.897779][T13801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 199.905753][T13801] RBP: 00007f88fe307090 R08: 0000000000000000 R09: 0000000000000000 [ 199.913774][T13801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 199.921811][T13801] R13: 0000000000000000 R14: 00007f88ff845f80 R15: 00007ffcda9759d8 [ 199.929795][T13801] [ 199.984471][T13613] 8021q: adding VLAN 0 to HW filter on device bond0 [ 199.995259][T13613] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.011764][T13802] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1554'. [ 200.032212][T13802] 1·: renamed from c0· (while UP) [ 200.055211][T13802] A link change request failed with some changes committed already. Interface c1· may have been left with an inconsistent configuration, please check. [ 200.075460][ T28] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.082588][ T28] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.103486][T13819] loop4: detected capacity change from 0 to 256 [ 200.128301][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.135833][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.143434][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.154606][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.161802][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.189765][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.197286][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.205328][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.212860][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.220264][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.227888][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.235408][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.242822][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.250303][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.255961][T13613] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 200.257843][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.275804][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.283586][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.284445][T13809] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 200.291093][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.299794][T13809] FAT-fs (loop0): Filesystem has been set read-only [ 200.301810][T13809] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 200.307221][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.330590][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.338053][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.345530][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.394431][T13613] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 200.428080][T13129] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 200.537532][T13846] loop1: detected capacity change from 0 to 128 [ 200.545323][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.553351][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.561194][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.568840][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.576260][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.579547][T13843] loop0: detected capacity change from 0 to 8192 [ 200.583676][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.597517][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.603240][T13843] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 200.604971][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.622775][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.627306][T13846] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 200.630181][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.650188][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.657870][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.665183][T13846] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 200.665364][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.701772][T13613] veth0_vlan: entered promiscuous mode [ 200.704679][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.717585][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.721302][T13613] veth1_vlan: entered promiscuous mode [ 200.725130][ T8] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0 [ 200.747330][ T8] hid-generic 0000:0000:0000.0003: hidraw0: HID v0.00 Device [syz0] on syz0 [ 200.762540][T13613] veth0_macvtap: entered promiscuous mode [ 200.772447][T13613] veth1_macvtap: entered promiscuous mode [ 200.776133][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.788897][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.788910][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.788924][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.788934][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.789014][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.789026][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 200.850017][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.852866][T13613] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 200.875367][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.875385][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.875396][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.875410][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.875419][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.875432][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.875512][T13613] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 200.875524][T13613] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 200.882546][T13613] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 200.978568][T13613] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.987609][T13613] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.987640][T13613] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 200.987724][T13613] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 201.049862][T13237] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 201.091735][T13859] FAULT_INJECTION: forcing a failure. [ 201.091735][T13859] name failslab, interval 1, probability 0, space 0, times 0 [ 201.104554][T13859] CPU: 1 UID: 0 PID: 13859 Comm: syz.1.1562 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 201.115422][T13859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 201.125489][T13859] Call Trace: [ 201.128802][T13859] [ 201.131727][T13859] dump_stack_lvl+0xf2/0x150 [ 201.136318][T13859] dump_stack+0x15/0x20 [ 201.140508][T13859] should_fail_ex+0x223/0x230 [ 201.145187][T13859] ? __kvmalloc_node_noprof+0x72/0x170 [ 201.150695][T13859] should_failslab+0x8f/0xb0 [ 201.155312][T13859] __kmalloc_node_noprof+0xa8/0x380 [ 201.160613][T13859] __kvmalloc_node_noprof+0x72/0x170 [ 201.165975][T13859] rhashtable_init_noprof+0x312/0x450 [ 201.171404][T13859] nf_flow_table_init+0xe2/0x1d0 [ 201.176370][T13859] nf_tables_newflowtable+0xa4c/0x10d0 [ 201.181887][T13859] nfnetlink_rcv+0xb37/0x15c0 [ 201.186683][T13859] ? kmem_cache_free+0xdc/0x2d0 [ 201.191548][T13859] netlink_unicast+0x599/0x670 [ 201.196366][T13859] netlink_sendmsg+0x5cc/0x6e0 [ 201.201207][T13859] ? __pfx_netlink_sendmsg+0x10/0x10 [ 201.206482][T13859] __sock_sendmsg+0x140/0x180 [ 201.211174][T13859] ____sys_sendmsg+0x312/0x410 [ 201.216003][T13859] __sys_sendmsg+0x1d9/0x270 [ 201.220652][T13859] __x64_sys_sendmsg+0x46/0x50 [ 201.225413][T13859] x64_sys_call+0x2689/0x2d60 [ 201.230105][T13859] do_syscall_64+0xc9/0x1c0 [ 201.234637][T13859] ? clear_bhb_loop+0x55/0xb0 [ 201.239437][T13859] ? clear_bhb_loop+0x55/0xb0 [ 201.244154][T13859] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 201.250046][T13859] RIP: 0033:0x7fdbfe11dff9 [ 201.254455][T13859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 201.274099][T13859] RSP: 002b:00007fdbfcd97038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 201.282500][T13859] RAX: ffffffffffffffda RBX: 00007fdbfe2d5f80 RCX: 00007fdbfe11dff9 [ 201.290514][T13859] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000005 [ 201.298472][T13859] RBP: 00007fdbfcd97090 R08: 0000000000000000 R09: 0000000000000000 [ 201.306454][T13859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 201.314413][T13859] R13: 0000000000000000 R14: 00007fdbfe2d5f80 R15: 00007ffcbb697a78 [ 201.322419][T13859] [ 201.364729][T13867] loop1: detected capacity change from 0 to 128 [ 201.396609][ T367] kworker/u8:6: attempt to access beyond end of device [ 201.396609][ T367] loop1: rw=1, sector=145, nr_sectors = 896 limit=128 [ 201.427396][ T29] kauditd_printk_skb: 143 callbacks suppressed [ 201.427412][ T29] audit: type=1326 audit(1727863793.098:4440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.459843][ T29] audit: type=1326 audit(1727863793.098:4441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.483445][ T29] audit: type=1326 audit(1727863793.098:4442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.507139][ T29] audit: type=1326 audit(1727863793.098:4443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.530613][ T29] audit: type=1326 audit(1727863793.098:4444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.554170][ T29] audit: type=1326 audit(1727863793.098:4445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.577784][ T29] audit: type=1326 audit(1727863793.098:4446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.601376][ T29] audit: type=1326 audit(1727863793.098:4447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=461 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.625039][ T29] audit: type=1326 audit(1727863793.098:4448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.648775][ T29] audit: type=1326 audit(1727863793.098:4449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13871 comm="syz.1.1566" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fdbfe11dff9 code=0x7ffc0000 [ 201.788275][T13881] loop2: detected capacity change from 0 to 8192 [ 201.797828][T13881] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 201.810946][T13881] netlink: 9 bytes leftover after parsing attributes in process `syz.2.1568'. [ 201.819950][T13881] 0·: renamed from hsr_slave_1 (while UP) [ 201.827096][T13881] 0·: entered allmulticast mode [ 201.832482][T13881] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 201.865880][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 201.874740][T13882] FAT-fs (loop2): Filesystem has been set read-only [ 201.881606][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 201.890573][T13882] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 201.905822][T13882] FAT-fs (loop2): error, fat_free_clusters: deleting FAT entry beyond EOF [ 202.077753][T13890] tipc: Started in network mode [ 202.082677][T13890] tipc: Node identity ac14140f, cluster identity 4711 [ 202.089974][T13890] tipc: New replicast peer: 255.255.255.255 [ 202.096172][T13890] tipc: Enabled bearer , priority 10 [ 202.118351][T13894] FAULT_INJECTION: forcing a failure. [ 202.118351][T13894] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 202.131550][T13894] CPU: 0 UID: 0 PID: 13894 Comm: syz.3.1575 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 202.142398][T13894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 202.152443][T13894] Call Trace: [ 202.155738][T13894] [ 202.158658][T13894] dump_stack_lvl+0xf2/0x150 [ 202.163243][T13894] dump_stack+0x15/0x20 [ 202.167464][T13894] should_fail_ex+0x223/0x230 [ 202.172140][T13894] should_fail+0xb/0x10 [ 202.176289][T13894] should_fail_usercopy+0x1a/0x20 [ 202.181318][T13894] _copy_from_user+0x1e/0xd0 [ 202.186157][T13894] copy_msghdr_from_user+0x54/0x2a0 [ 202.191354][T13894] __sys_sendmsg+0x171/0x270 [ 202.195963][T13894] __x64_sys_sendmsg+0x46/0x50 [ 202.200736][T13894] x64_sys_call+0x2689/0x2d60 [ 202.205438][T13894] do_syscall_64+0xc9/0x1c0 [ 202.210006][T13894] ? clear_bhb_loop+0x55/0xb0 [ 202.214684][T13894] ? clear_bhb_loop+0x55/0xb0 [ 202.219429][T13894] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 202.225320][T13894] RIP: 0033:0x7f0c5ca9dff9 [ 202.229742][T13894] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 202.249338][T13894] RSP: 002b:00007f0c5b717038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 202.257747][T13894] RAX: ffffffffffffffda RBX: 00007f0c5cc55f80 RCX: 00007f0c5ca9dff9 [ 202.265803][T13894] RDX: 0000000000000003 RSI: 0000000020000980 RDI: 0000000000000003 [ 202.273805][T13894] RBP: 00007f0c5b717090 R08: 0000000000000000 R09: 0000000000000000 [ 202.281773][T13894] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 202.289750][T13894] R13: 0000000000000000 R14: 00007f0c5cc55f80 R15: 00007ffd2281c268 [ 202.297731][T13894] [ 202.308205][T13896] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1576'. [ 202.343520][T13903] xt_connbytes: Forcing CT accounting to be enabled [ 202.355880][T13903] Cannot find add_set index 0 as target [ 202.418072][T13907] loop1: detected capacity change from 0 to 8192 [ 202.435954][T13907] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 202.456526][T13907] netlink: 9 bytes leftover after parsing attributes in process `syz.1.1580'. [ 202.465647][T13907] 0·: renamed from hsr_slave_1 (while UP) [ 202.472650][T13907] 0·: entered allmulticast mode [ 202.478757][T13907] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 202.511961][T13915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 202.520886][T13915] FAT-fs (loop1): Filesystem has been set read-only [ 202.527690][T13915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 202.536642][T13915] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 202.703734][T13915] FAT-fs (loop1): error, fat_free_clusters: deleting FAT entry beyond EOF [ 202.760232][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.816148][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.869285][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.880301][T13921] chnl_net:caif_netlink_parms(): no params data found [ 202.910138][T13921] bridge0: port 1(bridge_slave_0) entered blocking state [ 202.917180][T13921] bridge0: port 1(bridge_slave_0) entered disabled state [ 202.925228][T13921] bridge_slave_0: entered allmulticast mode [ 202.931774][T13921] bridge_slave_0: entered promiscuous mode [ 202.941386][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 202.952531][T13921] bridge0: port 2(bridge_slave_1) entered blocking state [ 202.959629][T13921] bridge0: port 2(bridge_slave_1) entered disabled state [ 202.967084][T13921] bridge_slave_1: entered allmulticast mode [ 202.973763][T13921] bridge_slave_1: entered promiscuous mode [ 202.995870][T13921] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 203.006837][T13921] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 203.036602][T13921] team0: Port device team_slave_0 added [ 203.043210][T13921] team0: Port device team_slave_1 added [ 203.049419][ T11] bridge_slave_1: left allmulticast mode [ 203.055064][ T11] bridge_slave_1: left promiscuous mode [ 203.060772][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 203.068517][ T11] bridge_slave_0: left allmulticast mode [ 203.074241][ T11] bridge_slave_0: left promiscuous mode [ 203.079906][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 203.160531][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 203.171045][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 203.181078][ T11] bond0 (unregistering): Released all slaves [ 203.189073][ T11] bond1 (unregistering): Released all slaves [ 203.209454][T13921] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 203.216431][T13921] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.242437][T13921] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 203.257812][T13921] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 203.264809][T13921] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 203.290850][T13921] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 203.320571][ T24] tipc: Node number set to 2886997007 [ 203.365867][ T11] hsr_slave_0: left promiscuous mode [ 203.371508][ T11] 0·: left promiscuous mode [ 203.377076][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 203.384489][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 203.392363][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.399920][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 203.409399][ T11] veth1_macvtap: left promiscuous mode [ 203.414918][ T11] veth0_macvtap: left promiscuous mode [ 203.420663][ T11] veth1_vlan: left promiscuous mode [ 203.425994][ T11] veth0_vlan: left promiscuous mode [ 203.519409][ T11] team0 (unregistering): Port device team_slave_1 removed [ 203.530927][ T11] team0 (unregistering): Port device team_slave_0 removed [ 203.569504][T13921] hsr_slave_0: entered promiscuous mode [ 203.575572][T13921] hsr_slave_1: entered promiscuous mode [ 203.585896][T13961] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1590'. [ 203.594835][T13961] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 203.602311][T13961] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 203.609951][T13961] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 203.617517][T13961] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 203.896781][T13999] FAULT_INJECTION: forcing a failure. [ 203.896781][T13999] name failslab, interval 1, probability 0, space 0, times 0 [ 203.909570][T13999] CPU: 0 UID: 0 PID: 13999 Comm: syz.0.1593 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 203.920341][T13999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 203.930482][T13999] Call Trace: [ 203.933762][T13999] [ 203.936749][T13999] dump_stack_lvl+0xf2/0x150 [ 203.941350][T13999] dump_stack+0x15/0x20 [ 203.945563][T13999] should_fail_ex+0x223/0x230 [ 203.950270][T13999] ? alloc_inode+0x6a/0x160 [ 203.954781][T13999] should_failslab+0x8f/0xb0 [ 203.959440][T13999] kmem_cache_alloc_lru_noprof+0x51/0x2a0 [ 203.965240][T13999] alloc_inode+0x6a/0x160 [ 203.969579][T13999] new_inode+0x1e/0x100 [ 203.973793][T13999] __debugfs_create_file+0x110/0x300 [ 203.979153][T13999] debugfs_create_file+0x49/0x60 [ 203.984170][T13999] do_blk_trace_setup+0x2d2/0x4d0 [ 203.989302][T13999] blk_trace_setup+0xad/0x140 [ 203.993990][T13999] sg_ioctl+0x6ce/0x1870 [ 203.998266][T13999] ? __pfx_sg_ioctl+0x10/0x10 [ 204.002954][T13999] __se_sys_ioctl+0xcd/0x140 [ 204.007559][T13999] __x64_sys_ioctl+0x43/0x50 [ 204.012162][T13999] x64_sys_call+0x15cc/0x2d60 [ 204.016848][T13999] do_syscall_64+0xc9/0x1c0 [ 204.021354][T13999] ? clear_bhb_loop+0x55/0xb0 [ 204.026045][T13999] ? clear_bhb_loop+0x55/0xb0 [ 204.030748][T13999] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 204.036681][T13999] RIP: 0033:0x7efd596bdff9 [ 204.041088][T13999] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 204.060692][T13999] RSP: 002b:00007efd58337038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 204.069120][T13999] RAX: ffffffffffffffda RBX: 00007efd59875f80 RCX: 00007efd596bdff9 [ 204.077078][T13999] RDX: 0000000020000000 RSI: 00000000c0481273 RDI: 0000000000000006 [ 204.085042][T13999] RBP: 00007efd58337090 R08: 0000000000000000 R09: 0000000000000000 [ 204.093142][T13999] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 204.101190][T13999] R13: 0000000000000000 R14: 00007efd59875f80 R15: 00007fffa5adb388 [ 204.109168][T13999] [ 204.112578][T13999] debugfs: out of free dentries, can not create file 'dropped' [ 204.212479][T14024] loop0: detected capacity change from 0 to 8192 [ 204.227845][T14024] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 204.247705][T13921] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 204.256801][T14024] netlink: 9 bytes leftover after parsing attributes in process `syz.0.1595'. [ 204.268641][T14024] 0·: renamed from c1· (while UP) [ 204.295920][T14024] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 204.312986][T13921] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 204.321541][T13921] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 204.333199][T13921] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 204.359451][ T11] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.377987][T14046] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 204.386831][T14046] FAT-fs (loop0): Filesystem has been set read-only [ 204.414325][T13921] 8021q: adding VLAN 0 to HW filter on device bond0 [ 204.421315][T14046] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 204.427777][T13921] 8021q: adding VLAN 0 to HW filter on device team0 [ 204.440591][T14046] FAT-fs (loop0): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 204.455954][ T11] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.485914][ T7004] bridge0: port 1(bridge_slave_0) entered blocking state [ 204.493076][ T7004] bridge0: port 1(bridge_slave_0) entered forwarding state [ 204.501212][T14046] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF [ 204.525889][ T11] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.543447][ T28] bridge0: port 2(bridge_slave_1) entered blocking state [ 204.550519][ T28] bridge0: port 2(bridge_slave_1) entered forwarding state [ 204.591362][ T11] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 204.644818][T14032] chnl_net:caif_netlink_parms(): no params data found [ 204.737428][ T11] bridge_slave_1: left allmulticast mode [ 204.743112][ T11] bridge_slave_1: left promiscuous mode [ 204.748826][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 204.760086][ T11] bridge_slave_0: left allmulticast mode [ 204.765833][ T11] bridge_slave_0: left promiscuous mode [ 204.771506][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 204.969172][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 204.980253][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 204.991448][ T11] bond0 (unregistering): Released all slaves [ 205.001694][T14032] bridge0: port 1(bridge_slave_0) entered blocking state [ 205.008816][T14032] bridge0: port 1(bridge_slave_0) entered disabled state [ 205.011389][T14127] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1604'. [ 205.018590][T14032] bridge_slave_0: entered allmulticast mode [ 205.030342][T14127] loop4: detected capacity change from 0 to 512 [ 205.031063][T14032] bridge_slave_0: entered promiscuous mode [ 205.044237][T14032] bridge0: port 2(bridge_slave_1) entered blocking state [ 205.051284][T14032] bridge0: port 2(bridge_slave_1) entered disabled state [ 205.058882][T14032] bridge_slave_1: entered allmulticast mode [ 205.065410][T14032] bridge_slave_1: entered promiscuous mode [ 205.080255][T13921] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 205.088166][T14127] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 205.100779][T14127] ext4 filesystem being mounted at /13/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 205.113981][T14032] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 205.131271][T14127] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #12: comm syz.4.1604: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 205.150809][T14127] EXT4-fs error (device loop4): ext4_ext_check_inode:524: inode #12: comm syz.4.1604: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0) [ 205.169040][ T11] hsr_slave_0: left promiscuous mode [ 205.174708][ T11] 0·: left promiscuous mode [ 205.179761][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 205.187284][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 205.195092][T13396] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.204502][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 205.211945][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 205.221650][ T11] veth1_macvtap: left promiscuous mode [ 205.227430][ T11] veth0_macvtap: left promiscuous mode [ 205.232918][ T11] veth1_vlan: left promiscuous mode [ 205.238193][ T11] veth0_vlan: left promiscuous mode [ 205.342534][ T11] team0 (unregistering): Port device team_slave_1 removed [ 205.353268][ T11] team0 (unregistering): Port device team_slave_0 removed [ 205.411947][T14032] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 205.426605][T14144] FAULT_INJECTION: forcing a failure. [ 205.426605][T14144] name failslab, interval 1, probability 0, space 0, times 0 [ 205.439426][T14144] CPU: 0 UID: 0 PID: 14144 Comm: syz.3.1606 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 205.450195][T14144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 205.460283][T14144] Call Trace: [ 205.463553][T14144] [ 205.466484][T14144] dump_stack_lvl+0xf2/0x150 [ 205.471131][T14144] dump_stack+0x15/0x20 [ 205.475361][T14144] should_fail_ex+0x223/0x230 [ 205.480051][T14144] ? __pfx_asymmetric_key_cmp+0x10/0x10 [ 205.485602][T14144] ? asymmetric_key_match_preparse+0x1ef/0x2f0 [ 205.491791][T14144] should_failslab+0x8f/0xb0 [ 205.496411][T14144] __kmalloc_noprof+0xa5/0x370 [ 205.501241][T14144] asymmetric_key_match_preparse+0x1ef/0x2f0 [ 205.507305][T14144] request_key_and_link+0x10c/0xcf0 [ 205.512513][T14144] ? get_pid_task+0x8e/0xc0 [ 205.517020][T14144] ? should_fail_ex+0xd7/0x230 [ 205.521800][T14144] ? strndup_user+0x68/0xa0 [ 205.526329][T14144] ? __pfx_key_default_cmp+0x10/0x10 [ 205.531655][T14144] __se_sys_request_key+0x1d7/0x290 [ 205.536856][T14144] ? fput+0x14e/0x190 [ 205.540837][T14144] __x64_sys_request_key+0x55/0x70 [ 205.545951][T14144] x64_sys_call+0x2643/0x2d60 [ 205.550635][T14144] do_syscall_64+0xc9/0x1c0 [ 205.555139][T14144] ? clear_bhb_loop+0x55/0xb0 [ 205.559869][T14144] ? clear_bhb_loop+0x55/0xb0 [ 205.564585][T14144] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 205.570531][T14144] RIP: 0033:0x7f0c5ca9dff9 [ 205.574947][T14144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 205.594623][T14144] RSP: 002b:00007f0c5b6d5038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9 [ 205.603107][T14144] RAX: ffffffffffffffda RBX: 00007f0c5cc56130 RCX: 00007f0c5ca9dff9 [ 205.611081][T14144] RDX: 0000000020001fee RSI: 0000000020001ffb RDI: 0000000020000040 [ 205.619049][T14144] RBP: 00007f0c5b6d5090 R08: 0000000000000000 R09: 0000000000000000 [ 205.627024][T14144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 205.634995][T14144] R13: 0000000000000000 R14: 00007f0c5cc56130 R15: 00007ffd2281c268 [ 205.643028][T14144] [ 205.706578][T14032] team0: Port device team_slave_0 added [ 205.750882][T14032] team0: Port device team_slave_1 added [ 205.795036][T13921] veth0_vlan: entered promiscuous mode [ 205.836211][T13921] veth1_vlan: entered promiscuous mode [ 205.843193][T14032] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 205.850151][T14032] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.876119][T14032] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 205.893888][T14032] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 205.900882][T14032] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 205.926884][T14032] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 205.952854][T13921] veth0_macvtap: entered promiscuous mode [ 205.967852][T14114] chnl_net:caif_netlink_parms(): no params data found [ 206.003100][T14032] hsr_slave_0: entered promiscuous mode [ 206.009240][T14032] hsr_slave_1: entered promiscuous mode [ 206.015053][T14032] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 206.022691][T14032] Cannot create hsr debugfs directory [ 206.031880][T13921] veth1_macvtap: entered promiscuous mode [ 206.078638][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 206.089222][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.099159][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 206.109693][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.120427][T13921] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.151199][ T28] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.179902][T14114] bridge0: port 1(bridge_slave_0) entered blocking state [ 206.187040][T14114] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.194306][T14114] bridge_slave_0: entered allmulticast mode [ 206.200605][T14114] bridge_slave_0: entered promiscuous mode [ 206.209676][T14114] bridge0: port 2(bridge_slave_1) entered blocking state [ 206.216958][T14114] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.224313][T14114] bridge_slave_1: entered allmulticast mode [ 206.230762][T14114] bridge_slave_1: entered promiscuous mode [ 206.241593][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.252097][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.261909][T13921] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.272441][T13921] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.283276][T13921] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 206.292390][T13921] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.301115][T13921] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.310064][T13921] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.318759][T13921] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 206.332881][ T28] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.350328][T14114] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 206.382361][T14114] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 206.399667][ T28] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.432273][T14114] team0: Port device team_slave_0 added [ 206.445884][ T28] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 206.457869][T14114] team0: Port device team_slave_1 added [ 206.503600][T14114] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 206.510729][T14114] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.513337][T14210] loop1: detected capacity change from 0 to 128 [ 206.536968][T14114] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 206.554693][T14114] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 206.561678][T14114] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 206.587647][T14114] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 206.626588][T14114] hsr_slave_0: entered promiscuous mode [ 206.632889][T14114] hsr_slave_1: entered promiscuous mode [ 206.645037][T14114] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 206.662583][T14114] Cannot create hsr debugfs directory [ 206.692210][T14212] loop4: detected capacity change from 0 to 8192 [ 206.707328][T14212] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 206.718936][ T28] bridge_slave_1: left allmulticast mode [ 206.724751][ T28] bridge_slave_1: left promiscuous mode [ 206.730522][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.739184][ T28] bridge_slave_0: left allmulticast mode [ 206.744965][ T28] bridge_slave_0: left promiscuous mode [ 206.750699][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.854462][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 206.865102][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 206.877269][ T28] bond0 (unregistering): Released all slaves [ 206.888826][T14212] netlink: 9 bytes leftover after parsing attributes in process `syz.4.1609'. [ 206.900051][T14212] 0·: renamed from hsr_slave_1 (while UP) [ 206.907276][T14212] 0·: entered allmulticast mode [ 206.912711][T14212] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 206.952291][T14233] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 206.961397][T14233] FAT-fs (loop4): Filesystem has been set read-only [ 206.968538][T14233] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 206.992793][ T28] tipc: Disabling bearer [ 206.998020][ T28] tipc: Left network mode [ 207.004830][T14233] FAT-fs (loop4): error, fat_free_clusters: deleting FAT entry beyond EOF [ 207.033051][ T28] hsr_slave_0: left promiscuous mode [ 207.038779][ T28] 0·: left promiscuous mode [ 207.044827][ T28] veth1_macvtap: left promiscuous mode [ 207.050459][ T28] veth0_macvtap: left promiscuous mode [ 207.055998][ T28] veth1_vlan: left promiscuous mode [ 207.061364][ T28] veth0_vlan: left promiscuous mode [ 207.142280][ T28] team0 (unregistering): Port device team_slave_1 removed [ 207.152361][ T28] team0 (unregistering): Port device team_slave_0 removed [ 207.175230][ T29] kauditd_printk_skb: 206 callbacks suppressed [ 207.175244][ T29] audit: type=1326 audit(1727863798.396:4656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14243 comm="syz.3.1614" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0c5ca9dff9 code=0x0 [ 207.246466][T14032] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 207.269365][T14032] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 207.287031][T14032] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 207.300980][T14032] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 207.353855][T14032] 8021q: adding VLAN 0 to HW filter on device bond0 [ 207.370208][T14032] 8021q: adding VLAN 0 to HW filter on device team0 [ 207.379870][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.386949][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 207.400630][ T89] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.407761][ T89] bridge0: port 2(bridge_slave_1) entered forwarding state [ 207.456412][T14032] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 207.466884][T14032] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 207.535749][T14260] chnl_net:caif_netlink_parms(): no params data found [ 207.627169][ T28] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.644938][T14260] bridge0: port 1(bridge_slave_0) entered blocking state [ 207.652060][T14260] bridge0: port 1(bridge_slave_0) entered disabled state [ 207.661008][T14260] bridge_slave_0: entered allmulticast mode [ 207.667590][T14260] bridge_slave_0: entered promiscuous mode [ 207.679298][T14032] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 207.687160][T14260] bridge0: port 2(bridge_slave_1) entered blocking state [ 207.694266][T14260] bridge0: port 2(bridge_slave_1) entered disabled state [ 207.701603][T14260] bridge_slave_1: entered allmulticast mode [ 207.708175][T14260] bridge_slave_1: entered promiscuous mode [ 207.723641][ T28] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.741792][T14260] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 207.752599][T14260] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 207.781795][ T28] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.802163][T14114] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 207.812548][T14260] team0: Port device team_slave_0 added [ 207.819393][T14260] team0: Port device team_slave_1 added [ 207.831394][ T29] audit: type=1326 audit(1727863799.005:4657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.854974][ T29] audit: type=1326 audit(1727863799.005:4658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.878627][ T29] audit: type=1326 audit(1727863799.005:4659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.902125][ T29] audit: type=1326 audit(1727863799.005:4660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.925648][ T29] audit: type=1326 audit(1727863799.005:4661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.949120][ T29] audit: type=1326 audit(1727863799.005:4662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.972642][ T29] audit: type=1326 audit(1727863799.005:4663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 207.996115][ T29] audit: type=1326 audit(1727863799.005:4664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 208.020336][ T29] audit: type=1326 audit(1727863799.005:4665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14309 comm="syz.1.1617" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbf4995dff9 code=0x7ffc0000 [ 208.051284][ T28] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.062130][T14114] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 208.080068][T14260] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 208.087074][T14260] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.113034][T14260] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 208.125966][T14114] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 208.135243][T14260] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 208.142422][T14260] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 208.168320][T14260] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 208.260578][T14114] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 208.299374][T14260] hsr_slave_0: entered promiscuous mode [ 208.305929][T14260] hsr_slave_1: entered promiscuous mode [ 208.311827][T14260] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 208.325234][T14260] Cannot create hsr debugfs directory [ 208.344582][ T28] bridge_slave_1: left allmulticast mode [ 208.350353][ T28] bridge_slave_1: left promiscuous mode [ 208.356138][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.364828][ T28] bridge_slave_0: left allmulticast mode [ 208.370517][ T28] bridge_slave_0: left promiscuous mode [ 208.376274][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 208.593225][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 208.690219][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 208.707041][ T28] bond0 (unregistering): Released all slaves [ 208.717265][T14032] veth0_vlan: entered promiscuous mode [ 208.746208][T14363] loop3: detected capacity change from 0 to 8192 [ 208.764877][ T28] hsr_slave_0: left promiscuous mode [ 208.774583][ T28] 0·: left promiscuous mode [ 208.779438][T14363] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck. [ 208.790945][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 208.798402][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 208.806362][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 208.813847][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 208.822489][ T28] veth1_macvtap: left promiscuous mode [ 208.828101][ T28] veth0_macvtap: left promiscuous mode [ 208.833632][ T28] veth1_vlan: left promiscuous mode [ 208.838898][ T28] veth0_vlan: left promiscuous mode [ 208.926937][ T28] team0 (unregistering): Port device team_slave_1 removed [ 208.938237][ T28] team0 (unregistering): Port device team_slave_0 removed [ 208.980035][T14032] veth1_vlan: entered promiscuous mode [ 208.988281][T14363] netlink: 9 bytes leftover after parsing attributes in process `syz.3.1622'. [ 208.997331][T14363] 0·: renamed from hsr_slave_1 (while UP) [ 209.004666][T14363] 0·: entered allmulticast mode [ 209.011791][T14363] A link change request failed with some changes committed already. Interface c0· may have been left with an inconsistent configuration, please check. [ 209.037117][T14114] 8021q: adding VLAN 0 to HW filter on device bond0 [ 209.064727][T14032] veth0_macvtap: entered promiscuous mode [ 209.083345][T14114] 8021q: adding VLAN 0 to HW filter on device team0 [ 209.097961][T14032] veth1_macvtap: entered promiscuous mode [ 209.119339][T14032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 209.129917][T14032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.139754][T14032] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 209.150192][T14032] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 209.161595][T14032] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 209.171605][T14376] ================================================================== [ 209.179701][T14376] BUG: KCSAN: data-race in fat16_ent_get / fat16_ent_put [ 209.186741][T14376] [ 209.189064][T14376] write to 0xffff888104b849d2 of 2 bytes by task 13613 on cpu 0: [ 209.196778][T14376] fat16_ent_put+0x28/0x60 [ 209.201204][T14376] fat_free_clusters+0x2a6/0x7a0 [ 209.206144][T14376] fat_truncate_blocks+0x4a8/0x530 [ 209.211260][T14376] fat_evict_inode+0x102/0x160 [ 209.216032][T14376] evict+0x2f0/0x580 [ 209.219926][T14376] iput+0x42a/0x5b0 [ 209.223730][T14376] do_unlinkat+0x282/0x4c0 [ 209.228149][T14376] __x64_sys_unlink+0x2e/0x40 [ 209.232834][T14376] x64_sys_call+0x280f/0x2d60 SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 209.237511][T14376] do_syscall_64+0xc9/0x1c0 [ 209.242011][T14376] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.247949][T14376] [ 209.250265][T14376] read to 0xffff888104b849d2 of 2 bytes by task 14376 on cpu 1: [ 209.257889][T14376] fat16_ent_get+0x23/0x70 [ 209.262316][T14376] fat_ent_read+0x3e0/0x5a0 [ 209.266821][T14376] fat_get_cluster+0x4b9/0x830 [ 209.271587][T14376] fat_truncate_blocks+0x271/0x530 [ 209.276704][T14376] fat_write_begin+0xc0/0xe0 [ 209.281304][T14376] generic_perform_write+0x1a8/0x4a0 [ 209.286608][T14376] __generic_file_write_iter+0xa1/0x120 [ 209.292163][T14376] generic_file_write_iter+0x77/0x1c0 [ 209.297537][T14376] __kernel_write_iter+0x24b/0x4e0 [ 209.302661][T14376] dump_user_range+0x3a7/0x550 [ 209.307431][T14376] elf_core_dump+0x1b66/0x1c60 [ 209.312212][T14376] do_coredump+0x1736/0x1ce0 [ 209.316799][T14376] get_signal+0xdc0/0x1070 [ 209.321206][T14376] arch_do_signal_or_restart+0x95/0x4b0 [ 209.326738][T14376] irqentry_exit_to_user_mode+0x9a/0x130 [ 209.332361][T14376] irqentry_exit+0x12/0x50 [ 209.336767][T14376] exc_general_protection+0x33d/0x4d0 [ 209.342123][T14376] asm_exc_general_protection+0x26/0x30 [ 209.347683][T14376] [ 209.349987][T14376] value changed: 0x03ea -> 0x0000 [ 209.354987][T14376] [ 209.357287][T14376] Reported by Kernel Concurrency Sanitizer on: [ 209.363411][T14376] CPU: 1 UID: 0 PID: 14376 Comm: syz.3.1622 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0 [ 209.374153][T14376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 209.384188][T14376] ================================================================== [ 209.392439][T14376] FAT-fs (loop3): error, fat_get_cluster: invalid cluster chain (i_pos 1050) [ 209.401647][T14376] FAT-fs (loop3): Filesystem has been set read-only [ 209.468102][T14376] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF [ 209.707430][ T28] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.791076][ T28] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.900508][ T28] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 209.998866][ T28] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.109458][ T28] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.180893][ T28] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.235673][ T28] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.333028][ T28] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 210.393865][ T28] bridge_slave_1: left allmulticast mode [ 210.399642][ T28] bridge_slave_1: left promiscuous mode [ 210.405264][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.412958][ T28] bridge_slave_0: left allmulticast mode [ 210.418623][ T28] bridge_slave_0: left promiscuous mode [ 210.424261][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.432529][ T28] bridge_slave_1: left allmulticast mode [ 210.438205][ T28] bridge_slave_1: left promiscuous mode [ 210.443783][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.451536][ T28] bridge_slave_0: left allmulticast mode [ 210.457306][ T28] bridge_slave_0: left promiscuous mode [ 210.463041][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.624673][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 210.635123][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 210.645107][ T28] bond0 (unregistering): Released all slaves [ 210.653854][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 210.663900][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 210.673768][ T28] bond0 (unregistering): Released all slaves [ 210.746650][ T28] hsr_slave_0: left promiscuous mode [ 210.752418][ T28] 0·: left promiscuous mode [ 210.757329][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.764883][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.773253][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.780746][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.790302][ T28] hsr_slave_0: left promiscuous mode [ 210.796104][ T28] hsr_slave_1: left promiscuous mode [ 210.801707][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.809228][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.816641][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.824034][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 210.833507][ T28] veth1_macvtap: left promiscuous mode [ 210.838988][ T28] veth0_macvtap: left promiscuous mode [ 210.844460][ T28] veth1_vlan: left promiscuous mode [ 210.849726][ T28] veth0_vlan: left promiscuous mode [ 210.855419][ T28] veth1_macvtap: left promiscuous mode [ 210.860970][ T28] veth0_macvtap: left promiscuous mode [ 210.866472][ T28] veth1_vlan: left promiscuous mode [ 210.871756][ T28] veth0_vlan: left promiscuous mode [ 210.981980][ T28] team0 (unregistering): Port device team_slave_1 removed [ 210.991324][ T28] team0 (unregistering): Port device team_slave_0 removed [ 211.047580][ T28] team0 (unregistering): Port device team_slave_1 removed [ 211.057948][ T28] team0 (unregistering): Port device team_slave_0 removed [ 211.962724][ T28] bridge_slave_1: left allmulticast mode [ 211.968440][ T28] bridge_slave_1: left promiscuous mode [ 211.974099][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 211.981843][ T28] bridge_slave_0: left allmulticast mode [ 211.987527][ T28] bridge_slave_0: left promiscuous mode [ 211.993273][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.001197][ T28] bridge_slave_1: left allmulticast mode [ 212.006831][ T28] bridge_slave_1: left promiscuous mode [ 212.012632][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.020177][ T28] bridge_slave_0: left allmulticast mode [ 212.025806][ T28] bridge_slave_0: left promiscuous mode [ 212.031440][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.039332][ T28] bridge_slave_1: left allmulticast mode [ 212.045005][ T28] bridge_slave_1: left promiscuous mode [ 212.050597][ T28] bridge0: port 2(bridge_slave_1) entered disabled state [ 212.058239][ T28] bridge_slave_0: left allmulticast mode [ 212.063910][ T28] bridge_slave_0: left promiscuous mode [ 212.069573][ T28] bridge0: port 1(bridge_slave_0) entered disabled state [ 212.292403][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.302563][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.312591][ T28] bond0 (unregistering): Released all slaves [ 212.321139][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.330960][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.340309][ T28] bond0 (unregistering): Released all slaves [ 212.348497][ T28] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 212.358361][ T28] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 212.368076][ T28] bond0 (unregistering): Released all slaves [ 212.415369][ T28] hsr_slave_0: left promiscuous mode [ 212.421268][ T28] hsr_slave_1: left promiscuous mode [ 212.427128][ T28] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 212.434617][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.442764][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.451396][ T28] hsr_slave_0: left promiscuous mode [ 212.457895][ T28] hsr_slave_1: left promiscuous mode [ 212.463706][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.471521][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.481055][ T28] hsr_slave_0: left promiscuous mode [ 212.486904][ T28] hsr_slave_1: left promiscuous mode [ 212.492495][ T28] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 212.500211][ T28] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 212.509149][ T28] veth1_macvtap: left promiscuous mode [ 212.514674][ T28] veth0_macvtap: left promiscuous mode [ 212.520173][ T28] veth1_vlan: left promiscuous mode [ 212.525447][ T28] veth0_vlan: left promiscuous mode [ 212.592082][ T28] team0 (unregistering): Port device team_slave_1 removed [ 212.601778][ T28] team0 (unregistering): Port device team_slave_0 removed [ 212.654046][ T28] team0 (unregistering): Port device team_slave_1 removed [ 212.663320][ T28] team0 (unregistering): Port device team_slave_0 removed [ 212.713895][ T28] team0 (unregistering): Port device team_slave_1 removed [ 212.723371][ T28] team0 (unregistering): Port device team_slave_0 removed