last executing test programs:

4.34716568s ago: executing program 0 (id=13672):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2b4, &(0x7f0000000600)="$eJzs3b9rO2UYAPDn0jQJCiaCkwge6OD05duuLinSQjGTkkEdtNgWpAlCCwV/YOzk6uKmq4sguPlPuPgfCK6Cmx0KJ5e7a5KaxkSb1h+fz9K37z3P+z7vNdfSIU/eeW54cpjG8cXHP0WrlUStG924TKITtah8GjO6nwcA8G92mWXxa1ZYJS+JiNb6ygIA1mjlv//frb0kAGDNXn/jzVd3er3d19K0FXvDz877+X/2+dfi+s5xvBeDOIrH0Y6riOxaMd7LsmxUT3OdeHE4Ou/nmcO3fyjX3/klYpy/Fe3ojKdm8/d7u1tpYSp/lNfxRLl/N8/fjnY8M2f//d7u9pz86DfipRem6n8U7fjx3Xg/BnE4LqLIj1rEJ1tp+kr2xW8fvZWXl+cno/N+cxw3kW3c848GAAAAAAAAAAAAAAAAAAAAAID/sEdl75xmjPv35FNl/52Nq/ybzUgrndn+PEV+Ui10oz/QKIuvqv48j9M0zcrASX49nq1H/WFODQAAAAAAAAAAAAAAAAAAAP8sZx98eHIwGByd3smg6gZQva3/r67TnZp5PhYHNyd71crhgpVjo4pJIhaWkR9iiVKr7Yu2B6ud9Msotnj6tpq/+XbpBb/+87OXg80lYv7moHp1nRwk8+9hM6qZVvUi+X46phFL7tW45dJTZQVL1tyYe6m98tkbT44HowUxkSx6Ll7+uai7nEluPkSN8V2dm75ZDqbSZ2Nay96N4kn5g+S6W0dyN798AAAAAAAAAAAAAAAAAACAGZM3/c65eLEwtZY111YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyryef/rzAYlclLBDfi9OyBjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wO8BAAD//3tlWs8=")
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x12, 0xffffffffffffffff, 0xfffff000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, ')', 0x3a, '', 0x3a, './file0', 0x3a, [0x46]}, 0x29)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r5, 0x0, r7, 0x0, 0x88000cc, 0x0)
write$eventfd(r6, &(0x7f0000000240), 0xffffff14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000001540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8, 0x0, 0xffffffffffffffff}, 0x13)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f00000031c0)={0x1, 0x0, 0x10000})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r9 = socket$nl_route(0x10, 0x3, 0x0)
fadvise64(r9, 0x0, 0x6, 0x2)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

3.4748561s ago: executing program 0 (id=13683):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000080000000000000000095000000000000001841fa90322f780a192493f4c8f6bd082fb422361615cfb121affa05db8af87b"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000d8d60b007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000086"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f00000003c0)='ext4_allocate_blocks\x00', r4, 0x0, 0x9}, 0x18)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r6}, 0x10)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x6, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffe}, 0x48)
unlink(0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000004c0)='mm_page_free\x00', r2}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001580)={0x0, 0xffffffffffffff3c, &(0x7f0000000300)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a2130e72cd4dabc8854532cca0c32a5b9f844a4610c7525650ce3d3b76b15026d93e6dee896115e9364066aa3d14e33ef732b4681335c576902153114bdb9c74b538a71115fb1d1a63d1b04129661b29aab89d0be999a6b7c9bea755adedbf305a79f70b71d3d4c98577b49db4963ce89b0def5e840f459659cb6f86d56b069a5de11d601d348ff88ca6e5e2cfe40176880b33e9e8dbc32ba2e6a99b1b50276dc4f06166000d7069a3cc76f", 0xb9}, {&(0x7f0000000180)="892950e2405ee8629d9384a91c16d1706a3e61f305119f95cac0f1927f4c205b971eb41147cb1f86883d6910e68ac3996551800b3ec64b77f8444b18345a2c8b178eeeba0cde7319a5a46bfe7f5770e019efd9d52069edcced33a758c4e657f3a792dc193a1911040000000000000003c851a8", 0x73}, {&(0x7f0000000200)="a68cde0d56b170df7710b54f17d9a39c4f98f3547190", 0x20000216}, {&(0x7f0000000240)="45e04400f2b383517a08c397dd0a76e67ecfc8e74573c24dedd3a48fb62458c1412fdcd15e888cb0f5d02e77bfecefda6b064c0bb2b66a9a522e63873dde02330510255eec7dfa1af708cdab59fb71eca786a359a2c3b0cbad35144ec5b069c53f90e43339845dc7fd140c55b0149ab38eb27c140f374bcc2c95b0b121d1a9302f3a01b888243b3fc0d46f0de0", 0x8d}, {&(0x7f00000025c0)="87fb74cf4d67adbbd062637f514c1f5eb18d7b442e6457a356c6cb1f71a43dfae773c8489cce5145f92615d4bdb13ef54d6ae90ec7733180fcf5adf3e13fdb05b57b748bd14eda042a97fdd84498304a504a0a159b972e8200c2d0f536a3465ec498ed12b924bd134057df36129d3ebe3dd3ce9f0671e5278143e4afa3d43f444681de1b5f9725fca34fa357fe2154981666fb9dc202fc17a0199eb1c25bdd1005e590e84783ee9894c888998dc25a83c14aeee31d114acfa0bcd235d571cd765f4b9259ba43e6fc30291d8a642146c4771898030b736aeee6b247abb0784b154e104e7dcda401f9b1736fea30a41a4153fe6a9a525bd0a3487571f914f05b590e242341ade289d8f5b842c6be4a93c2755dfd47174def782a2f8f61c068b5a012f02c0801601e860def788121e8808c01fed4c920a3698d0d684920918c95b17f76bbcb4f265c931d8f79560ff8114b70f4dd6791e2ed70cfeb89905791b88be26efe1c5c66b7b50b3d2be0dbc066dfc31618f9507f6f340b85a2f76a6dcac9d6ccc289ace5e5fecd25afe22ffa451f5e365ab33cc985f2e9d7f7fb1be4794740a94215d7db14b0ffcec19e5e3c5ae0d8578ef3b65d2a7a77a11e390a6c3a6b391061c886b961e3c2f42d62047bfe1356a44b840d3d956105f4c0fa95db08c4933f00de77cdc057c28b41fecfc8398c442be1ad065954f6c9dfeb2fd7207e8548a00a1d50bdf522d2abfdafd71723616a34830fbfa8fc81e0c2639cc12f363a4919b7a00ac8189dad3e7e54122a2ef430f623658d5e281c9a19442995bb9b0e3f7d13e3016b6f9523be196bf23bbcc5ec802f43ef8b651d688d9d5a44f35c9847e4c32bce3e9ebed2326adadc76f06a195db32c80b3090d7cd65c9d8518ba4e528c5eb5c7a1c5695b21595fa8a8621734bfda8afddd65e1f37a1990220a00fa9bd2c22b0117ceb08ae6af3c944c2eca924abfddad065d1472d0c3f742a49b1e78c669471873706ad157d831d7482b773f07b0673a6ce1e227a7a4d13744bf459434c0ab1c323a38b1a84cbf1ce9741f2b8fdcc2e073e56171603d035aacd83e71d5132831f4f1e8bf517979f132a33fd03783272e9b8c96dfa4e1d320a58d82acfc8d3d53a5a52daafe4dc8be08f4ad53e11cc21374b6ff4ff5ea2ecc5d3f7c057f74f0098e57d990090475cdaffdef0da917653ed10fb70b94b72e5b4d95cbea0fc1dd2579635ad6ab545ba4d7b6d2f5442bdb78beb6c8ed62942a439117025b4566b48d9f3a17fdf4577e8606a4bc4c26557e58312fd2d1a541ebec3e5ae28eef8b2ab0597083716dd12889335570ee7839530eee879d9b137606cd4dd7103991671b4464bb68529eb19fb7a8845e3491bfbac688a87cf0744f429ea112014402915c4c1f6bae08d689d3cb7d641d7befe8fc74a2242310a9a367a39531b4c86da5b39df524e52f33ff9c40b48cb196ffc9ca855b6e698ade8a83e52b9ddc5031ff09e1907e4f8b0d07e64e1fb8e427f8819a7be907aa216bf8e2a4c7cc87ed53bf9490d4cc788b91f3b9f705e984a7e62c7a495e8421b97c39dc954b35468f17c6682334f4e16308448f457faeffff6d1f818522fa441d3a48168bdb12ffebace436a3915b63076cb6a655718647f87eaaf313b5bbd430421eed3a2215e439600a56eac8c65291eb103326a8034662bd337ab51577d9110ec7151be5cc9c54b2a30891acac5ad006ed537dbeb8f16eecbde7cf4e71373faf3c36b772f6d7ea9346875c8cf1049d49d4f8eb01b946c11e8c8e3ab2015f282167acddcc77fff03e1be9134252af0abfe538b4d25fc4ff874b52b9fb0996b5f32b4141dbd30578ff46e13ef6c63fc1620f62cb11a3dce401993976c272a5f62fde3f2a0e654d19e7a39dcdb622b9526d2a15cc18e6f817c916a00775353dd9c8954e66d0445b59bb0f5e6e3b46447232f52a0e398b057d123ef503afcbd48544db6434d2025bfc8dab72262a4fa5426a03061e7f8966e0086ff8ab5a91ab59f19b830394ee8bc76d6fb4816b8f4cde35b7eb9d3811228d51c54828f97fd1e648196c81bc73ed56249a59f318704e84656a6cedd2b8c1e1808d1cc648749abc643131e494c01336d4a14b8609656f2c972dc23c5c2e43fe40119fb88b5ec2aade35c03646e347354c493de8ab3672ccf94af0df333c6678299129d79be0eec281c5b3858ce3995566a390b674635b356692e3e9c53a089638ba0d69e772b7b410a5ae03de12e7de755ee559e1707b7b8003aabc8e2ce03c01e3183ff2d93262f6d5ceaafecdae66bc7cb3952c5a6571d864d502f281db5a228695badca5d022fdb6da56ab15dc377d1c1f8581ff56e28c2b2a84edb629547d28275c2ed571103b4ca7cdeb0776ba9f9dffcd78d21c3d4caa9289ed199672f4e7b912068c49c817114c37d37ea03954bae87d1ddae3da2ad85feb2fbb735b75a51f7bee5c8d88cc7bf64700d1a46ec6b631ae22ac7b06730a86a26bdcb992e1c7b50142de96b14a8468e4514068a30896fc677fddefaebb125c693a8d460469c7fe535f844781940f66d6abd091191c3122d584f5b0f5b0d443713d7d5186124d73de28aca30b719d4a55e09d259bddbf16995aeb1000880890afbd24d4066b0398985a40999de22ce176348e1c1f57eaf75b92a1e4f1482e89a00ac2cc36b20e36af9ec310599c19a5b1d6f8fadba104c58c801c6633315f82ebfa88faddd0b693e2f827f586c1cc5538e93bcf10f81af6dd7ee727df3b5018c0b4e31e40d040a47503b6ace4d29a1162ce487351825255f5584aff7cbd421f85c3d9fbb3784abd9848f16028b68f0d32ed8bb80106e8cc4acb939ff88bd39976d166b2addebf628b3fcd056da2f60e1b90f7a32702954921908ebccb683622a1f574ceba6951bef5e751c338c8279318dc28e36b9fc2bb17c3ad08aceb00fc388e6db112a738f86a4a1eb11526e1b9d73250b326285ed47c4398d93a3933d9a784249b65ad7d78a1f81d96ef36493ed693045a2150a8eb43cecc0c93e7d20b15b39a0646b081c2923b816365b7fbb41683a41732d942c5aa12faf876ec7f036becde8f3295af6dacff38d076d8e06260fee167703bb610745374a2758a6b88e465ca77d1f3105ae8b6b04a1eb509fb178d6249dbbc84d5d1d069278449a89d03e4a9a395d8170c329a296cfc329798cb9b9f1078d098cf3f989fd4ec53e013fbe917df35292d44fb1f3da4da4432a1847d4721514ade8cda5e5c0b51183580fc35266a970ebba74faeda56d4dcb56df51f96ad237452cedbd0cb2bee112713c3d450835811bf3da9745136d428e148fd0932dc77c8d8e61a16c625241fad8425b4ece394eedd5f165bd94923bfa1172be8edc8a4fcaae5f77ee8cc510192b27964da09c3e84efb4bc7154da1a24da8b7e544b42278d2574687ec76143afa6cf193d52a2a7f4c20ee57b6056a1337d5e408117a6cf1ab49c8980f39597f69902085d3e8d374d44e6ab4ed1185a26be2bc7281e9cfbbeb6bed899aa1924d3faa06d95999fbeaf2337494e0c2c39eef5a73fcde84459a9ea48d4e015d9e5bb5839354967ce02f637bc8678d2595b9a918fc36b927d7501f0ac2e3471ce02b5df355689c87f191ef5390900a41deec29984e45a878ece964b0009aad561316fc3b30ce1b49266d32eb17cd30f3e17e1f59014e8c518940dd0a093d1349c1a7c2581963bbe0ba372b6426e81c33c71b2ec8141c5713e52a37fff0a417a5b259e1420d9fb6a731f5baa0cc494221947895aa8fa14745a986a366bff9d0c239a19f85372497565b5b703da16439019df5f3d29f4247fb528854c9648630f03e9dedde5a08a47728ea6a4d42e62eff6fa3bd402325e0f4387b60171c37c180f958ad80955779c899517e7ea76eed00598e01552eaaf08b723daf9d466e8c57af43a15a46528b1119f5074aa3c51f77357ebe158275bc06b89640d7ce3c0a03af01418d7dc6ae8a1be8ab08c1722d66d1e9277480b8b178447667c024f9b78f8a878a2d7cf8e83e5104f6964b2907a989abafc7d7d0df941abf3d7283b6a11d46c2911a42182ec27ab785d92946e1ee8ef44846d561850d2a98c305c382f36d4cfc9b2bfd3b86ef21a0d187adcafbec8268c7d662a34dda1c83c4967097743133bc8c587edf249f5668c34ddb112fa4eb1bea9c8f6a000f1f34428b54688a5e214a7919868b25dbe930e86a243ecf54afe0b518c647d04873d2cf62cb2ab27f00015537a4fd2ea3dc8777abdf3284622347016566da0b9c406ca8c40694e4013a53fbf2e803d51b0bbe5e9df5fc74f66be618856357ccf803c53ed0e3b3fe79f69f0ede9b565d8f7a8ce5aa8cbb4e8fa61be3fd00ffb07e45065498925c14c0b311942d4ed951ad6237aadb5405bc7b2d79e1fd295b7c2ed8efa883e44c86a5053e2f421c6d4dc0c47d3a05d911db37d6efdb8e50fb3f06139ac147bc7162c21aece79eaf72e9779f19eb5395cec3d15a7594ea70a6b373d98651d2215b210f037ea3f8a57ded74474f6fdb64a08b56af52168da70b30aee03472cd8bee5af04cad7303004a4aba464b99", 0xcb3}, {&(0x7f00000006c0)="97b13f5cf9f584c87e0e637d2ff483a311bb412cb3b03c3d9e97e435f2fceb58ff0402ed7b96244b43386c222917662028d7a01206a1990722ccef1d8f39f7c8ae242e58359217b1c6161ea741445cf16b0c48eb18a6c72174dfb7cd1bd0f409dad5a432bed4afb470da3656dd30d70769e229dc91037321d618e1eff4a176ea46d5cd4d5da97f80356e46d9e8166bf2d97210b631654ece218a2a204a1786ab5a60a881a7a294cd2f92438350e6e3ec4439ebe06133ff65b1e32b809ba0482783b563ec8e5778285da5211e5821135433053a7921319c544d5e797f"}, {&(0x7f00000007c0)="75c37714a0bada8343bceb64ccb6d95a2a37b020e0bf1f6a1de4584223a2f285aaca30a9554cd5cdc1659cb9fec462cc5c2220a7cd891ec3bad99fe3c06e15a109ec0fdb6aeeee5ef8e4bfc28e17984a3860b907d549492d47a447782b7357ea72f4b2c26512a6a33c0247b730a6182ea5a99aee25fcee07f9cb0a80595cd5f744fa6898fdffda5b34b19474b8e853467329e4aea36cfd0e00735d37beb0f895c5688259a8935194eefd3a96d55707133a08f03e14da563160a545396b93341f41c161c93687e28a"}, {&(0x7f0000000b00)="1b080b7a30aec939ce8e26e0cbbe37fc064ceef965fd5e3b6739c966492dbdf71c04423d8a403e56dfd224e4e55918a5e31e683fec5cc9460882a0d1628d02d51a8da997073f856e2cd00586c6e8c89c71cf8be6121b0b3a85d597a1afb0cc311f30cc26183c8e594ce5ff62661c9e32cbc9dd9a72985e9857f3bddb52382b6c27ca85d5774cf17b92e2d2097f12a8687e70f90d46381a47706a9124a2cf61b84f26aae22fd4da84ae35b93f7be9fdfdfbf33c59f5c657e9f7e81b81b786082f88af4de07808ff3c954bae"}], 0x5, &(0x7f0000001480)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @multicast1}}}], 0x20}, 0x0)
recvmsg$unix(r8, &(0x7f0000001140)={0x0, 0x2, &(0x7f0000001040)=[{&(0x7f00000015c0)=""/4096, 0x7ffff000}], 0x1}, 0x40000100)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x400000)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
get_mempolicy(0x0, 0x0, 0x0, &(0x7f0000a88000/0x2000)=nil, 0x3)

3.47329734s ago: executing program 4 (id=13684):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000009900000001"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0x64, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x35)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000010c0)={0x11, 0x14, &(0x7f0000000340)=ANY=[@ANYRES16=r2, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x1000, 0x0, 0x0, 0x0, 0xeb35d433ade93761, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fcntl$getown(r1, 0x9)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x360, &(0x7f0000000b00)="$eJzs3c1rO0UYwPEnaZImKW1yEEVBOtiLXpY2ehaDtCAELG0jtoKwbTcasiYlG6oRse3Jq3j3JHgovVnwUND+A71404sI3noRPFhBXdm3ZPPWl5g0/trvB0omM/PszmQn5dm0m718+/MPKiVLK+kNiSaVRERErkSyEpVAxH+MuuWEhB3KSzO///j8+mYx6VWolfzGyzml1Nz8dx9+kvK7nU3LRfbdy99yv148ffHs5T8b75ctVbZUtdZQutqu/dzQt01D7ZatiqbUqmnolqHKVcuoe+3f+Nsxa3t7TaVXd2fTe3XDspRebaqK0VSNmmrUm0p/Ty9XlaZpajYtuEnxeG1Nzw8ZvDPiwWBM6vW8PiUiqZ6W4vFEBgQAACaqO/+POin9MPn/lswVCstryunczv9PXjhvzLx1Oufn/2eJfvn/Kz952+rI/53TiXb+X/POD0o35/9fyh3y/96M6HEZOv/PjmEwGM58oqcq0vHMyf/T/vvXdfTOyaJbIP8HAAAAAAAAAAAAAAAAAAAAAOBJcGXbGdu2M8Fj8NO+hMB/jgdp0PGfFpGkc/Rtjv9Dtr65JUn3wj3nGJuf7Rf3i96j3+FcREwx/ra7OWsjuPJIObLyvXngxx/sF6fclnxJyk68LElGsu56CsXb9sobheUl5fHjW5cppcPxOcnIU+H4b93V6cTnOuP9/SfkxYVQvCYZ+WFHamLKrhvZ3v+nS0q9/mahKz7l9hORX+79oAAAAAAAMGKaaul7/q5pg9q9bxnJl9yPiQxZlIz81f/8frHv+Xks81xs0rMHAAAAAOBxsJofV3SJGnW3YJr9CikZ2DSCQqyjJi4ifTsnumri1215KjTD244nId4dTP7rvL4KXtW7RAX/SOEMvNXk31FFhhtPMH+3JhJrNf1513lFDsVdAIfhpqjcIjzWPfh5p0L17bwwcDtH/kRaNcHHRokBr7Os9m4nes1KiPfU2JHhFsAzX3z9x+jeIK+e+ivgo5s7H5mGfSC3OShdBWcXvU3xsf/iAQAAAHDv2kl/UPNauDl8I5HwzXL4yz0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAACM0lq/06ypMeo4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8W/AQAA//9/d/Qh")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file2\x00', 0x105042, 0x40)
move_mount(0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0, 0x220)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000000000000000000000000500"/28], 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000180)='kmem_cache_free\x00'}, 0x10)
write$cgroup_subtree(r3, &(0x7f00000000c0)=ANY=[], 0x32600)

3.423402975s ago: executing program 2 (id=13686):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000ff0f000007"], 0x50)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
setresuid(0xee01, 0xee01, 0x0)

3.382408608s ago: executing program 2 (id=13687):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x304}, "0300", "95670cff05e29ee8dcfc54e13b2dd711", "fdffb26f", "a2deb79f8c96bff4"}, 0x28)
ioctl$int_in(r4, 0x5421, 0x0)
writev(r4, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
kexec_load(0x4, 0xa, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110600", @ANYRES32=r6, @ANYRESDEC=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x8c}}, 0x20050800)

3.35390742s ago: executing program 4 (id=13689):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f00000012c0)=ANY=[@ANYBLOB="18000000010000800000000000cbcd290000009500000001000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syslog(0x2, &(0x7f0000000200)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r6, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}})
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r7}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
recvmsg$unix(r8, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2000)

3.23475525s ago: executing program 1 (id=13690):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000900)=@NCI_OP_CORE_INIT_RSP={0x0, 0x0, 0x2, 0x1, 0x0, {{0xfd, 0xfffffffd, 0xb2, "4bdf03a471f5f569f3f8bd77df465999c34b2494c8f043a5343e7f231cf38b50b8032b018c7d80f65685037415f6005643309a13522402525e678a9229fc10f75ff0bf0a65d16f6498cc9b553cf77959f04091a31b16500bbc0bce234285ec883a11c0e44b9790c2e6af137eb25a6b2802c3e173c184550b7167a49996394c9cac19082cdb3d57bb3d51a5b0717c5627cfc54ad39f97cc12eb7c38acf28adb4a4ad505ae39eb9ef7f7d99129500000000000"}}}, 0xc6)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fa347ae3", @ANYRES16=r3, @ANYBLOB="010023010000340200000600000008000100", @ANYRES32=r1, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="40020000004d304489c9d66c2438471a25aeb7d3c95ad7af54610010dbc8e2b60eb757db90ba5cb2dc0c37760b64c24e8a2373c0ac3cbb96f518bdae9a45c76a522edc2dec34174c4c7865c5d912a29edb35e3c90a9948c31c27f1e28d3345be1d609d6f7c1b2327235c57d63bc0be113b3c02c3ad354ee6e1793c24dcdfc06fd1ea8a803ebb589940ab4500"/153], 0x5)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)

3.158937126s ago: executing program 2 (id=13691):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000900)=@NCI_OP_CORE_INIT_RSP={0x0, 0x0, 0x2, 0x1, 0x0, {{0xfd, 0xfffffffd, 0xb2, "4bdf03a471f5f569f3f8bd77df465999c34b2494c8f043a5343e7f231cf38b50b8032b018c7d80f65685037415f6005643309a13522402525e678a9229fc10f75ff0bf0a65d16f6498cc9b553cf77959f04091a31b16500bbc0bce234285ec883a11c0e44b9790c2e6af137eb25a6b2802c3e173c184550b7167a49996394c9cac19082cdb3d57bb3d51a5b0717c5627cfc54ad39f97cc12eb7c38acf28adb4a4ad505ae39eb9ef7f7d99129500000000000"}}}, 0xc6)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
write$nci(r0, &(0x7f0000000400)=@NCI_OP_RF_DISCOVER_MAP_RSP, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="40020000004d304489c9d66c2438471a25aeb7d3c95ad7af54610010dbc8e2b60eb757db90ba5cb2dc0c37760b64c24e8a2373c0ac3cbb96f518bdae9a45c76a522edc2dec34174c4c7865c5d912a29edb35e3c90a9948c31c27f1e28d3345be1d609d6f7c1b2327235c57d63bc0be113b3c02c3ad354ee6e1793c24dcdfc06fd1ea8a803ebb589940ab4500"/153], 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss={0x2, 0x80000000}], 0x1)

3.027484346s ago: executing program 0 (id=13693):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./bus\x00', 0x280008a, &(0x7f0000000240)=ANY=[@ANYBLOB='shortname=lower,shortname=win95,rodir,iocharset=default,uni_xlate=0,nonumtail=1,utf8=0,flush,rodir,shortname=win95,shortname=winnt,shortname=win95,showexec,uni_xlate=0,utf8=0,utf8=0,uni_xlate=0,shortname=mixed,\x00'], 0x97, 0x2b4, &(0x7f0000000600)="$eJzs3b9rO2UYAPDn0jQJCiaCkwge6OD05duuLinSQjGTkkEdtNgWpAlCCwV/YOzk6uKmq4sguPlPuPgfCK6Cmx0KJ5e7a5KaxkSb1h+fz9K37z3P+z7vNdfSIU/eeW54cpjG8cXHP0WrlUStG924TKITtah8GjO6nwcA8G92mWXxa1ZYJS+JiNb6ygIA1mjlv//frb0kAGDNXn/jzVd3er3d19K0FXvDz877+X/2+dfi+s5xvBeDOIrH0Y6riOxaMd7LsmxUT3OdeHE4Ou/nmcO3fyjX3/klYpy/Fe3ojKdm8/d7u1tpYSp/lNfxRLl/N8/fjnY8M2f//d7u9pz86DfipRem6n8U7fjx3Xg/BnE4LqLIj1rEJ1tp+kr2xW8fvZWXl+cno/N+cxw3kW3c848GAAAAAAAAAAAAAAAAAAAAAID/sEdl75xmjPv35FNl/52Nq/ybzUgrndn+PEV+Ui10oz/QKIuvqv48j9M0zcrASX49nq1H/WFODQAAAAAAAAAAAAAAAAAAAP8sZx98eHIwGByd3smg6gZQva3/r67TnZp5PhYHNyd71crhgpVjo4pJIhaWkR9iiVKr7Yu2B6ud9Msotnj6tpq/+XbpBb/+87OXg80lYv7moHp1nRwk8+9hM6qZVvUi+X46phFL7tW45dJTZQVL1tyYe6m98tkbT44HowUxkSx6Ll7+uai7nEluPkSN8V2dm75ZDqbSZ2Nay96N4kn5g+S6W0dyN798AAAAAAAAAAAAAAAAAACAGZM3/c65eLEwtZY111YWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANyryef/rzAYlclLBDfi9OyBjwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/wO8BAAD//3tlWs8=")
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x12, 0xffffffffffffffff, 0xfffff000)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10)
r4 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r4, &(0x7f0000000000)={0x3a, 'syz2', 0x3a, 'E', 0x3a, 0x7, 0x3a, ')', 0x3a, '', 0x3a, './file0', 0x3a, [0x46]}, 0x29)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
pipe(&(0x7f0000000400)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
splice(r5, 0x0, r7, 0x0, 0x88000cc, 0x0)
write$eventfd(r6, &(0x7f0000000240), 0xffffff14)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000696c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x18, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000001540)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r8, 0x0, 0xffffffffffffffff}, 0x13)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f00000031c0)={0x1, 0x0, 0x10000})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r9 = socket$nl_route(0x10, 0x3, 0x0)
fadvise64(r9, 0x0, 0x6, 0x2)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

2.959811592s ago: executing program 3 (id=13695):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f00000001c0)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, 0x0, 0x2, 0x0, 0x0, 0x0)

2.474535271s ago: executing program 4 (id=13696):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x5}, 0x18)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000002200)=[@in={0x2, 0x4e20, @remote}]}, &(0x7f0000000180)=0x10) (fail_nth: 1)

2.342821661s ago: executing program 4 (id=13697):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={<r1=>r0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000580)="02042700ea0e0000000000001eafbcf706e105000000000000001104ee1606d4b8bf4a828bda305775c43824cee8440000", 0x31}, {&(0x7f0000000300)="126873159fca3fa38fb198e9a6b363ceb3e6d803ab766b7a38e451d14e0b3457474fe6a51671e4124fcea96a873b10996816e100ed8a93b0a9053db57d60973369f58551c3091cb88d3b", 0x4a}, {&(0x7f0000000080)="088d85d1f4f8220aee8de7932b326f8a3164ae439862807a1589836c736d2341f7", 0x21}, {&(0x7f00000001c0)="df4603a1330000f300de130ea8", 0xd}, {&(0x7f00000005c0)="b72abab9439ca41f5cf14d6435575ba774ee5f5c23ff2f5176f5773d08a15668ec280cfe4ea416cf769dbf978a8191bbe006e0da50029176c0f24e3ff4d3e895a2afbf52cef2fe1ca31edd842b126ec4be67e6e3624b9ddf806fc146c645ec1d37fe7e3b025c156d5d520104b53f7fb2af436201cfd5dca170edea5a190e4786bfaac544b60f514d7ef420526c467f14790dcfa5ab915d7dbcdf2765bbcad014c991f8b829c79f53586de79f0b987ad796f9de4a6e53136a07a39ab1f5a2ce30aded70a9b72d1beff7e8b6405fd6331e5635ee71e809be2d58f412dcd7b2e856d692dbfed19045ff13244acce351b6e450395568063569c71ea80a04f83fbe6ad1d0862fb97f816576c4844da65d751ee1fdc522ae1158670de297cdb2117bc0adc1486e016a6bcc922a162fce6a9ecc8c42b0c44c566004eda037864e5f339bbb0998cdaf2b8e49ae003659bc033668f7c8e550197ed95c420461254ba1883dbd9403672d579cee85c37f103ee9a350a768286017158784baeb063c8c684b91b022b0db2238b679092a1f6909f0cd9228500e088f5cc7bac4c0dc56e80fedac93554aec79715ce02e8bf3fcbd70382f619bfe3dcf06890d8542022ee58bdfb075d319c9fc8474cadc8de5c3dd3f682d3f68324d0af7a727064053ad84c94643eef190783c616467628f84620044c084b80e3e57bfcdf293c9c36b4474a52398b35e49e2ad4a4ac090bffc5cd27d3c69b4ae5f841d5b0766ccd36d25eb58d8f01621a05744b79ede39019ab9d7a1946353d8f3b7f833ce1a102a8c97a9e3f32138ffafd305448f2518ccdb7eef594a890eaeaff3f876f742fec22669a97085ed93b18228ecbe9e354e8f69967ca749fd2b1cf026665ca912e3fc0188b294519078b46676052de4fe22798290bd1e232c9791fc01ddb4ae776b5769143df2867042e8a3ddfa8e786bd8a244076956d4ab137939ad381650dd4fefd2b942a98d6f2edfd7019ae473e7608647b86d643e8ff3d7d4e89ed826e4b8c6e8fed224c528d805ade85c5b45261b2692c0f403dec050bd973b0999df214689f4402dd1598a16b0c7671e5e204a00b06376ddee7cb99292a8b835c0b451642b71f2ffa1aeea56255817b2384bfe4f8213ccfc1f762f250592896102e5f6d34cdd726bc0f86af52fd7c4483d32e23e5af770e960c7445b8e67b6086f0cadcd22d0d4bdadc31b5a94dd687379dc6e078210ccc71f8e67eb58d330394425ab17e55d1ca8f868f6bf738af291d2293c3dfa2ccff25061ded22878b3cc6532d19e5a00d1f0f1b9de35305fac2c6cfd5d77a2b02618735b7d392738bd5cd3eabb7039c790a9f193913f16e06605d405d6a0cf0011a2e5f935d8563fef1722692dd266c3d320b9f5eeb2a4b2f72155522f0ed72ff1efa0b6ee78e70d3d45241609e7f87d7bcfe1af71159baa11ad667a0ead3986b2b06500ba2615ee966ea86ca68d02de4802bd9ef18dac5ba53ca98b90df49ef4e3268ceee538973620e5a60513ea330989642626420b67dceebc569478657aedeb62c45b079348796923ad1fba5a99e6b150cf97ba2a570150053309c6dca7fa352fa1678c9b919fbc47ae0a84175a7fc25a00fa5888cb017e8d8225fadb29e34bd3c5bbccfb22a83255fec3967c991d5b3e6719ade82fb7ef85c8a4b9e7ad8ef2a3a7bc78de424572224affb1f9e0c5a969e61ee2ebb4f247bfa09384bdad04438f2efbfae303d47c3afe7e8d3a157b2a6f37572ea3ecc441dfb208ba755f781f144e58d80aea590abcfccbe8678ec6de47511f9d61cc408cbbe90eeab2cffe6d1a48dc3eb4e48e228fd43cafd7ff2c85c3ed52e99fe16887be28fcd2cd4ba4cac414c92c96294fa7d628e4356c748c173f790a7f30071d0bd53817c78d163249c7402b222b8f28668cae7afd17b97dbaf10b75b61409ca6f5b285d1ab09207c5a91c68b0d4b5da6d6b5a495c8debd7f4400e56d9e22d1cc330f782f2b5441a31b9ccf35aa1a151219cdcff5ab8b240af5b5a751eca67773c057412a935e3a7a367b2bcd28463904ee040a586d6f4f969cee56d55b6b4d97d1fe93b67e2f6bd47925054c4702ec8969a1a6211ea8f6783ca0e8ae333922ce19eceb24e2ff714a0208d2489a62f299aa50cdbfe5a826e872ab231bbddf5bd2fca92d4460379e05e13ff34a200fd921dcb67a002873bda8d86536cddaccb54eb72dd4e399fe9195ad5574ad85d9ed2eaae4106234f0a8db05a230ff377b59b54fd0919d1b86b938622ae6098f003db7f4d45d6874f54c33064ce6184dccc99fece2d994e9572d4840b0cbdd704fd70b4f625912d48a512339f883533768f09a4f614583dfb72defe713ee38f61184df279461b7d35becd8e67d01f0ec27e901d88215554d5a69db373a662085733d09ad9153e7d432c94f872ff7cd72995b3a581ea17722ed13a191b366208f75661112b1a7d42c252c907488ca8dd8f819d4618b0053d4bcddb3b5975cb8615ebc472e052552ee74d5253174a2b0cb96e1eaf6349b6c39be975123ee72b0ffe1367df7aba54de26c9135a3422d21067034551be5efc5daf8b8f59bc725e4fd171378fd9f16a785f1b0378823c85eec521e0b2aca70b7b72b719a20eb2fb0addc0b05851c8e181607f49dad7323bc255309097584c2099574db1ed7940fd16796aef19d30acd714dc1f898716df64db87d852eddf2f86e78fd7fd64868b4cb6cc626efcdea49c4a2779a0e777bbe23968e14233a810d9883680894de93023a8deae51ccbf32e6d1e53618ebee95c761221a33bc3263fff0f5ae23e14dba0418cf3f31effcb36956e06c57a17620044260419a208ae1d2296ec9472d44be74a8ed0a33a23181acdef8c7d2695ce9485ed8d17d9f6f30b9b128ee0ba15c42cbf6059bcfef008c09db8855343f79c3ce1c4d79077c8a62237d4e400a5aa88e7424f2f99df6c2070d6ed071f4968376581e20e52d64e9c4f8a6f73bb33f5b6b62c1deecc85bf789565fde14e4454306ed8f09af08afb360ee4fb40dd5dca0be43ccff75e5c0ef85ea7c521cb4840d61e99e1ce4661e721446d5a571cddffbc3643ec9b58237fd416376906bdca09485c2c80f82b23e8e7bbf22035fdbcacd804ae3771fd616901184ced46987d533017eef717e9b34a5531c3efe2d77c9b6cb0617382d69951545378a4118e71c64a1f16d096a8f933580922083d0536b90ae1715c63f682e8241b42e1646b0c52e34aa9c91efe2b6b787ce0747d4ff0dd07d6ebc9ce27e0ef35705eb7b78763a9829b464523ff3ed9078aff6ee29e6e7a59a5243825e8bb9235f8e49a9dfb5932536666c3dc75b29e515dbca4c84268cf23cd7b6da6814328a3cb26d7b1d6c28e20b36f9a2c9e2fcf663c314f72f37d2b8f405cfc686a6b35400435be0eab01709c2c4b3005491cbb0b560e33547b77ba9f25f01b194e20534199a3786ddfaf0a75aafb65cd4df4da7b5f98fe72a8bc7d045339fd41508cecca791c717a10d4fed8aa69eec80955bd899a6f8aaf3411be40568149e631ccbe17c68f85e87b58da81ba78def8b1a48c49b2dc7613f7d6ea8b158bed077666d37d1caba9a23b7cb2772e780f70872113e5bcaebaf9f9499f651dc894be3bba1e99d58b33d60c0eda397df91d7cf9fb072f247fa9a9f59c4f59c4284a3832ff0a1f9ce8f6346cb5c08a9dcb2851c7f169af688fc13f00cf9519ade547671698caaa3f4d4921fee83753b9ab0875707836343eddb5b87bec86aae023c9571b8e389ff3f4c692b6fb19686105249ce033116777d919ceb4559a67ee6b6ad9d4b53d2be24315429de3bf201107fe7dff9cbc92dbf9173391d555b0a1b8ea3252fd7d7fd15d8a3cc70cecdbdd43c4edcc4bb2fbbf646d5ec7dad0d3156a513d14184e0c316f8155e774f7dcea485f904828edf28510d692b66b1500c5a704371c2188a2812bd323de012f36a79674082b5f5e9f7f4ce1a75ed854b71555e9fcd1f0322c22a9e543674c79a74404e08e61860f505dc56e1b52977b9a9af18be4064b5f6aa7c891382bbbe65e70a4cee33176570341a525fb6b25c0b20bfa3f2ee4a01584f259f43c3b63a2dfc376f435827211379ab3ca8912cbe01e4f837920666fbda682f6954d1c156f21e12547b885f485c38f62e765013144be8ca92b1d4872790a5c02671517f6a8f0ceb247e08c64268ad8970b57bb6d077c9b8ebe7fb1183087c9a3baee06100609204be588621253b9b120c08db9f28c2d38c9bc3f59018bb7216d73186048770d1e556faa49df23a40a64b40cdda2041dccf5619db09b7a7795fd7eb631c0e0bffc3b64422bf6acd84b7fae8bd05b057260a4d7c4851829c7bbf0b6f27c5db0ff10f42df3528f79dc9bbd591965259cd0389deb124b1fadc5dfd3ade9742d29261379ea3d98929512371dec991f0636fbda5dac355a04e363beeb4751781d9cef3a0b6ac6500895d223ad43ed75cac8b0a868253fffa10bf6c2de99c687fd056e075cf0632b6d8ed2263ca08ad95b6f335a3b6d8ab7801422ac8597441ac1bbe289b50af31eb221d19a2d3177d4ad1056d616295e89471e65d811b8fa4fe2c0c12793f43ef7e75c7f657f6c26ca9cbae63ce99301069ab257ae77c38778d35afd326d569c626a68f3904b2c376dfaa05568892f346f86fb05e71fb751e09cd22525cb63512a7d2e4670bd31109b87818278e66dc73fa9667e35c5bc6588cd36d2b62592a4103803d93c194f8edd5d20c6597231321b909bbb3c1d13408e5cf27728883e333b391222e6b6665454892dfedd17a1066f1145163e1a31ba9a3e3cee925e55d794b89462a0a092a639ccd4a24514083cb68224c87c18f0bb39ff721cc598e686b5fef169bc30f9ec6df397905f8340f6ae7ad826aac774cc46bfb9dfe8192e9ef10e8355d7c2810269eb73c7ecb8d3ffa33437142b8e596cdb778cd3cdda5bbbd09a8ea919929adbc63ff1004490c45a9ea59def65fabc884c39beac1b74a218f59c5e31ba85dcc4b8bd81d7a66d8aaf0edb64b505f760442e16fb7f07a069aba88601c3ace27762cef8196da3d44b14796b04e7fa3bab37209190a1de6e6ecfd99353279ef643766814fa7fac7254eba59bff3546bf21afc7445a4f1bc92c7b013f34962ff029e0f2926acf6c8a25fecea5b0b810656c981535492a2a4159dcfd0bf98085dc9612159fa0ad837a22eaffce80405367931ef3eacbf5a663175acc306eb075c52265d", 0xe8b}, {&(0x7f0000001480)="c071d5aa4739301a7eae6d", 0xb}], 0x6}, 0x40000)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r5 = socket$kcm(0x2d, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a48500000004000000850000000f00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0xfffffffd, 0x10100}, &(0x7f0000000000), &(0x7f0000000100))
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000340)={<r7=>r5})
bind$xdp(r7, &(0x7f00000005c0)={0x2d, 0x0, 0x0, 0xc}, 0x10)
bind$xdp(r1, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10)
r8 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9, 0x0, 0x80}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
inotify_init1(0x80000)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000340)={{0x1, 0xee00, 0x0, 0x0, 0xffffffffffffffff, 0xaa, 0x2}, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdd16})
write$selinux_attr(r8, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
rt_sigaction(0xe, 0x0, 0x0, 0x8, &(0x7f0000000200))

2.23340628s ago: executing program 4 (id=13698):
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff}, './file1\x00'})
setsockopt$TIPC_CONN_TIMEOUT(r0, 0x10f, 0x82, &(0x7f0000000080)=0x9, 0x4)
r1 = msgget$private(0x0, 0x40)
msgsnd(r1, &(0x7f0000000d00)=ANY=[@ANYRES8], 0x401, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0x18ff2}], 0x1, 0x20, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00')
pread64(r3, &(0x7f0000001240)=""/102400, 0x200000, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
msgctl$IPC_RMID(r1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x4000000)
mmap$xdp(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2, 0x1010, r2, 0x80000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
setns(0xffffffffffffffff, 0x20000000)
syz_mount_image$ext4(&(0x7f0000000d80)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x21881e, &(0x7f00000000c0)={[{@mb_optimize_scan}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@stripe={'stripe', 0x3d, 0x4}}]}, 0x1, 0x50f, &(0x7f0000000140)="$eJzs3c9vI1cdAPCvnThxsmmTlh4AQbu0hQWt1km8bVT1AOUCQqgSokeQtiHxRlHsOIqd0oQ9pGeuSFTiBEf+AG5IPSFx5ILgxqUckPgRgRokDoNmPMk6WbuJNokdxZ+PNJr35s36+32bnffWL4lfACPrdkTsR8RERLwbEbP59UJ+xFudI73vk4NHK4cHj1YKkSTv/LOQtafXouvPpG7lr1mOiO9/O+JHhSfjtnb3Npbr9dp2Xp9vN7bmW7t799Yby2u1tdpmtbq0uLTwxv3Xq5fW15caE3npix//Yf9rP0nTmsmvdPfjMnW6XjqOkxqPiO9eRbAhGMv7MzHsRHgqxYh4PiJezp7/2RjLvpoAwE2WJLORzHbXAYCbrpitgRWKlXwtYCaKxUqls4b3QkwX681W++7D5s7mametbC5KxYfr9dpCvlY4F6VCWl/Myo/r1VP1+xHxXET8bHIqq1dWmvXVYf7HBwBG2K1T8/9/JjvzPwBww5WHnQAAMHDmfwAYPeZ/ABg95n8AGD2d+X9q2GkAAAPk/T8AjB7zPwCMlO+9/XZ6JIf551+vvre7s9F8795qrbVRaeysVFaa21uVtWZzLfvMnsZZr1dvNrcWX4ud9+e+vtVqz7d29x40mjub7QfZ53o/qJWyu/YH0DMAoJ/nXvroz4V0Rn5zKjuiay+H0lAzA65acdgJAEMzNuwEgKGx2xeMrgu8x7c8ADdEjy16j/3+W0lS7vULQkmSJFebFnCF7nzO+j+Mqq71fz8FDCPG+j+MLuv/MLqSpHDePf/jvDcCANebNX6gz/f/n8/Pv86/OfDD1dN3fHiVWQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD1drT/byXfC3wmisVKJeKZiJiLUuHher22EBHPRsSfJkuTaX1xyDkDABdV/Fsh3//rzuyrMyeaXrx1XJyIiB//4p2fv7/cbm//MWKi8K/Jo+vtD/Pr1cFnDwCc7Wiezs5db+Q/OXi0cnQMMp+/fzMiyp34hwcTcXgcfzzGs3M5ShEx/e9CXu8odK1dXMT+BxHx2V79L8RMtgbS2fn0dPw09jMDjV88Eb+YtXXO6d/FZy4hFxg1H6Xjz1u9nr9i3M7OvZ//cjZCXVw+/qUvtXKYjYGP4x+Nf2N9xr/b543x2u++0ylNPdn2QcTnxyOOYh92jT9H8Qt94r96+sX6DIh/+cKLL/fLLfllxJ3oHb871ny7sTXf2t27t95YXqut1Tar1aXFpYU37r9enc/WqOf7zwb/ePPus/3a0v5P94lfPqP/X+4b8aRf/e/dH3zpU+J/9ZVe8YvxwqfET+fEr5wz/vL0b8r92tL4q336f9bX/+4543/8170ntg0HAIantbu3sVyv17b7Fn47ffY9CgoDKaT/ZK9BGj0L3xhUrIno3fTTVzrP9KmmJHmqWCfHicfvHC9j1Q24Do4f+oj477CTAQAAAAAAAAAAAAAAehrEbywNu48AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcXP8PAAD//9140jY=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000240), 0x208e24b)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x101042, 0x41)
ioctl$FS_IOC_SETFLAGS(r5, 0x40086602, &(0x7f0000000140))
pwrite64(0xffffffffffffffff, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
io_getevents(0x0, 0x4, 0x4, &(0x7f00000019c0)=[{}, {}, {}, {}], 0x0)

2.222614581s ago: executing program 1 (id=13699):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file0\x00', 0x4000, &(0x7f0000000a40)={[{@noblock_validity}, {@jqfmt_vfsold}, {@mb_optimize_scan}, {@noload}, {@grpquota}, {@jqfmt_vfsv0}, {@journal_dev={'journal_dev', 0x3d, 0x3}}, {@nodiscard}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@mblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000340)='kfree\x00', r2, 0x0, 0x200000000}, 0x18)
sendmmsg$inet_sctp(r1, &(0x7f0000000500)=[{&(0x7f0000000040)=@in={0x2, 0xb, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000700)=[{&(0x7f00000000c0)='l', 0x1}], 0x1, &(0x7f0000000280)=[@init={0x18, 0x84, 0x0, {0x7ff, 0x0, 0x3}}, @dstaddrv4={0x18, 0x84, 0x7, @broadcast}], 0x30, 0x14001}], 0x1, 0x4044040)
pwritev2(r0, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfe22}], 0x1, 0x87d, 0xfffffffd, 0x0)

2.218965122s ago: executing program 2 (id=13700):
write$P9_RRENAME(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x15, 0x1}, 0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x4, &(0x7f0000000a00)=ANY=[@ANYBLOB="180100000700002c0000000000000004850000002a00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80001}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0x5}, 0x18)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x10, 0x803, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0xd000943e, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='net/ip6_flowlabel\x00')
pread64(r3, &(0x7f0000000580)=""/150, 0x8f, 0x4c00)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000740)={0xffffffffffffffff, 0x20, &(0x7f0000000640)={&(0x7f00000007c0)=""/220, 0xdc, <r4=>0x0, &(0x7f0000000a40)=""/198, 0xc6}}, 0x10)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000940)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x1, 0x5}, 0x50)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r6}, &(0x7f00000004c0), &(0x7f0000001c40)=r7}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x4, 0x7, &(0x7f0000000540)=@raw=[@exit, @jmp={0x5, 0x0, 0x1, 0x0, 0x3, 0x18, 0x10}, @cb_func={0x18, 0x5, 0x4, 0x0, 0xfffffffffffffff9}, @map_fd={0x18, 0x3}, @generic={0x4, 0x6, 0x8, 0xd, 0x9}], &(0x7f0000000580)='syzkaller\x00', 0x5, 0x0, 0x0, 0x1f00, 0x18, '\x00', 0x0, @fallback=0xe, r3, 0x8, &(0x7f00000005c0)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000600)={0x3, 0xa, 0xb25, 0x5}, 0x10, r4, r0, 0x1, &(0x7f00000009c0)=[r5, r6], &(0x7f0000000b40)=[{0x4, 0x4, 0x4, 0x4}], 0x10, 0x2}, 0x94)
sendmsg$nl_route_sched(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000080)=@getchain={0x24, 0x66, 0x0, 0x40000000, 0x2000, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x4}}}, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000900)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newlink={0x38, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r8, 0x98, 0x1114}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x38}}, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newlink={0x48, 0x10, 0x401, 0xfffffffc, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, 0x1493cf2c54a75087, 0xac}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_FLAGS={0x6, 0x10, 0x8}, @IFLA_IPTUN_FWMARK={0x8, 0x14, 0x73f}, @IFLA_IPTUN_COLLECT_METADATA={0x4}]}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20040805}, 0x20004094)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x7, 0x8, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r9, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xa53b112a9f4c8161, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='sys_enter\x00', r10}, 0x18)
timer_delete(0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r11 = socket(0x18, 0x4, 0x0)
getsockname$packet(r1, &(0x7f00000001c0)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000240)=0x14)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f00000002c0)={'tunl0\x00', &(0x7f00000004c0)={'erspan0\x00', r12, 0x8000, 0x40, 0x400, 0xb, {{0x15, 0x4, 0x3, 0x32, 0x54, 0x65, 0x0, 0x9, 0x4, 0x0, @broadcast, @broadcast, {[@lsrr={0x83, 0xb, 0x8d, [@dev={0xac, 0x14, 0x14, 0x12}, @dev={0xac, 0x14, 0x14, 0x3b}]}, @timestamp={0x44, 0x14, 0x23, 0x0, 0x5, [0x3, 0x8, 0x739b, 0xfff]}, @cipso={0x86, 0x20, 0x1, [{0x1, 0x4, 'Kd'}, {0x6, 0x7, "8b2622040e"}, {0x8, 0x3, "d9"}, {0x7, 0xc, "6bd6b61a2c864503bffb"}]}]}}}}})
ioctl$ifreq_SIOCGIFINDEX_team(r11, 0x8933, &(0x7f0000000040))
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r11, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000002200)=[@in={0x2, 0x4e20, @multicast2}]}, &(0x7f0000000180)=0x10)

2.151158487s ago: executing program 2 (id=13701):
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$llc_int(r2, 0x10c, 0x2, &(0x7f0000000000), &(0x7f0000000240)=0x4)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
sendfile(r2, r2, &(0x7f0000000080)=0x2, 0x7f03)
unshare(0x40020480)

2.106091421s ago: executing program 3 (id=13702):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x304}, "0300", "95670cff05e29ee8dcfc54e13b2dd711", "fdffb26f", "a2deb79f8c96bff4"}, 0x28)
ioctl$int_in(r4, 0x5421, 0x0)
writev(r4, &(0x7f0000000080)=[{&(0x7f00000002c0)="ec", 0xfdef}], 0x1)
kexec_load(0x4, 0xa, 0x0, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r5, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110600", @ANYRES32=r6, @ANYRESDEC=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7, 0x0, 0x4}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7, 0x0, 0x3}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x24, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @connlimit={{0xe}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_CONNLIMIT_COUNT={0x8, 0x1, 0x1, 0x0, 0x8}]}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x120}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xb0}}, 0x20050800)

2.069227924s ago: executing program 1 (id=13703):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r4, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r4, 0x11a, 0x1, &(0x7f00000001c0)=@ccm_128={{0x304}, "0300", "95670cff05e29ee8dcfc54e13b2dd711", "fdffb26f", "a2deb79f8c96bff4"}, 0x28)
ioctl$int_in(r4, 0x5421, 0x0)
writev(r4, &(0x7f0000000080)=[{&(0x7f00000002c0)}], 0x1)
kexec_load(0x4, 0xa, 0x0, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(0xffffffffffffffff, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110600", @ANYRES32=r5, @ANYRESDEC=r1], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
ioctl$AUTOFS_IOC_FAIL(r0, 0x4c80, 0xffffffffffffffb6)
unshare(0x40000000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.711322882s ago: executing program 0 (id=13704):
r0 = socket(0x10, 0x2, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000d00)='kfree\x00', r2}, 0x18)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "a6341a1a379332f5", "1fd33c81cf7995313c09de00fd6ded74", "62266bd8", "1e00040000000100"}, 0x28)
write$binfmt_script(r1, &(0x7f0000000500)={'#! ', './file0'}, 0xb)
close_range(r0, r1, 0x0)

1.691334284s ago: executing program 3 (id=13705):
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$llc_int(r2, 0x10c, 0x2, &(0x7f0000000000), &(0x7f0000000240)=0x4)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
sendfile(r2, r2, &(0x7f0000000080)=0x2, 0x7f03)
unshare(0x40020480)

1.500514649s ago: executing program 0 (id=13706):
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r0}, 0x4)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000510700140000000000000001b7080000000000007b8af8ff00000000b7080000fcffffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a500000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00', r4}, 0x18)
r5 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$llc_int(r2, 0x10c, 0x2, &(0x7f0000000000), &(0x7f0000000240)=0x4)
bind$inet6(r5, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
sendfile(r2, r2, &(0x7f0000000080)=0x2, 0x7f03)
unshare(0x40020480)

695.867935ms ago: executing program 1 (id=13707):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f00000012c0)=ANY=[@ANYBLOB="18000000010000800000000000cbcd290000009500000001000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syslog(0x2, &(0x7f0000000200)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r6, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}})
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
r7 = perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x34120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x4000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000180), &(0x7f00000001c0)=r7}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))

648.610598ms ago: executing program 2 (id=13708):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f00000012c0)=ANY=[@ANYBLOB="18000000010000800000000000cbcd290000009500000001000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syslog(0x2, &(0x7f0000000200)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r6, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}})
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg$unix(r9, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2000)

646.437668ms ago: executing program 3 (id=13709):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={<r1=>r0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000000800"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000580)="02042700ea0e0000000000001eafbcf706e105000000000000001104ee1606d4b8bf4a828bda305775c43824cee8440000", 0x31}, {&(0x7f0000000300)="126873159fca3fa38fb198e9a6b363ceb3e6d803ab766b7a38e451d14e0b3457474fe6a51671e4124fcea96a873b10996816e100ed8a93b0a9053db57d60973369f58551c3091cb88d3b", 0x4a}, {&(0x7f0000000080)="088d85d1f4f8220aee8de7932b326f8a3164ae439862807a1589836c736d2341f7", 0x21}, {&(0x7f00000001c0)="df4603a1330000f300de130ea8", 0xd}, {&(0x7f00000005c0)="b72abab9439ca41f5cf14d6435575ba774ee5f5c23ff2f5176f5773d08a15668ec280cfe4ea416cf769dbf978a8191bbe006e0da50029176c0f24e3ff4d3e895a2afbf52cef2fe1ca31edd842b126ec4be67e6e3624b9ddf806fc146c645ec1d37fe7e3b025c156d5d520104b53f7fb2af436201cfd5dca170edea5a190e4786bfaac544b60f514d7ef420526c467f14790dcfa5ab915d7dbcdf2765bbcad014c991f8b829c79f53586de79f0b987ad796f9de4a6e53136a07a39ab1f5a2ce30aded70a9b72d1beff7e8b6405fd6331e5635ee71e809be2d58f412dcd7b2e856d692dbfed19045ff13244acce351b6e450395568063569c71ea80a04f83fbe6ad1d0862fb97f816576c4844da65d751ee1fdc522ae1158670de297cdb2117bc0adc1486e016a6bcc922a162fce6a9ecc8c42b0c44c566004eda037864e5f339bbb0998cdaf2b8e49ae003659bc033668f7c8e550197ed95c420461254ba1883dbd9403672d579cee85c37f103ee9a350a768286017158784baeb063c8c684b91b022b0db2238b679092a1f6909f0cd9228500e088f5cc7bac4c0dc56e80fedac93554aec79715ce02e8bf3fcbd70382f619bfe3dcf06890d8542022ee58bdfb075d319c9fc8474cadc8de5c3dd3f682d3f68324d0af7a727064053ad84c94643eef190783c616467628f84620044c084b80e3e57bfcdf293c9c36b4474a52398b35e49e2ad4a4ac090bffc5cd27d3c69b4ae5f841d5b0766ccd36d25eb58d8f01621a05744b79ede39019ab9d7a1946353d8f3b7f833ce1a102a8c97a9e3f32138ffafd305448f2518ccdb7eef594a890eaeaff3f876f742fec22669a97085ed93b18228ecbe9e354e8f69967ca749fd2b1cf026665ca912e3fc0188b294519078b46676052de4fe22798290bd1e232c9791fc01ddb4ae776b5769143df2867042e8a3ddfa8e786bd8a244076956d4ab137939ad381650dd4fefd2b942a98d6f2edfd7019ae473e7608647b86d643e8ff3d7d4e89ed826e4b8c6e8fed224c528d805ade85c5b45261b2692c0f403dec050bd973b0999df214689f4402dd1598a16b0c7671e5e204a00b06376ddee7cb99292a8b835c0b451642b71f2ffa1aeea56255817b2384bfe4f8213ccfc1f762f250592896102e5f6d34cdd726bc0f86af52fd7c4483d32e23e5af770e960c7445b8e67b6086f0cadcd22d0d4bdadc31b5a94dd687379dc6e078210ccc71f8e67eb58d330394425ab17e55d1ca8f868f6bf738af291d2293c3dfa2ccff25061ded22878b3cc6532d19e5a00d1f0f1b9de35305fac2c6cfd5d77a2b02618735b7d392738bd5cd3eabb7039c790a9f193913f16e06605d405d6a0cf0011a2e5f935d8563fef1722692dd266c3d320b9f5eeb2a4b2f72155522f0ed72ff1efa0b6ee78e70d3d45241609e7f87d7bcfe1af71159baa11ad667a0ead3986b2b06500ba2615ee966ea86ca68d02de4802bd9ef18dac5ba53ca98b90df49ef4e3268ceee538973620e5a60513ea330989642626420b67dceebc569478657aedeb62c45b079348796923ad1fba5a99e6b150cf97ba2a570150053309c6dca7fa352fa1678c9b919fbc47ae0a84175a7fc25a00fa5888cb017e8d8225fadb29e34bd3c5bbccfb22a83255fec3967c991d5b3e6719ade82fb7ef85c8a4b9e7ad8ef2a3a7bc78de424572224affb1f9e0c5a969e61ee2ebb4f247bfa09384bdad04438f2efbfae303d47c3afe7e8d3a157b2a6f37572ea3ecc441dfb208ba755f781f144e58d80aea590abcfccbe8678ec6de47511f9d61cc408cbbe90eeab2cffe6d1a48dc3eb4e48e228fd43cafd7ff2c85c3ed52e99fe16887be28fcd2cd4ba4cac414c92c96294fa7d628e4356c748c173f790a7f30071d0bd53817c78d163249c7402b222b8f28668cae7afd17b97dbaf10b75b61409ca6f5b285d1ab09207c5a91c68b0d4b5da6d6b5a495c8debd7f4400e56d9e22d1cc330f782f2b5441a31b9ccf35aa1a151219cdcff5ab8b240af5b5a751eca67773c057412a935e3a7a367b2bcd28463904ee040a586d6f4f969cee56d55b6b4d97d1fe93b67e2f6bd47925054c4702ec8969a1a6211ea8f6783ca0e8ae333922ce19eceb24e2ff714a0208d2489a62f299aa50cdbfe5a826e872ab231bbddf5bd2fca92d4460379e05e13ff34a200fd921dcb67a002873bda8d86536cddaccb54eb72dd4e399fe9195ad5574ad85d9ed2eaae4106234f0a8db05a230ff377b59b54fd0919d1b86b938622ae6098f003db7f4d45d6874f54c33064ce6184dccc99fece2d994e9572d4840b0cbdd704fd70b4f625912d48a512339f883533768f09a4f614583dfb72defe713ee38f61184df279461b7d35becd8e67d01f0ec27e901d88215554d5a69db373a662085733d09ad9153e7d432c94f872ff7cd72995b3a581ea17722ed13a191b366208f75661112b1a7d42c252c907488ca8dd8f819d4618b0053d4bcddb3b5975cb8615ebc472e052552ee74d5253174a2b0cb96e1eaf6349b6c39be975123ee72b0ffe1367df7aba54de26c9135a3422d21067034551be5efc5daf8b8f59bc725e4fd171378fd9f16a785f1b0378823c85eec521e0b2aca70b7b72b719a20eb2fb0addc0b05851c8e181607f49dad7323bc255309097584c2099574db1ed7940fd16796aef19d30acd714dc1f898716df64db87d852eddf2f86e78fd7fd64868b4cb6cc626efcdea49c4a2779a0e777bbe23968e14233a810d9883680894de93023a8deae51ccbf32e6d1e53618ebee95c761221a33bc3263fff0f5ae23e14dba0418cf3f31effcb36956e06c57a17620044260419a208ae1d2296ec9472d44be74a8ed0a33a23181acdef8c7d2695ce9485ed8d17d9f6f30b9b128ee0ba15c42cbf6059bcfef008c09db8855343f79c3ce1c4d79077c8a62237d4e400a5aa88e7424f2f99df6c2070d6ed071f4968376581e20e52d64e9c4f8a6f73bb33f5b6b62c1deecc85bf789565fde14e4454306ed8f09af08afb360ee4fb40dd5dca0be43ccff75e5c0ef85ea7c521cb4840d61e99e1ce4661e721446d5a571cddffbc3643ec9b58237fd416376906bdca09485c2c80f82b23e8e7bbf22035fdbcacd804ae3771fd616901184ced46987d533017eef717e9b34a5531c3efe2d77c9b6cb0617382d69951545378a4118e71c64a1f16d096a8f933580922083d0536b90ae1715c63f682e8241b42e1646b0c52e34aa9c91efe2b6b787ce0747d4ff0dd07d6ebc9ce27e0ef35705eb7b78763a9829b464523ff3ed9078aff6ee29e6e7a59a5243825e8bb9235f8e49a9dfb5932536666c3dc75b29e515dbca4c84268cf23cd7b6da6814328a3cb26d7b1d6c28e20b36f9a2c9e2fcf663c314f72f37d2b8f405cfc686a6b35400435be0eab01709c2c4b3005491cbb0b560e33547b77ba9f25f01b194e20534199a3786ddfaf0a75aafb65cd4df4da7b5f98fe72a8bc7d045339fd41508cecca791c717a10d4fed8aa69eec80955bd899a6f8aaf3411be40568149e631ccbe17c68f85e87b58da81ba78def8b1a48c49b2dc7613f7d6ea8b158bed077666d37d1caba9a23b7cb2772e780f70872113e5bcaebaf9f9499f651dc894be3bba1e99d58b33d60c0eda397df91d7cf9fb072f247fa9a9f59c4f59c4284a3832ff0a1f9ce8f6346cb5c08a9dcb2851c7f169af688fc13f00cf9519ade547671698caaa3f4d4921fee83753b9ab0875707836343eddb5b87bec86aae023c9571b8e389ff3f4c692b6fb19686105249ce033116777d919ceb4559a67ee6b6ad9d4b53d2be24315429de3bf201107fe7dff9cbc92dbf9173391d555b0a1b8ea3252fd7d7fd15d8a3cc70cecdbdd43c4edcc4bb2fbbf646d5ec7dad0d3156a513d14184e0c316f8155e774f7dcea485f904828edf28510d692b66b1500c5a704371c2188a2812bd323de012f36a79674082b5f5e9f7f4ce1a75ed854b71555e9fcd1f0322c22a9e543674c79a74404e08e61860f505dc56e1b52977b9a9af18be4064b5f6aa7c891382bbbe65e70a4cee33176570341a525fb6b25c0b20bfa3f2ee4a01584f259f43c3b63a2dfc376f435827211379ab3ca8912cbe01e4f837920666fbda682f6954d1c156f21e12547b885f485c38f62e765013144be8ca92b1d4872790a5c02671517f6a8f0ceb247e08c64268ad8970b57bb6d077c9b8ebe7fb1183087c9a3baee06100609204be588621253b9b120c08db9f28c2d38c9bc3f59018bb7216d73186048770d1e556faa49df23a40a64b40cdda2041dccf5619db09b7a7795fd7eb631c0e0bffc3b64422bf6acd84b7fae8bd05b057260a4d7c4851829c7bbf0b6f27c5db0ff10f42df3528f79dc9bbd591965259cd0389deb124b1fadc5dfd3ade9742d29261379ea3d98929512371dec991f0636fbda5dac355a04e363beeb4751781d9cef3a0b6ac6500895d223ad43ed75cac8b0a868253fffa10bf6c2de99c687fd056e075cf0632b6d8ed2263ca08ad95b6f335a3b6d8ab7801422ac8597441ac1bbe289b50af31eb221d19a2d3177d4ad1056d616295e89471e65d811b8fa4fe2c0c12793f43ef7e75c7f657f6c26ca9cbae63ce99301069ab257ae77c38778d35afd326d569c626a68f3904b2c376dfaa05568892f346f86fb05e71fb751e09cd22525cb63512a7d2e4670bd31109b87818278e66dc73fa9667e35c5bc6588cd36d2b62592a4103803d93c194f8edd5d20c6597231321b909bbb3c1d13408e5cf27728883e333b391222e6b6665454892dfedd17a1066f1145163e1a31ba9a3e3cee925e55d794b89462a0a092a639ccd4a24514083cb68224c87c18f0bb39ff721cc598e686b5fef169bc30f9ec6df397905f8340f6ae7ad826aac774cc46bfb9dfe8192e9ef10e8355d7c2810269eb73c7ecb8d3ffa33437142b8e596cdb778cd3cdda5bbbd09a8ea919929adbc63ff1004490c45a9ea59def65fabc884c39beac1b74a218f59c5e31ba85dcc4b8bd81d7a66d8aaf0edb64b505f760442e16fb7f07a069aba88601c3ace27762cef8196da3d44b14796b04e7fa3bab37209190a1de6e6ecfd99353279ef643766814fa7fac7254eba59bff3546bf21afc7445a4f1bc92c7b013f34962ff029e0f2926acf6c8a25fecea5b0b810656c981535492a2a4159dcfd0bf98085dc9612159fa0ad837a22eaffce80405367931ef3eacbf5a663175acc306eb075c52265d", 0xe8b}, {&(0x7f0000001480)="c071d5aa4739301a7eae6d", 0xb}], 0x6}, 0x40000)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r5 = socket$kcm(0x2d, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a48500000004000000850000000f00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0xfffffffd, 0x10100}, &(0x7f0000000000), &(0x7f0000000100))
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000340)={<r7=>r5})
bind$xdp(r7, &(0x7f00000005c0)={0x2d, 0x0, 0x0, 0xc}, 0x10)
bind$xdp(r1, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10)
r8 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9, 0x0, 0x80}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
inotify_init1(0x80000)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000340)={{0x1, 0xee00, 0x0, 0x0, 0xffffffffffffffff, 0xaa, 0x2}, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdd16})
write$selinux_attr(r8, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
rt_sigaction(0xe, 0x0, 0x0, 0x8, &(0x7f0000000200))

412.941177ms ago: executing program 0 (id=13710):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000900)=@NCI_OP_CORE_INIT_RSP={0x0, 0x0, 0x2, 0x1, 0x0, {{0xfd, 0xfffffffd, 0xb2, "4bdf03a471f5f569f3f8bd77df465999c34b2494c8f043a5343e7f231cf38b50b8032b018c7d80f65685037415f6005643309a13522402525e678a9229fc10f75ff0bf0a65d16f6498cc9b553cf77959f04091a31b16500bbc0bce234285ec883a11c0e44b9790c2e6af137eb25a6b2802c3e173c184550b7167a49996394c9cac19082cdb3d57bb3d51a5b0717c5627cfc54ad39f97cc12eb7c38acf28adb4a4ad505ae39eb9ef7f7d99129500000000000"}}}, 0xc6)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
sendmsg$NFC_CMD_START_POLL(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fa347ae3", @ANYRES16=r3, @ANYBLOB="010023010000340200000600000008000100", @ANYRES32=r1, @ANYBLOB="08000300ffffffff"], 0x24}}, 0x0)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="40020000004d304489c9d66c2438471a25aeb7d3c95ad7af54610010dbc8e2b60eb757db90ba5cb2dc0c37760b64c24e8a2373c0ac3cbb96f518bdae9a45c76a522edc2dec34174c4c7865c5d912a29edb35e3c90a9948c31c27f1e28d3345be1d609d6f7c1b2327235c57d63bc0be113b3c02c3ad354ee6e1793c24dcdfc06fd1ea8a803ebb589940ab4500"/153], 0x5)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)

395.762269ms ago: executing program 4 (id=13711):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r1=>0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r2)
sendmsg$NFC_CMD_DEV_UP(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x1c, r3, 0x1, 0x123, 0x234, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r1}]}, 0x1c}}, 0x0)
read$nci(r0, &(0x7f0000000200)=""/100, 0x64)
write$nci(r0, &(0x7f0000000280)=@NCI_OP_CORE_RESET_RSP, 0x6)
read$nci(r0, &(0x7f00000002c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000900)=@NCI_OP_CORE_INIT_RSP={0x0, 0x0, 0x2, 0x1, 0x0, {{0xfd, 0xfffffffd, 0xb2, "4bdf03a471f5f569f3f8bd77df465999c34b2494c8f043a5343e7f231cf38b50b8032b018c7d80f65685037415f6005643309a13522402525e678a9229fc10f75ff0bf0a65d16f6498cc9b553cf77959f04091a31b16500bbc0bce234285ec883a11c0e44b9790c2e6af137eb25a6b2802c3e173c184550b7167a49996394c9cac19082cdb3d57bb3d51a5b0717c5627cfc54ad39f97cc12eb7c38acf28adb4a4ad505ae39eb9ef7f7d99129500000000000"}}}, 0xc6)
read$nci(r0, &(0x7f0000000380)=""/100, 0x64)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES8=r2, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)
read$nci(r0, &(0x7f0000000500)=""/100, 0x64)
write$nci(r0, &(0x7f0000000a00)=ANY=[@ANYBLOB="40020000004d304489c9d66c2438471a25aeb7d3c95ad7af54610010dbc8e2b60eb757db90ba5cb2dc0c37760b64c24e8a2373c0ac3cbb96f518bdae9a45c76a522edc2dec34174c4c7865c5d912a29edb35e3c90a9948c31c27f1e28d3345be1d609d6f7c1b2327235c57d63bc0be113b3c02c3ad354ee6e1793c24dcdfc06fd1ea8a803ebb589940ab4500"/153], 0x5)
read$nci(r0, &(0x7f00000005c0)=""/100, 0x64)
write$nci(r0, &(0x7f0000000640)=@NCI_OP_CORE_SET_CONFIG_RSP, 0x5)
read$nci(r0, &(0x7f0000000680)=""/100, 0x64)
write$nci(r0, &(0x7f0000000700)=@NCI_OP_RF_DISCOVER_RSP, 0x4)
write$nci(r0, &(0x7f0000000740)=@NCI_OP_RF_DISCOVER_NTF={0x1, 0x0, 0x3, 0x3, 0x0, @b={0x0, 0x1, 0x1, 0x1, {0x1, "aa"}}}, 0xa)
read$nci(r0, &(0x7f0000000840)=""/100, 0x64)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(0xffffffffffffffff, 0x6, 0x16, &(0x7f0000000280)=[@mss={0x2, 0x80000000}], 0x1)

358.184212ms ago: executing program 3 (id=13712):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x9, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000010000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
r2 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$binfmt_register(r2, &(0x7f0000000440)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x0, 0x3a, 'usrjquota=', 0x3a, '', 0x3a, './file2', 0x3a, [0x46]}, 0x32)

305.405206ms ago: executing program 3 (id=13713):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="07000000040000002001000001"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000080)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x4, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f00000001c0)=0x400000001, 0x4)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r2, 0x0, 0x2, 0x0, 0x0, 0x0)

72.608015ms ago: executing program 1 (id=13714):
r0 = socket$kcm(0x2d, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000100)={<r1=>r0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="07000000040000"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x18)
r4 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r4, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000500)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000580)="02042700ea0e0000000000001eafbcf706e105000000000000001104ee1606d4b8bf4a828bda305775c43824cee8440000", 0x31}, {&(0x7f0000000300)="126873159fca3fa38fb198e9a6b363ceb3e6d803ab766b7a38e451d14e0b3457474fe6a51671e4124fcea96a873b10996816e100ed8a93b0a9053db57d60973369f58551c3091cb88d3b", 0x4a}, {&(0x7f0000000080)="088d85d1f4f8220aee8de7932b326f8a3164ae439862807a1589836c736d2341f7", 0x21}, {&(0x7f00000001c0)="df4603a1330000f300de130ea8", 0xd}, {&(0x7f00000005c0)="b72abab9439ca41f5cf14d6435575ba774ee5f5c23ff2f5176f5773d08a15668ec280cfe4ea416cf769dbf978a8191bbe006e0da50029176c0f24e3ff4d3e895a2afbf52cef2fe1ca31edd842b126ec4be67e6e3624b9ddf806fc146c645ec1d37fe7e3b025c156d5d520104b53f7fb2af436201cfd5dca170edea5a190e4786bfaac544b60f514d7ef420526c467f14790dcfa5ab915d7dbcdf2765bbcad014c991f8b829c79f53586de79f0b987ad796f9de4a6e53136a07a39ab1f5a2ce30aded70a9b72d1beff7e8b6405fd6331e5635ee71e809be2d58f412dcd7b2e856d692dbfed19045ff13244acce351b6e450395568063569c71ea80a04f83fbe6ad1d0862fb97f816576c4844da65d751ee1fdc522ae1158670de297cdb2117bc0adc1486e016a6bcc922a162fce6a9ecc8c42b0c44c566004eda037864e5f339bbb0998cdaf2b8e49ae003659bc033668f7c8e550197ed95c420461254ba1883dbd9403672d579cee85c37f103ee9a350a768286017158784baeb063c8c684b91b022b0db2238b679092a1f6909f0cd9228500e088f5cc7bac4c0dc56e80fedac93554aec79715ce02e8bf3fcbd70382f619bfe3dcf06890d8542022ee58bdfb075d319c9fc8474cadc8de5c3dd3f682d3f68324d0af7a727064053ad84c94643eef190783c616467628f84620044c084b80e3e57bfcdf293c9c36b4474a52398b35e49e2ad4a4ac090bffc5cd27d3c69b4ae5f841d5b0766ccd36d25eb58d8f01621a05744b79ede39019ab9d7a1946353d8f3b7f833ce1a102a8c97a9e3f32138ffafd305448f2518ccdb7eef594a890eaeaff3f876f742fec22669a97085ed93b18228ecbe9e354e8f69967ca749fd2b1cf026665ca912e3fc0188b294519078b46676052de4fe22798290bd1e232c9791fc01ddb4ae776b5769143df2867042e8a3ddfa8e786bd8a244076956d4ab137939ad381650dd4fefd2b942a98d6f2edfd7019ae473e7608647b86d643e8ff3d7d4e89ed826e4b8c6e8fed224c528d805ade85c5b45261b2692c0f403dec050bd973b0999df214689f4402dd1598a16b0c7671e5e204a00b06376ddee7cb99292a8b835c0b451642b71f2ffa1aeea56255817b2384bfe4f8213ccfc1f762f250592896102e5f6d34cdd726bc0f86af52fd7c4483d32e23e5af770e960c7445b8e67b6086f0cadcd22d0d4bdadc31b5a94dd687379dc6e078210ccc71f8e67eb58d330394425ab17e55d1ca8f868f6bf738af291d2293c3dfa2ccff25061ded22878b3cc6532d19e5a00d1f0f1b9de35305fac2c6cfd5d77a2b02618735b7d392738bd5cd3eabb7039c790a9f193913f16e06605d405d6a0cf0011a2e5f935d8563fef1722692dd266c3d320b9f5eeb2a4b2f72155522f0ed72ff1efa0b6ee78e70d3d45241609e7f87d7bcfe1af71159baa11ad667a0ead3986b2b06500ba2615ee966ea86ca68d02de4802bd9ef18dac5ba53ca98b90df49ef4e3268ceee538973620e5a60513ea330989642626420b67dceebc569478657aedeb62c45b079348796923ad1fba5a99e6b150cf97ba2a570150053309c6dca7fa352fa1678c9b919fbc47ae0a84175a7fc25a00fa5888cb017e8d8225fadb29e34bd3c5bbccfb22a83255fec3967c991d5b3e6719ade82fb7ef85c8a4b9e7ad8ef2a3a7bc78de424572224affb1f9e0c5a969e61ee2ebb4f247bfa09384bdad04438f2efbfae303d47c3afe7e8d3a157b2a6f37572ea3ecc441dfb208ba755f781f144e58d80aea590abcfccbe8678ec6de47511f9d61cc408cbbe90eeab2cffe6d1a48dc3eb4e48e228fd43cafd7ff2c85c3ed52e99fe16887be28fcd2cd4ba4cac414c92c96294fa7d628e4356c748c173f790a7f30071d0bd53817c78d163249c7402b222b8f28668cae7afd17b97dbaf10b75b61409ca6f5b285d1ab09207c5a91c68b0d4b5da6d6b5a495c8debd7f4400e56d9e22d1cc330f782f2b5441a31b9ccf35aa1a151219cdcff5ab8b240af5b5a751eca67773c057412a935e3a7a367b2bcd28463904ee040a586d6f4f969cee56d55b6b4d97d1fe93b67e2f6bd47925054c4702ec8969a1a6211ea8f6783ca0e8ae333922ce19eceb24e2ff714a0208d2489a62f299aa50cdbfe5a826e872ab231bbddf5bd2fca92d4460379e05e13ff34a200fd921dcb67a002873bda8d86536cddaccb54eb72dd4e399fe9195ad5574ad85d9ed2eaae4106234f0a8db05a230ff377b59b54fd0919d1b86b938622ae6098f003db7f4d45d6874f54c33064ce6184dccc99fece2d994e9572d4840b0cbdd704fd70b4f625912d48a512339f883533768f09a4f614583dfb72defe713ee38f61184df279461b7d35becd8e67d01f0ec27e901d88215554d5a69db373a662085733d09ad9153e7d432c94f872ff7cd72995b3a581ea17722ed13a191b366208f75661112b1a7d42c252c907488ca8dd8f819d4618b0053d4bcddb3b5975cb8615ebc472e052552ee74d5253174a2b0cb96e1eaf6349b6c39be975123ee72b0ffe1367df7aba54de26c9135a3422d21067034551be5efc5daf8b8f59bc725e4fd171378fd9f16a785f1b0378823c85eec521e0b2aca70b7b72b719a20eb2fb0addc0b05851c8e181607f49dad7323bc255309097584c2099574db1ed7940fd16796aef19d30acd714dc1f898716df64db87d852eddf2f86e78fd7fd64868b4cb6cc626efcdea49c4a2779a0e777bbe23968e14233a810d9883680894de93023a8deae51ccbf32e6d1e53618ebee95c761221a33bc3263fff0f5ae23e14dba0418cf3f31effcb36956e06c57a17620044260419a208ae1d2296ec9472d44be74a8ed0a33a23181acdef8c7d2695ce9485ed8d17d9f6f30b9b128ee0ba15c42cbf6059bcfef008c09db8855343f79c3ce1c4d79077c8a62237d4e400a5aa88e7424f2f99df6c2070d6ed071f4968376581e20e52d64e9c4f8a6f73bb33f5b6b62c1deecc85bf789565fde14e4454306ed8f09af08afb360ee4fb40dd5dca0be43ccff75e5c0ef85ea7c521cb4840d61e99e1ce4661e721446d5a571cddffbc3643ec9b58237fd416376906bdca09485c2c80f82b23e8e7bbf22035fdbcacd804ae3771fd616901184ced46987d533017eef717e9b34a5531c3efe2d77c9b6cb0617382d69951545378a4118e71c64a1f16d096a8f933580922083d0536b90ae1715c63f682e8241b42e1646b0c52e34aa9c91efe2b6b787ce0747d4ff0dd07d6ebc9ce27e0ef35705eb7b78763a9829b464523ff3ed9078aff6ee29e6e7a59a5243825e8bb9235f8e49a9dfb5932536666c3dc75b29e515dbca4c84268cf23cd7b6da6814328a3cb26d7b1d6c28e20b36f9a2c9e2fcf663c314f72f37d2b8f405cfc686a6b35400435be0eab01709c2c4b3005491cbb0b560e33547b77ba9f25f01b194e20534199a3786ddfaf0a75aafb65cd4df4da7b5f98fe72a8bc7d045339fd41508cecca791c717a10d4fed8aa69eec80955bd899a6f8aaf3411be40568149e631ccbe17c68f85e87b58da81ba78def8b1a48c49b2dc7613f7d6ea8b158bed077666d37d1caba9a23b7cb2772e780f70872113e5bcaebaf9f9499f651dc894be3bba1e99d58b33d60c0eda397df91d7cf9fb072f247fa9a9f59c4f59c4284a3832ff0a1f9ce8f6346cb5c08a9dcb2851c7f169af688fc13f00cf9519ade547671698caaa3f4d4921fee83753b9ab0875707836343eddb5b87bec86aae023c9571b8e389ff3f4c692b6fb19686105249ce033116777d919ceb4559a67ee6b6ad9d4b53d2be24315429de3bf201107fe7dff9cbc92dbf9173391d555b0a1b8ea3252fd7d7fd15d8a3cc70cecdbdd43c4edcc4bb2fbbf646d5ec7dad0d3156a513d14184e0c316f8155e774f7dcea485f904828edf28510d692b66b1500c5a704371c2188a2812bd323de012f36a79674082b5f5e9f7f4ce1a75ed854b71555e9fcd1f0322c22a9e543674c79a74404e08e61860f505dc56e1b52977b9a9af18be4064b5f6aa7c891382bbbe65e70a4cee33176570341a525fb6b25c0b20bfa3f2ee4a01584f259f43c3b63a2dfc376f435827211379ab3ca8912cbe01e4f837920666fbda682f6954d1c156f21e12547b885f485c38f62e765013144be8ca92b1d4872790a5c02671517f6a8f0ceb247e08c64268ad8970b57bb6d077c9b8ebe7fb1183087c9a3baee06100609204be588621253b9b120c08db9f28c2d38c9bc3f59018bb7216d73186048770d1e556faa49df23a40a64b40cdda2041dccf5619db09b7a7795fd7eb631c0e0bffc3b64422bf6acd84b7fae8bd05b057260a4d7c4851829c7bbf0b6f27c5db0ff10f42df3528f79dc9bbd591965259cd0389deb124b1fadc5dfd3ade9742d29261379ea3d98929512371dec991f0636fbda5dac355a04e363beeb4751781d9cef3a0b6ac6500895d223ad43ed75cac8b0a868253fffa10bf6c2de99c687fd056e075cf0632b6d8ed2263ca08ad95b6f335a3b6d8ab7801422ac8597441ac1bbe289b50af31eb221d19a2d3177d4ad1056d616295e89471e65d811b8fa4fe2c0c12793f43ef7e75c7f657f6c26ca9cbae63ce99301069ab257ae77c38778d35afd326d569c626a68f3904b2c376dfaa05568892f346f86fb05e71fb751e09cd22525cb63512a7d2e4670bd31109b87818278e66dc73fa9667e35c5bc6588cd36d2b62592a4103803d93c194f8edd5d20c6597231321b909bbb3c1d13408e5cf27728883e333b391222e6b6665454892dfedd17a1066f1145163e1a31ba9a3e3cee925e55d794b89462a0a092a639ccd4a24514083cb68224c87c18f0bb39ff721cc598e686b5fef169bc30f9ec6df397905f8340f6ae7ad826aac774cc46bfb9dfe8192e9ef10e8355d7c2810269eb73c7ecb8d3ffa33437142b8e596cdb778cd3cdda5bbbd09a8ea919929adbc63ff1004490c45a9ea59def65fabc884c39beac1b74a218f59c5e31ba85dcc4b8bd81d7a66d8aaf0edb64b505f760442e16fb7f07a069aba88601c3ace27762cef8196da3d44b14796b04e7fa3bab37209190a1de6e6ecfd99353279ef643766814fa7fac7254eba59bff3546bf21afc7445a4f1bc92c7b013f34962ff029e0f2926acf6c8a25fecea5b0b810656c981535492a2a4159dcfd0bf98085dc9612159fa0ad837a22eaffce80405367931ef3eacbf5a663175acc306eb075c52265d", 0xe8b}, {&(0x7f0000001480)="c071d5aa4739301a7eae6d", 0xb}], 0x6}, 0x40000)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x800000001fe, 0x82)
r5 = socket$kcm(0x2d, 0x2, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000a48500000004000000850000000f00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000380)='percpu_alloc_percpu\x00', r6}, 0x10)
syz_io_uring_setup(0x231, &(0x7f0000000080)={0x0, 0xfffffffd, 0x10100}, &(0x7f0000000000), &(0x7f0000000100))
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000340)={<r7=>r5})
bind$xdp(r7, &(0x7f00000005c0)={0x2d, 0x0, 0x0, 0xc}, 0x10)
bind$xdp(r1, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10)
r8 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000050b6850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9, 0x0, 0x80}, 0x18)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00'}, 0x10)
inotify_init1(0x80000)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, 0x0, 0x0)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f0000000340)={{0x1, 0xee00, 0x0, 0x0, 0xffffffffffffffff, 0xaa, 0x2}, 0x7fff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdd16})
write$selinux_attr(r8, &(0x7f0000000100)='system_u:object_r:hugetlbfs_t:s0\x00', 0x1d)
rt_sigaction(0xe, 0x0, 0x0, 0x8, &(0x7f0000000200))

0s ago: executing program 1 (id=13715):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000001040)={'sit0\x00', &(0x7f0000001000)={'syztnl2\x00', 0x0, 0x0, 0xa000, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x64, 0x0, 0x0, 0x4, 0x0, @empty, @rand_addr=0x3}}}})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f00000012c0)=ANY=[@ANYBLOB="18000000010000800000000000cbcd290000009500000001000000"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000a00)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
syz_open_dev$usbmon(&(0x7f0000000000), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001200)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syslog(0x2, &(0x7f0000000200)=""/4096, 0x1000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
socketpair(0xf, 0x3, 0x2, &(0x7f00000001c0))
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x4040, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r6, 0x8915, &(0x7f0000000040)={'netpci0\x00', {0x2, 0x0, @remote}})
write(r6, &(0x7f0000004200)='t', 0x1)
sendfile(r6, r5, 0x0, 0x3ffff)
sendfile(r6, r5, 0x0, 0x7ffff000)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r8}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
recvmsg$unix(r9, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x2000)

kernel console output (not intermixed with test programs):

compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.689890][ T6365] ieee802154 phy0 wpan0: encryption failed: -22
[  700.703226][   T29] audit: type=1326 audit(2000000420.872:75740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.732570][ T6359] loop2: detected capacity change from 0 to 128
[  700.742483][ T6359] syz.2.12833: attempt to access beyond end of device
[  700.742483][ T6359] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  700.742674][   T29] audit: type=1326 audit(2000000420.872:75741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.779486][   T29] audit: type=1326 audit(2000000420.872:75742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.803788][   T29] audit: type=1326 audit(2000000420.872:75743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.805524][ T6368] netlink: 1144 bytes leftover after parsing attributes in process `syz.0.12837'.
[  700.827512][   T29] audit: type=1326 audit(2000000420.932:75744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.861815][   T29] audit: type=1326 audit(2000000420.932:75745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.885398][   T29] audit: type=1326 audit(2000000420.932:75746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  700.909693][   T29] audit: type=1326 audit(2000000420.932:75747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5c10d2ec23 code=0x7ffc0000
[  700.933135][   T29] audit: type=1326 audit(2000000420.932:75748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6358 comm="syz.2.12833" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f5c10d2d69f code=0x7ffc0000
[  700.961889][ T6368] netlink: 104 bytes leftover after parsing attributes in process `syz.0.12837'.
[  700.993105][ T6370] loop2: detected capacity change from 0 to 512
[  701.012288][ T6370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  701.026218][ T6370] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  701.061067][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.095651][ T6379] loop2: detected capacity change from 0 to 256
[  701.106511][ T6382] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[  701.113102][ T6382] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  701.120810][ T6382] vhci_hcd vhci_hcd.0: Device attached
[  701.142562][ T6379] binfmt_misc: register: failed to install interpreter file ./file0
[  701.146457][ T6334] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  701.170552][ T1035] usb usb6-port1: unable to enumerate USB device
[  701.229362][ T6383] vhci_hcd: connection closed
[  701.230289][  T344] vhci_hcd: stop threads
[  701.239995][  T344] vhci_hcd: release socket
[  701.240007][  T344] vhci_hcd: disconnect device
[  701.364766][ T6394] netlink: 'syz.1.12846': attribute type 4 has an invalid length.
[  701.429428][ T6398] ieee802154 phy0 wpan0: encryption failed: -22
[  701.475332][ T6401] program syz.4.12849 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  701.508722][ T6403] netlink: 1144 bytes leftover after parsing attributes in process `syz.4.12850'.
[  701.523301][ T6403] netlink: 104 bytes leftover after parsing attributes in process `syz.4.12850'.
[  701.572995][ T6406] loop4: detected capacity change from 0 to 512
[  701.614331][ T6406] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  701.644642][ T6406] ext4 filesystem being mounted at /259/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  701.692590][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  701.763348][ T6421] futex_wake_op: syz.0.12856 tries to shift op by -1; fix this program
[  702.292552][ T6429] netlink: 'syz.1.12858': attribute type 4 has an invalid length.
[  702.355121][ T6436] futex_wake_op: syz.2.12860 tries to shift op by -1; fix this program
[  703.177478][ T6431] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  703.317133][ T6468] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  703.323679][ T6468] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  703.331432][ T6468] vhci_hcd vhci_hcd.0: Device attached
[  703.469430][ T6469] vhci_hcd: connection closed
[  703.483804][  T344] vhci_hcd: stop threads
[  703.492807][  T344] vhci_hcd: release socket
[  703.497221][  T344] vhci_hcd: disconnect device
[  703.566565][ T6479] netlink: 'syz.1.12869': attribute type 4 has an invalid length.
[  703.643845][ T6485] loop3: detected capacity change from 0 to 128
[  703.659951][ T6485] syz.3.12872: attempt to access beyond end of device
[  703.659951][ T6485] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  703.959549][ T6487] loop4: detected capacity change from 0 to 512
[  703.974268][ T6487] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  703.991633][ T6487] ext4 filesystem being mounted at /262/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  704.276989][ T6487] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #19: comm syz.4.12873: corrupted inode contents
[  704.308216][ T6487] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #19: comm syz.4.12873: mark_inode_dirty error
[  704.323422][ T6487] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #19: comm syz.4.12873: corrupted inode contents
[  704.354182][ T6487] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #19: comm syz.4.12873: mark_inode_dirty error
[  704.374742][ T6487] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #19: comm syz.4.12873: mark inode dirty (error -117)
[  704.405323][ T6526] netlink: 'syz.0.12881': attribute type 4 has an invalid length.
[  704.405572][ T6487] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  704.470228][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  704.655930][ T6539] netlink: 1144 bytes leftover after parsing attributes in process `syz.2.12885'.
[  704.673514][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.2.12885'.
[  704.715558][ T6542] loop2: detected capacity change from 0 to 128
[  704.749275][ T6542] syz.2.12886: attempt to access beyond end of device
[  704.749275][ T6542] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  704.811564][ T6544] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[  704.818093][ T6544] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[  704.825847][ T6544] vhci_hcd vhci_hcd.0: Device attached
[  704.866397][ T6535] loop3: detected capacity change from 0 to 512
[  704.888652][ T6535] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  704.928689][ T6535] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  705.099085][   T23] usb 6-1: SetAddress Request (12) to port 0
[  705.105134][   T23] usb 6-1: new SuperSpeed USB device number 12 using vhci_hcd
[  705.112962][ T6545] vhci_hcd: connection closed
[  705.113099][T27117] vhci_hcd: stop threads
[  705.122057][T27117] vhci_hcd: release socket
[  705.126468][T27117] vhci_hcd: disconnect device
[  705.182309][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.441554][ T6565] loop4: detected capacity change from 0 to 512
[  705.475491][ T6565] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  705.501349][ T6565] ext4 filesystem being mounted at /264/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  705.721473][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  705.750990][ T6578] netlink: 'syz.4.12895': attribute type 4 has an invalid length.
[  705.778059][ T6581] netlink: 1144 bytes leftover after parsing attributes in process `syz.4.12897'.
[  705.794758][   T29] kauditd_printk_skb: 281 callbacks suppressed
[  705.794773][   T29] audit: type=1326 audit(2000000425.992:76030): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.804466][ T6581] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12897'.
[  705.825385][   T29] audit: type=1326 audit(2000000425.992:76031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.858564][   T29] audit: type=1326 audit(2000000425.992:76032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.897734][   T29] audit: type=1326 audit(2000000425.992:76033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.920297][ T6586] loop3: detected capacity change from 0 to 512
[  705.921482][   T29] audit: type=1326 audit(2000000425.992:76034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.951051][   T29] audit: type=1326 audit(2000000425.992:76035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.974619][   T29] audit: type=1326 audit(2000000425.992:76036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  705.998306][   T29] audit: type=1326 audit(2000000425.992:76037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  706.021975][   T29] audit: type=1326 audit(2000000425.992:76038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  706.045724][   T29] audit: type=1326 audit(2000000425.992:76039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6580 comm="syz.4.12897" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  706.080436][ T6588] loop1: detected capacity change from 0 to 512
[  706.089349][ T6586] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  706.103058][ T6586] ext4 filesystem being mounted at /202/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  706.124078][ T6588] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  706.141111][ T6588] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  706.165064][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.177238][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.193715][ T6598] ieee802154 phy0 wpan0: encryption failed: -22
[  706.297673][ T6582] loop2: detected capacity change from 0 to 512
[  706.322836][ T6606] futex_wake_op: syz.3.12903 tries to shift op by -1; fix this program
[  706.326158][ T6582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  706.396952][ T6582] ext4 filesystem being mounted at /234/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  706.583827][ T6595] loop4: detected capacity change from 0 to 512
[  706.621814][ T6595] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  706.672566][ T6595] ext4 filesystem being mounted at /267/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  706.905924][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  706.922755][ T6582] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #19: comm syz.2.12896: corrupted inode contents
[  706.936871][ T6582] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #19: comm syz.2.12896: mark_inode_dirty error
[  706.950617][ T6582] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #19: comm syz.2.12896: corrupted inode contents
[  706.964173][ T6582] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2991: inode #19: comm syz.2.12896: mark_inode_dirty error
[  706.977762][ T6582] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2994: inode #19: comm syz.2.12896: mark inode dirty (error -117)
[  706.992024][ T6582] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -117)
[  707.051269][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.144607][ T6622] loop4: detected capacity change from 0 to 512
[  707.161044][ T6621] loop0: detected capacity change from 0 to 256
[  707.191735][ T6621] binfmt_misc: register: failed to install interpreter file ./file0
[  707.201635][ T6622] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  707.247534][ T6622] ext4 filesystem being mounted at /268/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  707.372030][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.410539][ T6636] netlink: 1144 bytes leftover after parsing attributes in process `syz.4.12911'.
[  707.445808][ T6636] netlink: 8 bytes leftover after parsing attributes in process `syz.4.12911'.
[  707.501350][ T6641] loop2: detected capacity change from 0 to 512
[  707.516664][ T6641] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  707.552336][ T6641] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  707.593246][ T6629] loop3: detected capacity change from 0 to 512
[  707.630990][ T6629] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  707.652573][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.661339][ T6629] ext4 filesystem being mounted at /205/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  707.800171][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.854013][ T6658] ieee802154 phy0 wpan0: encryption failed: -22
[  707.923580][ T6645] loop4: detected capacity change from 0 to 512
[  707.962189][ T6645] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  707.976114][ T6645] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  708.094440][ T6647] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #19: comm syz.4.12914: corrupted inode contents
[  708.218970][ T6673] loop0: detected capacity change from 0 to 256
[  708.225917][ T6647] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #19: comm syz.4.12914: mark_inode_dirty error
[  708.268188][ T6647] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #19: comm syz.4.12914: corrupted inode contents
[  708.288383][ T6673] binfmt_misc: register: failed to install interpreter file ./file0
[  708.303549][ T6647] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #19: comm syz.4.12914: mark_inode_dirty error
[  708.315780][ T6660] loop3: detected capacity change from 0 to 512
[  708.340951][ T6660] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  708.357903][ T6647] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #19: comm syz.4.12914: mark inode dirty (error -117)
[  708.371825][ T6660] ext4 filesystem being mounted at /207/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  708.384122][ T6647] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  708.395536][ T6663] loop1: detected capacity change from 0 to 512
[  708.420434][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  708.432669][ T6663] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  708.445485][ T6663] ext4 filesystem being mounted at /297/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  708.566846][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  708.593909][ T6691] netlink: 'syz.3.12922': attribute type 4 has an invalid length.
[  708.627184][ T6694] loop3: detected capacity change from 0 to 128
[  708.627695][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  708.646649][ T6694] syz.3.12923: attempt to access beyond end of device
[  708.646649][ T6694] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  708.690485][ T6698] futex_wake_op: syz.3.12925 tries to shift op by -1; fix this program
[  708.700834][ T6699] netlink: 1144 bytes leftover after parsing attributes in process `syz.1.12924'.
[  708.732046][ T6679] loop2: detected capacity change from 0 to 512
[  708.744842][ T6699] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12924'.
[  708.782502][ T6679] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  708.795372][ T6679] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  709.138215][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.332914][ T6718] loop0: detected capacity change from 0 to 512
[  709.339957][ T6716] ieee802154 phy0 wpan0: encryption failed: -22
[  709.353047][ T6718] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  709.368976][ T6718] ext4 filesystem being mounted at /144/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  709.413392][ T6711] loop1: detected capacity change from 0 to 512
[  709.423174][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  709.446602][ T6725] ieee802154 phy0 wpan0: encryption failed: -22
[  709.455670][ T6711] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  709.471149][ T6711] ext4 filesystem being mounted at /300/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  709.662955][ T6712] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #19: comm syz.1.12927: corrupted inode contents
[  709.675272][ T6730] loop4: detected capacity change from 0 to 512
[  709.696935][ T6712] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #19: comm syz.1.12927: mark_inode_dirty error
[  709.719615][ T6730] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  709.732531][ T6712] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #19: comm syz.1.12927: corrupted inode contents
[  709.759831][ T6730] ext4 filesystem being mounted at /272/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  709.770809][ T6712] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2991: inode #19: comm syz.1.12927: mark_inode_dirty error
[  709.799261][ T6712] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2994: inode #19: comm syz.1.12927: mark inode dirty (error -117)
[  709.971321][ T6712] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  710.091808][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  710.105104][ T6723] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #19: comm syz.4.12930: corrupted inode contents
[  710.127037][ T6723] EXT4-fs error (device loop4): ext4_dirty_inode:6538: inode #19: comm syz.4.12930: mark_inode_dirty error
[  710.163598][ T6723] EXT4-fs error (device loop4): ext4_do_update_inode:5653: inode #19: comm syz.4.12930: corrupted inode contents
[  710.187202][ T6742] netlink: 'syz.1.12934': attribute type 4 has an invalid length.
[  710.202046][ T6744] loop0: detected capacity change from 0 to 512
[  710.212290][   T23] usb 6-1: device descriptor read/8, error -110
[  710.220790][ T6723] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2991: inode #19: comm syz.4.12930: mark_inode_dirty error
[  710.233947][ T6723] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2994: inode #19: comm syz.4.12930: mark inode dirty (error -117)
[  710.247941][ T6723] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  710.251598][ T6744] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  710.319109][   T23] usb 6-1: new SuperSpeed USB device number 12 using vhci_hcd
[  710.339171][   T23] usb 6-1: enqueue for inactive port 0
[  710.344731][   T23] usb 6-1: enqueue for inactive port 0
[  710.350693][   T23] usb 6-1: enqueue for inactive port 0
[  710.410376][ T6766] loop3: detected capacity change from 0 to 512
[  710.452495][ T6766] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  710.753736][ T6776] loop3: detected capacity change from 0 to 512
[  710.771168][ T6776] ext4 filesystem being mounted at /213/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  710.801347][ T6791] loop2: detected capacity change from 0 to 512
[  710.810947][ T6791] ext4 filesystem being mounted at /244/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  710.852012][   T29] kauditd_printk_skb: 167 callbacks suppressed
[  710.852029][   T29] audit: type=1326 audit(2000000431.052:76207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  710.882277][   T29] audit: type=1326 audit(2000000431.052:76208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  710.905970][   T29] audit: type=1326 audit(2000000431.052:76209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  710.929550][   T29] audit: type=1326 audit(2000000431.052:76210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  710.953204][   T29] audit: type=1326 audit(2000000431.052:76211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  710.976767][   T29] audit: type=1326 audit(2000000431.052:76212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  711.000382][   T29] audit: type=1326 audit(2000000431.052:76213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  711.023974][   T29] audit: type=1326 audit(2000000431.052:76214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  711.047542][   T29] audit: type=1326 audit(2000000431.052:76215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  711.054169][ T6747] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  711.071190][   T29] audit: type=1326 audit(2000000431.052:76216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=6794 comm="syz.2.12944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  711.126477][ T6799] loop0: detected capacity change from 0 to 512
[  711.127051][ T6800] loop3: detected capacity change from 0 to 256
[  711.163211][ T6800] binfmt_misc: register: failed to install interpreter file ./file0
[  711.173946][ T6799] ext4 filesystem being mounted at /148/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  711.220882][ T6808] ieee802154 phy0 wpan0: encryption failed: -22
[  711.489619][   T23] usb usb6-port1: attempt power cycle
[  711.960776][ T6835] loop2: detected capacity change from 0 to 512
[  711.971007][ T6835] ext4 filesystem being mounted at /249/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  712.274596][ T6839] block device autoloading is deprecated and will be removed.
[  712.363372][ T6876] loop0: detected capacity change from 0 to 128
[  712.373185][ T6876] syz.0.12966: attempt to access beyond end of device
[  712.373185][ T6876] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  712.420535][ T6883] ieee802154 phy0 wpan0: encryption failed: -22
[  712.441838][ T6886] loop3: detected capacity change from 0 to 512
[  712.461286][ T6886] ext4 filesystem being mounted at /219/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  712.473993][ T6889] netlink: 'syz.0.12967': attribute type 21 has an invalid length.
[  712.482062][ T6889] netlink: 128 bytes leftover after parsing attributes in process `syz.0.12967'.
[  712.491833][ T6889] netlink: 'syz.0.12967': attribute type 4 has an invalid length.
[  712.499986][ T6889] netlink: 'syz.0.12967': attribute type 5 has an invalid length.
[  712.507788][ T6889] netlink: 3 bytes leftover after parsing attributes in process `syz.0.12967'.
[  712.523763][ T6893] futex_wake_op: syz.3.12970 tries to shift op by -1; fix this program
[  712.895476][ T6844] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  713.020570][ T6898] loop2: detected capacity change from 0 to 512
[  713.042840][ T6898] ext4 filesystem being mounted at /251/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  713.302839][ T6919] loop4: detected capacity change from 0 to 128
[  713.322760][ T6919] syz.4.12978: attempt to access beyond end of device
[  713.322760][ T6919] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  713.339312][   T23] usb usb6-port1: unable to enumerate USB device
[  713.348174][ T6914] loop0: detected capacity change from 0 to 512
[  713.372511][ T6914] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  713.393225][ T6914] EXT4-fs error (device loop0): __ext4_fill_super:5500: inode #2: comm syz.0.12977: casefold flag without casefold feature
[  713.422685][ T6914] EXT4-fs (loop0): get root inode failed
[  713.428371][ T6914] EXT4-fs (loop0): mount failed
[  713.692914][ T6937] netlink: 1144 bytes leftover after parsing attributes in process `syz.1.12983'.
[  713.764587][ T6937] netlink: 8 bytes leftover after parsing attributes in process `syz.1.12983'.
[  713.841632][ T6928] loop3: detected capacity change from 0 to 512
[  713.845878][ T6947] loop1: detected capacity change from 0 to 512
[  713.865952][ T6947] ext4 filesystem being mounted at /310/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  713.901451][ T6928] ext4 filesystem being mounted at /221/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  714.108209][ T6972] loop3: detected capacity change from 0 to 128
[  714.132005][ T6972] syz.3.12990: attempt to access beyond end of device
[  714.132005][ T6972] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  714.348401][ T6978] futex_wake_op: syz.3.12993 tries to shift op by -1; fix this program
[  714.415142][ T6982] futex_wake_op: syz.0.12994 tries to shift op by -1; fix this program
[  714.458975][ T6983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.12995'.
[  714.629797][ T6940] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  714.999323][ T6993] bond0: entered promiscuous mode
[  715.004411][ T6993] bond_slave_0: entered promiscuous mode
[  715.010251][ T6993] bond_slave_1: entered promiscuous mode
[  715.016555][ T6995] netlink: 'syz.4.12998': attribute type 4 has an invalid length.
[  715.018686][ T6993] batadv0: entered promiscuous mode
[  715.031873][ T6993] hsr1: entered allmulticast mode
[  715.037016][ T6993] bond0: entered allmulticast mode
[  715.042157][ T6993] bond_slave_0: entered allmulticast mode
[  715.047977][ T6993] bond_slave_1: entered allmulticast mode
[  715.053815][ T6993] batadv0: entered allmulticast mode
[  715.069302][ T6993] 8021q: adding VLAN 0 to HW filter on device hsr1
[  715.078662][ T6993] bond0: left promiscuous mode
[  715.083581][ T6993] bond_slave_0: left promiscuous mode
[  715.089241][ T6993] bond_slave_1: left promiscuous mode
[  715.096541][ T6993] batadv0: left promiscuous mode
[  715.353988][ T7008] loop0: detected capacity change from 0 to 128
[  715.380992][ T7008] syz.0.13002: attempt to access beyond end of device
[  715.380992][ T7008] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  715.425406][ T7015] FAULT_INJECTION: forcing a failure.
[  715.425406][ T7015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  715.438564][ T7015] CPU: 1 UID: 0 PID: 7015 Comm: syz.0.13005 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  715.438614][ T7015] Tainted: [W]=WARN
[  715.438699][ T7015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  715.438712][ T7015] Call Trace:
[  715.438719][ T7015]  <TASK>
[  715.438728][ T7015]  __dump_stack+0x1d/0x30
[  715.438760][ T7015]  dump_stack_lvl+0xe8/0x140
[  715.438783][ T7015]  dump_stack+0x15/0x1b
[  715.438807][ T7015]  should_fail_ex+0x265/0x280
[  715.438844][ T7015]  should_fail+0xb/0x20
[  715.438899][ T7015]  should_fail_usercopy+0x1a/0x20
[  715.438924][ T7015]  _copy_to_user+0x20/0xa0
[  715.439002][ T7015]  simple_read_from_buffer+0xb5/0x130
[  715.439029][ T7015]  proc_fail_nth_read+0x10e/0x150
[  715.439058][ T7015]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  715.439088][ T7015]  vfs_read+0x1a0/0x6f0
[  715.439114][ T7015]  ? perf_trace_sys_enter+0x2a0/0x2e0
[  715.439140][ T7015]  ? __rcu_read_unlock+0x4f/0x70
[  715.439164][ T7015]  ? __fget_files+0x184/0x1c0
[  715.439206][ T7015]  ksys_read+0xda/0x1a0
[  715.439229][ T7015]  __x64_sys_read+0x40/0x50
[  715.439287][ T7015]  x64_sys_call+0x27bc/0x2ff0
[  715.439350][ T7015]  do_syscall_64+0xd2/0x200
[  715.439377][ T7015]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  715.439414][ T7015]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  715.439438][ T7015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.439463][ T7015] RIP: 0033:0x7f243340d5fc
[  715.439479][ T7015] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  715.439535][ T7015] RSP: 002b:00007f2431e77030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  715.439558][ T7015] RAX: ffffffffffffffda RBX: 00007f2433635fa0 RCX: 00007f243340d5fc
[  715.439614][ T7015] RDX: 000000000000000f RSI: 00007f2431e770a0 RDI: 0000000000000004
[  715.439626][ T7015] RBP: 00007f2431e77090 R08: 0000000000000000 R09: 0000000000000000
[  715.439640][ T7015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  715.439655][ T7015] R13: 00007f2433636038 R14: 00007f2433635fa0 R15: 00007ffe5621cf98
[  715.439673][ T7015]  </TASK>
[  715.747849][ T7024] ieee802154 phy0 wpan0: encryption failed: -22
[  715.833122][ T7025] loop4: detected capacity change from 0 to 128
[  715.963656][ T7027] netlink: 1144 bytes leftover after parsing attributes in process `syz.1.13009'.
[  715.997027][ T7029] netlink: 'syz.2.13010': attribute type 4 has an invalid length.
[  716.014012][   T29] kauditd_printk_skb: 266 callbacks suppressed
[  716.014026][   T29] audit: type=1326 audit(2000000436.212:76483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.063569][ T7027] netlink: 8 bytes leftover after parsing attributes in process `syz.1.13009'.
[  716.128771][   T29] audit: type=1326 audit(2000000436.252:76484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.153258][   T29] audit: type=1326 audit(2000000436.252:76485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.176836][   T29] audit: type=1326 audit(2000000436.252:76486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.201024][   T29] audit: type=1326 audit(2000000436.252:76487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.224598][   T29] audit: type=1326 audit(2000000436.252:76488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.248859][   T29] audit: type=1326 audit(2000000436.252:76489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.273113][   T29] audit: type=1326 audit(2000000436.252:76490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.296728][   T29] audit: type=1326 audit(2000000436.252:76491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.320968][   T29] audit: type=1326 audit(2000000436.252:76492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7026 comm="syz.1.13009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  716.377928][ T7036] loop1: detected capacity change from 0 to 512
[  716.388764][ T7037] loop2: detected capacity change from 0 to 512
[  716.402605][ T7037] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  716.415373][ T7036] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  716.703968][ T7053] vlan2: entered allmulticast mode
[  717.038956][ T7070] netlink: 1144 bytes leftover after parsing attributes in process `syz.0.13023'.
[  717.063633][ T7070] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13023'.
[  717.258210][ T7068] loop4: detected capacity change from 0 to 512
[  717.326648][ T7083] loop3: detected capacity change from 0 to 512
[  717.336484][ T7068] ext4 filesystem being mounted at /290/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  717.390150][ T7083] ext4 filesystem being mounted at /227/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  717.628254][ T7094] ieee802154 phy0 wpan0: encryption failed: -22
[  717.634687][ T7074] loop0: detected capacity change from 0 to 512
[  717.651967][ T7074] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  718.040643][ T7125] futex_wake_op: syz.4.13034 tries to shift op by -1; fix this program
[  718.263157][ T7110] loop1: detected capacity change from 0 to 512
[  718.281134][ T7110] ext4 filesystem being mounted at /321/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  718.476647][ T7137] loop0: detected capacity change from 0 to 512
[  718.484234][ T7137] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  718.501149][ T7137] EXT4-fs error (device loop0): __ext4_fill_super:5500: inode #2: comm syz.0.13035: casefold flag without casefold feature
[  718.514279][ T7137] EXT4-fs (loop0): get root inode failed
[  718.519950][ T7137] EXT4-fs (loop0): mount failed
[  718.544685][ T7099] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  718.614513][ T7152] loop3: detected capacity change from 0 to 512
[  718.642812][ T7152] ext4 filesystem being mounted at /231/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  718.658123][ T7158] binfmt_misc: register: failed to install interpreter file ./file2
[  718.669462][ T7152] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.13040: bg 0: block 328: padding at end of block bitmap is not set
[  718.990963][ T7170] loop0: detected capacity change from 0 to 128
[  719.005763][ T7172] loop4: detected capacity change from 0 to 256
[  719.005958][ T7170] syz.0.13045: attempt to access beyond end of device
[  719.005958][ T7170] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  719.043200][ T7172] binfmt_misc: register: failed to install interpreter file ./file0
[  719.047844][ T7174] loop0: detected capacity change from 0 to 512
[  719.060543][ T7174] ext4 filesystem being mounted at /172/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  719.371705][ T7143] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  719.547209][ T7198] binfmt_misc: register: failed to install interpreter file ./file2
[  719.608562][ T7208] futex_wake_op: syz.3.13057 tries to shift op by -1; fix this program
[  720.067391][ T7223] netlink: 1144 bytes leftover after parsing attributes in process `syz.4.13058'.
[  720.097070][ T7223] netlink: 8 bytes leftover after parsing attributes in process `syz.4.13058'.
[  720.140180][ T7225] loop4: detected capacity change from 0 to 256
[  720.165250][ T7225] binfmt_misc: register: failed to install interpreter file ./file0
[  720.238273][ T7190] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  720.324354][ T7232] loop1: detected capacity change from 0 to 128
[  720.376728][ T7232] syz.1.13062: attempt to access beyond end of device
[  720.376728][ T7232] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[  720.755387][ T7254] netlink: 1144 bytes leftover after parsing attributes in process `syz.0.13069'.
[  720.787896][ T7254] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13069'.
[  721.248432][ T7281] loop4: detected capacity change from 0 to 1024
[  721.257383][ T7281] EXT4-fs: Ignoring removed orlov option
[  721.267171][ T7283] futex_wake_op: syz.0.13077 tries to shift op by -1; fix this program
[  721.280044][ T7285] loop1: detected capacity change from 0 to 512
[  721.286574][   T29] kauditd_printk_skb: 313 callbacks suppressed
[  721.286595][   T29] audit: type=1400 audit(2000000441.482:76806): avc:  denied  { mounton } for  pid=7284 comm="syz.1.13078" path="/326/file0" dev="tmpfs" ino=1765 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  721.326553][ T7285] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.13078: corrupted in-inode xattr: invalid ea_ino
[  721.343118][ T7281] EXT4-fs mount: 37 callbacks suppressed
[  721.343239][ T7281] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  721.368421][ T7291] loop3: detected capacity change from 0 to 512
[  721.370254][ T7285] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.13078: couldn't read orphan inode 15 (err -117)
[  721.387849][ T7285] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  721.390254][   T29] audit: type=1400 audit(2000000441.582:76807): avc:  denied  { write } for  pid=7280 comm="syz.4.13076" name="bus" dev="loop4" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  721.403708][ T7291] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  721.421839][   T29] audit: type=1400 audit(2000000441.582:76808): avc:  denied  { ioctl } for  pid=7280 comm="syz.4.13076" path="/297/bus/bus" dev="loop4" ino=18 ioctlcmd=0x8915 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=file permissive=1
[  721.436412][ T7291] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  721.479222][ T7285] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.503905][   T29] audit: type=1400 audit(2000000441.702:76809): avc:  denied  { setattr } for  pid=7284 comm="syz.1.13078" name="ptmx" dev="devtmpfs" ino=92 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:ptmx_t tclass=chr_file permissive=1
[  721.531456][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.741218][ T7265] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  721.800928][ T7308] netlink: 1144 bytes leftover after parsing attributes in process `syz.2.13082'.
[  721.822784][   T29] audit: type=1326 audit(2000000442.022:76810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.2.13082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  721.859090][   T29] audit: type=1326 audit(2000000442.022:76811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.2.13082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  721.871673][ T7308] netlink: 8 bytes leftover after parsing attributes in process `syz.2.13082'.
[  721.883437][   T29] audit: type=1326 audit(2000000442.022:76812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.2.13082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  721.915932][   T29] audit: type=1326 audit(2000000442.022:76813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.2.13082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  721.940179][   T29] audit: type=1326 audit(2000000442.022:76814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.2.13082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  721.963693][   T29] audit: type=1326 audit(2000000442.022:76815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7307 comm="syz.2.13082" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  722.013507][ T7310] ieee802154 phy0 wpan0: encryption failed: -22
[  722.042803][ T7298] loop3: detected capacity change from 0 to 512
[  722.061618][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.072662][ T7298] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  722.103917][ T7298] ext4 filesystem being mounted at /237/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  722.193733][ T7319] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13085'.
[  722.316461][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.371518][ T7321] loop4: detected capacity change from 0 to 512
[  722.378541][ T7321] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  722.387422][ T7321] EXT4-fs error (device loop4): __ext4_fill_super:5500: inode #2: comm syz.4.13087: casefold flag without casefold feature
[  722.409209][ T7321] EXT4-fs (loop4): get root inode failed
[  722.414905][ T7321] EXT4-fs (loop4): mount failed
[  722.433839][ T7337] loop3: detected capacity change from 0 to 512
[  722.462488][ T7337] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  722.476180][ T7337] ext4 filesystem being mounted at /239/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  722.524789][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  722.540767][ T7345] loop0: detected capacity change from 0 to 512
[  722.562155][ T7345] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  722.575909][ T7345] ext4 filesystem being mounted at /188/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  722.596240][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.163255][ T7326] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  723.196562][ T7371] netlink: 'syz.3.13102': attribute type 1 has an invalid length.
[  723.211691][ T7371] 8021q: adding VLAN 0 to HW filter on device bond1
[  723.222388][ T7371] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13102'.
[  723.400265][ T7383] loop1: detected capacity change from 0 to 512
[  723.412051][ T7383] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  723.426181][ T7383] ext4 filesystem being mounted at /332/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  723.452215][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  723.495680][ T7390] netlink: 240 bytes leftover after parsing attributes in process `syz.4.13105'.
[  723.528359][ T7395] ieee802154 phy0 wpan0: encryption failed: -22
[  723.898563][ T7423] loop4: detected capacity change from 0 to 128
[  723.908876][ T7423] syz.4.13117: attempt to access beyond end of device
[  723.908876][ T7423] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  724.093960][ T7432] loop1: detected capacity change from 0 to 128
[  724.123803][ T7432] syz.1.13120: attempt to access beyond end of device
[  724.123803][ T7432] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[  724.144542][ T7425] loop2: detected capacity change from 0 to 512
[  724.171119][ T7425] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  724.191625][ T7425] ext4 filesystem being mounted at /278/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  724.352088][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.391962][ T7403] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  724.573169][ T7463] netlink: 'syz.0.13130': attribute type 4 has an invalid length.
[  724.626836][ T7465] loop3: detected capacity change from 0 to 512
[  724.698465][ T7465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  724.723631][ T7465] ext4 filesystem being mounted at /248/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  724.890713][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.979298][ T7480] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13133'.
[  725.363671][ T7482] loop0: detected capacity change from 0 to 512
[  725.364111][ T7500] bridge_slave_0: left allmulticast mode
[  725.375736][ T7500] bridge_slave_0: left promiscuous mode
[  725.382122][ T7500] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.394731][ T7500] bridge_slave_1: left allmulticast mode
[  725.400510][ T7500] bridge_slave_1: left promiscuous mode
[  725.406258][ T7500] bridge0: port 2(bridge_slave_1) entered disabled state
[  725.416472][ T7482] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  725.431872][ T7482] ext4 filesystem being mounted at /198/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  725.442599][ T7500] bond0: (slave bond_slave_0): Releasing backup interface
[  725.452773][ T7500] bond0: (slave bond_slave_1): Releasing backup interface
[  725.466059][ T7500] team0: Port device team_slave_0 removed
[  725.474972][ T7512] futex_wake_op: syz.4.13140 tries to shift op by -1; fix this program
[  725.475149][ T7500] team0: Port device team_slave_1 removed
[  725.490787][ T7500] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  725.498184][ T7500] batman_adv: batadv0: Removing interface: batadv_slave_0
[  725.507105][ T7500] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  725.514607][ T7500] batman_adv: batadv0: Removing interface: batadv_slave_1
[  725.654574][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.816023][ T7531] loop0: detected capacity change from 0 to 512
[  725.848367][ T7531] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  725.862763][ T7531] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  725.899821][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  725.914444][ T7487] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  725.977926][ T7539] loop2: detected capacity change from 0 to 256
[  725.991734][ T7539] binfmt_misc: register: failed to install interpreter file ./file0
[  726.297390][ T7558] loop1: detected capacity change from 0 to 512
[  726.345705][ T7558] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  726.403807][ T7558] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  726.421465][ T7563] block device autoloading is deprecated and will be removed.
[  726.604814][ T7569] loop3: detected capacity change from 0 to 1024
[  726.625982][ T7569] EXT4-fs: Ignoring removed orlov option
[  726.641089][ T7569] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  726.656285][ T7574] netlink: 'syz.0.13158': attribute type 4 has an invalid length.
[  726.666290][ T7574] __nla_validate_parse: 1 callbacks suppressed
[  726.666306][ T7574] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13158'.
[  726.727943][ T7582] FAULT_INJECTION: forcing a failure.
[  726.727943][ T7582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  726.741131][ T7582] CPU: 1 UID: 0 PID: 7582 Comm: syz.0.13161 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  726.741170][ T7582] Tainted: [W]=WARN
[  726.741179][ T7582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  726.741193][ T7582] Call Trace:
[  726.741199][ T7582]  <TASK>
[  726.741205][ T7582]  __dump_stack+0x1d/0x30
[  726.741226][ T7582]  dump_stack_lvl+0xe8/0x140
[  726.741244][ T7582]  dump_stack+0x15/0x1b
[  726.741271][ T7582]  should_fail_ex+0x265/0x280
[  726.741321][ T7582]  should_fail+0xb/0x20
[  726.741353][ T7582]  should_fail_usercopy+0x1a/0x20
[  726.741372][ T7582]  _copy_from_user+0x1c/0xb0
[  726.741449][ T7582]  __sys_bpf+0x178/0x7b0
[  726.741486][ T7582]  __x64_sys_bpf+0x41/0x50
[  726.741567][ T7582]  x64_sys_call+0x2aea/0x2ff0
[  726.741591][ T7582]  do_syscall_64+0xd2/0x200
[  726.741619][ T7582]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  726.741654][ T7582]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  726.741679][ T7582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  726.741765][ T7582] RIP: 0033:0x7f243340ebe9
[  726.741782][ T7582] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  726.741856][ T7582] RSP: 002b:00007f2431e77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  726.741875][ T7582] RAX: ffffffffffffffda RBX: 00007f2433635fa0 RCX: 00007f243340ebe9
[  726.741888][ T7582] RDX: 0000000000000020 RSI: 0000200000000800 RDI: 0000000000000002
[  726.741900][ T7582] RBP: 00007f2431e77090 R08: 0000000000000000 R09: 0000000000000000
[  726.741912][ T7582] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  726.741926][ T7582] R13: 00007f2433636038 R14: 00007f2433635fa0 R15: 00007ffe5621cf98
[  726.741947][ T7582]  </TASK>
[  726.960173][   T29] kauditd_printk_skb: 298 callbacks suppressed
[  726.960186][   T29] audit: type=1326 audit(2000000447.152:77114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  726.990618][   T29] audit: type=1326 audit(2000000447.162:77115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.014342][   T29] audit: type=1326 audit(2000000447.162:77116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.038685][   T29] audit: type=1326 audit(2000000447.162:77117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.063031][   T29] audit: type=1326 audit(2000000447.162:77118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.087308][   T29] audit: type=1326 audit(2000000447.202:77119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.111533][   T29] audit: type=1326 audit(2000000447.202:77120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.135321][   T29] audit: type=1326 audit(2000000447.202:77121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.159598][   T29] audit: type=1326 audit(2000000447.202:77122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.183084][   T29] audit: type=1326 audit(2000000447.202:77123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7590 comm="syz.4.13164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff9989febe9 code=0x7ffc0000
[  727.209969][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.219995][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.238034][ T7597] ieee802154 phy0 wpan0: encryption failed: -22
[  727.261044][ T7601] loop3: detected capacity change from 0 to 512
[  727.276776][ T7604] futex_wake_op: syz.1.13168 tries to shift op by -1; fix this program
[  727.294394][ T7601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  727.307162][ T7601] ext4 filesystem being mounted at /257/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  727.377059][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.393963][ T7616] netlink: 'syz.3.13170': attribute type 4 has an invalid length.
[  727.404179][ T7616] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13170'.
[  727.512706][ T7622] binfmt_misc: register: failed to install interpreter file ./file2
[  727.861406][ T7631] netlink: 2724 bytes leftover after parsing attributes in process `syz.0.13174'.
[  728.111460][ T7605] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  728.175624][ T7646] loop3: detected capacity change from 0 to 512
[  728.213367][ T7646] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  728.249106][ T7646] ext4 filesystem being mounted at /263/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  728.875994][ T7674] loop0: detected capacity change from 0 to 512
[  728.886565][ T7674] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.13186: corrupted in-inode xattr: invalid ea_ino
[  728.932404][ T7674] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.13186: couldn't read orphan inode 15 (err -117)
[  728.961020][ T7674] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  728.980531][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  728.993028][ T7674] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  729.027736][ T7682] futex_wake_op: syz.1.13190 tries to shift op by -1; fix this program
[  729.134419][ T7691] loop2: detected capacity change from 0 to 1024
[  729.151518][ T7691] EXT4-fs: Ignoring removed orlov option
[  729.162156][ T7691] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  729.177752][ T7698] loop4: detected capacity change from 0 to 256
[  729.189882][ T7698] binfmt_misc: register: failed to install interpreter file ./file0
[  729.290672][ T7706] binfmt_misc: register: failed to install interpreter file ./file2
[  729.583004][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  729.657184][ T7720] loop2: detected capacity change from 0 to 512
[  729.685312][ T7720] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  729.733944][ T7720] ext4 filesystem being mounted at /288/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  729.755853][ T7726] loop3: detected capacity change from 0 to 512
[  729.785228][ T7726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  729.797903][ T7726] ext4 filesystem being mounted at /271/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  729.811564][ T7726] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.13205: bg 0: block 328: padding at end of block bitmap is not set
[  729.852596][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  729.865255][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  729.906471][ T7735] netlink: 40 bytes leftover after parsing attributes in process `syz.3.13207'.
[  729.950689][ T7742] loop3: detected capacity change from 0 to 512
[  729.961743][ T7742] EXT4-fs (loop3): orphan cleanup on readonly fs
[  729.975517][ T7746] FAULT_INJECTION: forcing a failure.
[  729.975517][ T7746] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  729.979644][ T7742] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.13210: bg 0: block 248: padding at end of block bitmap is not set
[  729.988718][ T7746] CPU: 0 UID: 0 PID: 7746 Comm: syz.1.13211 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  729.988755][ T7746] Tainted: [W]=WARN
[  729.988763][ T7746] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  729.988778][ T7746] Call Trace:
[  729.988784][ T7746]  <TASK>
[  729.988793][ T7746]  __dump_stack+0x1d/0x30
[  729.988816][ T7746]  dump_stack_lvl+0xe8/0x140
[  729.988837][ T7746]  dump_stack+0x15/0x1b
[  729.988863][ T7746]  should_fail_ex+0x265/0x280
[  729.988898][ T7746]  should_fail+0xb/0x20
[  729.988974][ T7746]  should_fail_usercopy+0x1a/0x20
[  729.988996][ T7746]  _copy_from_user+0x1c/0xb0
[  729.989027][ T7746]  memdup_user+0x5e/0xd0
[  729.989055][ T7746]  strndup_user+0x68/0xb0
[  729.989158][ T7746]  __se_sys_mount+0x4d/0x2e0
[  729.989183][ T7746]  ? fput+0x8f/0xc0
[  729.989214][ T7746]  ? ksys_write+0x192/0x1a0
[  729.989238][ T7746]  __x64_sys_mount+0x67/0x80
[  729.989294][ T7746]  x64_sys_call+0x2b4d/0x2ff0
[  729.989318][ T7746]  do_syscall_64+0xd2/0x200
[  729.989344][ T7746]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  729.989408][ T7746]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  729.989508][ T7746]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.989531][ T7746] RIP: 0033:0x7fb2a296ebe9
[  729.989614][ T7746] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.989656][ T7746] RSP: 002b:00007fb2a13d7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  729.989677][ T7746] RAX: ffffffffffffffda RBX: 00007fb2a2b95fa0 RCX: 00007fb2a296ebe9
[  729.989697][ T7746] RDX: 0000200000000040 RSI: 0000200000000080 RDI: 0000000000000000
[  729.989711][ T7746] RBP: 00007fb2a13d7090 R08: 0000200000000400 R09: 0000000000000000
[  729.989725][ T7746] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  729.989850][ T7746] R13: 00007fb2a2b96038 R14: 00007fb2a2b95fa0 R15: 00007ffeb3aebbe8
[  729.989944][ T7746]  </TASK>
[  730.023102][ T7748] ieee802154 phy0 wpan0: encryption failed: -22
[  730.053979][ T7742] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.13210: Failed to acquire dquot type 1
[  730.215686][ T7742] EXT4-fs (loop3): 1 truncate cleaned up
[  730.222034][ T7742] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  730.241590][ T7742] EXT4-fs error (device loop3): ext4_lookup:1791: inode #2: comm syz.3.13210: deleted inode referenced: 12
[  730.277016][ T7752] netlink: 'syz.4.13214': attribute type 4 has an invalid length.
[  730.277138][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.305845][ T7737] loop2: detected capacity change from 0 to 512
[  730.318310][ T7755] loop4: detected capacity change from 0 to 1024
[  730.325392][ T7755] EXT4-fs: Ignoring removed orlov option
[  730.332698][ T7737] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  730.334203][ T7755] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  730.362126][ T7737] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  730.396125][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.494935][ T7767] loop2: detected capacity change from 0 to 512
[  730.511171][ T7767] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  730.533440][ T7767] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  730.547105][ T7776] futex_wake_op: syz.3.13220 tries to shift op by -1; fix this program
[  730.549367][ T7767] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.13217: bg 0: block 328: padding at end of block bitmap is not set
[  730.582515][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.624712][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.721955][ T7789] netlink: 'syz.2.13225': attribute type 4 has an invalid length.
[  730.731015][ T7790] netlink: 56 bytes leftover after parsing attributes in process `syz.4.13221'.
[  730.758922][ T7792] loop2: detected capacity change from 0 to 128
[  730.824414][ T7792] syz.2.13226: attempt to access beyond end of device
[  730.824414][ T7792] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  731.292708][ T7812] loop2: detected capacity change from 0 to 1024
[  731.314971][ T7812] EXT4-fs: Ignoring removed orlov option
[  731.319374][ T7801] loop1: detected capacity change from 0 to 512
[  731.339457][ T7812] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  731.366487][ T7801] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  731.399565][ T7801] ext4 filesystem being mounted at /353/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  731.571782][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.643796][ T7833] loop2: detected capacity change from 0 to 512
[  731.662327][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.686333][ T7833] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  731.717063][ T7838] loop1: detected capacity change from 0 to 512
[  731.733197][ T7838] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  731.749175][ T7833] ext4 filesystem being mounted at /298/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  731.770179][ T7838] ext4 filesystem being mounted at /354/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  731.810893][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.891689][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  732.199109][   T29] kauditd_printk_skb: 209 callbacks suppressed
[  732.199125][   T29] audit: type=1400 audit(2000000452.392:77331): avc:  denied  { mounton } for  pid=7842 comm="syz.2.13239" path="/proc/825/task" dev="proc" ino=161116 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dir permissive=1
[  732.340866][ T7844] loop2: detected capacity change from 0 to 32768
[  732.355602][ T7866] futex_wake_op: syz.1.13245 tries to shift op by -1; fix this program
[  732.381887][ T7844]  loop2: p1 p3 < >
[  732.451823][ T7873] loop0: detected capacity change from 0 to 512
[  732.495310][ T7873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  732.513572][ T7873] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  732.531474][ T7881] loop3: detected capacity change from 0 to 1024
[  732.542181][ T7881] EXT4-fs: Ignoring removed orlov option
[  732.555336][ T7873] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.13248: bg 0: block 328: padding at end of block bitmap is not set
[  732.590109][ T7881] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  732.667845][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.732743][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.848069][   T29] audit: type=1326 audit(2000000454.042:77332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  733.872522][   T29] audit: type=1326 audit(2000000454.042:77333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  733.896153][   T29] audit: type=1326 audit(2000000454.042:77334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  733.920400][   T29] audit: type=1326 audit(2000000454.042:77335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  733.943980][   T29] audit: type=1326 audit(2000000454.042:77336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  733.968092][   T29] audit: type=1326 audit(2000000454.042:77337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  733.992682][   T29] audit: type=1326 audit(2000000454.172:77338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  734.028028][ T7916] loop2: detected capacity change from 0 to 128
[  734.035265][   T29] audit: type=1326 audit(2000000454.212:77339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f5c10d2ebe9 code=0x7ffc0000
[  734.059573][   T29] audit: type=1326 audit(2000000454.222:77340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7915 comm="syz.2.13259" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5c10d2ec23 code=0x7ffc0000
[  734.085544][ T7916] syz.2.13259: attempt to access beyond end of device
[  734.085544][ T7916] loop2: rw=0, sector=2072, nr_sectors = 1 limit=128
[  734.238142][ T7933] binfmt_misc: register: failed to install interpreter file ./file2
[  734.383589][ T7943] netlink: 'syz.3.13267': attribute type 4 has an invalid length.
[  734.471670][ T7948] loop3: detected capacity change from 0 to 128
[  734.526089][ T7948] syz.3.13269: attempt to access beyond end of device
[  734.526089][ T7948] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  734.640060][ T7959] futex_wake_op: syz.3.13274 tries to shift op by -1; fix this program
[  735.029488][ T7974] binfmt_misc: register: failed to install interpreter file ./file2
[  735.054627][ T7976] loop2: detected capacity change from 0 to 1024
[  735.070042][ T7976] EXT4-fs: Ignoring removed orlov option
[  735.085140][ T7976] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  735.372627][ T7996] loop0: detected capacity change from 0 to 128
[  735.408665][ T7996] syz.0.13284: attempt to access beyond end of device
[  735.408665][ T7996] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  735.562429][ T8004] loop4: detected capacity change from 0 to 256
[  735.573053][ T8004] binfmt_misc: register: failed to install interpreter file ./file0
[  735.614278][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  735.976486][ T7987] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  736.042579][ T8017] loop1: detected capacity change from 0 to 512
[  736.071730][ T8017] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  736.088764][ T8019] loop2: detected capacity change from 0 to 512
[  736.097223][ T8017] ext4 filesystem being mounted at /363/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  736.108490][ T8019] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.13291: corrupted in-inode xattr: invalid ea_ino
[  736.124637][ T8017] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.13292: bg 0: block 328: padding at end of block bitmap is not set
[  736.150853][ T8019] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.13291: couldn't read orphan inode 15 (err -117)
[  736.166342][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  736.178151][ T8019] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  736.192707][ T8019] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  736.207222][ T8029] binfmt_misc: register: failed to install interpreter file ./file2
[  736.273651][ T8038] loop2: detected capacity change from 0 to 1024
[  736.281070][ T8038] EXT4-fs: Ignoring removed orlov option
[  736.305365][ T8042] loop1: detected capacity change from 0 to 128
[  736.320450][ T8042] syz.1.13301: attempt to access beyond end of device
[  736.320450][ T8042] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[  736.517246][ T8062] loop2: detected capacity change from 0 to 512
[  736.531081][ T8062] ext4 filesystem being mounted at /310/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  736.543512][ T8062] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.13306: bg 0: block 328: padding at end of block bitmap is not set
[  736.650431][ T8076] binfmt_misc: register: failed to install interpreter file ./file2
[  736.691841][ T8079] netlink: 'syz.4.13311': attribute type 4 has an invalid length.
[  736.769633][ T8090] loop3: detected capacity change from 0 to 512
[  736.791147][ T8090] ext4 filesystem being mounted at /293/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  736.985834][ T8103] binfmt_misc: register: failed to install interpreter file ./file2
[  737.011559][ T8106] ieee802154 phy0 wpan0: encryption failed: -22
[  737.034082][ T8110] binfmt_misc: register: failed to install interpreter file ./file2
[  737.197872][ T8047] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  737.272065][   T29] kauditd_printk_skb: 418 callbacks suppressed
[  737.272127][   T29] audit: type=1326 audit(2000000457.472:77759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.304950][ T8117] netlink: 'syz.1.13323': attribute type 4 has an invalid length.
[  737.305536][   T29] audit: type=1326 audit(2000000457.502:77760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.337036][   T29] audit: type=1326 audit(2000000457.502:77761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.361244][   T29] audit: type=1326 audit(2000000457.502:77762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.404909][   T29] audit: type=1326 audit(2000000457.592:77763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.428529][   T29] audit: type=1326 audit(2000000457.592:77764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.452818][   T29] audit: type=1326 audit(2000000457.592:77765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.476356][   T29] audit: type=1326 audit(2000000457.592:77766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.500700][   T29] audit: type=1326 audit(2000000457.592:77767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.524310][   T29] audit: type=1326 audit(2000000457.592:77768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8118 comm="syz.0.13324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  737.746711][ T8126] lo speed is unknown, defaulting to 1000
[  737.753193][ T8126] lo speed is unknown, defaulting to 1000
[  737.759484][ T8126] lo speed is unknown, defaulting to 1000
[  737.766948][ T8126] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  737.783233][ T8126] lo speed is unknown, defaulting to 1000
[  737.790521][ T8126] lo speed is unknown, defaulting to 1000
[  737.798088][ T8126] lo speed is unknown, defaulting to 1000
[  737.815279][ T8126] lo speed is unknown, defaulting to 1000
[  737.830756][ T8126] lo speed is unknown, defaulting to 1000
[  737.837289][ T8126] lo speed is unknown, defaulting to 1000
[  737.982397][ T8171] loop4: detected capacity change from 0 to 512
[  737.983453][ T8172] netlink: 'syz.1.13337': attribute type 4 has an invalid length.
[  738.012387][ T8171] ext4 filesystem being mounted at /340/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  738.028108][ T8171] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.13338: bg 0: block 328: padding at end of block bitmap is not set
[  738.061118][ T8178] loop1: detected capacity change from 0 to 1024
[  738.067804][ T8178] EXT4-fs: Ignoring removed orlov option
[  738.164621][ T8180] lo speed is unknown, defaulting to 1000
[  738.438582][ T8199] lo speed is unknown, defaulting to 1000
[  738.597207][ T8148] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  738.914330][ T8215] loop4: detected capacity change from 0 to 512
[  738.917826][ T8212] lo speed is unknown, defaulting to 1000
[  738.943530][ T8218] netlink: 'syz.1.13349': attribute type 4 has an invalid length.
[  739.011835][ T8218] netlink: 20 bytes leftover after parsing attributes in process `syz.1.13349'.
[  739.071998][ T8215] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  739.362962][ T8229] lo speed is unknown, defaulting to 1000
[  739.445686][ T8237] loop3: detected capacity change from 0 to 256
[  739.455613][ T8237] binfmt_misc: register: failed to install interpreter file ./file0
[  739.601276][ T8253] netlink: 'syz.2.13361': attribute type 4 has an invalid length.
[  739.611892][ T8253] netlink: 20 bytes leftover after parsing attributes in process `syz.2.13361'.
[  739.678036][ T8251] lo speed is unknown, defaulting to 1000
[  739.765544][ T8261] loop1: detected capacity change from 0 to 1024
[  739.778131][ T8261] EXT4-fs: Ignoring removed orlov option
[  739.944803][ T8269] 9pnet_fd: Insufficient options for proto=fd
[  739.945272][ T8258] loop2: detected capacity change from 0 to 512
[  739.971020][ T8258] ext4 filesystem being mounted at /327/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  740.062711][ T8276] loop2: detected capacity change from 0 to 512
[  740.071330][ T8276] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.13367: corrupted in-inode xattr: invalid ea_ino
[  740.087141][ T8276] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.13367: couldn't read orphan inode 15 (err -117)
[  740.576699][ T8289] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13371'.
[  740.647258][ T8289] netlink: 'syz.3.13371': attribute type 13 has an invalid length.
[  740.655239][ T8289] netlink: 'syz.3.13371': attribute type 17 has an invalid length.
[  740.686178][ T8294] binfmt_misc: register: failed to install interpreter file ./file2
[  740.766558][ T8289] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  740.932567][ T8304] loop1: detected capacity change from 0 to 512
[  740.956709][ T8304] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.13378: corrupted in-inode xattr: invalid ea_ino
[  741.046540][ T8311] lo speed is unknown, defaulting to 1000
[  741.201073][ T8304] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.13378: couldn't read orphan inode 15 (err -117)
[  741.528043][ T8322] 9pnet_fd: Insufficient options for proto=fd
[  741.555341][ T8324] binfmt_misc: register: failed to install interpreter file ./file2
[  741.726902][ T8334] loop2: detected capacity change from 0 to 1024
[  741.793233][ T8334] EXT4-fs: Ignoring removed orlov option
[  741.819990][ T8339] loop4: detected capacity change from 0 to 512
[  741.898172][ T8339] ext4 filesystem being mounted at /348/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  742.014898][ T8351] netlink: 'syz.4.13390': attribute type 4 has an invalid length.
[  742.270501][ T8366] loop3: detected capacity change from 0 to 1024
[  742.290757][ T8366] EXT4-fs: Ignoring removed orlov option
[  742.796384][ T8375] loop3: detected capacity change from 0 to 512
[  742.812255][ T8375] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  742.966396][ T8395] lo speed is unknown, defaulting to 1000
[  743.126025][   T29] kauditd_printk_skb: 126 callbacks suppressed
[  743.126038][   T29] audit: type=1326 audit(2000000463.322:77895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.289848][ T8406] loop2: detected capacity change from 0 to 1024
[  743.313435][ T8406] EXT4-fs: Ignoring removed orlov option
[  743.317667][   T29] audit: type=1326 audit(2000000463.362:77896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.343372][   T29] audit: type=1326 audit(2000000463.362:77897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.367688][   T29] audit: type=1326 audit(2000000463.362:77898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.392358][   T29] audit: type=1326 audit(2000000463.362:77899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.416180][   T29] audit: type=1326 audit(2000000463.362:77900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.440334][   T29] audit: type=1326 audit(2000000463.362:77901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.463909][   T29] audit: type=1326 audit(2000000463.362:77902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.488109][   T29] audit: type=1326 audit(2000000463.362:77903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.512430][   T29] audit: type=1326 audit(2000000463.362:77904): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8400 comm="syz.3.13403" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  743.512762][ T8379] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  743.572943][ T8419] futex_wake_op: syz.1.13408 tries to shift op by -1; fix this program
[  743.875294][ T8436] lo speed is unknown, defaulting to 1000
[  743.995958][ T8439] netlink: 'syz.2.13414': attribute type 4 has an invalid length.
[  744.288260][ T8444] lo speed is unknown, defaulting to 1000
[  744.368907][ T8448] loop4: detected capacity change from 0 to 512
[  744.381109][ T8448] ext4 filesystem being mounted at /355/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  744.406308][ T8448] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.13419: bg 0: block 328: padding at end of block bitmap is not set
[  744.448890][ T8454] loop0: detected capacity change from 0 to 128
[  744.483342][ T8454] syz.0.13417: attempt to access beyond end of device
[  744.483342][ T8454] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[  744.516176][ T8461] loop3: detected capacity change from 0 to 1024
[  744.522939][ T8461] EXT4-fs: Ignoring removed orlov option
[  744.577862][ T8465] loop0: detected capacity change from 0 to 1024
[  744.629370][ T8465] EXT4-fs: Ignoring removed orlov option
[  744.878717][ T8477] binfmt_misc: register: failed to install interpreter file ./file2
[  744.956674][ T8482] loop1: detected capacity change from 0 to 1024
[  744.964280][ T8482] EXT4-fs: Ignoring removed orlov option
[  745.221584][ T8487] loop2: detected capacity change from 0 to 512
[  745.230679][ T8487] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.320168][ T8456] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  745.417291][ T8506] lo speed is unknown, defaulting to 1000
[  745.727689][ T8528] siw: device registration error -23
[  745.807680][ T8543] loop2: detected capacity change from 0 to 512
[  745.816884][ T8544] binfmt_misc: register: failed to install interpreter file ./file2
[  745.829677][ T8543] ext4 filesystem being mounted at /345/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  746.054987][ T8551] lo speed is unknown, defaulting to 1000
[  746.141925][ T8559] lo speed is unknown, defaulting to 1000
[  746.241368][ T8509] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  746.971226][ T8601] loop2: detected capacity change from 0 to 1024
[  746.978893][ T8601] EXT4-fs: Ignoring removed orlov option
[  746.988641][ T8604] loop1: detected capacity change from 0 to 128
[  747.026503][ T8578] loop3: detected capacity change from 0 to 512
[  747.033929][ T8600] lo speed is unknown, defaulting to 1000
[  747.053536][ T8604] syz.1.13454: attempt to access beyond end of device
[  747.053536][ T8604] loop1: rw=0, sector=2072, nr_sectors = 1 limit=128
[  747.072030][ T8578] ext4 filesystem being mounted at /322/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  747.272938][ T8627] binfmt_misc: register: failed to install interpreter file ./file2
[  747.306986][ T8632] loop0: detected capacity change from 0 to 512
[  747.308751][ T8635] netlink: 'syz.2.13463': attribute type 4 has an invalid length.
[  747.325313][ T8633] netlink: 20 bytes leftover after parsing attributes in process `syz.3.13462'.
[  747.343958][ T8624] lo speed is unknown, defaulting to 1000
[  747.374677][ T8632] ext4 filesystem being mounted at /269/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  747.478532][ T8648] loop3: detected capacity change from 0 to 128
[  747.493189][ T8648] syz.3.13466: attempt to access beyond end of device
[  747.493189][ T8648] loop3: rw=0, sector=2072, nr_sectors = 1 limit=128
[  747.698519][ T8590] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  747.778354][ T8653] loop3: detected capacity change from 0 to 512
[  747.813886][ T8653] ext4 filesystem being mounted at /326/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  747.840069][ T8670] loop4: detected capacity change from 0 to 512
[  747.852667][ T8670] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.13470: corrupted in-inode xattr: invalid ea_ino
[  747.870930][ T8670] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.13470: couldn't read orphan inode 15 (err -117)
[  747.964136][ T8679] netlink: 'syz.4.13474': attribute type 4 has an invalid length.
[  748.144685][ T8690] loop4: detected capacity change from 0 to 512
[  748.181546][ T8690] ext4 filesystem being mounted at /369/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  748.220615][ T8690] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.13478: bg 0: block 328: padding at end of block bitmap is not set
[  748.442981][ T8701] lo speed is unknown, defaulting to 1000
[  748.514629][   T29] kauditd_printk_skb: 482 callbacks suppressed
[  748.514645][   T29] audit: type=1326 audit(2000000468.692:78387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.544461][   T29] audit: type=1326 audit(2000000468.702:78388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.568146][   T29] audit: type=1326 audit(2000000468.702:78389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.591822][   T29] audit: type=1326 audit(2000000468.702:78390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.615335][   T29] audit: type=1326 audit(2000000468.702:78391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.638908][   T29] audit: type=1326 audit(2000000468.702:78392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.662434][   T29] audit: type=1326 audit(2000000468.702:78393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.686174][   T29] audit: type=1326 audit(2000000468.702:78394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.709759][   T29] audit: type=1326 audit(2000000468.702:78395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.733349][   T29] audit: type=1326 audit(2000000468.702:78396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8707 comm="syz.3.13482" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  748.842896][ T8718] lo speed is unknown, defaulting to 1000
[  749.011356][ T8725] lo speed is unknown, defaulting to 1000
[  749.342117][ T8760] lo speed is unknown, defaulting to 1000
[  749.814010][ T8768] lo speed is unknown, defaulting to 1000
[  749.891783][ T8772] lo speed is unknown, defaulting to 1000
[  749.894674][ T8775] loop4: detected capacity change from 0 to 512
[  749.922069][ T8775] ext4 filesystem being mounted at /375/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  750.026407][ T8785] loop4: detected capacity change from 0 to 512
[  750.051503][ T8785] ext4 filesystem being mounted at /376/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  750.157897][ T8773] loop0: detected capacity change from 0 to 512
[  750.218522][ T8773] ext4 filesystem being mounted at /275/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  750.286451][ T8817] ieee802154 phy0 wpan0: encryption failed: -22
[  750.682212][ T8841] lo speed is unknown, defaulting to 1000
[  750.748682][ T8848] loop1: detected capacity change from 0 to 512
[  750.762474][ T8848] ext4 filesystem being mounted at /407/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  750.833443][ T8859] loop1: detected capacity change from 0 to 1024
[  750.841345][ T8859] EXT4-fs: Ignoring removed orlov option
[  751.128611][ T8875] loop3: detected capacity change from 0 to 1024
[  751.136788][ T8875] EXT4-fs: Ignoring removed orlov option
[  751.215013][ T8882] FAULT_INJECTION: forcing a failure.
[  751.215013][ T8882] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  751.228811][ T8882] CPU: 0 UID: 0 PID: 8882 Comm: syz.2.13525 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  751.228882][ T8882] Tainted: [W]=WARN
[  751.228889][ T8882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  751.228901][ T8882] Call Trace:
[  751.228909][ T8882]  <TASK>
[  751.228916][ T8882]  __dump_stack+0x1d/0x30
[  751.228938][ T8882]  dump_stack_lvl+0xe8/0x140
[  751.229014][ T8882]  dump_stack+0x15/0x1b
[  751.229031][ T8882]  should_fail_ex+0x265/0x280
[  751.229067][ T8882]  should_fail+0xb/0x20
[  751.229099][ T8882]  should_fail_usercopy+0x1a/0x20
[  751.229143][ T8882]  _copy_from_user+0x1c/0xb0
[  751.229168][ T8882]  ___sys_sendmsg+0xc1/0x1d0
[  751.229240][ T8882]  __x64_sys_sendmsg+0xd4/0x160
[  751.229330][ T8882]  x64_sys_call+0x191e/0x2ff0
[  751.229370][ T8882]  do_syscall_64+0xd2/0x200
[  751.229438][ T8882]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  751.229465][ T8882]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  751.229490][ T8882]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  751.229511][ T8882] RIP: 0033:0x7f5c10d2ebe9
[  751.229537][ T8882] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  751.229557][ T8882] RSP: 002b:00007f5c0f797038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  751.229578][ T8882] RAX: ffffffffffffffda RBX: 00007f5c10f55fa0 RCX: 00007f5c10d2ebe9
[  751.229593][ T8882] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  751.229607][ T8882] RBP: 00007f5c0f797090 R08: 0000000000000000 R09: 0000000000000000
[  751.229620][ T8882] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  751.229690][ T8882] R13: 00007f5c10f56038 R14: 00007f5c10f55fa0 R15: 00007ffd0e8c1e48
[  751.229711][ T8882]  </TASK>
[  751.465077][ T3406] EXT4-fs unmount: 65 callbacks suppressed
[  751.465094][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  751.589878][ T8896] siw: device registration error -23
[  751.618952][ T8907] loop4: detected capacity change from 0 to 512
[  751.641584][ T8907] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  751.662733][ T8907] ext4 filesystem being mounted at /381/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  751.664192][ T8915] loop3: detected capacity change from 0 to 1024
[  751.685373][ T8915] EXT4-fs: Ignoring removed orlov option
[  751.694718][ T8915] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  751.751677][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  751.998028][ T8917] loop0: detected capacity change from 0 to 512
[  752.010724][ T8917] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  752.023383][ T8917] ext4 filesystem being mounted at /280/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  752.055815][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  752.097963][ T8939] loop0: detected capacity change from 0 to 512
[  752.105507][ T8939] EXT4-fs (loop0): orphan cleanup on readonly fs
[  752.111879][ T8939] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  752.121649][ T8939] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  752.136654][ T8939] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.13538: attempt to clear invalid blocks 2 len 1
[  752.150497][ T8939] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.13538: invalid indirect mapped block 1819239214 (level 0)
[  752.164704][ T8939] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.13538: invalid indirect mapped block 1819239214 (level 1)
[  752.180972][ T8939] EXT4-fs (loop0): 1 truncate cleaned up
[  752.187030][ T8939] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  752.201416][ T8939] EXT4-fs error (device loop0): ext4_lookup:1784: inode #2: comm syz.0.13538: 'file1' linked to parent dir
[  752.226203][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  752.267987][ T8888] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  752.371710][ T8947] lo speed is unknown, defaulting to 1000
[  752.382288][ T8957] lo speed is unknown, defaulting to 1000
[  752.463302][ T8963] loop0: detected capacity change from 0 to 1024
[  752.470150][ T8963] EXT4-fs: Ignoring removed orlov option
[  752.481425][ T8963] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  752.505305][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  752.526201][ T8972] FAULT_INJECTION: forcing a failure.
[  752.526201][ T8972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  752.540066][ T8972] CPU: 0 UID: 0 PID: 8972 Comm: syz.3.13548 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  752.540131][ T8972] Tainted: [W]=WARN
[  752.540138][ T8972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  752.540152][ T8972] Call Trace:
[  752.540160][ T8972]  <TASK>
[  752.540189][ T8972]  __dump_stack+0x1d/0x30
[  752.540271][ T8972]  dump_stack_lvl+0xe8/0x140
[  752.540339][ T8972]  dump_stack+0x15/0x1b
[  752.540354][ T8972]  should_fail_ex+0x265/0x280
[  752.540386][ T8972]  should_fail+0xb/0x20
[  752.540413][ T8972]  should_fail_usercopy+0x1a/0x20
[  752.540452][ T8972]  _copy_from_user+0x1c/0xb0
[  752.540478][ T8972]  ___sys_sendmsg+0xc1/0x1d0
[  752.540586][ T8972]  __x64_sys_sendmsg+0xd4/0x160
[  752.540627][ T8972]  x64_sys_call+0x191e/0x2ff0
[  752.540675][ T8972]  do_syscall_64+0xd2/0x200
[  752.540699][ T8972]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  752.540722][ T8972]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  752.540748][ T8972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  752.540827][ T8972] RIP: 0033:0x7f245182ebe9
[  752.540844][ T8972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  752.540862][ T8972] RSP: 002b:00007f245028f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  752.540883][ T8972] RAX: ffffffffffffffda RBX: 00007f2451a55fa0 RCX: 00007f245182ebe9
[  752.540911][ T8972] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  752.540925][ T8972] RBP: 00007f245028f090 R08: 0000000000000000 R09: 0000000000000000
[  752.540939][ T8972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  752.540952][ T8972] R13: 00007f2451a56038 R14: 00007f2451a55fa0 R15: 00007ffed9a09988
[  752.540971][ T8972]  </TASK>
[  752.738522][ T8975] loop2: detected capacity change from 0 to 256
[  752.751407][ T8975] binfmt_misc: register: failed to install interpreter file ./file0
[  752.774166][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  752.821486][ T8989] loop3: detected capacity change from 0 to 512
[  752.851671][ T8989] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  752.864955][ T8989] ext4 filesystem being mounted at /343/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  752.936240][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  752.948403][ T8996] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13554'.
[  753.160175][ T8949] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  753.343615][ T9002] lo speed is unknown, defaulting to 1000
[  753.372851][ T9005] lo speed is unknown, defaulting to 1000
[  753.587306][   T29] kauditd_printk_skb: 146 callbacks suppressed
[  753.587363][   T29] audit: type=1326 audit(2000000473.782:78543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9010 comm="syz.0.13558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  753.618830][   T29] audit: type=1326 audit(2000000473.822:78544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9010 comm="syz.0.13558" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f243340ebe9 code=0x7ffc0000
[  753.775180][ T9022] loop0: detected capacity change from 0 to 1024
[  753.782882][ T9022] EXT4-fs: Ignoring removed orlov option
[  753.803535][ T9022] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  753.902980][ T9029] binfmt_misc: register: failed to install interpreter file ./file2
[  753.993514][ T9030] netlink: 148 bytes leftover after parsing attributes in process `syz.2.13561'.
[  754.031653][ T9030] netlink: 148 bytes leftover after parsing attributes in process `syz.2.13561'.
[  754.048750][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  754.062671][ T9034] loop4: detected capacity change from 0 to 512
[  754.077913][   T29] audit: type=1326 audit(2000000474.272:78545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.103974][   T29] audit: type=1326 audit(2000000474.272:78546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.147101][ T9034] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  754.171991][ T9034] ext4 filesystem being mounted at /387/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  754.238048][   T29] audit: type=1326 audit(2000000474.312:78547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f245182d550 code=0x7ffc0000
[  754.262399][   T29] audit: type=1326 audit(2000000474.332:78548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.285993][   T29] audit: type=1326 audit(2000000474.332:78549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.310342][   T29] audit: type=1326 audit(2000000474.332:78550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.333940][   T29] audit: type=1326 audit(2000000474.332:78551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.358305][   T29] audit: type=1326 audit(2000000474.332:78552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9035 comm="syz.3.13567" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f245182ebe9 code=0x7ffc0000
[  754.448387][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  754.473000][ T9046] lo speed is unknown, defaulting to 1000
[  754.610630][ T9048] lo speed is unknown, defaulting to 1000
[  754.702046][ T9056] loop2: detected capacity change from 0 to 512
[  754.714743][ T9056] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.13571: corrupted in-inode xattr: invalid ea_ino
[  754.759096][ T9056] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.13571: couldn't read orphan inode 15 (err -117)
[  754.774206][ T9056] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  754.788988][ T9056] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  754.799827][ T9066] binfmt_misc: register: failed to install interpreter file ./file2
[  754.868216][ T9067] siw: device registration error -23
[  754.937102][ T9084] loop0: detected capacity change from 0 to 512
[  754.943147][ T9070] lo speed is unknown, defaulting to 1000
[  754.970735][ T9081] loop4: detected capacity change from 0 to 512
[  755.030211][ T9084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  755.048776][ T9091] FAULT_INJECTION: forcing a failure.
[  755.048776][ T9091] name failslab, interval 1, probability 0, space 0, times 0
[  755.061475][ T9091] CPU: 1 UID: 0 PID: 9091 Comm: syz.3.13583 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  755.061515][ T9091] Tainted: [W]=WARN
[  755.061522][ T9091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  755.061535][ T9091] Call Trace:
[  755.061543][ T9091]  <TASK>
[  755.061628][ T9091]  __dump_stack+0x1d/0x30
[  755.061653][ T9091]  dump_stack_lvl+0xe8/0x140
[  755.061674][ T9091]  dump_stack+0x15/0x1b
[  755.061694][ T9091]  should_fail_ex+0x265/0x280
[  755.061792][ T9091]  ? __se_sys_mount+0xef/0x2e0
[  755.061818][ T9091]  should_failslab+0x8c/0xb0
[  755.061847][ T9091]  __kmalloc_cache_noprof+0x4c/0x320
[  755.061876][ T9091]  ? memdup_user+0x99/0xd0
[  755.061915][ T9091]  __se_sys_mount+0xef/0x2e0
[  755.061941][ T9091]  ? __bpf_trace_sys_enter+0x10/0x30
[  755.062037][ T9091]  ? trace_sys_enter+0xd0/0xf0
[  755.062127][ T9091]  __x64_sys_mount+0x67/0x80
[  755.062155][ T9091]  x64_sys_call+0x2b4d/0x2ff0
[  755.062180][ T9091]  do_syscall_64+0xd2/0x200
[  755.062204][ T9091]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  755.062279][ T9091]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  755.062305][ T9091]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.062329][ T9091] RIP: 0033:0x7f245182ebe9
[  755.062422][ T9091] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.062439][ T9091] RSP: 002b:00007f245028f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  755.062458][ T9091] RAX: ffffffffffffffda RBX: 00007f2451a55fa0 RCX: 00007f245182ebe9
[  755.062472][ T9091] RDX: 00002000000002c0 RSI: 0000200000000080 RDI: 0000000000000000
[  755.062486][ T9091] RBP: 00007f245028f090 R08: 0000200000000240 R09: 0000000000000000
[  755.062502][ T9091] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.062516][ T9091] R13: 00007f2451a56038 R14: 00007f2451a55fa0 R15: 00007ffed9a09988
[  755.062565][ T9091]  </TASK>
[  755.063683][ T9084] ext4 filesystem being mounted at /290/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  755.127324][ T9093] lo speed is unknown, defaulting to 1000
[  755.138671][ T9084] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.13581: bg 0: block 328: padding at end of block bitmap is not set
[  755.142908][ T9081] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  755.303636][ T9081] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  755.314162][ T9099] lo speed is unknown, defaulting to 1000
[  755.326942][ T4216] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  755.428175][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  755.542910][ T9120] binfmt_misc: register: failed to install interpreter file ./file2
[  755.633517][ T9127] futex_wake_op: syz.4.13592 tries to shift op by -1; fix this program
[  755.743153][ T9075] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  755.887781][ T9134] loop1: detected capacity change from 0 to 512
[  755.922841][ T9134] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.13594: corrupted in-inode xattr: invalid ea_ino
[  756.056050][ T9134] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.13594: couldn't read orphan inode 15 (err -117)
[  756.077735][ T9139] loop3: detected capacity change from 0 to 1024
[  756.093542][ T9140] lo speed is unknown, defaulting to 1000
[  756.100324][ T9139] EXT4-fs: Ignoring removed orlov option
[  756.119192][ T9134] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  756.144685][ T9134] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  756.155526][ T9139] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  756.412507][ T9125] loop2: detected capacity change from 0 to 512
[  756.541269][ T9125] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  756.560235][ T9125] ext4 filesystem being mounted at /371/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  756.653515][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  756.664333][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  756.737553][ T9153] lo speed is unknown, defaulting to 1000
[  756.884468][ T9166] lo speed is unknown, defaulting to 1000
[  757.042470][ T9170] siw: device registration error -23
[  757.173125][ T9190] lo speed is unknown, defaulting to 1000
[  757.482312][ T9197] lo speed is unknown, defaulting to 1000
[  757.531615][ T9186] loop4: detected capacity change from 0 to 512
[  757.553419][ T9186] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  757.566657][ T9186] ext4 filesystem being mounted at /396/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  757.615663][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  757.672841][ T9217] futex_wake_op: syz.1.13616 tries to shift op by -1; fix this program
[  757.727661][ T9222] loop3: detected capacity change from 0 to 512
[  757.736211][ T9222] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.13618: corrupted in-inode xattr: invalid ea_ino
[  757.751871][ T9222] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.13618: couldn't read orphan inode 15 (err -117)
[  757.764776][ T9222] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  757.782419][ T9222] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  757.882542][ T9235] loop4: detected capacity change from 0 to 512
[  757.911856][ T9235] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  757.938244][ T9236] lo speed is unknown, defaulting to 1000
[  757.946232][ T9235] ext4 filesystem being mounted at /398/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  757.983340][ T9235] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.13621: bg 0: block 328: padding at end of block bitmap is not set
[  758.044636][ T9245] loop3: detected capacity change from 0 to 1024
[  758.062428][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  758.072581][ T9245] EXT4-fs: Ignoring removed orlov option
[  758.088152][ T9245] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  758.118266][ T9249] lo speed is unknown, defaulting to 1000
[  758.441225][ T9209] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  758.538402][ T9265] lo speed is unknown, defaulting to 1000
[  758.813587][ T9268] loop1: detected capacity change from 0 to 512
[  758.832045][ T9268] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  758.844702][ T9268] ext4 filesystem being mounted at /427/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  758.875769][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  758.893417][ T9282] loop3: detected capacity change from 0 to 512
[  758.911353][ T9282] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  758.924544][ T9282] ext4 filesystem being mounted at /362/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  758.939568][ T9282] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.13631: bg 0: block 328: padding at end of block bitmap is not set
[  758.970317][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.091354][ T9294] siw: device registration error -23
[  759.124765][ T9306] loop3: detected capacity change from 0 to 512
[  759.133176][ T9306] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.13637: corrupted in-inode xattr: invalid ea_ino
[  759.147176][ T9306] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.13637: couldn't read orphan inode 15 (err -117)
[  759.162190][ T9306] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  759.175108][ T9306] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.363550][ T9321] siw: device registration error -23
[  759.451511][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.720189][ T9360] futex_wake_op: syz.4.13648 tries to shift op by -1; fix this program
[  759.995143][ T9381] lo speed is unknown, defaulting to 1000
[  760.219153][ T9387] binfmt_misc: register: failed to install interpreter file ./file2
[  760.308706][ T9393] loop2: detected capacity change from 0 to 1024
[  760.316684][ T9393] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  760.328984][ T9393] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #3: block 1: comm syz.2.13658: lblock 1 mapped to illegal pblock 1 (length 1)
[  760.378800][ T9391] loop3: detected capacity change from 0 to 1024
[  760.386364][ T9391] EXT4-fs: Ignoring removed orlov option
[  760.396029][ T9391] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  760.414277][ T9393] __quota_error: 79 callbacks suppressed
[  760.414294][ T9393] Quota error (device loop2): write_blk: dquota write failed
[  760.428099][ T9393] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  760.439309][ T9393] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.13658: Failed to acquire dquot type 0
[  760.452561][ T9393] EXT4-fs error (device loop2): ext4_free_blocks:6696: comm syz.2.13658: Freeing blocks not in datazone - block = 0, count = 4096
[  760.515926][ T9393] EXT4-fs error (device loop2): ext4_read_inode_bitmap:139: comm syz.2.13658: Invalid inode bitmap blk 0 in block_group 0
[  760.530242][T27117] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #3: block 1: comm kworker/u8:14: lblock 1 mapped to illegal pblock 1 (length 1)
[  760.552052][ T9393] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  760.565182][T27117] Quota error (device loop2): remove_tree: Can't read quota data block 1
[  760.574289][T27117] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u8:14: Failed to release dquot type 0
[  760.585991][ T9393] EXT4-fs (loop2): 1 orphan inode deleted
[  760.599491][ T9393] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  760.665259][   T29] audit: type=1400 audit(2000000480.862:78632): avc:  denied  { ioctl } for  pid=9392 comm="syz.2.13658" path="socket:[166359]" dev="sockfs" ino=166359 ioctlcmd=0x89b0 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_netfilter_socket permissive=1
[  760.815120][ T9412] lo speed is unknown, defaulting to 1000
[  760.830117][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  760.901729][   T29] audit: type=1326 audit(2000000481.092:78633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9419 comm="syz.1.13664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  760.925417][   T29] audit: type=1326 audit(2000000481.092:78634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9419 comm="syz.1.13664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  760.949003][   T29] audit: type=1326 audit(2000000481.092:78635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9419 comm="syz.1.13664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb2a296d550 code=0x7ffc0000
[  761.011833][ T9424] loop2: detected capacity change from 0 to 256
[  761.029046][   T29] audit: type=1326 audit(2000000481.202:78636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9419 comm="syz.1.13664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  761.052813][   T29] audit: type=1326 audit(2000000481.202:78637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9419 comm="syz.1.13664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  761.076424][   T29] audit: type=1326 audit(2000000481.202:78638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9419 comm="syz.1.13664" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fb2a296ebe9 code=0x7ffc0000
[  761.101048][ T9424] binfmt_misc: register: failed to install interpreter file ./file0
[  761.158064][ T3406] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.196592][ T9433] futex_wake_op: syz.3.13669 tries to shift op by -1; fix this program
[  761.432779][ T9439] lo speed is unknown, defaulting to 1000
[  761.468838][ T9446] loop1: detected capacity change from 0 to 512
[  761.502447][ T9446] EXT4-fs: dax option not supported
[  761.578580][ T9449] netlink: 'syz.1.13671': attribute type 1 has an invalid length.
[  761.586921][ T9449] netlink: 12 bytes leftover after parsing attributes in process `syz.1.13671'.
[  761.621716][ T9451] binfmt_misc: register: failed to install interpreter file ./file0
[  761.652177][ T9454] loop1: detected capacity change from 0 to 1024
[  761.659145][ T9454] EXT4-fs: Ignoring removed orlov option
[  761.669150][ T9454] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  762.130681][ T9468] lo speed is unknown, defaulting to 1000
[  762.286661][ T9441] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  762.492644][ T9491] loop4: detected capacity change from 0 to 128
[  762.513100][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  762.534738][ T9491] syz.4.13684: attempt to access beyond end of device
[  762.534738][ T9491] loop4: rw=0, sector=2072, nr_sectors = 1 limit=128
[  762.679053][ T9501] loop4: detected capacity change from 0 to 1024
[  762.686033][ T9504] lo speed is unknown, defaulting to 1000
[  762.693452][ T9501] EXT4-fs: Ignoring removed orlov option
[  762.712222][ T9497] lo speed is unknown, defaulting to 1000
[  762.724883][ T9501] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  762.928491][ T9530] loop0: detected capacity change from 0 to 256
[  762.952104][ T9530] binfmt_misc: register: failed to install interpreter file ./file0
[  763.471789][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  763.487668][ T9543] FAULT_INJECTION: forcing a failure.
[  763.487668][ T9543] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  763.501284][ T9543] CPU: 0 UID: 0 PID: 9543 Comm: syz.4.13696 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  763.501324][ T9543] Tainted: [W]=WARN
[  763.501332][ T9543] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  763.501374][ T9543] Call Trace:
[  763.501381][ T9543]  <TASK>
[  763.501388][ T9543]  __dump_stack+0x1d/0x30
[  763.501409][ T9543]  dump_stack_lvl+0xe8/0x140
[  763.501429][ T9543]  dump_stack+0x15/0x1b
[  763.501447][ T9543]  should_fail_ex+0x265/0x280
[  763.501537][ T9543]  should_fail+0xb/0x20
[  763.501566][ T9543]  should_fail_usercopy+0x1a/0x20
[  763.501586][ T9543]  _copy_from_user+0x1c/0xb0
[  763.501639][ T9543]  do_sock_getsockopt+0xf1/0x240
[  763.501695][ T9543]  __x64_sys_getsockopt+0x11e/0x1a0
[  763.501736][ T9543]  x64_sys_call+0x2bc6/0x2ff0
[  763.501760][ T9543]  do_syscall_64+0xd2/0x200
[  763.501824][ T9543]  ? arch_exit_to_user_mode_prepare+0x27/0x60
[  763.501851][ T9543]  ? irqentry_exit_to_user_mode+0x7e/0xa0
[  763.502006][ T9543]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.502031][ T9543] RIP: 0033:0x7ff9989febe9
[  763.502045][ T9543] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  763.502064][ T9543] RSP: 002b:00007ff99745f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  763.502097][ T9543] RAX: ffffffffffffffda RBX: 00007ff998c25fa0 RCX: 00007ff9989febe9
[  763.502139][ T9543] RDX: 000000000000006f RSI: 0000000000000084 RDI: 0000000000000005
[  763.502150][ T9543] RBP: 00007ff99745f090 R08: 0000200000000180 R09: 0000000000000000
[  763.502162][ T9543] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000001
[  763.502174][ T9543] R13: 00007ff998c26038 R14: 00007ff998c25fa0 R15: 00007ffcbe7fc1f8
[  763.502195][ T9543]  </TASK>
[  763.552038][ T9506] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  763.738109][ T9552] loop1: detected capacity change from 0 to 1024
[  763.745529][ T9552] EXT4-fs: Ignoring removed mblk_io_submit option
[  763.772362][ T9552] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  763.879139][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  763.990995][ T9564] lo speed is unknown, defaulting to 1000
[  764.104733][ T9561] lo speed is unknown, defaulting to 1000
[  764.434003][ T9549] loop4: detected capacity change from 0 to 512
[  764.466342][ T9572] lo speed is unknown, defaulting to 1000
[  765.001874][ T9576] lo speed is unknown, defaulting to 1000
[  765.009274][ T9578] lo speed is unknown, defaulting to 1000
[  765.313369][ T9549] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  765.345368][ T9584] loop1: detected capacity change from 0 to 1024
[  765.470566][ T9549] ext4 filesystem being mounted at /418/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  765.485873][ T9584] EXT4-fs: Ignoring removed orlov option
[  765.496017][ T9586] loop2: detected capacity change from 0 to 1024
[  765.504277][ T9586] EXT4-fs: Ignoring removed orlov option
[  765.537198][ T9584] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  765.553313][ T9586] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  765.566233][ T2662] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.599655][ T9598] binfmt_misc: register: failed to install interpreter file ./file2
[  765.873945][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.956815][ T9625] loop1: detected capacity change from 0 to 1024
[  765.964824][ T9625] EXT4-fs: Ignoring removed orlov option
[  765.972552][ T9625] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  766.075436][ T9628] ==================================================================
[  766.083534][ T9628] BUG: KCSAN: data-race in vfs_fsync_range / writeback_single_inode
[  766.091636][ T9628] 
[  766.093972][ T9628] write to 0xffff8881004a85f8 of 4 bytes by task 9625 on cpu 0:
[  766.101689][ T9628]  writeback_single_inode+0x14a/0x3e0
[  766.107081][ T9628]  sync_inode_metadata+0x5b/0x90
[  766.112024][ T9628]  generic_buffers_fsync_noflush+0xd9/0x120
[  766.117933][ T9628]  ext4_sync_file+0x1ab/0x690
[  766.122635][ T9628]  vfs_fsync_range+0x10d/0x130
[  766.127401][ T9628]  ext4_buffered_write_iter+0x34f/0x3c0
[  766.132966][ T9628]  ext4_file_write_iter+0x383/0xf00
[  766.138198][ T9628]  iter_file_splice_write+0x5f2/0x970
[  766.143592][ T9628]  direct_splice_actor+0x153/0x2a0
[  766.148777][ T9628]  splice_direct_to_actor+0x30f/0x680
[  766.154175][ T9628]  do_splice_direct+0xda/0x150
[  766.158952][ T9628]  do_sendfile+0x380/0x650
[  766.163399][ T9628]  __x64_sys_sendfile64+0x105/0x150
[  766.168662][ T9628]  x64_sys_call+0x2bb0/0x2ff0
[  766.173368][ T9628]  do_syscall_64+0xd2/0x200
[  766.177931][ T9628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.183812][ T9628] 
[  766.186118][ T9628] read to 0xffff8881004a85f8 of 4 bytes by task 9628 on cpu 1:
[  766.193637][ T9628]  vfs_fsync_range+0x9b/0x130
[  766.198299][ T9628]  ext4_buffered_write_iter+0x34f/0x3c0
[  766.203836][ T9628]  ext4_file_write_iter+0x383/0xf00
[  766.209069][ T9628]  iter_file_splice_write+0x5f2/0x970
[  766.214421][ T9628]  direct_splice_actor+0x153/0x2a0
[  766.219518][ T9628]  splice_direct_to_actor+0x30f/0x680
[  766.224928][ T9628]  do_splice_direct+0xda/0x150
[  766.229700][ T9628]  do_sendfile+0x380/0x650
[  766.234114][ T9628]  __x64_sys_sendfile64+0x105/0x150
[  766.239309][ T9628]  x64_sys_call+0x2bb0/0x2ff0
[  766.243972][ T9628]  do_syscall_64+0xd2/0x200
[  766.248487][ T9628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  766.254477][ T9628] 
[  766.256813][ T9628] value changed: 0x00000038 -> 0x00000002
[  766.262510][ T9628] 
[  766.264814][ T9628] Reported by Kernel Concurrency Sanitizer on:
[  766.270951][ T9628] CPU: 1 UID: 0 PID: 9628 Comm: syz.1.13715 Tainted: G        W           6.16.0-syzkaller-12016-gbec077162bd0 #0 PREEMPT(voluntary) 
[  766.284652][ T9628] Tainted: [W]=WARN
[  766.288466][ T9628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  766.298506][ T9628] ==================================================================
[  766.324614][ T2911] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  766.386860][ T9593] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  766.792512][ T1864] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.