last executing test programs:

30.379505755s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000480)='./file0\x00', 0x200)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x82307201, &(0x7f0000000000))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2200082, &(0x7f00000005c0)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365ff3d6e6f6e652c636865636b3d7374726963742c756e695f786c6174653d312c756e695f786c6174653d312c636f6465706167653d3935302c64656275672c73686f72746e616d653d77696e39352c757466383d302c757466383d302c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d302c00"], 0x0, 0x2b3, &(0x7f0000000140)="$eJzs3c9rI1UcAPBvNrubuLCmB2HRy45HYQltxXuWZYXFgKIEf5wsblalqYUWA+2h1VPPghdBT9716B/gQdSbB69WkKp4sbeCxZHJ1OZn2xibRtzP5zB9vPe+M9/3GDqTQ755vRbL96/Eg/39vSiXC3G5dqcWB4WYi0tRjNx7AQD8nxykafye5madCwBwMTrP/zevnzqnlB1uXlRGAMC0jfn5/4WRvatTSwsAmKIznv9XZ5ASADBlL7362nO36xEvJkk5YmWn3Wg3ImKnc4yI2w/i7WhFM+ajEocR+YtC/raQHZ+9V787n2R+novGynYen/0t9saXYiEqMXcUn/bHLyS5nvhCu3Elrh3F/3AtmrEYlXisN/5mdE5yr353cTh+++/1HedfjUp890asRivuR3ae7vW3FpLkzvP1pD//UmceAAAAAAAAAAAAAAAAAAAAAABMQzU51q3fk3br91SrI8Y79XHy+P76QGlpVH2f+RH1edqNy3FptksHAAAAAAAAAAAAAAAAAACA/4xiRCy1Ws219Y3N5ZMa73z92ZePxOlz/kUjLUYMD2WZDU7OMu7tKR2tYpKrX3/yp49HDf056XKKnTRWHs1Tmmg3Fs+Ys5um6UnhWx8NR0VheA/Pp/HV3luPP71+45m+oaduVV7e/fDTXwcnH6aTXiu7NY7vjUIMbnhu7BMuFb//7ZUnPvh2Y3O5HBH/JJ93Tx76fLDn6jlv+De3JrvD+xs3PqktfbH14y/jRg3+lxikegcAAAAAAAAAAAAAAAAAAJy3nu+KAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBDq/v7/z2N94d6xmn8MWqo1Fxbn/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrwAAAP//A92Rtw==")
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r7, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86)
syz_emit_vhci(&(0x7f0000000800)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9}}}, 0x7)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)

27.021938821s ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000480)='./file0\x00', 0x200)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x82307201, &(0x7f0000000000))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2200082, &(0x7f00000005c0)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365ff3d6e6f6e652c636865636b3d7374726963742c756e695f786c6174653d312c756e695f786c6174653d312c636f6465706167653d3935302c64656275672c73686f72746e616d653d77696e39352c757466383d302c757466383d302c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d302c00"], 0x0, 0x2b3, &(0x7f0000000140)="$eJzs3c9rI1UcAPBvNrubuLCmB2HRy45HYQltxXuWZYXFgKIEf5wsblalqYUWA+2h1VPPghdBT9716B/gQdSbB69WkKp4sbeCxZHJ1OZn2xibRtzP5zB9vPe+M9/3GDqTQ755vRbL96/Eg/39vSiXC3G5dqcWB4WYi0tRjNx7AQD8nxykafye5madCwBwMTrP/zevnzqnlB1uXlRGAMC0jfn5/4WRvatTSwsAmKIznv9XZ5ASADBlL7362nO36xEvJkk5YmWn3Wg3ImKnc4yI2w/i7WhFM+ajEocR+YtC/raQHZ+9V787n2R+novGynYen/0t9saXYiEqMXcUn/bHLyS5nvhCu3Elrh3F/3AtmrEYlXisN/5mdE5yr353cTh+++/1HedfjUp890asRivuR3ae7vW3FpLkzvP1pD//UmceAAAAAAAAAAAAAAAAAAAAAABMQzU51q3fk3br91SrI8Y79XHy+P76QGlpVH2f+RH1edqNy3FptksHAAAAAAAAAAAAAAAAAACA/4xiRCy1Ws219Y3N5ZMa73z92ZePxOlz/kUjLUYMD2WZDU7OMu7tKR2tYpKrX3/yp49HDf056XKKnTRWHs1Tmmg3Fs+Ys5um6UnhWx8NR0VheA/Pp/HV3luPP71+45m+oaduVV7e/fDTXwcnH6aTXiu7NY7vjUIMbnhu7BMuFb//7ZUnPvh2Y3O5HBH/JJ93Tx76fLDn6jlv+De3JrvD+xs3PqktfbH14y/jRg3+lxikegcAAAAAAAAAAAAAAAAAAJy3nu+KAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBDq/v7/z2N94d6xmn8MWqo1Fxbn/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrwAAAP//A92Rtw==")
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r6, 0xc0709411, &(0x7f0000000400)={{0x0, 0x2, 0x5, 0x2, 0x5, 0x0, 0x53, 0x0, 0x7f8, 0x0, 0x0, 0x3, 0x4, 0x8001, 0x3}, 0x10, [0x0, 0x0]})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(0xffffffffffffffff, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86)
syz_emit_vhci(&(0x7f0000000800)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9}}}, 0x7)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)

25.503598913s ago: executing program 2:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x18, 0x4, 0x0, 0x0, 0x60, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@multicast1}, {@dev}, {@broadcast, 0x8000}, {@empty}, {@multicast1}]}, @noop, @noop]}}}}})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r0, 0x0)
r1 = dup(0xffffffffffffffff)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

24.225720702s ago: executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="8fedcb5d070811"], 0xfdef)

21.922264491s ago: executing program 0:
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x26, 0x4, 0x0, 0x0, 0x98, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x1c, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @timestamp_prespec={0x44, 0x34, 0x0, 0x3, 0x0, [{@multicast1}, {@dev}, {@broadcast}, {@empty}, {@multicast1}, {@private}]}, @timestamp_prespec={0x44, 0x2c, 0x0, 0x3, 0x0, [{@dev}, {@multicast2}, {@private}, {}, {@broadcast}]}, @noop, @lsrr={0x83, 0x7, 0x0, [@private]}]}}}}})
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r1, 0x0)
r2 = dup(r0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000e40)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67669c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa497ee129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794d7bc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb6", 0x216, 0x0, 0x0, 0x0)

21.52032606s ago: executing program 0:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000480)='./file0\x00', 0x200)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x82307201, &(0x7f0000000000))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2200082, &(0x7f00000005c0)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365ff3d6e6f6e652c636865636b3d7374726963742c756e695f786c6174653d312c756e695f786c6174653d312c636f6465706167653d3935302c64656275672c73686f72746e616d653d77696e39352c757466383d302c757466383d302c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d302c00"], 0x0, 0x2b3, &(0x7f0000000140)="$eJzs3c9rI1UcAPBvNrubuLCmB2HRy45HYQltxXuWZYXFgKIEf5wsblalqYUWA+2h1VPPghdBT9716B/gQdSbB69WkKp4sbeCxZHJ1OZn2xibRtzP5zB9vPe+M9/3GDqTQ755vRbL96/Eg/39vSiXC3G5dqcWB4WYi0tRjNx7AQD8nxykafye5madCwBwMTrP/zevnzqnlB1uXlRGAMC0jfn5/4WRvatTSwsAmKIznv9XZ5ASADBlL7362nO36xEvJkk5YmWn3Wg3ImKnc4yI2w/i7WhFM+ajEocR+YtC/raQHZ+9V787n2R+novGynYen/0t9saXYiEqMXcUn/bHLyS5nvhCu3Elrh3F/3AtmrEYlXisN/5mdE5yr353cTh+++/1HedfjUp890asRivuR3ae7vW3FpLkzvP1pD//UmceAAAAAAAAAAAAAAAAAAAAAABMQzU51q3fk3br91SrI8Y79XHy+P76QGlpVH2f+RH1edqNy3FptksHAAAAAAAAAAAAAAAAAACA/4xiRCy1Ws219Y3N5ZMa73z92ZePxOlz/kUjLUYMD2WZDU7OMu7tKR2tYpKrX3/yp49HDf056XKKnTRWHs1Tmmg3Fs+Ys5um6UnhWx8NR0VheA/Pp/HV3luPP71+45m+oaduVV7e/fDTXwcnH6aTXiu7NY7vjUIMbnhu7BMuFb//7ZUnPvh2Y3O5HBH/JJ93Tx76fLDn6jlv+De3JrvD+xs3PqktfbH14y/jRg3+lxikegcAAAAAAAAAAAAAAAAAAJy3nu+KAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBDq/v7/z2N94d6xmn8MWqo1Fxbn/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrwAAAP//A92Rtw==")
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r6, 0xc0709411, &(0x7f0000000400)={{0x0, 0x2, 0x5, 0x2, 0x5, 0x0, 0x53, 0x0, 0x7f8, 0x0, 0x0, 0x3, 0x4, 0x8001, 0x3}, 0x10, [0x0, 0x0]})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r7, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)

21.420365105s ago: executing program 3:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000480)='./file0\x00', 0x200)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x82307201, &(0x7f0000000000))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2200082, &(0x7f00000005c0)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365ff3d6e6f6e652c636865636b3d7374726963742c756e695f786c6174653d312c756e695f786c6174653d312c636f6465706167653d3935302c64656275672c73686f72746e616d653d77696e39352c757466383d302c757466383d302c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d302c00"], 0x0, 0x2b3, &(0x7f0000000140)="$eJzs3c9rI1UcAPBvNrubuLCmB2HRy45HYQltxXuWZYXFgKIEf5wsblalqYUWA+2h1VPPghdBT9716B/gQdSbB69WkKp4sbeCxZHJ1OZn2xibRtzP5zB9vPe+M9/3GDqTQ755vRbL96/Eg/39vSiXC3G5dqcWB4WYi0tRjNx7AQD8nxykafye5madCwBwMTrP/zevnzqnlB1uXlRGAMC0jfn5/4WRvatTSwsAmKIznv9XZ5ASADBlL7362nO36xEvJkk5YmWn3Wg3ImKnc4yI2w/i7WhFM+ajEocR+YtC/raQHZ+9V787n2R+novGynYen/0t9saXYiEqMXcUn/bHLyS5nvhCu3Elrh3F/3AtmrEYlXisN/5mdE5yr353cTh+++/1HedfjUp890asRivuR3ae7vW3FpLkzvP1pD//UmceAAAAAAAAAAAAAAAAAAAAAABMQzU51q3fk3br91SrI8Y79XHy+P76QGlpVH2f+RH1edqNy3FptksHAAAAAAAAAAAAAAAAAACA/4xiRCy1Ws219Y3N5ZMa73z92ZePxOlz/kUjLUYMD2WZDU7OMu7tKR2tYpKrX3/yp49HDf056XKKnTRWHs1Tmmg3Fs+Ys5um6UnhWx8NR0VheA/Pp/HV3luPP71+45m+oaduVV7e/fDTXwcnH6aTXiu7NY7vjUIMbnhu7BMuFb//7ZUnPvh2Y3O5HBH/JJ93Tx76fLDn6jlv+De3JrvD+xs3PqktfbH14y/jRg3+lxikegcAAAAAAAAAAAAAAAAAAJy3nu+KAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBDq/v7/z2N94d6xmn8MWqo1Fxbn/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrwAAAP//A92Rtw==")
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r7, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86)
syz_emit_vhci(&(0x7f0000000800)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9}}}, 0x7)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)

11.196803725s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240))
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f0000001ff0)={0x1d, r4}, 0x10)
sendmsg$can_raw(r3, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000004e2f9663a918fa1efd9b0b"}, 0xfe68}}, 0x0)

10.828292245s ago: executing program 1:
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000700), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20)
creat(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
lsm_get_self_attr(0x64, &(0x7f0000000200)={0x0, 0x0, 0x31, 0x11, ""/17}, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x29, 0x1, 0x4)
ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000480)=""/132)
io_uring_setup(0x505a, &(0x7f0000000040))
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r2, 0x5423, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1080c, &(0x7f0000000200)=ANY=[], 0x0, 0xa7a, &(0x7f0000001640)="$eJzs3UuMHEcZAODu3Z21nTh4HGxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRIFEkbJ+4kcgyN8RDnHKJACGRC7Jy4hKJWOKSU+DAActIkThAgj1oZ6tmZ37PpGe9j97Z+T6ppqa7arqqZ3t6+1VVBTC2Jtqvjfbr5TcvHf3nQ//YtvD+8U6OZvt1qmtqIXeZpqfC8t6bXIxvvP/KyX5xWcy1X/P0ZNdn7yyK4nyxr7hSNIu9l6++9vbcU8cvHLu4/53XD19bg1UHAICx860rhw/u/ttf7t35wRv3Hym2dObn4/Nmmt6ejvuPpAP/hWiqzOcPS+cDZVfoNh3yTaUwEfJN9slXdOVr5Hxbez8Xy58Oy20MyLelovzJcI5ShvrAKMvbcbMoJ2Z6picmZmYWz8mL9nn9dDlz9vSZ587VVFFg1f37gaIo9gnCuIXWjs6PoPa61Be6vgWAWsX7hbc4H68srExnaVPDlX/9iYn+n+/VWM06Mj7We/tXflx+bz3Wu/yq9f/NhTVef8bK8FvT1jWtx2rL65V/R9vTdLyPEJ9fWu7+Jy9vMixv2AOAQfcRRuX+wqB6Tq5zPW7XoPrH7WKz+lqK8/fw9ZDe/fuJf9NR+RsD/f1nw13/37ZUudrrIgibO7Tq3PkA9ao4rY/PzbWSnB6f64vpWyrSt1akb6tIv6Mi/c6KdBhnv3/xp8WrZdG3PV6xeP7f/rEMez0sX2e7K8UfW2Z94vXI5V6Pi8/9LtdKy4/PE8NG9scTT5/68rPPXF18/r/sbP830/a+L00302/rSsqQrxfG6+qdZ/+bveVMDMh3d6jPXX3yt9/v6s1X7lpaTtG1n7mlHnt6P7djUL77evM1Q75tKcTDpXh8ckf4XD7+yPvV/H1NhfVthPWYDvXI+5WdKR6tuzFsVHl7HPT8f94+9xSN8rnTZ049lqbzdvrnycaWhfkH1rnewMoN2/5nT9Hb/md7Z35jonu/sGNpftm9X2iG+XMD5s+n6fx/7juT29rzZ05+78yzq73yMObOvfTyd0+cOXPqB9544403nTd175mAtTb74gvfnz330suPnn7hxPOnnj91dv7Qofm5uUNfmT842z6un+0+ugc2k6V/+nXXBAAAAAAAAAAAABjWD48dvfrXt7707mL7/6X2f7n9f37yN7f//0lo/x/byed28Lkd4M4+6e08oYPV6ZCvkcLHQ313hXJ2h899IsWdcfxS+/9cXOzXNdfnnjA/9t+b84XuBG7pL2U69EESxwv8dIovpvjXBdSo/Hn/2Smu6t86b+u5fwr9Uoym/HfL/Znkfkxy++9B/Trl/f/O/ov98WrXk9W1Hs0J615HoL9/bbj+v9ckLHX4WXtdus4Yaq+LsNHCjVartZ7ltVofNYqHsaaA9VP3+J/5umeOz/7pG1sXQs52/Yne/WXsvxRWou7xL2srP19YHNf1H7L81R7/szP+3dD7vzBiXvP2yv3vL66921VssXdg+VuKnvLj+ud+oHctr/wPUvl5bR4uBpXfu/6tX4Xy4w2hIX0Yyr9jyPLj+l9absGpwP+l8vPX9siDw5a/uIByorce8bpxvv8XrxtnN8L65749l7v+tztQ481UPoyzURlndrl6xv+90Fr/8X9XOMJQfA7ji2k67wjzcw5xvJPl1j8/X5H/D+wOyy8r/r8Z/3e0fTXFVb+HPP5v3h6bfaYnuqYbfb7bzbqvgVH13qrd/+t6Ym4D3EcRxieUtrnbDq1Wq9abfO4w1qvu77/u84S6y6/7+68Sx/+Nx/Bx/N+YHsf/jelx/N+Y3r6u+OHSoL3x+4rj/8b0OP5vTL8nlBvHB95Tkf7JivS9Fen3VqTfV5H+qYr0/RXp91ekP1CRfndF+oMV6Z8Jf/GY/tmKzz9Ukf7IR6fP/6ji85tdbo8yrusP4yy2z/P7h/GR7/8M+v3vqkgHRtfP3jjw5DO/+3Zzsf3/dOd6SL6PdyRNN9K5czxfitdPJlPaW2n67yF9o1/vgHES+8+I/98frkgHRld+zsvvG8ZQ2b/HnmH7rRp0nM9o+VyKP5/iL6T40RTPpHg2xQdSPLdO9WNtPPnbPxx+tVw6398R0od9njy2B4r9RM0PWZ94fWC5z7PHfvyWa6Xl32ZzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNpMtF8PHtxTFsXlNy8dffr46dmFOY93cjTbr1NdU43O54risRRPpviX6c2N91852R3fTHFZzBVlUXbmF9+83inpzqIozhf7iitFs9h7+eprb889dfzCsYv733n98LW1+wYAAABg8/t/AAAA//9N2hwq")
mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mbind(&(0x7f0000907000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
close_range(r1, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x2000480, &(0x7f0000000140), 0x1, 0x79a, &(0x7f00000007c0)="$eJzs3c9rHGUfAPDvbJKmSfu+yQsvvG89BQQNlG5Mja2Ch4oHESwU9GwbNttQs8mW7KY0IWCLCF4EFQ+CXnr2R7159cdV/wsP0lI1DUY8SGQ2u+km2U03abIbms8HJvs8M7N5nu8+M888szPsBHBoDaV/MhEnIuKDJGKgOj+JiJ5Kqjvi3Np6K0uLuXRKYnX19d+SyjrLS4u5qHtP6lg18/+I+P7diJOZreWW5hemxguF/Gw1P1KevjpSml84dWV6fDI/mZ85Mzo2dvrsc2fP7F2sf/y0cPzuh688/dW5v9753+33f0jiXByvLquPY68MxVD1M+lJP8KIOLq+7OW9LqzDkk5XgF1Jd82utb08TsRAdFVSTfS1s2YAwH55OyJWN+nePAMAeMwkW47/AMDjrfY9wPLSYq42dfYbifa699LaZbnl6rXNlfX4u9ev2fVERP9ysuHKSBIRg3tQ/lBEfPbNm1+kU2y8DnlkD/49QFM3bkbEpcGhrf1/Uu3/du+Z7Rau9lZehjbNPmzHH+ikb9Pxz/ONxn+ZDfcsbR7/9DbYd3fj4ft/5s4eFNNUOv57se7etpW6+KsGu6q5f1XGfD3J5SuFfNq3/TsihqOnN82PVlZtfBfU8P2/7zcrv3789/tHb32elp++Plgjc6e7d+N7JsbL448ad829mxFPdDeKP1lv/6TJ+PdCi2W8+sJ7nzZblsafxlubtsa/v1ZvRTzVsP0ftGWy7f2JI5XNYaS2UTTw9c+f9Dcrv7790yktv3Yu0A5p+/dvH/9gUn+/ZmnnZfx4a+C7ZsseHn/j7f9I8kYlXTtJuj5eLs+ORhxJXts6//SD99bytfXT+IefbLz/b7f9p+eEl1qMv/vur1/uPv79lcY/saP233ni9spUV7PyW2v/sUpquDqnlf6v1Qo+ymcHAAAAAAAAAAAAAAAAAAAAAAAAAK3KRMTxSDLZ9XQmk82uPcP7v9GfKRRL5ZOXi3MzE1F5VvZg9GRqP3U5UPd7qKPV38Ov5U9vyj8bEf+JiI97+yr5bK5YmOh08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQdazJ8/9Tv/R2unYAwL452ukKAABt5/gPAIfPzo7/fftWDwCgfZz/A8Dh0/Lx/9L+1gMAaB/n/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyzC+fPp9Pqn0uLuTQ/cW1+bqp47dREvjSVnZ7LZXPF2avZyWJxspDP5orTTf/RjbWXQrF4dSxm5q6PlPOl8khpfuHidHFupnzxyvT4ZP5ivqdtkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA60rzC1PjhUJ+VmLbRN/BqMaBSXTHgajGY5Eo9B2IamxK1PcSfZ3roAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuH8CAAD//66mKXU=")
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000001c0100001c010000040000000f00000000000008040000000b00f5ff03000085070000000900000004000000ff0300000300000002000000080000000700000001000000923500000c00000002000000ff0700000a0000000000000904000000010000000000000c02000000000000000300000d000000000c00000000000000050000000400000008000000010000000000000000000003000000000400000004000000010000000f00000003000085010000000c0000000400000006000000030000000100000003000000060000000200000003000000000000000700000d0000000010000000020000000d0000000100000005000000030000000d0000000300000008000000030000001000000004000000010000000000000009000000000000090000000000003000"], &(0x7f0000000500)=""/31, 0x138, 0x1f, 0x2, 0xffff}, 0xfe87)

10.771903908s ago: executing program 0:
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000700), 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000900), 0x111}}, 0x20)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000340), 0x106}}, 0x20)
creat(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
lsm_get_self_attr(0x64, &(0x7f0000000200)={0x0, 0x0, 0x31, 0x11, ""/17}, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$EVIOCGKEYCODE(r0, 0x80084504, &(0x7f0000000480)=""/132)
io_uring_setup(0x505a, &(0x7f0000000040))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[], 0xff2e)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_open_dev$vim2m(&(0x7f0000000080), 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_mount_image$nilfs2(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1080c, &(0x7f0000000200)=ANY=[], 0x0, 0xa7a, &(0x7f0000001640)="$eJzs3UuMHEcZAODu3Z21nTh4HGxinJDYBJIIyG68a8zDgjiKL1gx4hYp4mI5TrBwDMKRIFEkbJ+4kcgyN8RDnHKJACGRC7Jy4hKJWOKSU+DAActIkThAgj1oZ6tmZ37PpGe9j97Z+T6ppqa7arqqZ3t6+1VVBTC2Jtqvjfbr5TcvHf3nQ//YtvD+8U6OZvt1qmtqIXeZpqfC8t6bXIxvvP/KyX5xWcy1X/P0ZNdn7yyK4nyxr7hSNIu9l6++9vbcU8cvHLu4/53XD19bg1UHAICx860rhw/u/ttf7t35wRv3Hym2dObn4/Nmmt6ejvuPpAP/hWiqzOcPS+cDZVfoNh3yTaUwEfJN9slXdOVr5Hxbez8Xy58Oy20MyLelovzJcI5ShvrAKMvbcbMoJ2Z6picmZmYWz8mL9nn9dDlz9vSZ587VVFFg1f37gaIo9gnCuIXWjs6PoPa61Be6vgWAWsX7hbc4H68srExnaVPDlX/9iYn+n+/VWM06Mj7We/tXflx+bz3Wu/yq9f/NhTVef8bK8FvT1jWtx2rL65V/R9vTdLyPEJ9fWu7+Jy9vMixv2AOAQfcRRuX+wqB6Tq5zPW7XoPrH7WKz+lqK8/fw9ZDe/fuJf9NR+RsD/f1nw13/37ZUudrrIgibO7Tq3PkA9ao4rY/PzbWSnB6f64vpWyrSt1akb6tIv6Mi/c6KdBhnv3/xp8WrZdG3PV6xeP7f/rEMez0sX2e7K8UfW2Z94vXI5V6Pi8/9LtdKy4/PE8NG9scTT5/68rPPXF18/r/sbP830/a+L00302/rSsqQrxfG6+qdZ/+bveVMDMh3d6jPXX3yt9/v6s1X7lpaTtG1n7mlHnt6P7djUL77evM1Q75tKcTDpXh8ckf4XD7+yPvV/H1NhfVthPWYDvXI+5WdKR6tuzFsVHl7HPT8f94+9xSN8rnTZ049lqbzdvrnycaWhfkH1rnewMoN2/5nT9Hb/md7Z35jonu/sGNpftm9X2iG+XMD5s+n6fx/7juT29rzZ05+78yzq73yMObOvfTyd0+cOXPqB9544403nTd175mAtTb74gvfnz330suPnn7hxPOnnj91dv7Qofm5uUNfmT842z6un+0+ugc2k6V/+nXXBAAAAAAAAAAAABjWD48dvfrXt7707mL7/6X2f7n9f37yN7f//0lo/x/byed28Lkd4M4+6e08oYPV6ZCvkcLHQ313hXJ2h899IsWdcfxS+/9cXOzXNdfnnjA/9t+b84XuBG7pL2U69EESxwv8dIovpvjXBdSo/Hn/2Smu6t86b+u5fwr9Uoym/HfL/Znkfkxy++9B/Trl/f/O/ov98WrXk9W1Hs0J615HoL9/bbj+v9ckLHX4WXtdus4Yaq+LsNHCjVartZ7ltVofNYqHsaaA9VP3+J/5umeOz/7pG1sXQs52/Yne/WXsvxRWou7xL2srP19YHNf1H7L81R7/szP+3dD7vzBiXvP2yv3vL66921VssXdg+VuKnvLj+ud+oHctr/wPUvl5bR4uBpXfu/6tX4Xy4w2hIX0Yyr9jyPLj+l9absGpwP+l8vPX9siDw5a/uIByorce8bpxvv8XrxtnN8L65749l7v+tztQ481UPoyzURlndrl6xv+90Fr/8X9XOMJQfA7ji2k67wjzcw5xvJPl1j8/X5H/D+wOyy8r/r8Z/3e0fTXFVb+HPP5v3h6bfaYnuqYbfb7bzbqvgVH13qrd/+t6Ym4D3EcRxieUtrnbDq1Wq9abfO4w1qvu77/u84S6y6/7+68Sx/+Nx/Bx/N+YHsf/jelx/N+Y3r6u+OHSoL3x+4rj/8b0OP5vTL8nlBvHB95Tkf7JivS9Fen3VqTfV5H+qYr0/RXp91ekP1CRfndF+oMV6Z8Jf/GY/tmKzz9Ukf7IR6fP/6ji85tdbo8yrusP4yy2z/P7h/GR7/8M+v3vqkgHRtfP3jjw5DO/+3Zzsf3/dOd6SL6PdyRNN9K5czxfitdPJlPaW2n67yF9o1/vgHES+8+I/98frkgHRld+zsvvG8ZQ2b/HnmH7rRp0nM9o+VyKP5/iL6T40RTPpHg2xQdSPLdO9WNtPPnbPxx+tVw6398R0od9njy2B4r9RM0PWZ94fWC5z7PHfvyWa6Xl32ZzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNpMtF8PHtxTFsXlNy8dffr46dmFOY93cjTbr1NdU43O54risRRPpviX6c2N91852R3fTHFZzBVlUXbmF9+83inpzqIozhf7iitFs9h7+eprb889dfzCsYv733n98LW1+wYAAABg8/t/AAAA//9N2hwq")
mount$overlay(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mbind(&(0x7f0000907000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000640)='ext4\x00', &(0x7f0000000600)='./file0\x00', 0x2000480, &(0x7f0000000140), 0x1, 0x79a, &(0x7f00000007c0)="$eJzs3c9rHGUfAPDvbJKmSfu+yQsvvG89BQQNlG5Mja2Ch4oHESwU9GwbNttQs8mW7KY0IWCLCF4EFQ+CXnr2R7159cdV/wsP0lI1DUY8SGQ2u+km2U03abIbms8HJvs8M7N5nu8+M888szPsBHBoDaV/MhEnIuKDJGKgOj+JiJ5Kqjvi3Np6K0uLuXRKYnX19d+SyjrLS4u5qHtP6lg18/+I+P7diJOZreWW5hemxguF/Gw1P1KevjpSml84dWV6fDI/mZ85Mzo2dvrsc2fP7F2sf/y0cPzuh688/dW5v9753+33f0jiXByvLquPY68MxVD1M+lJP8KIOLq+7OW9LqzDkk5XgF1Jd82utb08TsRAdFVSTfS1s2YAwH55OyJWN+nePAMAeMwkW47/AMDjrfY9wPLSYq42dfYbifa699LaZbnl6rXNlfX4u9ev2fVERP9ysuHKSBIRg3tQ/lBEfPbNm1+kU2y8DnlkD/49QFM3bkbEpcGhrf1/Uu3/du+Z7Rau9lZehjbNPmzHH+ikb9Pxz/ONxn+ZDfcsbR7/9DbYd3fj4ft/5s4eFNNUOv57se7etpW6+KsGu6q5f1XGfD3J5SuFfNq3/TsihqOnN82PVlZtfBfU8P2/7zcrv3789/tHb32elp++Plgjc6e7d+N7JsbL448ad829mxFPdDeKP1lv/6TJ+PdCi2W8+sJ7nzZblsafxlubtsa/v1ZvRTzVsP0ftGWy7f2JI5XNYaS2UTTw9c+f9Dcrv7790yktv3Yu0A5p+/dvH/9gUn+/ZmnnZfx4a+C7ZsseHn/j7f9I8kYlXTtJuj5eLs+ORhxJXts6//SD99bytfXT+IefbLz/b7f9p+eEl1qMv/vur1/uPv79lcY/saP233ni9spUV7PyW2v/sUpquDqnlf6v1Qo+ymcHAAAAAAAAAAAAAAAAAAAAAAAAAK3KRMTxSDLZ9XQmk82uPcP7v9GfKRRL5ZOXi3MzE1F5VvZg9GRqP3U5UPd7qKPV38Ov5U9vyj8bEf+JiI97+yr5bK5YmOh08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQdazJ8/9Tv/R2unYAwL452ukKAABt5/gPAIfPzo7/fftWDwCgfZz/A8Dh0/Lx/9L+1gMAaB/n/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyzC+fPp9Pqn0uLuTQ/cW1+bqp47dREvjSVnZ7LZXPF2avZyWJxspDP5orTTf/RjbWXQrF4dSxm5q6PlPOl8khpfuHidHFupnzxyvT4ZP5ivqdtkQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA60rzC1PjhUJ+VmLbRN/BqMaBSXTHgajGY5Eo9B2IamxK1PcSfZ3roAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOuH8CAAD//66mKXU=")
setxattr$trusted_overlay_upper(&(0x7f0000000040)='./file1\x00', &(0x7f0000000080), 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000000c0)={0x1b, 0x0, 0x0, 0x8, 0x0, 0x1, 0xffb, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000540)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000001c0100001c010000040000000f00000000000008040000000b00f5ff03000085070000000900000004000000ff0300000300000002000000080000000700000001000000923500000c00000002000000ff0700000a0000000000000904000000010000000000000c02000000000000000300000d000000000c00000000000000050000000400000008000000010000000000000000000003000000000400000004000000010000000f00000003000085010000000c0000000400000006000000030000000100000003000000060000000200000003000000000000000700000d0000000010000000020000000d0000000100000005000000030000000d0000000300000008000000030000001000000004000000010000000000000009000000000000090000000000003000"], &(0x7f0000000500)=""/31, 0x138, 0x1f, 0x2, 0xffff}, 0xfe87)

10.737691259s ago: executing program 4:
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x1000004, &(0x7f0000000300)=ANY=[@ANYBLOB='shortname=lower,iocharset=iso8859-1,fmask=00000000000000000000066,uni_xlate=1,uni_xlate=0,fmask=00000000000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',uni_xlate=0,utf8=1,check=strict,nonumtail=0,rodir,errors=continue,shortname=lower,umaQk=00000000000000000000007,rodir,sys_immutable,\x00'], 0x6, 0x2ba, &(0x7f0000000640)="$eJzs3U9rK1UYB+B30mQSFUwWrkRwQBeuLrd36yZF7gWxKy9ZqAst3hakCUILBf9g7MqtGxcu/ASC4Adx4zcQ3ArurFAYmclMk7QxTaRp1fs8m749c34z70wP7XTR0w9eGh0+yeLg9PNfotNJotGPfpwl0YtG1L6MOf2vAwD4LzvL8/g9n1gnl0REZ3NtAQAbtOLP/+cvqh9vpS0AYIMev/PuWzu7uw/fzrJOPBp9dTIofrMvPk6O7xzERzGM/bgf3TiPKF8UWlG+LRTlozzPx82s0ItXR+OTQZEcvf9Tdf6d3yLK/HZ0o1cOXbxtlPk3dx9uZxMz+XHRx7PV9ftF/kF044WL8Fz+wYJ8DNJ47ZWZ/u9FN37+MD6OYTwpm5jmv9jOsjfyb/747L2ivSKfjE8G7XLeVL51y18aAAAAAAAAAAAAAAAAAAAAAAD+x+5Ve+e0o9y/pxiq9t/ZOi8+aUVW683vzzPJJ/WJZvcHyvN8nMd39f4697Msy6uJ03wzXmxG827uGgAAAAAAAAAAAAAAAAAAAP5djj/59HBvONw/upGi3g2gGRF/Po74p+fpz4y8HMsnt6tr7g2Hjaqcn9OcHYmtek4SsbSN4iZu6LFcVzxzpeeq+P6HdU/YuX5Oa/G1brKoV9fhXrL4GbajHulUi+TbNGI6J40Vr5X+3aE81ll+6cJD3bXvPX2uLMZL5kSyrLHXf508uWokuXwXaflUF8ZbVTETv7Q2VlrP0ZnEr36vSOzWAQAAAAAAAAAAAAAAAAAAGzX9698FB0+XRht5e2NtAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCtmv7//zWKcRVeYXIaR8d3fIsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bf4KAAD//5daXJw=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = open_tree(r0, &(0x7f0000000640)='\x00', 0x81000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x4}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x9, 0x84}, 0x48)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', r1, &(0x7f0000000980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
unlink(&(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

10.547936081s ago: executing program 3:
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0)

9.34578179s ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000000"], 0x80}}, 0x0)
sendmmsg(r1, &(0x7f0000000180), 0x400008a, 0x0)

9.150667073s ago: executing program 3:
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x4, 0x5}, 0x48)
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f00000009c0)=@newqdisc={0x24, 0x24, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x7, 0xfff2}, {0x10}, {0x0, 0xfff1}}}, 0x24}}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000380)={&(0x7f00000000c0)="e2c6666156dd3064a70340ada771e48c29727e0c554f26cb7394ffab72de6827144c61fe3d404a825c39e20803d5614d99dad4da263a4038512104f00badf99fd1956c15f56189dfa8abe6522dae524617fecb1518dd26542261da4878f5e89739d6a31c0ec4a9e79255fd76310779e5439924334241f90d3aa113", 0x0, &(0x7f0000000580), &(0x7f0000000600)="313c41cea4d923833b53d337a26e077019737245ed4d87b7fcec13c1d205506920914a517a7645776f4414371fb11de3a613963209ad1c4d548b86bbd5b11cd74c8e0388217e69eb5149440a140d010e39e70b4209ac94e4d7964840a8833ae00b7aafac0ffebb2393e8e5944ec1b7ce5073bd281d2d40a70f5a961c3c1ff555f0ca39e30c7edac009702e5eed3e47afc5bd60ad381b0ae004f0e02ff20b93a611c99f9ae45937cd6d9f6d81856a784f", 0x6}, 0x38)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2f, 0x0, 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x19, &(0x7f0000000440), 0x4)
r2 = socket(0x40000000015, 0x5, 0x0)
close(r2)
socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="2000000000009f"], 0x20}}, 0x8080)
socket(0x1d, 0x2, 0x0)
getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, &(0x7f00000001c0))
write$tun(0xffffffffffffffff, &(0x7f00000003c0)=ANY=[@ANYBLOB="034886dd0905320003"], 0xfdef)
bind$inet(r1, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)

8.664055676s ago: executing program 4:
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200))
r3 = socket$inet6(0xa, 0x6, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = accept(r4, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, 0x0)

7.637900635s ago: executing program 4:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000480)='./file0\x00', 0x200)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x82307201, &(0x7f0000000000))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2200082, &(0x7f00000005c0)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365ff3d6e6f6e652c636865636b3d7374726963742c756e695f786c6174653d312c756e695f786c6174653d312c636f6465706167653d3935302c64656275672c73686f72746e616d653d77696e39352c757466383d302c757466383d302c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d302c00"], 0x0, 0x2b3, &(0x7f0000000140)="$eJzs3c9rI1UcAPBvNrubuLCmB2HRy45HYQltxXuWZYXFgKIEf5wsblalqYUWA+2h1VPPghdBT9716B/gQdSbB69WkKp4sbeCxZHJ1OZn2xibRtzP5zB9vPe+M9/3GDqTQ755vRbL96/Eg/39vSiXC3G5dqcWB4WYi0tRjNx7AQD8nxykafye5madCwBwMTrP/zevnzqnlB1uXlRGAMC0jfn5/4WRvatTSwsAmKIznv9XZ5ASADBlL7362nO36xEvJkk5YmWn3Wg3ImKnc4yI2w/i7WhFM+ajEocR+YtC/raQHZ+9V787n2R+novGynYen/0t9saXYiEqMXcUn/bHLyS5nvhCu3Elrh3F/3AtmrEYlXisN/5mdE5yr353cTh+++/1HedfjUp890asRivuR3ae7vW3FpLkzvP1pD//UmceAAAAAAAAAAAAAAAAAAAAAABMQzU51q3fk3br91SrI8Y79XHy+P76QGlpVH2f+RH1edqNy3FptksHAAAAAAAAAAAAAAAAAACA/4xiRCy1Ws219Y3N5ZMa73z92ZePxOlz/kUjLUYMD2WZDU7OMu7tKR2tYpKrX3/yp49HDf056XKKnTRWHs1Tmmg3Fs+Ys5um6UnhWx8NR0VheA/Pp/HV3luPP71+45m+oaduVV7e/fDTXwcnH6aTXiu7NY7vjUIMbnhu7BMuFb//7ZUnPvh2Y3O5HBH/JJ93Tx76fLDn6jlv+De3JrvD+xs3PqktfbH14y/jRg3+lxikegcAAAAAAAAAAAAAAAAAAJy3nu+KAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBDq/v7/z2N94d6xmn8MWqo1Fxbn/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrwAAAP//A92Rtw==")
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
write$binfmt_script(r6, &(0x7f0000000100), 0xfecc)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r7, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86)
syz_emit_vhci(&(0x7f0000000800)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9}}}, 0x7)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)

7.45809114s ago: executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
fallocate(r3, 0x0, 0x0, 0x8000001)
fallocate(r3, 0x20, 0x2000, 0x140000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getflags(r2, 0x0)
dup(0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
setpriority(0x2, 0xff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}]}, 0x24}}, 0x0)

7.184382521s ago: executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
fallocate(r3, 0x0, 0x0, 0x8000001)
fallocate(r3, 0x20, 0x2000, 0x140000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getflags(r2, 0x0)
dup(0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
setpriority(0x2, 0xff, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}]}, 0x24}}, 0x0)

6.250399994s ago: executing program 2:
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x4)
writev(r2, &(0x7f0000000300)=[{&(0x7f0000000340)="580000001400192340834b80040d8c560a117436c379000000000000000058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100090c100000000000224e0000", 0x58}], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1218088, &(0x7f00000001c0)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c757466383d312c696f636861727365743d61736369692c73686f72746e616d653d77696e39352c73686f77657865632c6e66732c636865636b3d7374726963742c756e695f786c6174653d302c757466383d312c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c726f6469722c726f6469722c64656275672c757466383d302c726f6469722c71756965742c6572726f72733d72656d6f756e742d726f2c009c8a8fc4f74784ad79ec08fb556262ebc972ef94821f3565ef5f75f11e30ef1f72a065c510b17cae352940538b7b2c5d72f4627c25306b2479725add28f511a68f5f6f47f9facdd0cc574286d00ab52d6b9374b6a58eac694336ebe971f41860d01084c1a0fa6b51d80fa9f9d2c5a2e7a5284f93296217ef8f28e0a36e573296a0bfb38b94191f4b82873563f3759b5e193ecfab6ed7892542364757e47d656ad6a0fbb6e8bf138bddae620a3602991821d4844f628e6bdd8b62cca73744332f0185a54b"], 0x6, 0x2c2, &(0x7f00000008c0)="$eJzs3T+LI2UcB/DfZLOTUYuksBLhBrzC6nCvE5sscgfiVh4p1EIX7w5kE4Q7WPAPxqtsbSwsfAWC4Au5xncg2Ap2nnAwMpOZndk1xkQ2K7f7+TT72+d5vjPPMxmys0WefPjy7OhuHvcfffFLZFkSvXGM40kSo+hF46s4ZfxNAADPsidFEb8XC5vkkojItjctAGCL1vv732/Lny5kWgDAFt1597239w8Obr2TRRa3Z18fT8r/7Mufi/79+/FxTONevBbDeBpRPSjsRvW0UJa3i6KY9/PSKK7P5seTMjn74HF9/P3fIqr8XgxjVDWdPG1U+bcObu3lC538vJzH8/X5x2X+ZgzjxZPwqfzNJfmYpPHqK53534hh/PxRfBLTuFtNos1/uZfnbxbf/vH5++X0ynwyP54MqnGtYueCXxoAAAAAAAAAAAAAAAAAAAAAAC6xG/XeOYPIr8X1WdlU77+z8zTS8te8MWpTZf+iSpqm7v5ARVHMi/i+s6VgXtQD2/19+vFSv7uxIAAAAAAAAAAAAAAAAAAAAFxdDz/97OhwOr334FyKZjeAfkT8eSfivx5n3Gm5FqsHD+pzHk6nvbo8NeZx2m2JnWZMErFyGuUizumy/Fvx3Nk5N8UPP5YL3OSAWafl9eUL3N3+upq76+gwWX6uQTQtWX2TfJdGtGPSWPNc6T91FbHJ7Zcu7RpuvPb0haqYrxgTyaqJvfHr4srVLcnZVaTVVV0a362LTvzMvbHW6x7ZIv7394qk2q1jsL03IwAAAAAAAAAAAAAAAAAAuOLaT/8u6Xy0MtorfBQYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEui/f7/DYp5HV5jcBoPHv7PSwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAK+CsAAP//hipWFQ==")
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
r4 = openat(r3, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r5, &(0x7f0000000480)='./file0\x00', 0x200)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r4, 0x82307201, &(0x7f0000000000))
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000005c0), &(0x7f00000002c0)='./bus\x00', 0x1800840, &(0x7f0000000000)={[{@numtail}, {@shortname_winnt}, {@uni_xlate}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@fat=@flush}, {@numtail}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@fat=@codepage={'codepage', 0x3d, '866'}}, {@fat=@gid}, {@utf8no}, {@shortname_win95}]}, 0x1, 0x362, &(0x7f0000000900)="$eJzs3U9oXFUXAPAzfUkmKfRLFh8UBeHpTtDQP7jQVUpJoTgblaHqQhxsqpKJhQwOpotO40ZcCi515UZc6MJF1yIo4s6FWytIVVxodwWLV2bmTeZNZpKmwrQWf7/FcHLuPe/eO3nJvLxkbl5eifXzs3Hhxo3rMT9fiZmV0ytxsxJLkcXAlRg3NyEHANwfbqYUf6S+A5ZUpjwlAGDKeq//rx4pZd7+ar/+yas/ANz3ip//F/brM79Xw8WpTAkAmLKx+/+PjDTPjf6qf6b0VwEAwP3quRdefPpULeLZPJ+P2HinXW/X46lh+6kL8Xo0Yy2OxWLciuhfKHQfKr3HM2drq8fyPO/Ez0tR71a06xEbnXa9f6VwKuvVV+N4LMZSUV9cbaSUsjOf11aP5z0RcaXTGz82Ku36bBwuxv/hcKzFicjj/2P1EWdrqyfy4gD1jUF9J2J7eN+iO//lWIzvXomL0YzzC+cipcFlTW318vE8P51qI/XtejXO7zwLe94BAQAAAAAAAAAAAAAAAAAAAACAf2Q537G0s/9NGu7fs7w8ob23P06/vtgfaLu/P1Cqpkjp97cer7+bxcj+QLv352nXZ+LQvV06AAAAAAAAAAAAAAAAAAAA/Gu0tuai0Wyubba2Lq2Xg85ma+tQRHQzb3zz6ZcLMd7nNsFMMUapKS9Sl9YbKRt0TtlInyLIuoMPMp9c3ZlxuU91ZxUTp1Hdu6nZPPLwTx8MMw9lgyP/NeyTxeQFZrumUQ42/tef0p08UZdOFsGJ23S+llLa6ziXXxqvikrEzJ1/4vYPUjf4+vprD5xsHX2il/ki9T362OK5a+9/9Ot6o9kduav58dxm61ZabxQfTz7Z9g6y0vlTiX5QKZ8JM/uVb49mGtn3vz3/4HvfHmz0VM68OaFP1l/OZ5utrUrxldJrmusH3dyuqoXm2Sxi13FmJ5z8UwiOfrjSuHr5x18OWlX6JmGjDgAAAAAAAAAAAAAAAAAAuCtK7xUvFG/2nd2v6slnpj8zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALh7hv//vxRsj2UOEvzZifGm6tpmK2LuXi8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/uL8DAAD//2Kpa7U=")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000040)='./file0\x00', 0x2200082, &(0x7f00000005c0)=ANY=[@ANYBLOB="73686f72746e616d653d6c6f7765722c696f636861727365ff3d6e6f6e652c636865636b3d7374726963742c756e695f786c6174653d312c756e695f786c6174653d312c636f6465706167653d3935302c64656275672c73686f72746e616d653d77696e39352c757466383d302c757466383d302c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d302c00"], 0x0, 0x2b3, &(0x7f0000000140)="$eJzs3c9rI1UcAPBvNrubuLCmB2HRy45HYQltxXuWZYXFgKIEf5wsblalqYUWA+2h1VPPghdBT9716B/gQdSbB69WkKp4sbeCxZHJ1OZn2xibRtzP5zB9vPe+M9/3GDqTQ755vRbL96/Eg/39vSiXC3G5dqcWB4WYi0tRjNx7AQD8nxykafye5madCwBwMTrP/zevnzqnlB1uXlRGAMC0jfn5/4WRvatTSwsAmKIznv9XZ5ASADBlL7362nO36xEvJkk5YmWn3Wg3ImKnc4yI2w/i7WhFM+ajEocR+YtC/raQHZ+9V787n2R+novGynYen/0t9saXYiEqMXcUn/bHLyS5nvhCu3Elrh3F/3AtmrEYlXisN/5mdE5yr353cTh+++/1HedfjUp890asRivuR3ae7vW3FpLkzvP1pD//UmceAAAAAAAAAAAAAAAAAAAAAABMQzU51q3fk3br91SrI8Y79XHy+P76QGlpVH2f+RH1edqNy3FptksHAAAAAAAAAAAAAAAAAACA/4xiRCy1Ws219Y3N5ZMa73z92ZePxOlz/kUjLUYMD2WZDU7OMu7tKR2tYpKrX3/yp49HDf056XKKnTRWHs1Tmmg3Fs+Ys5um6UnhWx8NR0VheA/Pp/HV3luPP71+45m+oaduVV7e/fDTXwcnH6aTXiu7NY7vjUIMbnhu7BMuFb//7ZUnPvh2Y3O5HBH/JJ93Tx76fLDn6jlv+De3JrvD+xs3PqktfbH14y/jRg3+lxikegcAAAAAAAAAAAAAAAAAAJy3nu+KAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBDq/v7/z2N94d6xmn8MWqo1Fxbn/UaAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrwAAAP//A92Rtw==")
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, 0x0, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r6, 0xc0709411, &(0x7f0000000400)={{0x0, 0x2, 0x5, 0x2, 0x5, 0x0, 0x53, 0x0, 0x7f8, 0x0, 0x0, 0x3, 0x4, 0x8001, 0x3}, 0x10, [0x0, 0x0]})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r7, &(0x7f0000003040)={@val={0x8, 0x800}, @val={0x1}, @ipv4=@udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0xa010101, @dev}, {0x0, 0x4e21, 0x64, 0x0, @wg=@response={0x2, 0x0, 0x0, "66cbe0ddfbda942ac1e2c78728c87f0dedc31462c7e4d2bae48d7fe2b1e543a7", "9e75fea4b15c0641bf4f22919c7aee7b", {"8af86dbf2020efc4e02714100a2f1321", "09f797f27b298ff4d62daf42206c6df9"}}}}}, 0x86)
syz_emit_vhci(&(0x7f0000000800)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc9}}}, 0x7)
ioctl$BTRFS_IOC_TREE_SEARCH(0xffffffffffffffff, 0xd0009411, 0x0)

6.178686292s ago: executing program 0:
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000680)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600004, 0x15)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r4, &(0x7f0000000180), 0x40010)

6.087912783s ago: executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000e40)="bd3119fab037020de607352a978727cdd46a7ad7671829c16bb1339d3f711b7c5da66f48a8b5842dad66eedf75899eb65d733423ca5651013e1db97f5d192e302ac583ccd19e1e8a3e7812af51f0eea31c5e05cec737cc11a38936d67d4c7cd78351177f51dab5ebe8523e54dd8db33ab6214499c610051df74b67669c9b554b25c70c3238ffaa908675df728ef76e7ae5ee938e025ed07603ec4cc86ee67be10ef6087e7ff0017b358ebee016f08b756cfd2645ccdf335d8b62b630939ba724776a5f2caa487586527f2066b2845e52758b6da2ce07de99165195af70ea9659005901a0f28e90b49a0803ab10698ade4c07337535c2600c45b8c497ab6863ad984815f375df57e5940e5322d90d66c84937e9b7f2356a6e16a026b2393670d370759a4567a87fd2a4d0d5857b9e2559a5a0a857b845f0e1495e8d9b574b0f4d1a55ec8d93c148a50c5c4228c653be69a7d728fa497ee129ec4e7b821ce041be389d37efd40b81a9704e5182b9cdca1f2d3312351e9edaa8ac96088c465a953e0ec3e8f26aa17ea3e1913b4d147141d1aef80b3ed959d14fad4ead4de92e10f0faca7acdce7c712ab95a11ff4c72798565f0794d7bc50f5082b52b34a1de7c5609e31e1fcc05fc7dbd73973b5dfc92896f57f5b76fd9df5067eb273f0960560df3dfd00ba068e28812244f700d76da4197bb332245f00112b73659c63dfb854eb8eed1a9881e5c49399b2c6932b540d3464d470cabb6", 0x216, 0x0, 0x0, 0x0)

5.017838399s ago: executing program 3:
munmap(&(0x7f0000ece000/0x2000)=nil, 0x2000)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d000905820349"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x8000fb00)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME_WAIT_CANCEL(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r2, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
munmap(&(0x7f0000482000/0x2000)=nil, 0x2000)
mmap$KVM_VCPU(&(0x7f0000c00000/0x400000)=nil, 0x930, 0x0, 0x10, 0xffffffffffffffff, 0x20000)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x4)
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000040)={0x0, 0x5, 0x30}, &(0x7f0000000200)=0xc)

4.203218086s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
r3 = syz_init_net_socket$llc(0x1a, 0x0, 0x0)
connect$llc(r3, &(0x7f0000000340), 0x10)
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='dlm_recv\x00', r4}, 0x10)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0x40)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240))
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f00000005c0)={0x1, r6})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r8 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

2.360987492s ago: executing program 1:
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x2172, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0)

2.150799452s ago: executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e000000020013000200000000000000ff0800ed05000600200000000a0006000000000000"], 0x80}}, 0x0)
sendmmsg(r1, &(0x7f0000000180), 0x400008a, 0x0)

2.097543111s ago: executing program 4:
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$inet6(0xa, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r4)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = accept(r4, 0x0, 0x0)
sendmsg$TEAM_CMD_OPTIONS_SET(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8936, 0x0)

2.005452534s ago: executing program 3:
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f00000003c0)=[{0x3d, 0x1c, 0x80}, {0xfff9}, {0x6}]})
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_type(r2, &(0x7f00000000c0), 0x2, 0x0)
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')
r3 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
r6 = socket(0x10, 0x803, 0x6)
sendto(r6, &(0x7f00000000c0)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r7 = fsmount(r3, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{0x45}, {0x6}]})
symlinkat(&(0x7f0000000cc0)='.\x00', r7, &(0x7f0000000140)='./file0\x00')
openat2(r7, &(0x7f0000000280)='./file0/../file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x8}, 0x18)
syz_emit_ethernet(0x46, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x10, 0x3a, 0xff, @remote={0xfe, 0x7}, @mcast2, {[], @ndisc_ra}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000959800001801000020a0702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
flistxattr(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x45, &(0x7f0000000180)=ANY=[@ANYBLOB="180100006f000000000048dace26ac06e0195e2d026e17ba9002017c7c69"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x90)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r8}, 0x10)
setsockopt$inet_opts(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

1.931937196s ago: executing program 1:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000000000000006301feff000000009500000000000000a46723108de2c7516d0a71286fe2a53271"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x13}, 0x90)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="5000a747", @ANYRES16=0x0, @ANYBLOB="000000000000000000000100000008000100", @ANYRES32], 0x58}, 0x1, 0xf000}, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)=ANY=[@ANYBLOB="140100002b000100000000000000001804"], 0x114}], 0x1}, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x5, &(0x7f0000000140)=ANY=[@ANYBLOB="180100002100000000000000000000108500000075000000a50000002300000095"], &(0x7f0000000000)='GPL\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
getsockname$netrom(0xffffffffffffffff, &(0x7f0000000180)={{}, [@remote, @netrom, @bcast, @rose, @bcast, @netrom, @rose, @bcast]}, &(0x7f0000000100)=0x48)
recvfrom(r4, 0x0, 0x0, 0x0, 0x0, 0x0)
r5 = socket(0x1e, 0x1, 0x0)
pselect6(0x40, &(0x7f0000000040)={0x8}, 0x0, 0x0, 0x0, 0x0)
connect$tipc(r5, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r5, &(0x7f0000000080)=ANY=[], 0x2000011a)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

868.513787ms ago: executing program 4:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240))
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$can_bcm(r3, &(0x7f0000001ff0)={0x1d, r4}, 0x10)
sendmsg$can_raw(r3, &(0x7f0000001fc8)={0x0, 0x0, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x2, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5ee00000000000000004e2f9663a918fa1efd9b0b"}, 0xfe68}}, 0x0)

0s ago: executing program 2:
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_all\x00', 0x275a, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000240)={'syz', 0x0}, 0x0, 0x0, 0x0)
fallocate(r3, 0x0, 0x0, 0x8000001)
fallocate(r3, 0x20, 0x2000, 0x140000)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
fcntl$getflags(r2, 0x0)
dup(0xffffffffffffffff)
socket$inet_tcp(0x2, 0x1, 0x0)
setpriority(0x2, 0xff, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x6e}]}, 0x24}}, 0x0)

kernel console output (not intermixed with test programs):

_zeroed_cluster: out of range(sect:224 len:8)
[  450.618616][ T7646] exFAT-fs (loop3): Filesystem has been set read-only
[  452.941103][ T7659] loop1: detected capacity change from 0 to 2048
[  452.976859][ T7659] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  453.135387][ T7664] block nbd3: shutting down sockets
[  453.250304][ T7667] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  453.593792][ T7671] loop0: detected capacity change from 0 to 1024
[  453.709095][ T7653] overlay: ./file0 is not a directory
[  454.476769][ T7653] loop1: detected capacity change from 0 to 2048
[  454.510309][ T7653] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  454.829131][   T12] hfsplus: b-tree write err: -5, ino 4
[  455.116008][ T7679] loop0: detected capacity change from 0 to 47
[  455.645937][ T1096] Bluetooth: hci5: Frame reassembly failed (-84)
[  456.296003][ T7690] loop3: detected capacity change from 0 to 32768
[  456.321382][ T7690] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (7690)
[  456.361543][ T7690] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  456.372048][ T7690] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  456.380733][ T7690] BTRFS info (device loop3): using free-space-tree
[  457.654805][ T5123] Bluetooth: hci5: command 0xfc11 tx timeout
[  457.663467][ T4478] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  457.789553][ T5122] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  461.246394][ T7731] loop1: detected capacity change from 0 to 40427
[  461.267638][ T7731] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  461.275527][ T7731] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  461.363843][ T7735] loop4: detected capacity change from 0 to 1024
[  461.377120][ T7731] F2FS-fs (loop1): Found nat_bits in checkpoint
[  461.688511][ T7731] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  461.697139][ T7731] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  462.539968][ T7745] tap0: tun_chr_ioctl cmd 1074025676
[  462.550974][ T7745] tap0: owner set to 0
[  465.706435][   T12] hfsplus: b-tree write err: -5, ino 4
[  466.487154][ T7759] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  467.970508][ T7759] workqueue: Failed to create a rescuer kthread for wq "phy2": -EINTR
[  468.423349][ T7768] loop4: detected capacity change from 0 to 47
[  468.555571][ T7769] loop3: detected capacity change from 0 to 32768
[  468.603225][ T7769] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (7769)
[  468.623600][ T7769] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  468.633901][ T7769] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  468.642765][ T7769] BTRFS info (device loop3): using free-space-tree
[  469.091403][   T30] audit: type=1400 audit(1719246446.337:356): avc:  denied  { setattr } for  pid=7767 comm="syz-executor.3" name="file0" dev="loop3" ino=258 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  469.237762][ T5122] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  470.126304][ T7798] Cannot find add_set index 0 as target
[  470.354235][ T7796] usb usb8: usbfs: process 7796 (syz-executor.0) did not claim interface 0 before use
[  470.421745][   T30] audit: type=1326 audit(1719246447.677:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7793 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f940367d0a9 code=0x0
[  470.440508][ T7800] loop3: detected capacity change from 0 to 1024
[  470.672937][ T7804] loop1: detected capacity change from 0 to 64
[  471.025109][ T7809] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  471.025109][ T7809]    program syz-executor.1 not setting count and/or reply_len properly
[  471.942361][ T7800] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  473.914751][ T7817] loop1: detected capacity change from 0 to 40427
[  473.940302][ T7817] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  473.948283][ T7817] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  474.031392][ T7817] F2FS-fs (loop1): Found nat_bits in checkpoint
[  474.118683][ T7817] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  474.128393][ T7817] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  480.404250][ T7841] loop2: detected capacity change from 0 to 256
[  480.429115][ T7841] FAT-fs (loop2): Unrecognized mount option "short
" or missing value
[  481.632074][ T7842] loop0: detected capacity change from 0 to 256
[  482.004056][ T7842] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  482.591236][ T7842] exFAT-fs (loop0): error, exfat_zeroed_cluster: out of range(sect:224 len:8)
[  482.632869][ T7842] exFAT-fs (loop0): Filesystem has been set read-only
[  482.868277][ T5199] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  483.809421][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  483.900186][ T7854] loop0: detected capacity change from 0 to 64
[  484.396134][ T7859] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  484.396134][ T7859]    program syz-executor.0 not setting count and/or reply_len properly
[  485.074713][ T7866] loop2: detected capacity change from 0 to 47
[  485.175945][ T7868] Cannot find add_set index 0 as target
[  485.332705][ T7868] usb usb8: usbfs: process 7868 (syz-executor.3) did not claim interface 0 before use
[  485.380324][   T30] audit: type=1326 audit(1719246462.647:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7861 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7058a7d0a9 code=0x0
[  489.768721][ T7890] loop4: detected capacity change from 0 to 64
[  490.568481][ T7898] loop2: detected capacity change from 0 to 40427
[  490.583383][ T7900] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  490.583383][ T7900]    program syz-executor.4 not setting count and/or reply_len properly
[  491.252423][ T7898] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  491.260546][ T7898] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  491.355678][ T7898] F2FS-fs (loop2): Found nat_bits in checkpoint
[  491.422101][ T7898] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  491.431395][ T7898] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  491.526404][ T7894] loop1: detected capacity change from 0 to 1024
[  492.717584][ T7894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  493.049101][ T6254] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.088321][ T7923] loop0: detected capacity change from 0 to 64
[  493.566138][ T7925] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  493.566138][ T7925]    program syz-executor.0 not setting count and/or reply_len properly
[  499.276027][ T7949] loop4: detected capacity change from 0 to 64
[  499.653553][ T7951] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  499.653553][ T7951]    program syz-executor.4 not setting count and/or reply_len properly
[  500.685083][ T7955] Cannot find add_set index 0 as target
[  500.836233][ T7953] usb usb8: usbfs: process 7953 (syz-executor.2) did not claim interface 0 before use
[  500.895266][   T30] audit: type=1326 audit(1719246478.157:359): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7952 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x0
[  502.548243][ T7976] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  502.805781][ T7978] loop3: detected capacity change from 0 to 1024
[  502.991906][ T7983] vivid-007: disconnect
[  503.686494][ T7973] vivid-007: reconnect
[  503.703505][ T7978] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  503.865034][   T30] audit: type=1326 audit(1719246481.077:360): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  503.951467][   T30] audit: type=1326 audit(1719246481.077:361): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  503.986229][   T30] audit: type=1326 audit(1719246481.077:362): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  504.069969][   T30] audit: type=1326 audit(1719246481.077:363): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  504.160065][   T30] audit: type=1326 audit(1719246481.077:364): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  504.326126][   T30] audit: type=1326 audit(1719246481.077:365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  504.352982][   T30] audit: type=1326 audit(1719246481.077:366): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  504.381287][   T30] audit: type=1326 audit(1719246481.077:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  505.008764][   T30] audit: type=1326 audit(1719246481.077:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=7969 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  505.378597][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.669776][ T8003] loop3: detected capacity change from 0 to 64
[  506.154408][ T8006] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  506.154408][ T8006]    program syz-executor.3 not setting count and/or reply_len properly
[  506.941604][ T5123] Bluetooth: hci0: command 0x0405 tx timeout
[  507.340093][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  507.351300][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  507.906680][ T8016] Cannot find add_set index 0 as target
[  508.014189][ T8016] usb usb8: usbfs: process 8016 (syz-executor.0) did not claim interface 0 before use
[  508.048994][   T30] kauditd_printk_skb: 74 callbacks suppressed
[  508.049141][   T30] audit: type=1326 audit(1719246485.317:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8011 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f940367d0a9 code=0x0
[  508.090657][ T7996] loop4: detected capacity change from 0 to 32768
[  508.225967][ T8018] block nbd3: shutting down sockets
[  508.289145][ T8004] loop2: detected capacity change from 0 to 32768
[  508.309531][ T8004] XFS: ikeep mount option is deprecated.
[  508.315733][ T8004] XFS: noikeep mount option is deprecated.
[  508.406954][ T8004] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  508.438970][ T7996] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=zstd,nojournal_transaction_names
[  508.502417][ T7996] bcachefs (loop4): recovering from clean shutdown, journal seq 10
[  508.576375][ T7996] bcachefs (loop4): alloc_read... done
[  508.583672][ T7996] bcachefs (loop4): stripes_read... done
[  508.590182][ T7996] bcachefs (loop4): snapshots_read... done
[  508.598411][ T8004] XFS (loop2): Ending clean mount
[  508.606109][ T7996] bcachefs (loop4): journal_replay... done
[  508.619148][ T7996] bcachefs (loop4): resume_logged_ops... done
[  508.641709][ T7996] bcachefs (loop4): going read-write
[  508.654391][ T7996] bcachefs (loop4): bch2_rebalance_start(): error creating rebalance thread EINTR
[  508.664125][ T7996] bcachefs (loop4): error starting rebalance thread
[  508.670894][ T7996] bcachefs (loop4): going read-only
[  508.677565][ T7996] bcachefs (loop4): finished waiting for writes to stop
[  508.689422][ T7996] bcachefs (loop4): flushing journal and stopping allocators, journal seq 10
[  508.699005][ T7996] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 10
[  508.713765][ T8004] XFS (loop2): Quotacheck needed: Please wait.
[  508.759912][ T7996] bcachefs (loop4): shutdown complete, journal seq 11
[  508.777843][ T7996] bcachefs (loop4): marking filesystem clean
[  508.888670][ T7996] bcachefs (loop4): bch2_fs_start(): error starting filesystem EINTR
[  508.915796][ T7996] bcachefs (loop4): shutting down
[  509.027280][ T7996] bcachefs (loop4): shutdown complete
[  509.092609][ T8004] XFS (loop2): Quotacheck: Done.
[  509.172298][ T8041] block nbd0: shutting down sockets
[  509.185440][ T5121] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  511.926700][ T8048] loop0: detected capacity change from 0 to 32768
[  512.162200][ T8056] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.4'.
[  513.580445][ T8070] loop1: detected capacity change from 0 to 256
[  513.613411][ T8048] bcachefs (loop0): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=zstd,nojournal_transaction_names
[  513.633849][ T8070] FAT-fs (loop1): Unrecognized mount option "uni_xlate=1=cp936" or missing value
[  513.721361][   T30] audit: type=1326 audit(1719246490.977:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  513.749820][ T8048] bcachefs (loop0): recovering from clean shutdown, journal seq 10
[  513.831804][ T5199] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  513.860262][ T8054] loop3: detected capacity change from 0 to 32768
[  513.869021][ T8048] bcachefs (loop0): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR
[  513.887258][   T30] audit: type=1326 audit(1719246490.977:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  513.917636][   T30] audit: type=1326 audit(1719246490.977:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  513.946613][ T8070] loop1: detected capacity change from 0 to 128
[  513.960983][ T8048] bcachefs (loop0): bch2_fs_recovery(): error EINTR
[  513.968476][   T30] audit: type=1326 audit(1719246490.977:447): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.000181][ T8054] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (8054)
[  514.021877][ T8048] bcachefs (loop0): bch2_fs_start(): error starting filesystem EINTR
[  514.071508][   T30] audit: type=1326 audit(1719246490.977:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.095987][ T8054] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  514.120316][ T8048] bcachefs (loop0): shutting down
[  514.163823][ T8054] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  514.185096][ T8054] BTRFS info (device loop3): using free-space-tree
[  514.203754][   T30] audit: type=1326 audit(1719246490.977:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.242062][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  514.244897][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  514.266164][ T8048] bcachefs (loop0): shutdown complete
[  514.304932][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  514.306108][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  514.345695][   T30] audit: type=1326 audit(1719246490.977:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.402537][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  514.413627][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  514.442729][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  514.457808][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  514.495721][   T30] audit: type=1326 audit(1719246490.977:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.536773][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  514.537876][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  514.542150][ T5719] kworker/u8:10: attempt to access beyond end of device
[  514.542150][ T5719] loop1: rw=1, sector=145, nr_sectors = 56 limit=128
[  514.549669][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  514.604042][   T30] audit: type=1326 audit(1719246490.977:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.614205][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  514.615278][ T8054] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  514.663614][   T30] audit: type=1326 audit(1719246490.977:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8055 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7fc00000
[  514.893689][ T8054] BTRFS error (device loop3): open_ctree failed
[  515.196644][ T8101] Cannot find add_set index 0 as target
[  515.304347][ T8101] usb usb8: usbfs: process 8101 (syz-executor.1) did not claim interface 0 before use
[  516.761412][ T8117] block nbd2: shutting down sockets
[  520.383837][ T8135] vivid-007: disconnect
[  520.706143][ T8127] vivid-007: reconnect
[  521.323086][ T8138] overlayfs: failed to resolve './file1': -2
[  521.602163][ T8147] Cannot find add_set index 0 as target
[  521.825217][ T8147] usb usb8: usbfs: process 8147 (syz-executor.2) did not claim interface 0 before use
[  521.896132][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  521.896156][   T30] audit: type=1326 audit(1719246499.167:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8144 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x0
[  521.951367][ T8143] can: request_module (can-proto-0) failed.
[  522.015714][ T8153] loop4: detected capacity change from 0 to 1024
[  522.060471][ T8153] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  522.181610][ T8160] tap0: tun_chr_ioctl cmd 1074025676
[  522.187000][ T8160] tap0: owner set to 0
[  523.460208][ T5112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  523.610417][ T8165] loop2: detected capacity change from 0 to 256
[  523.629396][ T8165] FAT-fs (loop2): Unrecognized mount option "uni_xlate=1=cp936" or missing value
[  526.178351][ T8181] vivid-007: disconnect
[  526.856264][ T8177] vivid-007: reconnect
[  528.323622][ T8195] loop2: detected capacity change from 0 to 8
[  529.759859][ T8205] loop2: detected capacity change from 0 to 1024
[  529.937241][ T8205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  531.748314][ T8214] loop0: detected capacity change from 0 to 8
[  533.555468][ T5121] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  534.170375][ T8224] loop3: detected capacity change from 0 to 256
[  534.198912][ T8224] FAT-fs (loop3): Unrecognized mount option "uni_xlate=1=cp936" or missing value
[  534.383761][ T8225] overlayfs: failed to resolve './file1': -2
[  534.861465][ T5161] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  535.111661][ T5161] usb 5-1: Using ep0 maxpacket: 8
[  535.222197][ T5161] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  535.291306][ T5161] usb 5-1: config 0 has no interface number 0
[  535.297534][ T5161] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  535.401321][ T5161] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  535.466791][ T5161] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  535.505555][ T5161] usb 5-1: config 0 descriptor??
[  535.794068][ T5161] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  537.088008][ T8239] loop3: detected capacity change from 0 to 1024
[  537.103524][ T5153] usb 5-1: USB disconnect, device number 10
[  537.143373][ T5153] iowarrior 5-1:0.1: I/O-Warror #0 now disconnected
[  537.531559][  T784] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  537.751582][ T8239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  538.151395][  T784] usb 2-1: Using ep0 maxpacket: 8
[  538.176692][  T784] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  538.257492][  T784] usb 2-1: config 0 has no interface number 0
[  538.289104][  T784] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  538.317730][  T784] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  538.340497][  T784] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  538.378968][  T784] usb 2-1: config 0 descriptor??
[  538.400073][  T784] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  538.624500][   T30] audit: type=1800 audit(1719246515.797:514): pid=8244 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz-executor.2" name="bus" dev="overlay" ino=1973 res=0 errno=0
[  538.919766][  T784] usb 2-1: USB disconnect, device number 2
[  538.984542][  T784] iowarrior 2-1:0.1: I/O-Warror #0 now disconnected
[  541.066792][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  541.429966][ T8276] loop3: detected capacity change from 0 to 1024
[  541.556339][ T8276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  542.882478][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  544.495216][ T8289] block nbd2: shutting down sockets
[  544.505514][ T8292] loop3: detected capacity change from 0 to 256
[  544.566621][ T8292] FAT-fs (loop3): Unrecognized mount option "uni_xlate=1=cp936" or missing value
[  545.690536][ T5199] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  547.015755][ T8313] vivid-007: disconnect
[  547.741787][ T8306] vivid-007: reconnect
[  547.928806][ T8315] Cannot find add_set index 0 as target
[  548.103632][ T8315] usb usb8: usbfs: process 8315 (syz-executor.4) did not claim interface 0 before use
[  548.181318][   T30] audit: type=1326 audit(1719246525.447:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8308 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x0
[  548.765129][ T8320] loop2: detected capacity change from 0 to 1024
[  549.215644][ T8329] vivid-007: disconnect
[  549.791362][ T8324] vivid-007: reconnect
[  551.431238][ T8320] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  551.442149][ T8320] EXT4-fs: failed to create workqueue
[  551.491548][ T8320] EXT4-fs (loop2): mount failed
[  552.042639][ T8346] block nbd3: shutting down sockets
[  553.486338][ T8356] netlink: 224 bytes leftover after parsing attributes in process `syz-executor.4'.
[  553.954822][ T8365] vivid-007: disconnect
[  554.583496][ T8359] vivid-007: reconnect
[  555.292192][ T8370] Cannot find add_set index 0 as target
[  555.402636][ T8370] usb usb8: usbfs: process 8370 (syz-executor.3) did not claim interface 0 before use
[  555.456928][   T30] audit: type=1326 audit(1719246532.727:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8366 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7058a7d0a9 code=0x0
[  555.711368][ T8362] loop0: detected capacity change from 0 to 1024
[  556.118268][ T8362] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  558.388332][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  558.430524][ T8372] loop4: detected capacity change from 0 to 32768
[  558.692626][ T5190] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  560.379630][ T8394] loop3: detected capacity change from 0 to 1024
[  560.839517][ T8399] loop1: detected capacity change from 0 to 32768
[  560.852622][ T8399] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (8399)
[  560.937329][ T8399] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  560.947710][ T8399] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  560.956711][ T8399] BTRFS info (device loop1): using free-space-tree
[  561.173339][ T8394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  561.235848][ T8402] loop2: detected capacity change from 0 to 256
[  561.293179][ T8399] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.1'.
[  561.461608][  T784] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  561.949574][ T8428] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  562.643513][  T784] usb 5-1: Using ep0 maxpacket: 32
[  562.654929][  T784] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  562.733261][  T784] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  562.752432][  T784] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  562.769393][  T784] usb 5-1: Product: syz
[  562.820444][  T784] usb 5-1: Manufacturer: syz
[  562.851695][  T784] usb 5-1: SerialNumber: syz
[  562.890387][  T784] usb 5-1: config 0 descriptor??
[  562.936423][ T8423] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  563.055607][ T6254] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  564.445435][ T8216] usb 5-1: USB disconnect, device number 11
[  565.323184][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.352799][ T8437] loop1: detected capacity change from 0 to 1024
[  565.629265][ T8441] fuse: Bad value for 'fd'
[  566.163343][ T8445] loop3: detected capacity change from 0 to 256
[  566.255266][ T1040] hfsplus: b-tree write err: -5, ino 4
[  566.730709][ T8447] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  568.779793][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  568.792382][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  569.608159][ T8469] block nbd2: shutting down sockets
[  570.089459][ T8453] loop4: detected capacity change from 0 to 32768
[  571.898429][ T8453] bcachefs (loop4): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,nojournal_transaction_names
[  572.041691][ T8453] bcachefs (loop4): recovering from clean shutdown, journal seq 8
[  572.068691][ T8453] bcachefs (loop4): bch2_journal_reclaim_start(): error creating journal reclaim thread EINTR
[  572.086926][ T8453] bcachefs (loop4): bch2_fs_recovery(): error EINTR
[  572.098380][ T8483] loop3: detected capacity change from 0 to 256
[  572.104929][ T8453] bcachefs (loop4): bch2_fs_start(): error starting filesystem EINTR
[  572.127745][ T8453] bcachefs (loop4): shutting down
[  572.141024][   T30] audit: type=1400 audit(1719246549.407:517): avc:  denied  { getopt } for  pid=8484 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  573.401937][   T30] audit: type=1400 audit(1719246549.787:518): avc:  denied  { setopt } for  pid=8484 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=can_socket permissive=1
[  573.444143][ T8453] bcachefs (loop4): shutdown complete
[  575.893576][ T8501] loop3: detected capacity change from 0 to 256
[  576.853222][ T8506] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000001)
[  578.102538][ T8507] loop1: detected capacity change from 0 to 2048
[  578.146972][ T8507] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  578.401299][ T8522] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  581.703379][ T8536] loop0: detected capacity change from 0 to 47
[  582.860588][ T8539] block nbd3: shutting down sockets
[  583.810605][ T8553] loop2: detected capacity change from 0 to 1024
[  584.767869][ T1096] hfsplus: b-tree write err: -5, ino 4
[  584.855532][ T5191] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  585.477270][ T8565] loop2: detected capacity change from 0 to 40427
[  585.488153][ T8566] loop3: detected capacity change from 0 to 32768
[  585.518697][ T8565] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  585.519785][ T8566] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (8566)
[  585.526762][ T8565] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  585.550845][ T5191] usb 2-1: too many configurations: 33, using maximum allowed: 8
[  585.571944][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  585.605725][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  585.618008][ T8565] F2FS-fs (loop2): Found nat_bits in checkpoint
[  585.628754][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  585.779044][ T8571] loop4: detected capacity change from 0 to 47
[  585.807781][ T8565] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  585.816380][ T8565] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  585.970930][ T8566] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  585.979914][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  585.982061][ T8566] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  585.995769][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  585.998884][ T8566] BTRFS info (device loop3): using free-space-tree
[  586.034886][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  586.328469][ T5191] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  587.231555][ T5191] usb 2-1: unable to read config index 7 descriptor/start: -71
[  587.253592][ T5191] usb 2-1: can't read configurations, error -71
[  588.562023][ T8582] syz-executor.2: attempt to access beyond end of device
[  588.562023][ T8582] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  591.284165][ T8566] BTRFS error (device loop3): open_ctree failed
[  596.634226][ T8628] loop4: detected capacity change from 0 to 47
[  599.451339][ T5078] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  599.670738][ T5078] usb 4-1: too many configurations: 33, using maximum allowed: 8
[  599.692773][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.728733][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.766234][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.797710][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.825363][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.874499][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.913232][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.944022][ T5078] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  599.992873][ T5078] usb 4-1: New USB device found, idVendor=0fc5, idProduct=1227, bcdDevice= 5.86
[  600.018296][ T5078] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.057451][ T5078] usb 4-1: Product: syz
[  600.071364][ T5078] usb 4-1: Manufacturer: syz
[  600.091280][ T5078] usb 4-1: SerialNumber: syz
[  600.102365][ T5078] usb 4-1: config 0 descriptor??
[  600.315565][   T30] audit: type=1400 audit(1719246577.587:519): avc:  denied  { getopt } for  pid=8642 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  600.328351][ T8644] loop6: detected capacity change from 0 to 16384
[  601.603433][ T8660] loop2: detected capacity change from 0 to 1024
[  601.622235][   T30] audit: type=1326 audit(1719246578.897:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8659 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f940367d0a9 code=0x0
[  601.622574][ T8644] I/O error, dev loop6, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  601.679157][ T8644] Buffer I/O error on dev loop6, logical block 1, async page read
[  601.837100][ T8644] Dev loop6: unable to read RDB block 8
[  601.939079][ T8644]  loop6: unable to read partition table
[  602.103743][ T8644] loop6: partition table beyond EOD, truncated
[  602.110219][ T8644] loop_reread_partitions: partition scan of loop6 () failed (rc=-5)
[  602.145260][ T5162] usb 4-1: USB disconnect, device number 9
[  602.731461][ T8670] random: crng reseeded on system resumption
[  603.798720][   T11] hfsplus: b-tree write err: -5, ino 4
[  604.396481][ T8673] loop0: detected capacity change from 0 to 40427
[  604.413818][ T8673] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  604.424223][ T8673] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  604.482751][ T8673] F2FS-fs (loop0): Found nat_bits in checkpoint
[  604.578633][ T8673] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  604.588420][ T8673] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  605.411928][ T8689] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  606.952971][ T8704] loop2: detected capacity change from 0 to 512
[  607.079956][ T8704] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  607.285105][ T8704] EXT4-fs (loop2): 1 truncate cleaned up
[  607.294313][ T8704] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  607.465117][   T30] audit: type=1800 audit(1719246584.737:521): pid=8703 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="overlay" ino=1969 res=0 errno=0
[  607.624700][   T30] audit: type=1400 audit(1719246584.887:522): avc:  denied  { accept } for  pid=8701 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_route_socket permissive=1
[  607.707207][   T30] audit: type=1800 audit(1719246584.967:523): pid=8704 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="bus" dev="loop2" ino=18 res=0 errno=0
[  608.781340][   T30] audit: type=1804 audit(1719246586.037:524): pid=8704 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.2" name="/root/syzkaller-testdir1149216777/syzkaller.1QEJoU/156/bus/file0/bus" dev="loop2" ino=18 res=1 errno=0
[  609.055971][   T30] audit: type=1326 audit(1719246586.327:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8714 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x0
[  609.509357][ T8722] random: crng reseeded on system resumption
[  610.586454][ T8723] Cannot find add_set index 0 as target
[  610.682369][ T8726] loop0: detected capacity change from 0 to 1024
[  610.749138][ T8718] usb usb8: usbfs: process 8718 (syz-executor.3) did not claim interface 0 before use
[  610.821691][   T30] audit: type=1326 audit(1719246588.047:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8716 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7058a7d0a9 code=0x0
[  610.950343][ T8730] loop1: detected capacity change from 0 to 1024
[  610.973099][ T8726] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  611.289071][ T8732] loop4: detected capacity change from 0 to 1024
[  612.092196][ T8732] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  613.103142][ T5121] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.958841][   T81] hfsplus: b-tree write err: -5, ino 4
[  614.222687][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.527850][ T8751] loop2: detected capacity change from 0 to 256
[  616.283800][ T8759] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  616.896544][ T8755] loop3: detected capacity change from 0 to 1024
[  620.305108][ T8768] loop1: detected capacity change from 0 to 256
[  620.408518][ T8768] FAT-fs (loop1): Unrecognized mount option "short
" or missing value
[  620.593313][ T8755] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  621.427111][   T30] audit: type=1326 audit(1719246598.697:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8773 comm="syz-executor.1" exe="/root/syz-executor.1" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x0
[  621.830207][ T8778] usb usb8: usbfs: process 8778 (syz-executor.4) did not claim interface 0 before use
[  621.875468][   T30] audit: type=1326 audit(1719246599.147:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8777 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x0
[  622.001193][ T8785] random: crng reseeded on system resumption
[  623.695252][ T8787] loop4: detected capacity change from 0 to 40427
[  623.719441][ T8787] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  623.727312][ T8787] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  623.766877][ T8787] F2FS-fs (loop4): Found nat_bits in checkpoint
[  623.855916][ T8787] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  623.863138][ T8787] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  623.919925][ T8793] loop1: detected capacity change from 0 to 2048
[  624.087537][ T8793] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  624.489836][ T8794] syz-executor.4: attempt to access beyond end of device
[  624.489836][ T8794] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  625.622585][ T8806] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  626.460222][ T8811] loop2: detected capacity change from 0 to 256
[  626.469405][ T8811] FAT-fs (loop2): Unrecognized mount option "short
" or missing value
[  627.124817][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  628.378811][ T8817] loop3: detected capacity change from 0 to 1024
[  628.554273][ T8817] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  630.218860][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  630.232196][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  630.292085][ T5122] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  630.521454][ T8832] loop1: detected capacity change from 0 to 512
[  630.564324][ T8832] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  630.705619][ T8832] EXT4-fs (loop1): 1 truncate cleaned up
[  630.727425][ T8832] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  630.740174][ T8838] Cannot find add_set index 0 as target
[  631.125924][   T30] audit: type=1800 audit(1719246608.387:529): pid=8832 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0
[  631.129469][ T8838] usb usb8: usbfs: process 8838 (syz-executor.3) did not claim interface 0 before use
[  632.415632][   T30] audit: type=1326 audit(1719246609.687:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8833 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7058a7d0a9 code=0x0
[  632.639615][   T30] audit: type=1326 audit(1719246609.907:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8845 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x0
[  632.853012][ T8849] loop3: detected capacity change from 0 to 47
[  633.101614][ T8851] random: crng reseeded on system resumption
[  634.350251][ T6254] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  634.790993][ T8858] loop4: detected capacity change from 0 to 40427
[  634.822079][ T8858] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  634.830787][ T8858] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  634.902562][ T8858] F2FS-fs (loop4): Found nat_bits in checkpoint
[  635.035516][ T8858] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  635.042919][ T8858] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  635.337984][ T8867] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  636.020354][ T8868] syz-executor.4: attempt to access beyond end of device
[  636.020354][ T8868] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  636.934680][ T8877] loop0: detected capacity change from 0 to 1024
[  637.033409][ T8877] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  641.038867][ T8897] loop3: detected capacity change from 0 to 1024
[  641.119860][ T8897] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  642.408756][   T30] audit: type=1326 audit(1719246619.677:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8898 comm="syz-executor.2" exe="/root/syz-executor.2" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x0
[  642.841253][ T8905] random: crng reseeded on system resumption
[  645.206950][ T5111] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  646.758130][ T8919] loop2: detected capacity change from 0 to 40427
[  646.806404][ T8919] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  646.814306][ T8919] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  646.935073][ T8919] F2FS-fs (loop2): Found nat_bits in checkpoint
[  647.046941][ T8919] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  647.054179][ T8919] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  647.950581][ T8920] can: request_module (can-proto-0) failed.
[  648.469025][ T8943] block nbd4: shutting down sockets
[  648.642425][   T30] audit: type=1800 audit(1719246625.917:533): pid=8946 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz-executor.1" name="bus" dev="overlay" ino=1971 res=0 errno=0
[  650.316291][   T30] audit: type=1326 audit(1719246627.587:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=8957 comm="syz-executor.4" exe="/root/syz-executor.4" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x0
[  650.771594][ T8964] random: crng reseeded on system resumption
[  652.191318][ T8967] loop4: detected capacity change from 0 to 1024
[  653.239344][ T2427] hfsplus: b-tree write err: -5, ino 4
[  656.142990][ T8988] loop3: detected capacity change from 0 to 128
[  656.219403][ T8987] loop4: detected capacity change from 0 to 64
[  656.353215][ T8992] syz-executor.3: attempt to access beyond end of device
[  656.353215][ T8992] loop3: rw=2049, sector=145, nr_sectors = 512 limit=128
[  656.408823][ T8987] MINIX-fs: bad superblock or unable to read bitmaps
[  656.806457][ T8989] can: request_module (can-proto-0) failed.
[  657.168805][ T1096] kworker/u8:8: attempt to access beyond end of device
[  657.168805][ T1096] loop3: rw=1, sector=657, nr_sectors = 384 limit=128
[  659.926073][   T30] audit: type=1326 audit(1719246637.197:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9012 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f940367d0a9 code=0x0
[  660.395737][ T9021] random: crng reseeded on system resumption
[  662.032088][ T9025] loop0: detected capacity change from 0 to 40427
[  662.058853][ T9025] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  662.066715][ T9025] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  662.145709][ T9025] F2FS-fs (loop0): Found nat_bits in checkpoint
[  662.220966][ T9025] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  662.228128][ T9025] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  662.367011][ T9031] loop2: detected capacity change from 0 to 256
[  662.907906][ T9028] loop3: detected capacity change from 0 to 2048
[  662.990512][ T9028] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  663.229579][ T9040] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  664.054706][ T9043] loop3: detected capacity change from 0 to 1024
[  665.121647][ T1040] hfsplus: b-tree write err: -5, ino 4
[  665.137687][ T9031] syzkaller1: entered promiscuous mode
[  665.153360][ T9031] syzkaller1: entered allmulticast mode
[  666.033139][   T30] audit: type=1400 audit(1719246643.307:536): avc:  denied  { mounton } for  pid=9056 comm="syz-executor.3" path="/root/syzkaller-testdir1267447731/syzkaller.mY3unj/168/file0" dev="binder" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=dir permissive=1
[  666.151317][   T30] audit: type=1400 audit(1719246643.367:537): avc:  denied  { mount } for  pid=9056 comm="syz-executor.3" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  666.405807][ T9055] can: request_module (can-proto-0) failed.
[  666.579967][ T9065] loop0: detected capacity change from 0 to 1024
[  667.466688][ T9068] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.2'.
[  667.551033][ T9058] loop3: detected capacity change from 0 to 64
[  668.211073][ T9068] loop2: detected capacity change from 0 to 2048
[  668.221025][   T11] hfsplus: b-tree write err: -5, ino 4
[  668.649798][   T30] audit: type=1400 audit(1719246645.917:538): avc:  denied  { mounton } for  pid=9056 comm="syz-executor.3" path="/root/syzkaller-testdir1267447731/syzkaller.mY3unj/168/file0" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:devpts_t tclass=dir permissive=1
[  668.753368][ T9068] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  668.835330][ T9068] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  668.910616][ T9068] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  668.940762][   T30] audit: type=1326 audit(1719246646.207:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9073 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f940367d0a9 code=0x0
[  669.702505][ T9082] random: crng reseeded on system resumption
[  671.090643][   T30] audit: type=1400 audit(1719246648.357:540): avc:  denied  { unmount } for  pid=5122 comm="syz-executor.3" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[  671.321585][ T9092] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  672.069423][ T9100] fuse: Bad value for 'fd'
[  672.241471][ T9104] netlink: 'syz-executor.3': attribute type 9 has an invalid length.
[  672.249730][ T9104] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[  672.258010][ T9104] netlink: 'syz-executor.3': attribute type 8 has an invalid length.
[  672.275380][ T9104] ax25_connect(): syz-executor.3 uses autobind, please contact jreuter@yaina.de
[  677.279250][ T9110] loop0: detected capacity change from 0 to 1024
[  677.889954][ T9108] loop2: detected capacity change from 0 to 64
[  678.275267][   T30] audit: type=1400 audit(1719246655.517:541): avc:  denied  { remount } for  pid=9106 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:dosfs_t tclass=filesystem permissive=1
[  678.606918][ T1040] hfsplus: b-tree write err: -5, ino 4
[  679.766341][ T9126] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  679.804728][ T9132] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  679.846531][   T30] audit: type=1326 audit(1719246657.087:542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9135 comm="syz-executor.0" exe="/root/syz-executor.0" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f940367d0a9 code=0x0
[  680.207320][ T9132] loop4: detected capacity change from 0 to 2048
[  680.265709][ T9139] random: crng reseeded on system resumption
[  681.442954][ T9132] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  681.513824][ T9132] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  681.559241][ T9132] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  681.609553][ T9133] can: request_module (can-proto-0) failed.
[  681.646426][   T30] audit: type=1326 audit(1719246658.897:543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  681.719220][   T30] audit: type=1326 audit(1719246658.897:544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  681.757736][   T30] audit: type=1326 audit(1719246658.897:545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  682.483599][   T30] audit: type=1326 audit(1719246658.897:546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  683.057435][   T30] audit: type=1326 audit(1719246658.897:547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  683.162459][   T30] audit: type=1326 audit(1719246658.907:548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  683.249010][   T30] audit: type=1326 audit(1719246658.907:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  683.252598][ T9154] fuse: Bad value for 'fd'
[  683.313890][   T30] audit: type=1326 audit(1719246658.907:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  683.666462][   T30] audit: type=1326 audit(1719246658.907:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  684.712458][   T30] audit: type=1326 audit(1719246658.907:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  684.819905][   T30] audit: type=1326 audit(1719246658.907:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  684.840622][ T9161] loop2: detected capacity change from 0 to 2048
[  684.885213][   T30] audit: type=1326 audit(1719246658.907:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  684.913846][ T9161] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  685.035571][ T9166] netlink: 'syz-executor.3': attribute type 9 has an invalid length.
[  685.044072][ T9166] netlink: 'syz-executor.3': attribute type 7 has an invalid length.
[  685.052354][ T9166] netlink: 'syz-executor.3': attribute type 8 has an invalid length.
[  685.068883][ T9166] ax25_connect(): syz-executor.3 uses autobind, please contact jreuter@yaina.de
[  689.271320][   T30] audit: type=1326 audit(1719246658.907:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  689.306237][ T9161] NILFS (loop2): error -4 creating segctord thread
[  689.332648][   T30] audit: type=1326 audit(1719246658.907:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  689.364246][   T30] audit: type=1326 audit(1719246658.907:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.150225][   T30] audit: type=1326 audit(1719246658.907:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.285940][   T30] audit: type=1326 audit(1719246658.907:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.336958][   T30] audit: type=1326 audit(1719246658.907:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.362795][   T30] audit: type=1326 audit(1719246658.907:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.389372][   T30] audit: type=1326 audit(1719246658.907:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.445489][   T30] audit: type=1326 audit(1719246658.907:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  690.472886][   T30] audit: type=1326 audit(1719246658.907:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9125 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  691.189230][ T9175] loop2: detected capacity change from 0 to 40427
[  691.226150][ T9175] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  691.234211][ T9175] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  691.325030][ T9175] F2FS-fs (loop2): Found nat_bits in checkpoint
[  691.440819][ T9175] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  691.448100][ T9175] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  691.593246][ T9183] block nbd3: shutting down sockets
[  691.663305][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  691.669705][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  692.537545][ T9201] loop4: detected capacity change from 0 to 8
[  694.271913][ T9204] can: request_module (can-proto-0) failed.
[  694.432785][ T9215] loop0: detected capacity change from 0 to 47
[  694.983251][ T9222] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
[  695.010847][ T9216] loop4: detected capacity change from 0 to 2048
[  695.099173][ T9216] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  695.233399][ T9223] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  695.603082][ T9216] overlay: ./file0 is not a directory
[  695.659078][   T30] kauditd_printk_skb: 47 callbacks suppressed
[  695.659104][   T30] audit: type=1326 audit(1719246672.927:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  695.715283][ T9209] loop3: detected capacity change from 0 to 32768
[  695.802074][ T9209] bcachefs (/dev/loop3): error reading default superblock: checksum error, type crc32c_nonzero: got 46c1343f should be 29d2fb78
[  695.831196][   T30] audit: type=1326 audit(1719246672.927:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  695.836612][ T9216] loop4: detected capacity change from 0 to 2048
[  695.952769][   T30] audit: type=1326 audit(1719246672.927:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  695.991495][ T9216] EXT4-fs warning (device loop4): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  696.161420][   T30] audit: type=1326 audit(1719246672.927:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  696.262033][ T9226] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.0'.
[  696.291495][   T30] audit: type=1326 audit(1719246672.927:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  696.441443][   T30] audit: type=1326 audit(1719246672.927:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  696.509017][ T9209] bcachefs (loop3): mounting version 1.7: mi_btree_bitmap opts=compression=lz4,nojournal_transaction_names
[  696.521697][   T30] audit: type=1326 audit(1719246672.927:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  696.553391][ T9209] bcachefs (loop3): recovering from clean shutdown, journal seq 7
[  696.603195][   T30] audit: type=1326 audit(1719246672.927:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  696.633557][ T9241] fuse: Bad value for 'fd'
[  696.750506][ T9242] netlink: 'syz-executor.4': attribute type 9 has an invalid length.
[  696.758954][ T9242] netlink: 'syz-executor.4': attribute type 7 has an invalid length.
[  696.767485][ T9242] netlink: 'syz-executor.4': attribute type 8 has an invalid length.
[  696.783511][ T9242] ax25_connect(): syz-executor.4 uses autobind, please contact jreuter@yaina.de
[  696.940430][   T30] audit: type=1326 audit(1719246672.927:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  697.517668][ T9209] bcachefs (loop3): alloc_read... done
[  697.521267][   T30] audit: type=1326 audit(1719246673.007:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9218 comm="syz-executor.1" exe="/root/syz-executor.1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc93927d0a9 code=0x7fc00000
[  697.544053][ T9209] bcachefs (loop3): stripes_read... done
[  697.581374][ T9209] bcachefs (loop3): snapshots_read... done
[  697.615825][ T9209] bcachefs (loop3): journal_replay... done
[  697.631266][ T9209] bcachefs (loop3): resume_logged_ops... done
[  697.637886][ T9209] bcachefs (loop3): going read-write
[  697.660189][ T9209] bcachefs (loop3): bch2_rebalance_start(): error creating rebalance thread EINTR
[  697.728370][ T9209] bcachefs (loop3): error starting rebalance thread
[  697.748285][ T9209] bcachefs (loop3): going read-only
[  697.756783][ T9209] bcachefs (loop3): finished waiting for writes to stop
[  697.805690][ T9209] bcachefs (loop3): flushing journal and stopping allocators, journal seq 7
[  697.827172][ T9209] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 7
[  697.859086][ T9209] bcachefs (loop3): shutdown complete, journal seq 8
[  697.920068][ T9209] bcachefs (loop3): marking filesystem clean
[  697.959102][ T9209] bcachefs (loop3): bch2_fs_start(): error starting filesystem EINTR
[  697.985529][ T9209] bcachefs (loop3): shutting down
[  698.334253][ T9256] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.4'.
[  698.367904][ T9209] bcachefs (loop3): shutdown complete
[  699.068541][ T5191] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  699.205175][ T5240] libceph: connect (1)[c::]:6789 error -101
[  699.213939][ T5240] libceph: mon0 (1)[c::]:6789 connect error
[  699.257820][ T5240] libceph: connect (1)[c::]:6789 error -101
[  699.269107][ T5240] libceph: mon0 (1)[c::]:6789 connect error
[  699.321846][ T5191] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  699.370976][ T5191] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  699.428904][ T5191] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  699.469770][ T5191] usb 5-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  699.553540][ T5191] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  699.571975][ T5191] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  699.605128][ T5078] libceph: connect (1)[c::]:6789 error -101
[  699.632187][ T5078] libceph: mon0 (1)[c::]:6789 connect error
[  699.653706][ T5191] usb 5-1: Manufacturer: ъ
[  699.681333][ T5191] usb 5-1: SerialNumber: 嵏꛸ᑥ븛뽻婕㞎ସ繘잜ﳻ쿶稨뜽奵젔푺췈힦쒘芘텊ꎱ䧹鎈ڟ몼栴矢↾탰今ﯤ㢛컿⎱ˀ薐蠑੪ୈ䞴騖⠮ꥹェꕈ랃蝄ꋄ쎓퐷爘崜鳰⣳
[  699.754529][ T9269] ceph: No mds server is up or the cluster is laggy
[  700.070071][ T5191] cdc_ncm 5-1:1.0: bind() failure
[  700.118695][ T5191] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  700.195628][ T5191] cdc_ncm 5-1:1.1: bind() failure
[  700.261579][ T5191] usb 5-1: USB disconnect, device number 12
[  700.487182][ T9278] loop0: detected capacity change from 0 to 1024
[  700.614438][ T1054] hfsplus: b-tree write err: -5, ino 4
[  701.627067][ T9279] can: request_module (can-proto-0) failed.
[  701.823636][ T9291] fuse: Invalid rootmode
[  702.224061][ T9293] loop3: detected capacity change from 0 to 256
[  702.311840][ T9297] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  702.966043][   T30] kauditd_printk_skb: 452 callbacks suppressed
[  702.978270][   T30] audit: type=1326 audit(1719246680.227:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  703.071328][   T30] audit: type=1326 audit(1719246680.227:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  703.155213][   T30] audit: type=1326 audit(1719246680.227:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  703.301408][   T30] audit: type=1326 audit(1719246680.227:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  703.302666][ T9293] syzkaller1: entered promiscuous mode
[  703.336592][ T9293] syzkaller1: entered allmulticast mode
[  703.441257][   T30] audit: type=1326 audit(1719246680.227:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  703.565383][   T30] audit: type=1326 audit(1719246680.227:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  703.782091][   T30] audit: type=1326 audit(1719246680.227:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  704.183137][ T9307] loop1: detected capacity change from 0 to 40427
[  704.200254][ T9307] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  704.208165][ T9307] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  704.238002][   T30] audit: type=1326 audit(1719246680.227:1081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  704.268936][   T30] audit: type=1326 audit(1719246680.227:1082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  704.362814][   T30] audit: type=1326 audit(1719246680.227:1083): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9294 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  704.389546][ T9307] F2FS-fs (loop1): Found nat_bits in checkpoint
[  704.504993][ T9307] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  704.512330][ T9307] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  709.458574][ T9319] loop2: detected capacity change from 0 to 32768
[  709.468116][ T9319] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (9319)
[  709.546820][ T9319] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  709.557176][ T9319] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  709.565955][ T9319] BTRFS info (device loop2): using free-space-tree
[  710.903987][ T5121] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  711.396646][ T9355] fuse: Invalid rootmode
[  712.011654][ T9358] block nbd3: shutting down sockets
[  712.451799][ T9365] loop2: detected capacity change from 0 to 512
[  712.460831][ T9365] EXT4-fs: Ignoring removed oldalloc option
[  712.468964][ T9365] EXT4-fs: Ignoring removed bh option
[  716.557469][ T9365] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  716.557905][ T9365] EXT4-fs: failed to create workqueue
[  716.671499][ T9365] EXT4-fs (loop2): mount failed
[  717.345023][ T9374] loop0: detected capacity change from 0 to 32768
[  717.359076][ T9374] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (9374)
[  717.413557][ T9374] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  717.427564][ T9374] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  717.436402][ T9374] BTRFS info (device loop0): using free-space-tree
[  717.935954][ T9380] loop4: detected capacity change from 0 to 128
[  718.081445][ T9380] hpfs: Bad magic ... probably not HPFS
[  718.414004][ T9400] loop3: detected capacity change from 0 to 32768
[  718.442647][ T9400] BTRFS: device /dev/loop3 (7:3) using temp-fsid 58d6195e-23ec-4fe8-87e3-746db9de768b
[  718.457529][ T9400] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (9400)
[  718.583032][ T9400] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  718.593599][ T9400] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  718.602334][ T9400] BTRFS info (device loop3): using free-space-tree
[  718.729483][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  718.729507][   T30] audit: type=1400 audit(1719246695.997:1142): avc:  denied  { connect } for  pid=9396 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  719.121591][   T30] audit: type=1400 audit(1719246695.997:1143): avc:  denied  { name_connect } for  pid=9396 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=dccp_socket permissive=1
[  719.327606][   T30] audit: type=1400 audit(1719246696.097:1144): avc:  denied  { read } for  pid=9396 comm="syz-executor.2" name="loop-control" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  719.440187][   T30] audit: type=1400 audit(1719246696.097:1145): avc:  denied  { open } for  pid=9396 comm="syz-executor.2" path="/dev/loop-control" dev="devtmpfs" ino=647 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  719.787365][ T9421] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'.
[  719.832637][   T30] audit: type=1400 audit(1719246696.167:1146): avc:  denied  { ioctl } for  pid=9396 comm="syz-executor.2" path="/dev/loop-control" dev="devtmpfs" ino=647 ioctlcmd=0x4c82 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:loop_control_device_t tclass=chr_file permissive=1
[  719.916207][ T5111] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  720.232229][ T9428] loop2: detected capacity change from 0 to 2048
[  720.312942][ T9428] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  720.391579][ T9429] loop4: detected capacity change from 0 to 256
[  720.410113][ T5122] BTRFS info (device loop3): last unmount of filesystem 58d6195e-23ec-4fe8-87e3-746db9de768b
[  720.531623][ T5162] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  720.806137][ T5162] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  720.849861][ T5162] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  720.890317][ T5162] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  720.921175][ T5162] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  720.974751][   T30] audit: type=1800 audit(1719246698.227:1147): pid=9430 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=1368 res=0 errno=0
[  721.058886][ T5162] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  721.107882][ T5162] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.152936][ T5162] usb 2-1: Manufacturer: ъ
[  721.157544][ T5162] usb 2-1: SerialNumber: 嵏꛸ᑥ븛뽻婕㞎ସ繘잜ﳻ쿶稨뜽奵젔푺췈힦쒘芘텊ꎱ䧹鎈ڟ몼栴矢↾탰今ﯤ㢛컿⎱ˀ薐蠑੪ୈ䞴騖⠮ꥹェꕈ랃蝄ꋄ쎓퐷爘崜鳰⣳
[  721.561355][ T5162] cdc_ncm 2-1:1.0: bind() failure
[  721.600589][ T5162] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  721.627286][ T5162] cdc_ncm 2-1:1.1: bind() failure
[  721.884904][ T9437] loop0: detected capacity change from 0 to 32768
[  721.907222][ T9437] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (9437)
[  722.028085][ T5162] usb 2-1: USB disconnect, device number 5
[  722.039434][ T9437] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  722.049867][ T9437] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  722.058707][ T9437] BTRFS info (device loop0): using free-space-tree
[  722.180506][ T9429] syzkaller1: entered promiscuous mode
[  722.186178][ T9429] syzkaller1: entered allmulticast mode
[  722.759148][ T9455] loop3: detected capacity change from 0 to 256
[  722.947735][ T9455] SELinux: security_context_str_to_sid (user_u) failed with errno=-22
[  722.963722][ T9457] fuse: Invalid rootmode
[  726.610336][ T9470] loop2: detected capacity change from 0 to 256
[  726.638240][ T9470] FAT-fs (loop2): Unrecognized mount option "short
" or missing value
[  727.302736][ T5111] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  727.411609][ T9472] loop2: detected capacity change from 0 to 256
[  729.380448][ T9482] netlink: 'syz-executor.2': attribute type 9 has an invalid length.
[  729.389125][ T9482] netlink: 'syz-executor.2': attribute type 7 has an invalid length.
[  729.397542][ T9482] netlink: 'syz-executor.2': attribute type 8 has an invalid length.
[  729.415678][ T9482] ax25_connect(): syz-executor.2 uses autobind, please contact jreuter@yaina.de
[  736.538263][ T9485] loop4: detected capacity change from 0 to 32768
[  736.601207][ T9485] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9485)
[  736.707541][ T9485] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  736.717832][ T9485] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  736.726597][ T9485] BTRFS info (device loop4): using free-space-tree
[  737.281633][ T9490] loop1: detected capacity change from 0 to 32768
[  737.730729][ T9502] loop3: detected capacity change from 0 to 40427
[  737.796926][ T9490] BTRFS: device /dev/loop1 (7:1) using temp-fsid 6936a254-77f6-4d65-b168-e78df42f9352
[  737.797756][ T9502] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  737.809289][ T9490] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz-executor.1 (9490)
[  737.817055][ T9502] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  737.894612][ T9490] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  737.894709][ T9502] F2FS-fs (loop3): Found nat_bits in checkpoint
[  737.907689][ T9490] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  737.921342][ T9490] BTRFS info (device loop1): using free-space-tree
[  738.048714][ T9502] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  738.056141][ T9502] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  738.505525][ T9524] syz-executor.3: attempt to access beyond end of device
[  738.505525][ T9524] loop3: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  743.244217][ T9490] BTRFS error (device loop1): open_ctree failed
[  743.262829][ T5112] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  744.871048][ T9544] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.4'.
[  745.100349][ T5191] libceph: connect (1)[c::]:6789 error -101
[  745.108740][ T5191] libceph: mon0 (1)[c::]:6789 connect error
[  745.315537][ T9552] ceph: No mds server is up or the cluster is laggy
[  745.464585][ T5191] libceph: connect (1)[c::]:6789 error -101
[  745.470823][ T5191] libceph: mon0 (1)[c::]:6789 connect error
[  745.476933][   T45] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  747.038191][ T9568] loop2: detected capacity change from 0 to 256
[  747.059333][ T9568] FAT-fs (loop2): Unrecognized mount option "short
" or missing value
[  748.926728][   T45] usb 5-1: device descriptor read/all, error -71
[  749.224656][ T9577] loop4: detected capacity change from 0 to 512
[  749.254498][ T9577] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  749.299672][ T9577] UDF-fs: Scanning with blocksize 512 failed
[  749.330967][ T9577] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  749.382464][ T9577] UDF-fs: Scanning with blocksize 1024 failed
[  749.452652][ T9577] UDF-fs: warning (device loop4): udf_load_vrs: No VRS found
[  749.452686][ T9577] UDF-fs: Scanning with blocksize 2048 failed
[  749.465653][ T9577] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  749.475277][ T9582] loop1: detected capacity change from 0 to 512
[  749.524665][ T9577] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  749.877425][ T9587] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  750.064949][   T30] audit: type=1400 audit(1719246727.337:1148): avc:  denied  { setopt } for  pid=9586 comm="syz-executor.1" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  750.665011][ T9594] loop0: detected capacity change from 0 to 40427
[  750.717065][ T9594] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  750.725113][ T9594] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  750.881269][ T9594] F2FS-fs (loop0): Found nat_bits in checkpoint
[  750.981429][ T9594] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  750.988534][ T9594] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  751.227392][ T9602] syz-executor.0: attempt to access beyond end of device
[  751.227392][ T9602] loop0: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  753.100057][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  755.362799][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  755.539813][ T9590] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  756.123410][ T9612] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.2'.
[  756.571503][ T5162] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  756.803597][ T5162] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  756.914249][ T5162] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  756.996613][ T5162] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  757.064023][ T5162] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  757.098525][ T5162] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  757.124407][ T5162] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.140044][ T5162] usb 3-1: Manufacturer: ъ
[  757.154887][ T5162] usb 3-1: SerialNumber: 嵏꛸ᑥ븛뽻婕㞎ସ繘잜ﳻ쿶稨뜽奵젔푺췈힦쒘芘텊ꎱ䧹鎈ڟ몼栴矢↾탰今ﯤ㢛컿⎱ˀ薐蠑੪ୈ䞴騖⠮ꥹェꕈ랃蝄ꋄ쎓퐷爘崜鳰⣳
[  757.506104][ T5162] cdc_ncm 3-1:1.0: bind() failure
[  757.550213][ T5162] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  757.578106][ T5162] cdc_ncm 3-1:1.1: bind() failure
[  757.638733][ T5162] usb 3-1: USB disconnect, device number 8
[  758.140390][ T9636] trusted_key: encrypted_key: hex blob is missing
[  758.302529][ T9639] loop2: detected capacity change from 0 to 512
[  758.360369][ T9639] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  758.415467][ T9639] UDF-fs: Scanning with blocksize 512 failed
[  758.493858][ T9639] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  758.525470][ T9639] UDF-fs: Scanning with blocksize 1024 failed
[  758.574272][ T9639] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  758.644091][ T9639] UDF-fs: Scanning with blocksize 2048 failed
[  758.729265][ T9639] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  760.660765][ T9645] loop4: detected capacity change from 0 to 4096
[  760.720921][ T9645] ntfs3: Unknown parameter 'id'
[  761.438891][ T9645] overlayfs: overlapping lowerdir path
[  762.684254][ T9639] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  762.803203][ T9648] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
[  763.392527][ T9650] loop4: detected capacity change from 0 to 40427
[  763.463133][ T9650] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  763.471207][ T9650] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  763.616471][ T9650] F2FS-fs (loop4): Found nat_bits in checkpoint
[  763.690838][ T9660] loop2: detected capacity change from 0 to 64
[  764.362528][ T9650] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  764.369706][ T9650] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  764.683235][ T9648] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  764.761620][ T9662] syz-executor.4: attempt to access beyond end of device
[  764.761620][ T9662] loop4: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  764.809440][ T9660] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.2'.
[  769.064673][ T9663] Zero length message leads to an empty skb
[  769.948336][ T9668] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  770.634749][ T9677] loop0: detected capacity change from 0 to 256
[  771.321344][ T5240] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  771.577751][ T5240] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  771.642347][ T5240] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  771.690742][ T5240] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  771.745167][ T5240] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  771.822492][ T5240] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  771.857613][ T5240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.881147][ T5240] usb 2-1: Manufacturer: ъ
[  771.885752][ T5240] usb 2-1: SerialNumber: 嵏꛸ᑥ븛뽻婕㞎ସ繘잜ﳻ쿶稨뜽奵젔푺췈힦쒘芘텊ꎱ䧹鎈ڟ몼栴矢↾탰今ﯤ㢛컿⎱ˀ薐蠑੪ୈ䞴騖⠮ꥹェꕈ랃蝄ꋄ쎓퐷爘崜鳰⣳
[  772.289364][ T5240] cdc_ncm 2-1:1.0: bind() failure
[  772.909971][ T5240] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  773.191740][ T5240] cdc_ncm 2-1:1.1: bind() failure
[  773.221819][ T2427] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  773.291689][ T5240] usb 2-1: USB disconnect, device number 6
[  773.379781][ T9697] loop2: detected capacity change from 0 to 512
[  773.390361][ T9697] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  773.411316][ T9697] UDF-fs: Scanning with blocksize 512 failed
[  773.444994][ T9697] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  773.470327][ T9697] UDF-fs: Scanning with blocksize 1024 failed
[  773.534681][ T9697] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  773.581395][ T9697] UDF-fs: Scanning with blocksize 2048 failed
[  773.683490][ T9697] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  773.726446][ T2427] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  773.953904][ T9700] loop0: detected capacity change from 0 to 32768
[  774.037641][ T9700] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz-executor.0 (9700)
[  774.081174][ T9700] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  774.091766][ T9700] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  774.100473][ T9700] BTRFS info (device loop0): using free-space-tree
[  774.208633][ T9705] loop1: detected capacity change from 0 to 64
[  774.537730][ T9705] netlink: 48 bytes leftover after parsing attributes in process `syz-executor.1'.
[  774.790360][ T9697] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  774.955122][ T2427] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.292290][ T9250] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  775.328906][ T9250] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  775.339286][ T9250] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  775.498425][ T9250] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  775.508907][ T9250] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  775.516820][ T9250] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  775.624293][ T2427] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  775.840270][ T9726] loop1: detected capacity change from 0 to 40427
[  775.865053][ T9726] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  775.872989][ T9726] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  776.326008][ T9726] F2FS-fs (loop1): Found nat_bits in checkpoint
[  776.450434][ T9726] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  776.457784][ T9726] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  776.743497][ T9737] syz-executor.1: attempt to access beyond end of device
[  776.743497][ T9737] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  777.574116][ T9250] Bluetooth: hci3: command tx timeout
[  778.956078][ T5111] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  778.981981][ T9739] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  779.670700][ T9250] Bluetooth: hci3: command tx timeout
[  779.776015][ T2427] bridge_slave_1: left allmulticast mode
[  779.793794][ T2427] bridge_slave_1: left promiscuous mode
[  779.814507][ T2427] bridge0: port 2(bridge_slave_1) entered disabled state
[  779.952922][ T2427] bridge_slave_0: left allmulticast mode
[  780.008140][ T2427] bridge_slave_0: left promiscuous mode
[  780.043438][ T2427] bridge0: port 1(bridge_slave_0) entered disabled state
[  781.182385][ T9758] loop2: detected capacity change from 0 to 2048
[  781.238821][ T9758] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  781.437599][ T9763] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  781.744708][ T9250] Bluetooth: hci3: command tx timeout
[  783.144983][ T9783] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.1'.
[  783.422055][ T2427] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  783.467402][ T2427] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  783.508536][ T2427] bond0 (unregistering): Released all slaves
[  783.902084][ T9250] Bluetooth: hci3: command tx timeout
[  784.581638][ T9317] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  784.863623][ T9793] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.2'.
[  785.092511][ T9798] loop0: detected capacity change from 0 to 64
[  785.250538][ T9317] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  785.839607][ T9317] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  785.966891][ T9317] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  786.051940][ T9317] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  786.113752][ T9670] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  786.205024][   T30] audit: type=1326 audit(1719246763.477:1149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.269972][ T9317] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  786.307886][   T30] audit: type=1326 audit(1719246763.477:1150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.331952][ T9317] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.344560][ T9317] usb 2-1: can't set config #1, error -71
[  786.391681][ T9317] usb 2-1: USB disconnect, device number 7
[  786.424652][ T9803] loop4: detected capacity change from 0 to 256
[  786.501407][   T30] audit: type=1326 audit(1719246763.477:1151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.565733][   T30] audit: type=1326 audit(1719246763.477:1152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.623907][ T9805] tipc: Started in network mode
[  786.633257][   T30] audit: type=1326 audit(1719246763.477:1153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.641850][ T9805] tipc: Node identity ffffffff, cluster identity 4711
[  786.672643][ T9807] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  786.732850][   T30] audit: type=1326 audit(1719246763.477:1154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.741291][ T9805] tipc: Node number set to 4294967295
[  786.796372][   T30] audit: type=1326 audit(1719246763.477:1155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.833646][   T30] audit: type=1326 audit(1719246763.477:1156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  786.891010][   T30] audit: type=1326 audit(1719246763.477:1157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  787.100131][   T30] audit: type=1326 audit(1719246763.477:1158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=9792 comm="syz-executor.2" exe="/root/syz-executor.2" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa2dc27d0a9 code=0x7fc00000
[  787.334635][ T2427] hsr_slave_0: left promiscuous mode
[  789.447507][ T2427] hsr_slave_1: left promiscuous mode
[  789.559598][ T2427] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  789.583100][ T2427] batman_adv: batadv0: Removing interface: batadv_slave_0
[  789.613742][ T2427] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  789.641268][ T2427] batman_adv: batadv0: Removing interface: batadv_slave_1
[  789.815081][ T2427] veth1_macvtap: left promiscuous mode
[  789.836281][ T2427] veth1_vlan: left promiscuous mode
[  789.843590][ T2427] veth0_vlan: left promiscuous mode
[  791.006289][ T9847] loop4: detected capacity change from 0 to 256
[  791.010439][ T9843] loop1: detected capacity change from 0 to 40427
[  791.032257][ T9843] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  791.040167][ T9843] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  791.075828][ T9843] F2FS-fs (loop1): Found nat_bits in checkpoint
[  791.186076][ T9843] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  791.193476][ T9843] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  792.687123][ T9860] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  792.943327][ T2427] team0 (unregistering): Port device team_slave_1 removed
[  793.066747][ T2427] team0 (unregistering): Port device team_slave_0 removed
[  795.334826][ T9869] loop4: detected capacity change from 0 to 32768
[  795.346274][ T9869] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (9869)
[  795.375915][ T9869] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  795.386486][ T9869] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  795.395318][ T9869] BTRFS info (device loop4): using free-space-tree
[  796.634715][ T9898] netlink: 209844 bytes leftover after parsing attributes in process `syz-executor.0'.
[  796.850320][ T9722] chnl_net:caif_netlink_parms(): no params data found
[  796.909253][ T9899] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  797.034538][ T5112] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  797.241380][  T784] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  797.493307][  T784] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  797.526082][  T784] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  797.581528][  T784] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[  797.632539][  T784] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[  797.660327][  T784] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  797.696195][ T9722] bridge0: port 1(bridge_slave_0) entered blocking state
[  797.705475][  T784] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.766969][  T784] usb 1-1: Manufacturer: ъ
[  797.767833][ T9722] bridge0: port 1(bridge_slave_0) entered disabled state
[  797.779242][ T9722] bridge_slave_0: entered allmulticast mode
[  797.795250][ T9722] bridge_slave_0: entered promiscuous mode
[  797.819504][ T9722] bridge0: port 2(bridge_slave_1) entered blocking state
[  797.850111][ T9722] bridge0: port 2(bridge_slave_1) entered disabled state
[  797.878182][ T9722] bridge_slave_1: entered allmulticast mode
[  797.929243][ T9722] bridge_slave_1: entered promiscuous mode
[  798.090145][  T784] usb 1-1: SerialNumber: 嵏꛸ᑥ븛뽻婕㞎ସ繘잜ﳻ쿶稨뜽奵젔푺췈힦쒘芘텊ꎱ䧹鎈ڟ몼栴矢↾탰今ﯤ㢛컿⎱ˀ薐蠑੪ୈ䞴騖⠮ꥹェꕈ랃蝄ꋄ쎓퐷爘崜鳰⣳
[  798.461872][ T9722] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  798.639577][ T9722] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  798.950154][  T784] cdc_ncm 1-1:1.0: bind() failure
[  798.962932][  T784] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  798.970081][  T784] cdc_ncm 1-1:1.1: bind() failure
[  799.020762][  T784] usb 1-1: USB disconnect, device number 6
[  799.189544][ T9722] team0: Port device team_slave_0 added
[  799.214290][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  799.214314][   T30] audit: type=1400 audit(1719246776.457:1217): avc:  denied  { write } for  pid=9922 comm="syz-executor.4" name="uinput" dev="devtmpfs" ino=836 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:event_device_t tclass=chr_file permissive=1
[  799.226091][ T9722] team0: Port device team_slave_1 added
[  799.288800][ T9930] input: syz0 as /devices/virtual/input/input16
[  799.596833][ T9722] batman_adv: batadv0: Adding interface: batadv_slave_0
[  799.653769][ T9722] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  799.762974][ T9722] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  800.361291][ T9722] batman_adv: batadv0: Adding interface: batadv_slave_1
[  800.540077][ T9722] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  800.741717][ T9722] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  801.035126][ T9951] loop2: detected capacity change from 0 to 256
[  801.444862][ T9722] hsr_slave_0: entered promiscuous mode
[  801.531755][ T9722] hsr_slave_1: entered promiscuous mode
[  801.547962][ T9722] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  801.555722][ T9722] Cannot create hsr debugfs directory
[  801.679207][ T9957] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[  801.972520][ T9955] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  801.972520][ T9955]    program syz-executor.4 not setting count and/or reply_len properly
[  802.275738][ T9959] loop0: detected capacity change from 0 to 64
[  802.288833][ T9960] netlink: 'syz-executor.4': attribute type 10 has an invalid length.
[  802.374034][ T9960] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.4'.
[  802.392162][ T9960] bridge0: port 3(gretap0) entered blocking state
[  802.398859][ T9960] bridge0: port 3(gretap0) entered disabled state
[  802.409324][ T9960] gretap0: entered allmulticast mode
[  802.469647][ T9960] gretap0: entered promiscuous mode
[  802.493241][ T9959] MINIX-fs: bad superblock or unable to read bitmaps
[  802.496783][ T9960] bridge0: port 3(gretap0) entered blocking state
[  802.509950][ T9960] bridge0: port 3(gretap0) entered forwarding state
[  804.225562][ T9971] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  807.735721][ T9999] input: syz0 as /devices/virtual/input/input17
[  809.302582][T10014] loop2: detected capacity change from 0 to 32768
[  809.527018][T10014] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz-executor.2 (10014)
[  810.054283][T10014] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  810.064642][T10014] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  810.073451][T10014] BTRFS info (device loop2): using free-space-tree
[  810.126850][T10025] loop1: detected capacity change from 0 to 256
[  810.557393][T10036] FAT-fs (loop1): error, invalid access to FAT (entry 0x00000001)
[  811.753365][T10040] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  811.776857][ T9722] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  812.116420][ T9722] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  812.562587][T10049] loop0: detected capacity change from 0 to 256
[  812.583087][T10049] FAT-fs (loop0): Unrecognized mount option "short
" or missing value
[  814.152130][ T9722] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  814.273577][ T9722] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  814.586453][ T5121] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  814.713886][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  814.721435][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  815.492816][T10054] loop4: detected capacity change from 0 to 40427
[  815.556186][T10054] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  815.564125][T10054] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  815.767481][T10054] F2FS-fs (loop4): Found nat_bits in checkpoint
[  815.930279][T10054] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  815.938981][T10054] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  816.072038][T10068] sg_write: data in/out 624/1 bytes for SCSI command 0xcb-- guessing data in;
[  816.072038][T10068]    program syz-executor.0 not setting count and/or reply_len properly
[  816.097138][ T9722] 8021q: adding VLAN 0 to HW filter on device bond0
[  816.822681][ T9722] 8021q: adding VLAN 0 to HW filter on device team0
[  816.910909][T10068] netlink: 'syz-executor.0': attribute type 10 has an invalid length.
[  817.127284][T10068] netlink: 40 bytes leftover after parsing attributes in process `syz-executor.0'.
[  817.188191][T10068] bridge0: port 3(gretap0) entered blocking state
[  817.280174][T10068] bridge0: port 3(gretap0) entered disabled state
[  817.342885][T10068] gretap0: entered allmulticast mode
[  817.422285][T10068] gretap0: entered promiscuous mode
[  817.428750][T10068] bridge0: port 3(gretap0) entered blocking state
[  817.435570][T10068] bridge0: port 3(gretap0) entered forwarding state
[  817.486212][T10073] loop1: detected capacity change from 0 to 64
[  817.642423][T10084] loop2: detected capacity change from 0 to 2048
[  817.703070][ T5073] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.710456][ T5073] bridge0: port 1(bridge_slave_0) entered forwarding state
[  817.728220][T10084] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  817.904958][ T5078] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.912319][ T5078] bridge0: port 2(bridge_slave_1) entered forwarding state
[  818.651300][   T30] audit: type=1800 audit(1719246795.907:1218): pid=10088 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=1368 res=0 errno=0
[  819.490274][ T9722] 8021q: adding VLAN 0 to HW filter on device batadv0
[  819.866162][ T9722] veth0_vlan: entered promiscuous mode
[  819.995543][ T9722] veth1_vlan: entered promiscuous mode
[  820.366496][T10106] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.4'.
[  820.404556][T10106] loop4: detected capacity change from 0 to 8
[  820.431298][   T30] audit: type=1326 audit(1719246797.657:1219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7ffc0000
[  821.993995][ T9250] Bluetooth: hci2: ACL packet for unknown connection handle 0
[  822.525340][   T30] audit: type=1326 audit(1719246797.657:1220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7ffc0000
[  822.555839][   T30] audit: type=1326 audit(1719246797.667:1221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3d83e7d0a9 code=0x7ffc0000
[  822.700451][ T9722] veth0_macvtap: entered promiscuous mode
[  822.724180][   T30] audit: type=1326 audit(1719246797.667:1222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7ffc0000
[  822.893204][ T9722] veth1_macvtap: entered promiscuous mode
[  822.912673][   T30] audit: type=1326 audit(1719246797.667:1223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d83e7d0a9 code=0x7ffc0000
[  822.968333][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.001166][   T30] audit: type=1326 audit(1719246797.667:1224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f3d83e7d0a9 code=0x7ffc0000
[  823.032071][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.061804][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.097748][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.117741][   T30] audit: type=1326 audit(1719246797.677:1225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f3d83e7d0e3 code=0x7ffc0000
[  823.147751][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.179865][   T30] audit: type=1326 audit(1719246797.677:1226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f3d83e7bdef code=0x7ffc0000
[  823.189773][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.241197][   T30] audit: type=1326 audit(1719246797.677:1227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10100 comm="syz-executor.4" exe="/root/syz-executor.4" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f3d83e7d137 code=0x7ffc0000
[  823.266392][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  823.505842][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  823.523346][ T9722] batman_adv: batadv0: Interface activated: batadv_slave_0
[  824.626460][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.731171][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.785487][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.865473][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.951233][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  824.971282][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  824.991327][ T9722] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  825.014381][ T9722] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  825.028662][ T9722] batman_adv: batadv0: Interface activated: batadv_slave_1
[  825.044904][ T9722] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  825.071571][ T9722] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  825.085017][ T9722] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  825.111264][ T9722] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  825.130989][T10120] loop0: detected capacity change from 0 to 64
[  825.348430][T10120] MINIX-fs: bad superblock or unable to read bitmaps
[  825.894527][T10127] loop4: detected capacity change from 0 to 32768
[  826.022035][T10127] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz-executor.4 (10127)
[  826.641139][T10127] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  826.651479][T10127] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  826.660115][T10127] BTRFS info (device loop4): using free-space-tree
[  826.933583][ T5719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  827.015294][ T5719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  827.874119][ T7362] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  827.913017][ T7362] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  828.394941][ T5112] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  828.615224][T10175] loop2: detected capacity change from 0 to 256
[  830.155958][T10178] loop3: detected capacity change from 0 to 4096
[  830.192521][T10178] ntfs3: Unknown parameter 'id'
[  832.553675][T10184] loop3: detected capacity change from 0 to 1024
[  834.797851][T10184] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  837.063786][T10194] loop4: detected capacity change from 0 to 2048
[  837.145171][T10194] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  837.286325][T10191] warning: checkpointing journal with EXT4_IOC_CHECKPOINT_FLAG_ZEROOUT can be slow
[  837.397390][T10199] loop2: detected capacity change from 0 to 1024
[  837.663704][T10205] loop1: detected capacity change from 0 to 2048
[  837.702555][T10205] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  837.737195][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  837.737217][   T30] audit: type=1800 audit(1719246815.007:1239): pid=10208 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.4" name="file0" dev="loop4" ino=1368 res=0 errno=0
[  837.916974][T10209] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  838.473318][T10199] hfsplus: unable to load nls mapping "ooi8-r"
[  838.479585][T10199] hfsplus: unable to parse mount options
[  839.394477][T10225] loop2: detected capacity change from 0 to 47
[  840.504546][T10238] loop4: detected capacity change from 0 to 4096
[  840.514093][T10238] ntfs3: Unknown parameter 'id'
[  840.639150][T10238] overlayfs: overlapping lowerdir path
[  841.620397][T10262] loop4: detected capacity change from 0 to 256
[  843.411172][   T30] audit: type=1400 audit(1719246820.677:1240): avc:  denied  { bind } for  pid=10269 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  843.486233][   T30] audit: type=1400 audit(1719246820.677:1241): avc:  denied  { node_bind } for  pid=10269 comm="syz-executor.0" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:node_t tclass=dccp_socket permissive=1
[  843.649314][T10274] loop2: detected capacity change from 0 to 2048
[  843.658484][   T30] audit: type=1400 audit(1719246820.727:1242): avc:  denied  { listen } for  pid=10269 comm="syz-executor.0" lport=43729 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  843.673404][T10274] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  843.841775][   T30] audit: type=1400 audit(1719246820.837:1243): avc:  denied  { accept } for  pid=10269 comm="syz-executor.0" lport=43729 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=dccp_socket permissive=1
[  844.421229][   T30] audit: type=1800 audit(1719246821.687:1244): pid=10279 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.2" name="file0" dev="loop2" ino=1367 res=0 errno=0
[  846.046650][   T30] audit: type=1800 audit(1719246823.317:1245): pid=10293 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz-executor.3" name="bus" dev="overlay" ino=1967 res=0 errno=0
[  847.144291][T10305] loop0: detected capacity change from 0 to 2048
[  847.201220][T10305] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  848.431394][T10325] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  848.873293][T10326] loop3: detected capacity change from 0 to 2048
[  848.941265][T10326] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  849.104336][T10336] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  849.525770][T10326] overlay: ./file0 is not a directory
[  849.903150][T10326] loop3: detected capacity change from 0 to 2048
[  849.975929][T10326] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  850.736127][T10359] loop4: detected capacity change from 0 to 1024
[  850.873520][T10359] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  853.248086][ T5112] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  853.285681][T10373] loop0: detected capacity change from 0 to 256
[  853.777394][ T9317] libceph: connect (1)[c::]:6789 error -101
[  853.791553][ T9317] libceph: mon0 (1)[c::]:6789 connect error
[  854.266806][T10393] loop3: detected capacity change from 0 to 32768
[  854.404996][ T9317] libceph: connect (1)[c::]:6789 error -101
[  855.044948][   T30] audit: type=1400 audit(1719246831.577:1246): avc:  denied  { create } for  pid=10389 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  855.092228][ T9317] libceph: mon0 (1)[c::]:6789 connect error
[  855.118267][T10393] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz-executor.3 (10393)
[  855.190459][T10393] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  855.194017][   T30] audit: type=1400 audit(1719246831.577:1247): avc:  denied  { write } for  pid=10389 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  855.200875][T10393] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  855.229611][T10393] BTRFS info (device loop3): using free-space-tree
[  855.276294][T10382] ceph: No mds server is up or the cluster is laggy
[  855.371156][   T30] audit: type=1400 audit(1719246831.637:1248): avc:  denied  { setopt } for  pid=10389 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=kcm_socket permissive=1
[  855.632659][   T30] audit: type=1400 audit(1719246832.357:1249): avc:  denied  { getopt } for  pid=10394 comm="syz-executor.2" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=packet_socket permissive=1
[  855.943077][T10417] loop4: detected capacity change from 0 to 1024
[  856.697131][T10417] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  856.902979][T10393] BTRFS error (device loop3): open_ctree failed
[  859.420012][T10434] netlink: 248 bytes leftover after parsing attributes in process `syz-executor.4'.
[  859.762474][   T30] audit: type=1400 audit(1719246837.007:1250): avc:  denied  { read } for  pid=10429 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ax25_socket permissive=1
[  860.002176][   T30] audit: type=1400 audit(1719246837.237:1251): avc:  denied  { connect } for  pid=10429 comm="syz-executor.4" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  867.822928][T10474] loop1: detected capacity change from 0 to 1024
[  867.875745][T10474] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  868.765864][T10476] loop2: detected capacity change from 0 to 256
[  868.962849][T10486] loop4: detected capacity change from 0 to 256
[  869.995887][T10487] loop3: detected capacity change from 0 to 2048
[  870.087164][T10487] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  870.152100][T10492] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  870.473444][T10482] overlay: ./file0 is not a directory
[  870.498128][T10476] syzkaller1: entered promiscuous mode
[  870.556219][T10476] syzkaller1: entered allmulticast mode
[  870.825640][T10482] loop3: detected capacity change from 0 to 2048
[  870.850644][T10482] EXT4-fs warning (device loop3): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  870.952534][T10500] loop0: detected capacity change from 0 to 256
[  871.078614][T10504] loop1: detected capacity change from 0 to 512
[  871.156860][T10504] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  871.272294][T10504] EXT4-fs (loop1): 1 truncate cleaned up
[  871.285951][T10504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  871.645220][   T30] audit: type=1800 audit(1719246848.917:1252): pid=10504 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0
[  871.999654][   T30] audit: type=1804 audit(1719246849.267:1253): pid=10513 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3673005630/syzkaller.UeHi74/164/bus/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  874.030962][ T6254] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  874.144333][T10530] netlink: 36 bytes leftover after parsing attributes in process `syz-executor.4'.
[  874.171987][T10531] loop4: detected capacity change from 0 to 2048
[  874.219391][T10531] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  874.264122][T10531] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  874.346223][T10531] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  874.479850][   T30] audit: type=1800 audit(1719246851.747:1254): pid=10530 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.4" name="bus" dev="loop4" ino=1367 res=0 errno=0
[  875.978895][ T1250] ieee802154 phy0 wpan0: encryption failed: -22
[  875.985954][ T1250] ieee802154 phy1 wpan1: encryption failed: -22
[  876.244127][T10548] loop4: detected capacity change from 0 to 2048
[  876.297763][T10548] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  876.364692][T10554] loop3: detected capacity change from 0 to 256
[  876.393038][T10553] loop0: detected capacity change from 0 to 256
[  876.431953][T10555] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  876.764554][T10548] overlay: ./file0 is not a directory
[  877.027169][T10548] loop4: detected capacity change from 0 to 2048
[  877.038673][T10548] EXT4-fs warning (device loop4): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  879.189966][T10571] loop4: detected capacity change from 0 to 64
[  879.793145][T10577] loop1: detected capacity change from 0 to 512
[  879.854834][T10577] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  879.976431][T10577] EXT4-fs (loop1): 1 truncate cleaned up
[  879.998244][T10577] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  880.202583][   T30] audit: type=1800 audit(1719246857.477:1255): pid=10577 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed(directio) comm="syz-executor.1" name="bus" dev="loop1" ino=18 res=0 errno=0
[  880.758654][   T30] audit: type=1804 audit(1719246858.017:1256): pid=10577 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir3673005630/syzkaller.UeHi74/170/bus/file0/bus" dev="loop1" ino=18 res=1 errno=0
[  881.406674][ T6254] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  883.999520][T10592] loop1: detected capacity change from 0 to 256
[  886.100658][T10559] syzkaller1: entered promiscuous mode
[  886.108264][T10559] syzkaller1: entered allmulticast mode
[  886.891857][T10606] loop4: detected capacity change from 0 to 256
[  887.322244][T10611] FAT-fs (loop4): error, invalid access to FAT (entry 0x00000001)
[  888.363849][T10613] loop1: detected capacity change from 0 to 2048
[  888.768103][T10613] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  888.869801][T10622] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  888.897864][T10612] loop0: detected capacity change from 0 to 2048
[  888.921209][T10612] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  889.690517][T10609] overlay: ./file0 is not a directory
[  889.728098][T10631] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  889.992395][T10609] loop1: detected capacity change from 0 to 2048
[  890.076515][T10609] EXT4-fs warning (device loop1): ext4_multi_mount_protect:292: Invalid MMP block in superblock
[  890.114083][T10623] can: request_module (can-proto-0) failed.
[  891.325503][T10636] loop4: detected capacity change from 0 to 256
[  892.467614][T10650] loop2: detected capacity change from 0 to 256
[  892.981144][ T5078] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  893.209647][ T5078] usb 4-1: Using ep0 maxpacket: 8
[  893.219258][T10636] syzkaller1: entered promiscuous mode
[  893.241801][ T5078] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  893.260236][T10636] syzkaller1: entered allmulticast mode
[  893.266123][ T5078] usb 4-1: config 0 has no interface number 0
[  893.321826][ T5078] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  893.341164][ T5078] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  893.375134][ T5078] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  893.381773][T10650] syzkaller1: entered promiscuous mode
[  893.388776][T10650] syzkaller1: entered allmulticast mode
[  893.418501][ T5078] usb 4-1: config 0 descriptor??
[  893.624311][ T5078] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  894.678718][ T5078] usb 4-1: USB disconnect, device number 10
[  894.767248][ T5078] iowarrior 4-1:0.1: I/O-Warror #0 now disconnected
[  895.652134][T10672] netlink: 248 bytes leftover after parsing attributes in process `syz-executor.1'.
[  897.272034][T10675] netlink: 2 bytes leftover after parsing attributes in process `syz-executor.3'.
[  897.551155][   T30] audit: type=1326 audit(1719246874.697:1257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=10673 comm="syz-executor.3" exe="/root/syz-executor.3" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f56f287d0a9 code=0x0
[ 1002.791044][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1002.798109][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P10649/1:b..l
[ 1002.806928][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=63377, q=96 ncpus=2)
[ 1002.814611][    C0] task:syz-executor.0  state:R  running task     stack:25680 pid:10649 tgid:10643 ppid:5111   flags:0x00004002
[ 1002.828413][    C0] Call Trace:
[ 1002.831752][    C0]  <TASK>
[ 1002.834721][    C0]  __schedule+0xf15/0x5d00
[ 1002.839209][    C0]  ? hlock_class+0x4e/0x130
[ 1002.843781][    C0]  ? __pfx___schedule+0x10/0x10
[ 1002.848687][    C0]  ? find_held_lock+0x2d/0x110
[ 1002.853519][    C0]  ? preempt_schedule_thunk+0x1a/0x30
[ 1002.859132][    C0]  preempt_schedule_common+0x44/0xc0
[ 1002.864477][    C0]  preempt_schedule_thunk+0x1a/0x30
[ 1002.869736][    C0]  _raw_spin_unlock+0x3e/0x50
[ 1002.874496][    C0]  unmap_page_range+0xbc7/0x3f20
[ 1002.879504][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[ 1002.885048][    C0]  ? uprobe_munmap+0x20/0x570
[ 1002.889981][    C0]  unmap_single_vma+0x194/0x2b0
[ 1002.894904][    C0]  unmap_vmas+0x22f/0x490
[ 1002.899319][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[ 1002.904273][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1002.909380][    C0]  ? lru_add_drain_cpu+0x454/0x860
[ 1002.914590][    C0]  exit_mmap+0x1b8/0xb20
[ 1002.918910][    C0]  ? __pfx_exit_mmap+0x10/0x10
[ 1002.923763][    C0]  __mmput+0x12a/0x4d0
[ 1002.927907][    C0]  mmput+0x62/0x70
[ 1002.931698][    C0]  do_exit+0x9b7/0x2ba0
[ 1002.935989][    C0]  ? get_signal+0x8f2/0x2710
[ 1002.940906][    C0]  ? __pfx_do_exit+0x10/0x10
[ 1002.945709][    C0]  ? do_raw_spin_lock+0x12d/0x2c0
[ 1002.950840][    C0]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1002.956276][    C0]  do_group_exit+0xd3/0x2a0
[ 1002.960854][    C0]  get_signal+0x2616/0x2710
[ 1002.965442][    C0]  ? __pfx_get_signal+0x10/0x10
[ 1002.970437][    C0]  ? find_held_lock+0x2d/0x110
[ 1002.975264][    C0]  arch_do_signal_or_restart+0x90/0x7e0
[ 1002.980885][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1002.987187][    C0]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1002.992823][    C0]  syscall_exit_to_user_mode+0x14a/0x2a0
[ 1002.998524][    C0]  do_syscall_64+0xda/0x250
[ 1003.003094][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.009060][    C0] RIP: 0033:0x7f940367d0a9
[ 1003.013520][    C0] RSP: 002b:00007f94031ff0c8 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1003.021993][    C0] RAX: 0000000000010106 RBX: 00007f94037b4050 RCX: 00007f940367d0a9
[ 1003.030013][    C0] RDX: 0000000000010106 RSI: 00000000200000c0 RDI: 0000000000000005
[ 1003.038035][    C0] RBP: 00007f94036ec074 R08: 0000000000000000 R09: 0000000000000000
[ 1003.046141][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 1003.054254][    C0] R13: 000000000000006e R14: 00007f94037b4050 R15: 00007ffe5173a7b8
[ 1003.062369][    C0]  </TASK>
[ 1003.065434][    C0] rcu: rcu_preempt kthread starved for 10524 jiffies! g63377 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1003.076954][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1003.086977][    C0] rcu: RCU grace-period kthread stack dump:
[ 1003.092902][    C0] task:rcu_preempt     state:R  running task     stack:27680 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1003.104707][    C0] Call Trace:
[ 1003.108028][    C0]  <TASK>
[ 1003.111001][    C0]  __schedule+0xf15/0x5d00
[ 1003.115473][    C0]  ? __pfx___lock_acquire+0x10/0x10
[ 1003.120745][    C0]  ? __pfx___schedule+0x10/0x10
[ 1003.125653][    C0]  ? schedule+0x298/0x350
[ 1003.130039][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1003.135215][    C0]  ? __pfx___mod_timer+0x10/0x10
[ 1003.140209][    C0]  ? lock_acquire+0x1b1/0x560
[ 1003.144966][    C0]  ? lockdep_init_map_type+0x16d/0x7d0
[ 1003.150516][    C0]  schedule+0xe7/0x350
[ 1003.154649][    C0]  schedule_timeout+0x136/0x2a0
[ 1003.159625][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1003.165071][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1003.170682][    C0]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1003.176547][    C0]  ? prepare_to_swait_event+0xf0/0x470
[ 1003.182083][    C0]  rcu_gp_fqs_loop+0x1eb/0xb00
[ 1003.186927][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1003.192375][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1003.197745][    C0]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[ 1003.203619][    C0]  rcu_gp_kthread+0x271/0x380
[ 1003.208372][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1003.213649][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1003.218912][    C0]  ? __kthread_parkme+0x148/0x220
[ 1003.224041][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1003.229309][    C0]  kthread+0x2c1/0x3a0
[ 1003.233563][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1003.238821][    C0]  ? __pfx_kthread+0x10/0x10
[ 1003.243465][    C0]  ret_from_fork+0x45/0x80
[ 1003.247950][    C0]  ? __pfx_kthread+0x10/0x10
[ 1003.252603][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1003.257440][    C0]  </TASK>
[ 1003.260495][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1003.266860][    C0] CPU: 0 PID: 10688 Comm: syz-executor.4 Not tainted 6.10.0-rc5-syzkaller #0
[ 1003.275665][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[ 1003.285765][    C0] RIP: 0010:finish_task_switch.isra.0+0x220/0xcc0
[ 1003.292331][    C0] Code: a9 0a 00 00 44 8b 0d 37 27 86 0e 45 85 c9 0f 85 c0 01 00 00 48 89 df e8 ae f8 ff ff e8 69 db 36 00 fb 65 48 8b 1d 40 89 a5 7e <48> 8d bb f8 15 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1
[ 1003.312197][    C0] RSP: 0018:ffffc900032ef9d0 EFLAGS: 00000206
[ 1003.318312][    C0] RAX: 00000000005f0fb7 RBX: ffff88805c7f5a00 RCX: 1ffffffff1fc8031
[ 1003.326332][    C0] RDX: 0000000000000000 RSI: ffffffff8b2caf40 RDI: ffffffff8b8ff940
[ 1003.334350][    C0] RBP: ffffc900032efa18 R08: 0000000000000001 R09: 0000000000000001
[ 1003.342456][    C0] R10: ffffffff8fe44417 R11: 0000000000000000 R12: ffff8880b923f938
[ 1003.350647][    C0] R13: ffff88805c7f3c00 R14: 0000000000000000 R15: ffff8880b923ebc0
[ 1003.358706][    C0] FS:  00007f3d84bbf6c0(0000) GS:ffff8880b9200000(0000) knlGS:0000000000000000
[ 1003.367776][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1003.374408][    C0] CR2: 0000001b32c2a000 CR3: 000000005ce88000 CR4: 00000000003506f0
[ 1003.382426][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1003.390438][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1003.398543][    C0] Call Trace:
[ 1003.401861][    C0]  <IRQ>
[ 1003.404738][    C0]  ? show_regs+0x8c/0xa0
[ 1003.409049][    C0]  ? rcu_check_gp_kthread_starvation+0x31b/0x450
[ 1003.415443][    C0]  ? do_raw_spin_unlock+0x172/0x230
[ 1003.420696][    C0]  ? rcu_sched_clock_irq+0x22a2/0x3100
[ 1003.426203][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1003.431295][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1003.437000][    C0]  ? __asan_memcpy+0x3c/0x60
[ 1003.441649][    C0]  ? cgroup_rstat_updated+0x2a/0xb20
[ 1003.446998][    C0]  ? update_process_times+0x175/0x220
[ 1003.452423][    C0]  ? __pfx_update_process_times+0x10/0x10
[ 1003.458281][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1003.463797][    C0]  ? update_wall_time+0x1c/0x40
[ 1003.468885][    C0]  ? tick_nohz_handler+0x376/0x530
[ 1003.474059][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1003.479576][    C0]  ? __hrtimer_run_queues+0x657/0xcc0
[ 1003.485007][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1003.490786][    C0]  ? ktime_get_update_offsets_now+0x201/0x310
[ 1003.496929][    C0]  ? hrtimer_interrupt+0x31b/0x800
[ 1003.502160][    C0]  ? __sysvec_apic_timer_interrupt+0x10f/0x450
[ 1003.508380][    C0]  ? sysvec_apic_timer_interrupt+0x90/0xb0
[ 1003.514241][    C0]  </IRQ>
[ 1003.517208][    C0]  <TASK>
[ 1003.520173][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1003.526411][    C0]  ? finish_task_switch.isra.0+0x220/0xcc0
[ 1003.532275][    C0]  ? __switch_to+0x749/0x1390
[ 1003.537009][    C0]  __schedule+0xf1d/0x5d00
[ 1003.541484][    C0]  ? __pfx___schedule+0x10/0x10
[ 1003.546472][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1003.551731][    C0]  preempt_schedule_irq+0x51/0x90
[ 1003.556812][    C0]  irqentry_exit+0x36/0x90
[ 1003.561296][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1003.567350][    C0] RIP: 0010:preempt_schedule_common+0x4b/0xc0
[ 1003.573475][    C0] Code: c3 65 ff 05 df 36 1a 75 65 8b 05 d8 36 1a 75 25 ff ff ff 7f 83 f8 01 74 29 bf 01 00 00 00 e8 8c 9d ff ff 65 ff 0d bd 36 1a 75 <80> 3b 00 75 5f 48 8b 45 00 a8 08 75 ca 5b 5d 41 5c 41 5d c3 cc cc
[ 1003.593221][    C0] RSP: 0018:ffffc900032efc98 EFLAGS: 00000246
[ 1003.599340][    C0] RAX: 0000000000000000 RBX: ffffed100b8feb40 RCX: fffff5200065df74
[ 1003.607359][    C0] RDX: 1ffff1100b8fee0b RSI: ffffffff8b2caf40 RDI: ffff88805c7f7058
[ 1003.615386][    C0] RBP: ffff88805c7f5a00 R08: 0000000000000000 R09: 0000000000000001
[ 1003.623406][    C0] R10: ffffffff8fe44417 R11: 0000000000000000 R12: ffffffff8100a13a
[ 1003.631510][    C0] R13: ffff88805c7f5a00 R14: 0000000000000200 R15: ffffffff81654eb0
[ 1003.639532][    C0]  ? __pfx_pull_rt_task+0x10/0x10
[ 1003.644626][    C0]  ? preempt_schedule_thunk+0x1a/0x30
[ 1003.650058][    C0]  ? preempt_schedule_common+0x44/0xc0
[ 1003.655574][    C0]  preempt_schedule_thunk+0x1a/0x30
[ 1003.660828][    C0]  __sched_setscheduler.constprop.0+0xe8a/0x2a80
[ 1003.667231][    C0]  ? __might_fault+0xe3/0x190
[ 1003.671959][    C0]  ? __pfx___sched_setscheduler.constprop.0+0x10/0x10
[ 1003.678781][    C0]  do_sched_setscheduler+0x128/0x240
[ 1003.684119][    C0]  ? __pfx_do_sched_setscheduler+0x10/0x10
[ 1003.689980][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1003.695230][    C0]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1003.700486][    C0]  ? __do_sys_rt_sigreturn+0x167/0x230
[ 1003.706001][    C0]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 1003.711872][    C0]  __x64_sys_sched_setscheduler+0x75/0xa0
[ 1003.717668][    C0]  do_syscall_64+0xcd/0x250
[ 1003.722236][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1003.728205][    C0] RIP: 0033:0x7f3d83e7d0a9
[ 1003.732677][    C0] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[ 1003.752349][    C0] RSP: 002b:00007f3d84bbf0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000090
[ 1003.760816][    C0] RAX: ffffffffffffffda RBX: 00007f3d83fb4120 RCX: 00007f3d83e7d0a9
[ 1003.768834][    C0] RDX: 0000000020000200 RSI: 0000000000000002 RDI: 0000000000000000
[ 1003.776851][    C0] RBP: 00007f3d83eec074 R08: 0000000000000000 R09: 0000000000000000
[ 1003.784870][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1003.792990][    C0] R13: 000000000000006e R14: 00007f3d83fb4120 R15: 00007ffe33d91c38
[ 1003.801010][    C0]  </TASK>